public class FaestKeyPairGenerator extends java.lang.Object implements AsymmetricCipherKeyPairGenerator
This generator produces FaestPublicKeyParameters and FaestPrivateKeyParameters
based on the FAEST algorithm parameters. The secret signing key is an AES key, while the
public verification key is a plaintext–ciphertext pair obtained by encrypting a random message
under the signing key. The implementation follows the specification defined in the official
FAEST documentation and the reference C implementation.
References:
| Constructor and Description |
|---|
FaestKeyPairGenerator() |
| Modifier and Type | Method and Description |
|---|---|
AsymmetricCipherKeyPair |
generateKeyPair()
Generate a fresh FAEST key pair.
|
void |
init(KeyGenerationParameters param)
intialise the key pair generator.
|
public void init(KeyGenerationParameters param)
AsymmetricCipherKeyPairGeneratorinit in interface AsymmetricCipherKeyPairGeneratorparam - the parameters the key pair is to be initialised with.public AsymmetricCipherKeyPair generateKeyPair()
Side-channel note: the OWF-key validity check (low two bits not
both set, matching upstream faest_param.c:39-42) is enforced by
a rejection-sampling loop. The loop's iteration count therefore depends
on bytes drawn from the supplied SecureRandom and
is observable via timing. The information leaked is about the
discarded DRBG draws, not the accepted OWF key, so the loop
does not expose secret key bits. Callers that need to suppress even
that signal can pass a deterministic / pre-conditioned random source.
generateKeyPair in interface AsymmetricCipherKeyPairGenerator