| Name | Synopsis |
|---|---|
| .. | |
| abe | Package abe provides Attribute-based data encryption algorithms. |
| cpabe | Package cpabe provides Ciphertext-Policy Attribute-based Encryption algorithms. |
| tkn20 | Package tkn20 implements a ciphertext-policy ABE by Tomida, Kawahara, Nishimaki. |
| blindsign | Package blindsign provides blind signature schemes. |
| blindrsa | Package blindrsa implements the RSA Blind Signature Protocol as defined in [RFC9474]. |
| partiallyblindrsa | Package partiallyblindrsa implements a partially blind RSA protocol. |
| cipher | Package cipher provides data encryption algorithms. |
| ascon | Package ascon provides ASCON family of light-weight AEAD ciphers. |
| dh | Package dh provides variety of Diffie-Hellman key exchange methods. |
| csidh | Package csidh implements commutative supersingular isogeny-based Diffie-Hellman key exchange algorithm (CSIDH) resulting from the group action. |
| curve4q | Package curve4q implements Diffie-Hellman operations using the FourQ curve at the 128-bit security level. |
| sidh | Package sidh is deprecated, it provides SIDH and SIKE key encapsulation mechanisms. |
| x25519 | Package x25519 provides Diffie-Hellman functions as specified in RFC-7748. |
| x448 | Package x448 provides Diffie-Hellman functions as specified in RFC-7748. |
| ecc | Package ecc provides implementation of arithmetic on some elliptic curves. |
| bls12381 | Package bls12381 provides bilinear pairings using the BLS12-381 curve. |
| ff | Package ff provides finite fields of characteristic P381. |
| fourq | Package fourq provides elliptic curve operations over FourQ curve. |
| goldilocks | Package goldilocks provides elliptic curve operations over the goldilocks curve. |
| p384 | Package p384 provides optimized elliptic curve operations on the P-384 curve. |
| expander | Package expander generates arbitrary bytes from an XOF or Hash function. |
| group | Package group provides prime-order groups based on elliptic curves. |
| hpke | Package hpke implements the Hybrid Public Key Encryption (HPKE) standard specified by draft-irtf-cfrg-hpke-07. |
| kem | Package kem provides a unified interface for KEM schemes. |
| frodo | Package frodo provides the key encapsulation mechanism FrodoKEM. |
| frodo640shake | Package frodo640shake implements the variant FrodoKEM-640 with SHAKE. |
| hybrid | Package hybrid defines several hybrid classical/quantum KEMs. |
| kyber | Package kyber implements the CRYSTALS-Kyber.CCAKEM IND-CCA2 secure key encapsulation mechanism (KEM) as submitted to round 3 of the NIST PQC competition and described in |
| kyber1024 | Package kyber1024 implements the IND-CCA2 secure key encapsulation mechanism Kyber1024.CCAKEM as submitted to round 3 of the NIST PQC competition and described in |
| kyber512 | Package kyber512 implements the IND-CCA2 secure key encapsulation mechanism Kyber512.CCAKEM as submitted to round 3 of the NIST PQC competition and described in |
| kyber768 | Package kyber768 implements the IND-CCA2 secure key encapsulation mechanism Kyber768.CCAKEM as submitted to round 3 of the NIST PQC competition and described in |
| schemes | Package schemes contains a register of KEM schemes. |
| sike | Package sike is deprecated, it contains the SIKE key encapsulation mechanism. |
| sikep434 | Package sikep434 is deprecated, it implements the key encapsulation mechanism SIKEp434. |
| sikep503 | Package sikep503 is deprecated, it implements the key encapsulation mechanism SIKEp503. |
| sikep751 | Package sikep751 is deprecated, it implements the key encapsulation mechanism SIKEp751. |
| math | Package math provides some utility functions for big integers. |
| fp25519 | Package fp25519 provides prime field arithmetic over GF(2^255-19). |
| fp448 | Package fp448 provides prime field arithmetic over GF(2^448-2^224-1). |
| mlsbset | Package mlsbset provides a constant-time exponentiation method with precomputation. |
| polynomial | Package polynomial provides representations of polynomials over the scalars of a group. |
| oprf | Package oprf provides Verifiable, Oblivious Pseudo-Random Functions. |
| ot | Package ot provides oblivious-transfer protocols. |
| simot | |
| pke | Package pke provides a variety of public key encryption mechanisms. |
| kyber | Package kyber implements the CRYSTALS-Kyber.CPAPKE public key encryption as submitted to round 3 of the NIST PQC competition and described in |
| kyber1024 | kyber1024 implements the IND-CPA-secure Public Key Encryption scheme Kyber1024.CPAPKE as submitted to round 3 of the NIST PQC competition and described in |
| kyber512 | kyber512 implements the IND-CPA-secure Public Key Encryption scheme Kyber512.CPAPKE as submitted to round 3 of the NIST PQC competition and described in |
| kyber768 | kyber768 implements the IND-CPA-secure Public Key Encryption scheme Kyber768.CPAPKE as submitted to round 3 of the NIST PQC competition and described in |
| templates | |
| pki | |
| sign | Package sign provides unified interfaces for signature schemes. |
| dilithium | dilithium implements the CRYSTALS-Dilithium signature schemes as submitted to round3 of the NIST PQC competition and described in |
| mode2 | mode2 implements the CRYSTALS-Dilithium signature scheme Dilithium2 as submitted to round3 of the NIST PQC competition and described in |
| mode2aes | mode2aes implements the CRYSTALS-Dilithium signature scheme Dilithium2-AES as submitted to round3 of the NIST PQC competition and described in |
| mode3 | mode3 implements the CRYSTALS-Dilithium signature scheme Dilithium3 as submitted to round3 of the NIST PQC competition and described in |
| mode3aes | mode3aes implements the CRYSTALS-Dilithium signature scheme Dilithium3-AES as submitted to round3 of the NIST PQC competition and described in |
| mode5 | mode5 implements the CRYSTALS-Dilithium signature scheme Dilithium5 as submitted to round3 of the NIST PQC competition and described in |
| mode5aes | mode5aes implements the CRYSTALS-Dilithium signature scheme Dilithium5-AES as submitted to round3 of the NIST PQC competition and described in |
| templates | |
| ed25519 | Package ed25519 implements Ed25519 signature scheme as described in RFC-8032. |
| ed448 | Package ed448 implements Ed448 signature scheme as described in RFC-8032. |
| eddilithium2 | Package eddilithium2 implements the hybrid signature scheme Ed25519-Dilithium2. |
| eddilithium3 | Package eddilithium3 implements the hybrid signature scheme Ed448-Dilithium3. |
| schemes | Package schemes contains a register of signature algorithms. |
| simd | Package simd provides parallel implementations of some primitives. |
| keccakf1600 | Package keccakf1600 provides a two and four-way Keccak-f[1600] permutation in parallel. |
| tss | Package tss provides threshold signature schemes. |
| rsa | Package rsa provides RSA threshold signature scheme. |
| xof | Package xof provides an interface for eXtendable-Output Functions. |
| k12 | k12 implements the KangarooTwelve XOF. |
| zk | Package zk provides primitives for zero-knowledge proofs of knowledge. |
| dl | Package dl provides a Schnorr NIZK discrete-log proof. |
| dleq | Package dleq provides zero-knowledge proofs of Discrete-Logarithm Equivalence (DLEQ). |