Security News
Opengrep Adds Apex Support and New Rule Controls in Latest Updates
The latest Opengrep releases add Apex scanning, precision rule tuning, and performance gains for open source static code analysis.
By Sarah Gooding - Aug 12, 2025
github.com/xtaci/hppk
- Version published
- Created
HPPK: Homomorphic Polynomial Public-key Cryptography
Overview
HPPK is an implementation of a Homomorphic Polynomial Public Key (HPPK) system, designed for both Key Encapsulation Mechanisms (KEM) and Digital Signatures (DS). This cryptographic protocol leverages the properties of polynomials to create secure, efficient methods for key exchange and message signing.
The main objectives of HPPK are to provide:
- Secure key encapsulation: Facilitating the secure exchange of symmetric keys.
- Robust digital signatures: Ensuring the authenticity and integrity of messages.
For a detailed explanation of the underlying theory and security proofs, please refer to the research paper.
Features
- Homomorphic Encryption: Allows computations on ciphertexts that result in encrypted outcomes, which match the operations performed on the plaintexts.
- Polynomial-Based Cryptography: Utilizes polynomials to create robust public and private keys.
- Efficient Key Encapsulation Mechanism (KEM): Securely exchanges symmetric keys.
- Strong Digital Signatures (DS): Provides authentication and integrity verification of messages.
- Scalable and Efficient: Suitable for various applications, ranging from small-scale systems to large, complex networks.
Installation
$ go install github.com/xtaci/hppk/cmd/hppktool
$ hppktool
HPPK key management tool.
Supports key generation, signing, verification, and secret encryption.
Usage:
hppktool [command]
Available Commands:
completion Generate the autocompletion script for the specified shell
encrypt Encrypts a message from standard input
help Help about any command
keygen Generate an HPPK private/public key pair
sign Sign a message from standard input
verify Verify a message from standard input
Flags:
-h, --help help for hppktool
-s, --silent Suppress non-essential messages
Use "hppktool [command] --help" for more information about a command.
Using Library
To use HPPK, you need to have Go installed. You can download and install Go from the official website.
-
Clone the repository:
git clone https://github.com/xtaci/hppk.git cd hppk -
Build the project:
go build
Usage
Generating Keys
To generate a new pair of private and public keys:
package main
import (
"fmt"
"github.com/xtaci/hppk"
)
func main() {
privateKey, err := hppk.GenerateKey(5)
if err != nil {
fmt.Println("Error generating keys:", err)
return
}
fmt.Println("Private Key:", privateKey)
fmt.Println("Public Key:", privateKey.PublicKey)
}
Encryption
To encrypt a message using the public key:
package main
import (
"fmt"
"github.com/xtaci/hppk"
)
func main() {
privKey, err := hppk.GenerateKey(10)
if err != nil {
panic(err)
}
pubKey := privKey.Public()
message := []byte("hello world")
kem, err := hppk.Encrypt(pubKey, message)
if err != nil {
panic(err)
}
fmt.Printf("Encrypted KEM: %+v\n", kem)
}
Decryption
To decrypt the encrypted values using the private key:
package main
import (
"fmt"
"github.com/xtaci/hppk"
)
func main() {
privKey, err := hppk.GenerateKey(10)
if err != nil {
panic(err)
}
pubKey := privKey.Public()
message := []byte("hello world")
kem, err := hppk.Encrypt(pubKey, message)
if err != nil {
panic(err)
}
decryptedMessage, err := privKey.Decrypt(kem)
if err != nil {
panic(err)
}
fmt.Printf("Decrypted Message: %s\n", decryptedMessage)
}
Signing
package main
import (
"crypto/sha256"
"fmt"
"github.com/xtaci/hppk"
)
func main() {
privKey, err := hppk.GenerateKey(10)
if err != nil {
panic(err)
}
digest := sha256.Sum256([]byte("hello world"))
signature, err := privKey.Sign(digest[:])
if err != nil {
panic(err)
}
fmt.Printf("Signature: %+v\n", signature)
}
Verification
package main
import (
"crypto/sha256"
"fmt"
"github.com/xtaci/hppk"
)
func main() {
privKey, err := hppk.GenerateKey(10)
if err != nil {
panic(err)
}
pubKey := privKey.Public()
digest := sha256.Sum256([]byte("hello world"))
signature, err := privKey.Sign(digest[:])
if err != nil {
panic(err)
}
isValid := hppk.VerifySignature(signature, digest[:], pubKey)
fmt.Printf("Signature valid: %v\n", isValid)
}
Contributing
Contributions are welcome! Please open an issue or submit a pull request for any improvements, bug fixes, or additional features.
License
This project is licensed under the GPLv3 License. See the LICENSE file for details.
References
For more detailed information, please refer to the research paper.
Acknowledgments
Special thanks to the authors of the research paper for their groundbreaking work on HPPK and its applications in KEM and DS.
FAQs
Unknown package
Package last updated on 14 Aug 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
npm Adopts OIDC for Trusted Publishing in CI/CD Workflows
npm now supports Trusted Publishing with OIDC, enabling secure package publishing directly from CI/CD workflows without relying on long-lived tokens.
By Sarah Gooding - Aug 08, 2025
Research
/Security News
60 Malicious Ruby Gems Used in Targeted Credential Theft Campaign
A RubyGems malware campaign used 60 malicious packages posing as automation tools to steal credentials from social media and marketing tool users.
By Kirill Boychenko - Aug 07, 2025