Merge branch 'document-kyber-prococol-version'

3 files changed, 5 insertions, 1 deletions

diff --git a/talpid-tunnel-config-client/examples/tuncfg-server.rs b/talpid-tunnel-config-client/examples/tuncfg-server.rs
index 928587e968..306a425ff4 100644
--- a/talpid-tunnel-config-client/examples/tuncfg-server.rs
+++ b/talpid-tunnel-config-client/examples/tuncfg-server.rs
@@ -51,6 +51,7 @@ impl EphemeralPeer for EphemeralPeerImpl {
                             classic_mceliece_rust::encapsulate_boxed(&public_key, &mut rng);
                         (ciphertext.as_array().to_vec(), *shared_secret.as_array())
                     }
+                    // Kyber round3
                     "Kyber1024" => {
                         let public_key = kem_pubkey.key_data.as_slice();
                         let (ciphertext, shared_secret) =
diff --git a/talpid-tunnel-config-client/proto/ephemeralpeer.proto b/talpid-tunnel-config-client/proto/ephemeralpeer.proto
index bb49eb5598..d247e8bcb3 100644
--- a/talpid-tunnel-config-client/proto/ephemeralpeer.proto
+++ b/talpid-tunnel-config-client/proto/ephemeralpeer.proto
@@ -46,7 +46,7 @@ message EphemeralPeerRequestV1 {
 // The v1 request supports exactly two algorithms.
 // The algorithms can appear soletary or in mixed order:
 // - "Classic-McEliece-460896f", but explicitly identified as "Classic-McEliece-460896f-round3"
-// - "Kyber1024"
+// - "Kyber1024", this is round3 of the Kyber KEM
 message PostQuantumRequestV1 { repeated KemPubkeyV1 kem_pubkeys = 1; }
 
 message KemPubkeyV1 {
diff --git a/talpid-tunnel-config-client/src/kyber.rs b/talpid-tunnel-config-client/src/kyber.rs
index 003c88dc48..706f056041 100644
--- a/talpid-tunnel-config-client/src/kyber.rs
+++ b/talpid-tunnel-config-client/src/kyber.rs
@@ -1,3 +1,6 @@
+//! This module implements the Kyber round3 KEM as specified in:
+//! https://pq-crystals.org/kyber/data/kyber-specification-round3.pdf
+
 use pqc_kyber::KYBER_CIPHERTEXTBYTES;
 pub use pqc_kyber::{keypair, KyberError, SecretKey};