Love P256, but also want Kyber?
Published in
3 min readJun 1, 2024
P256 rules in key exchange and is, by far, the most popular method used with ECDH (Elliptic Curve Diffie Hellman). But, elliptic curve methods will be cracked by quantum computers. At the current time, Kyber is the method that is most likely to replace P256, but many systems do not currently support it. So, one solution is to use a hybrid method, and which sends the P256 public key and the Kyber public key in the key exchange.
The following is an outline of the code [here]:
package main
// Based on examples at https://github.com/cloudflare/circl/tree/master/kem/kyber
import (
"fmt"
"math/rand"
"os"
"time"
"github.com/cloudflare/circl/kem/schemes"
"github.com/cloudflare/circl/kem/sike/sikep434"
"github.com/cloudflare/circl/kem/sike/sikep503"
"github.com/cloudflare/circl/kem/sike/sikep751"
"github.com/cloudflare/circl/kem/hybrid"
)
func main() {
meth := "SIKEp434" // SIKEp424 SIKEp751
argCount := len(os.Args[1:])
if argCount > 0 {
meth = os.Args[1]
}
scheme := sikep434.Scheme()
if (meth=="SIKEp434") { scheme= sikep434.Scheme()
} else if (meth=="SIKEp503") { scheme= sikep503.Scheme()
} else if (meth=="SIKEp751") { scheme= sikep751.Scheme()
} else if (meth=="P256Kyber768Draft00") { scheme= hybrid.P256Kyber768Draft00()
} else { scheme = schemes.ByName(meth) }
rand.Seed(time.Now().Unix())
var seed [48]byte
kseed := make([]byte…