luajitos

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs

PQC_EXAMPLES.lua (6698B)

      1 --[[
      2   PQC_EXAMPLES.lua - Examples of using CRYSTALS-Kyber and CRYSTALS-Dilithium
      3 
      4   Post-Quantum Cryptography (PQC) - NIST Standardized Algorithms
      5 
      6   CRYSTALS-Kyber: Post-quantum key encapsulation mechanism (KEM)
      7   CRYSTALS-Dilithium: Post-quantum digital signatures
      8 
      9   Security Levels:
     10   - Level 2: Equivalent to AES-128 / SHA-256 security
     11   - Level 3: Equivalent to AES-192 / SHA3-256 security (RECOMMENDED)
     12   - Level 5: Equivalent to AES-256 / SHA3-512 security
     13 ]]--
     14 
     15 print("=== CRYSTALS-Kyber (Post-Quantum Key Encapsulation) ===\n")
     16 
     17 -- Example 1: Kyber768 Key Exchange (RECOMMENDED)
     18 print("Example 1: Kyber768 Key Exchange")
     19 print("-------------------------------")
     20 
     21 -- Alice generates her keypair
     22 local alice_public, alice_secret = crypto.keyExchange.Kyber768.keypair()
     23 print("Alice generated Kyber768 keypair")
     24 print("  Public key length: " .. #alice_public .. " bytes")
     25 print("  Secret key length: " .. #alice_secret .. " bytes")
     26 
     27 -- Bob encapsulates a shared secret to Alice's public key
     28 local ciphertext, bob_shared = crypto.keyExchange.Kyber768.encapsulate(alice_public)
     29 print("\nBob encapsulated shared secret")
     30 print("  Ciphertext length: " .. #ciphertext .. " bytes")
     31 print("  Shared secret length: " .. #bob_shared .. " bytes")
     32 
     33 -- Alice decapsulates the shared secret using her secret key
     34 local alice_shared = crypto.keyExchange.Kyber768.decapsulate(ciphertext, alice_secret)
     35 print("\nAlice decapsulated shared secret")
     36 print("  Shared secret matches: " .. tostring(alice_shared == bob_shared))
     37 
     38 print("\n")
     39 
     40 -- Example 2: Kyber512 (Faster, smaller keys)
     41 print("Example 2: Kyber512 (Smaller/Faster)")
     42 print("-----------------------------------")
     43 local pub512, sec512 = crypto.keyExchange.Kyber512.keypair()
     44 local ct512, ss512 = crypto.keyExchange.Kyber512.encapsulate(pub512)
     45 local recovered512 = crypto.keyExchange.Kyber512.decapsulate(ct512, sec512)
     46 print("Kyber512 key exchange successful: " .. tostring(ss512 == recovered512))
     47 
     48 print("\n")
     49 
     50 -- Example 3: Kyber1024 (Maximum security)
     51 print("Example 3: Kyber1024 (Maximum Security)")
     52 print("--------------------------------------")
     53 local pub1024, sec1024 = crypto.keyExchange.Kyber1024.keypair()
     54 local ct1024, ss1024 = crypto.keyExchange.Kyber1024.encapsulate(pub1024)
     55 local recovered1024 = crypto.keyExchange.Kyber1024.decapsulate(ct1024, sec1024)
     56 print("Kyber1024 key exchange successful: " .. tostring(ss1024 == recovered1024))
     57 
     58 print("\n\n")
     59 
     60 print("=== CRYSTALS-Dilithium (Post-Quantum Digital Signatures) ===\n")
     61 
     62 -- Example 4: Dilithium3 Signatures (RECOMMENDED)
     63 print("Example 4: Dilithium3 Digital Signatures")
     64 print("---------------------------------------")
     65 
     66 -- Generate keypair
     67 local dil_public, dil_secret = crypto.sign.Dilithium3.keypair()
     68 print("Generated Dilithium3 keypair")
     69 print("  Public key length: " .. #dil_public .. " bytes")
     70 print("  Secret key length: " .. #dil_secret .. " bytes")
     71 
     72 -- Sign a message
     73 local message = "This is a test message for post-quantum signatures"
     74 local signature = crypto.sign.Dilithium3.sign(message, dil_secret)
     75 print("\nSigned message")
     76 print("  Message: " .. message)
     77 print("  Signature length: " .. #signature .. " bytes")
     78 
     79 -- Verify signature
     80 local valid = crypto.sign.Dilithium3.verify(message, signature, dil_public)
     81 print("\nSignature verification: " .. tostring(valid))
     82 
     83 -- Try to verify with wrong message
     84 local invalid = crypto.sign.Dilithium3.verify("Wrong message", signature, dil_public)
     85 print("Wrong message verification: " .. tostring(invalid))
     86 
     87 print("\n")
     88 
     89 -- Example 5: Dilithium2 (Faster, smaller signatures)
     90 print("Example 5: Dilithium2 (Smaller/Faster)")
     91 print("-------------------------------------")
     92 local pub2, sec2 = crypto.sign.Dilithium2.keypair()
     93 local sig2 = crypto.sign.Dilithium2.sign("Test message", sec2)
     94 local valid2 = crypto.sign.Dilithium2.verify("Test message", sig2, pub2)
     95 print("Dilithium2 signature valid: " .. tostring(valid2))
     96 
     97 print("\n")
     98 
     99 -- Example 6: Dilithium5 (Maximum security)
    100 print("Example 6: Dilithium5 (Maximum Security)")
    101 print("---------------------------------------")
    102 local pub5, sec5 = crypto.sign.Dilithium5.keypair()
    103 local sig5 = crypto.sign.Dilithium5.sign("Important document", sec5)
    104 local valid5 = crypto.sign.Dilithium5.verify("Important document", sig5, pub5)
    105 print("Dilithium5 signature valid: " .. tostring(valid5))
    106 
    107 print("\n\n")
    108 
    109 print("=== Hybrid Classical + Post-Quantum Example ===\n")
    110 
    111 -- Example 7: Combining X25519 + Kyber768 for defense-in-depth
    112 print("Example 7: Hybrid X25519 + Kyber768 Key Exchange")
    113 print("------------------------------------------------")
    114 
    115 -- Classical X25519
    116 local x_pub1, x_sec1 = crypto.keyExchange.X25519.keypair()
    117 local x_pub2, x_sec2 = crypto.keyExchange.X25519.keypair()
    118 local x_shared1 = crypto.keyExchange.X25519.sharedSecret(x_sec1, x_pub2)
    119 local x_shared2 = crypto.keyExchange.X25519.sharedSecret(x_sec2, x_pub1)
    120 
    121 -- Post-quantum Kyber768
    122 local k_pub, k_sec = crypto.keyExchange.Kyber768.keypair()
    123 local k_ct, k_shared1 = crypto.keyExchange.Kyber768.encapsulate(k_pub)
    124 local k_shared2 = crypto.keyExchange.Kyber768.decapsulate(k_ct, k_sec)
    125 
    126 -- Combine both shared secrets
    127 local combined_secret = crypto.hash.SHA3_256(x_shared1 .. k_shared1)
    128 
    129 print("X25519 shared secret matches: " .. tostring(x_shared1 == x_shared2))
    130 print("Kyber768 shared secret matches: " .. tostring(k_shared1 == k_shared2))
    131 print("Combined hybrid secret length: " .. #combined_secret .. " bytes")
    132 print("\nThis hybrid approach provides security even if quantum computers break X25519,")
    133 print("while maintaining security if implementation flaws are found in Kyber.")
    134 
    135 print("\n\n")
    136 
    137 print("=== Security Notes ===\n")
    138 print("IMPORTANT SECURITY CONSIDERATIONS:")
    139 print("")
    140 print("1. This is a REFERENCE IMPLEMENTATION optimized for clarity and correctness.")
    141 print("   It is NOT constant-time and may be vulnerable to side-channel attacks.")
    142 print("")
    143 print("2. For production use in security-critical applications:")
    144 print("   - Use constant-time implementations to prevent timing attacks")
    145 print("   - Properly validate all inputs")
    146 print("   - Use secure key storage (hardware security modules, encrypted storage)")
    147 print("   - Implement proper key lifecycle management")
    148 print("")
    149 print("3. NIST recommends Kyber768 and Dilithium3 for most applications as they")
    150 print("   provide strong security with reasonable performance and key sizes.")
    151 print("")
    152 print("4. Consider hybrid schemes (classical + PQC) for defense-in-depth during")
    153 print("   the transition period to post-quantum cryptography.")
    154 print("")
    155 print("5. These algorithms are designed to resist attacks from both classical")
    156 print("   and quantum computers, providing long-term security.")
    157 
    158 print("\n=== End of Examples ===\n")