diff --git a/kem/xwing/xwing.go b/kem/xwing/xwing.go index c6d4e55c1..4c5bffe55 100644 --- a/kem/xwing/xwing.go +++ b/kem/xwing/xwing.go @@ -29,7 +29,7 @@ type PublicKey struct { const ( // Size of a seed of a keypair - SeedSize = 32 + SeedSize = 96 // Size of an X-Wing public key PublicKeySize = 1216 @@ -38,7 +38,7 @@ const ( PrivateKeySize = 2432 // Size of the seed passed to EncapsulateTo - EncapsulationSeedSize = 32 + EncapsulationSeedSize = 64 // Size of the established shared key SharedKeySize = 32 @@ -101,10 +101,9 @@ func DeriveKeyPair(seed []byte) (*PrivateKey, *PublicKey) { sk PrivateKey seedm [mlkem768.KeySeedSize]byte ) - h := sha3.NewShake128() - _, _ = h.Write(seed) - _, _ = h.Read(seedm[:]) - _, _ = h.Read(sk.x[:]) + + copy(seedm[:], seed[:64]) + copy(sk.x[:], seed[64:]) pkm, skm := mlkem768.NewKeyFromSeed(seedm[:]) sk.m = *skm @@ -232,10 +231,8 @@ func (pk *PublicKey) EncapsulateTo(ct, ss, seed []byte) { ssm [mlkem768.SharedKeySize]byte ) - h := sha3.NewShake128() - _, _ = h.Write(seed) - _, _ = h.Read(seedm[:]) - _, _ = h.Read(ekx[:]) + copy(seedm[:], seed[:32]) + copy(ekx[:], seed[32:]) x25519.KeyGen(&ctx, &ekx) x25519.Shared(&ssx, &ekx, &pk.x) diff --git a/kem/xwing/xwing_test.go b/kem/xwing/xwing_test.go index 175a23273..8379fad57 100644 --- a/kem/xwing/xwing_test.go +++ b/kem/xwing/xwing_test.go @@ -66,7 +66,7 @@ func TestVectors(t *testing.T) { var cs [32]byte _, _ = h.Read(cs[:]) got := fmt.Sprintf("%x", cs) - want := "dff9d6258b66060ac402a8faa0114d6a8b683bfa8555eb630b764f2a3a709990" + want := "9d028dc61b89e10518a4e56bbc414b33becac69211b3d23131232a295dbd0a0f" if got != want { t.Fatalf("%s ≠ %s", got, want) }