Source: libntruprime
Maintainer: Simon Josefsson <simon@josefsson.org>
Uploaders:
 Jan Mojžíš <jan.mojzis@gmail.com>,
Priority: optional
Standards-Version: 4.7.0
Section: libs
Homepage: https://libntruprime.cr.yp.to/
Build-Depends:
 debhelper-compat (= 13),
 dh-python,
 libcpucycles-dev,
 librandombytes-dev,
 python3,
 python3-capstone,
 valgrind-if-available,
Vcs-Git: https://salsa.debian.org/jas/libntruprime.git
Vcs-Browser: https://salsa.debian.org/jas/libntruprime
Rules-Requires-Root: no

Package: libntruprime-dev
Section: libdevel
Architecture: any
Depends:
 libntruprime1 (= ${binary:Version}),
 ${misc:Depends},
Description: microlibrary for Streamlined NTRU Prime - development files
 libntruprime is an implementation of the Streamlined NTRU Prime
 cryptosystem as a microlibrary.
 .
 Development files.

Package: libntruprime1
Architecture: any
Multi-Arch: same
Depends:
 ${misc:Depends},
 ${shlibs:Depends},
Description: microlibrary for Streamlined NTRU Prime - shared library
 libntruprime is an implementation of the Streamlined NTRU Prime
 cryptosystem as a microlibrary.
 .
 Streamlined NTRU Prime (sntrup) is a lattice-based cryptosystem with
 the following features:
 .
   - Stability: Almost all details of sntrup match a May 2016
   publication. The only exceptions are small changes to encoding and
   hashing published in April 2019.
 .
   - Patent-freeness: April 2019 predates almost all post-quantum
   patents. Analyses of various lattice patents filed before April
   2019 indicate no problems for sntrup.
 .
   - Deployment: The popular OpenSSH tool switched to sntrup761 by
   default in April 2022, following initial integration of sntrup into
   TinySSH.
 .
   - Affordability: Keys and ciphertexts are about 1KB for sntrup761,
   and computations are fast.
 .
   - Careful design: Subject to the requirement of being a small
   lattice-based cryptosystem, sntrup is systematically designed to
   eliminate unnecessary complications in security review. It
   eliminates decryption failures, for example, and eliminates
   cyclotomics. The cryptosystem has never needed a security patch.
 .
   - Risk management: A much higher sntrup1277 security level is fully
   supported, and is recommended whenever 2KB keys and ciphertexts are
   affordable, to reduce risks from improvements in lattice attacks.
 .
 - Flexibility: The sntrup design allows a full spectrum of tradeoffs
   between size and security level, so applications with intermediate
   size limits aren't forced into much lower security levels. Six
   different sizes have been selected for support.
 .
 libntruprime has a very simple stateless API based on the SUPERCOP
 API, with wire-format inputs and outputs, providing functions that
 directly match the KEM operations provided by the sntrup
 specification, such as functions
 .
 sntrup1277_keypair
 sntrup1277_enc
 sntrup1277_dec
 .
 for the sntrup1277 KEM.
 .
 Internally, libntruprime includes implementations designed to work
 portably across CPUs, and implementations designed for higher
 performance on Intel/AMD CPUs with AVX2 instructions. libntruprime
 includes automatic run-time selection of implementations.
 .
 libntruprime is intended to be called by larger multi-function
 libraries (such as traditional cryptographic libraries), including
 libraries in other languages via FFI. The idea is that libntruprime
 takes responsibility for the details of sntrup computation, including
 optimization, timing-attack protection, and (in ongoing work)
 verification, freeing up the calling libraries to concentrate on
 application-specific needs such as protocol integration. Applications
 can also call libntruprime directly.
 .
 Shared library.

Package: ntruprime
Section: devel
Architecture: any
Depends:
 ${misc:Depends},
 ${shlibs:Depends},
Recommends:
 valgrind-if-available,
 ${python3:Depends},
Description: microlibrary for Streamlined NTRU Prime - command line tools
 libntruprime is an implementation of the Streamlined NTRU Prime
 cryptosystem as a microlibrary.
 .
 The command-line interface for libntruprime provides the following
 command-line tools:
 .
 sntrup653-keypair sntrup761-keypair sntrup857-keypair sntrup953-keypair
                   sntrup1013-keypair sntrup1277-keypair
 sntrup653-enc sntrup761-enc sntrup857-enc sntrup953-enc
               sntrup1013-enc sntrup1277-enc
 sntrup653-dec sntrup761-dec sntrup857-dec sntrup953-dec
               sntrup1013-dec sntrup1277-dec
 ntruprime-fulltest
 ntruprime-speed
 ntruprime-test
 .
 Each tool exits 0 on success, nonzero on failure.
 .
 These tools allow libntruprime to be easily used from shell
 scripts. Other languages can also use libntruprime via these tools,
 but languages typically have good support for FFI and can use the C
 interface directly.
 .
 Key generation (for, e.g., sntrup1277):
 sntrup1277-keypair 5>publickey 9>secretkey
 .
 Encapsulation (for, e.g., sntrup1277):
 sntrup1277-enc >ciphertext 7>sessionkey 4<publickey
 .
 Decapsulation (for, e.g., sntrup1277):
 sntrup1277-dec 7>sessionkey <ciphertext 8<secretkey
 .
 The ntruprime-speed, ntruprime-test and ntruprime-fulltest tools can be used
 for benchmarking and internal self testing.  Python and Valgrind is only
 needed for the ntruprime-fulltest tool, the other tools are written in C.
 .
 Command line tools.
