Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support Falcon PADDED format #1710

Merged
merged 11 commits into from
Mar 6, 2024
Merged

Support Falcon PADDED format #1710

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
b1dc67b
Update SHA and branch post-merge
SWilson4 Feb 28, 2024
489a558
Add padded versions to docs yaml
SWilson4 Feb 16, 2024
b11a972
Add padded schemes to yaml
SWilson4 Feb 16, 2024
f174a1f
Update copy_from_upstream KAT addition
SWilson4 Feb 16, 2024
15a678c
Run copy_from_upstream
SWilson4 Mar 5, 2024
5baebb3
Add 100-KAT SHAs
SWilson4 Feb 23, 2024
5a3e621
Update CT suppression files
SWilson4 Feb 28, 2024
bb20ac9
Reenable Falcon-1024 long KAT tests
SWilson4 Feb 28, 2024
9fb5eb6
Update Falcon licence documentation
SWilson4 Mar 4, 2024
62bb72b
Update deprecated CircleCI image [trigger downstream]
SWilson4 Mar 4, 2024
2622919
Update SHA and branch post-merge [trigger downstream]
SWilson4 Mar 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 23 additions & 1 deletion .CMake/alg_support.cmake
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -348,6 +348,28 @@ if(OQS_DIST_ARM64_V8_BUILD OR (OQS_USE_ARM_NEON_INSTRUCTIONS AND OQS_USE_ARM_NEO
endif()
endif()

cmake_dependent_option(OQS_ENABLE_SIG_falcon_padded_512 "" ON "OQS_ENABLE_SIG_FALCON" OFF)
if(OQS_DIST_X86_64_BUILD OR (OQS_USE_AVX2_INSTRUCTIONS))
cmake_dependent_option(OQS_ENABLE_SIG_falcon_padded_512_avx2 "" ON "OQS_ENABLE_SIG_falcon_padded_512" OFF)
endif()

if(CMAKE_SYSTEM_NAME MATCHES "Linux|Darwin")
if(OQS_DIST_ARM64_V8_BUILD OR (OQS_USE_ARM_NEON_INSTRUCTIONS AND OQS_USE_ARM_NEON_INSTRUCTIONS))
cmake_dependent_option(OQS_ENABLE_SIG_falcon_padded_512_aarch64 "" ON "OQS_ENABLE_SIG_falcon_padded_512" OFF)
endif()
endif()

cmake_dependent_option(OQS_ENABLE_SIG_falcon_padded_1024 "" ON "OQS_ENABLE_SIG_FALCON" OFF)
if(OQS_DIST_X86_64_BUILD OR (OQS_USE_AVX2_INSTRUCTIONS))
cmake_dependent_option(OQS_ENABLE_SIG_falcon_padded_1024_avx2 "" ON "OQS_ENABLE_SIG_falcon_padded_1024" OFF)
endif()

if(CMAKE_SYSTEM_NAME MATCHES "Linux|Darwin")
if(OQS_DIST_ARM64_V8_BUILD OR (OQS_USE_ARM_NEON_INSTRUCTIONS AND OQS_USE_ARM_NEON_INSTRUCTIONS))
cmake_dependent_option(OQS_ENABLE_SIG_falcon_padded_1024_aarch64 "" ON "OQS_ENABLE_SIG_falcon_padded_1024" OFF)
endif()
endif()


option(OQS_ENABLE_SIG_SPHINCS "Enable sphincs algorithm family" ON)
cmake_dependent_option(OQS_ENABLE_SIG_sphincs_sha2_128f_simple "" ON "OQS_ENABLE_SIG_SPHINCS" OFF)
Expand Down Expand Up @@ -448,7 +470,7 @@ if(NOT ((OQS_MINIMAL_BUILD STREQUAL "") OR (OQS_MINIMAL_BUILD STREQUAL "OFF")))
filter_algs("${OQS_MINIMAL_BUILD}")
elseif (${OQS_ALGS_ENABLED} STREQUAL "STD")
##### OQS_COPY_FROM_UPSTREAM_FRAGMENT_LIST_STANDARDIZED_ALGS_START
filter_algs("KEM_ml_kem_512_ipd;KEM_ml_kem_512;KEM_ml_kem_768_ipd;KEM_ml_kem_768;KEM_ml_kem_1024_ipd;KEM_ml_kem_1024;SIG_ml_dsa_44_ipd;SIG_ml_dsa_44;SIG_ml_dsa_65_ipd;SIG_ml_dsa_65;SIG_ml_dsa_87_ipd;SIG_ml_dsa_87;SIG_falcon_512;SIG_falcon_1024;SIG_sphincs_sha2_128f_simple;SIG_sphincs_sha2_128s_simple;SIG_sphincs_sha2_192f_simple;SIG_sphincs_sha2_192s_simple;SIG_sphincs_sha2_256f_simple;SIG_sphincs_sha2_256s_simple;SIG_sphincs_shake_128f_simple;SIG_sphincs_shake_128s_simple;SIG_sphincs_shake_192f_simple;SIG_sphincs_shake_192s_simple;SIG_sphincs_shake_256f_simple;SIG_sphincs_shake_256s_simple")
filter_algs("KEM_ml_kem_512_ipd;KEM_ml_kem_512;KEM_ml_kem_768_ipd;KEM_ml_kem_768;KEM_ml_kem_1024_ipd;KEM_ml_kem_1024;SIG_ml_dsa_44_ipd;SIG_ml_dsa_44;SIG_ml_dsa_65_ipd;SIG_ml_dsa_65;SIG_ml_dsa_87_ipd;SIG_ml_dsa_87;SIG_falcon_512;SIG_falcon_1024;SIG_falcon_padded_512;SIG_falcon_padded_1024;SIG_sphincs_sha2_128f_simple;SIG_sphincs_sha2_128s_simple;SIG_sphincs_sha2_192f_simple;SIG_sphincs_sha2_192s_simple;SIG_sphincs_sha2_256f_simple;SIG_sphincs_sha2_256s_simple;SIG_sphincs_shake_128f_simple;SIG_sphincs_shake_128s_simple;SIG_sphincs_shake_192f_simple;SIG_sphincs_shake_192s_simple;SIG_sphincs_shake_256f_simple;SIG_sphincs_shake_256s_simple")
##### OQS_COPY_FROM_UPSTREAM_FRAGMENT_LIST_STANDARDIZED_ALGS_END
elseif(${OQS_ALGS_ENABLED} STREQUAL "NIST_R4")
filter_algs("KEM_classic_mceliece_348864;KEM_classic_mceliece_348864f;KEM_classic_mceliece_460896;KEM_classic_mceliece_460896f;KEM_classic_mceliece_6688128;KEM_classic_mceliece_6688128f;KEM_classic_mceliece_6960119;KEM_classic_mceliece_6960119f;KEM_classic_mceliece_8192128;KEM_classic_mceliece_8192128f;KEM_hqc_128;KEM_hqc_192;KEM_hqc_256;KEM_bike_l1;KEM_bike_l3")
Expand Down
2 changes: 1 addition & 1 deletion .circleci/config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -158,7 +158,7 @@ jobs:
# See https://github.com/open-quantum-safe/liboqs/issues/738#issuecomment-621394744
default: --numprocesses=auto
machine:
image: ubuntu-2004:202101-01
image: default # analogous to ubuntu-latest on GH Actions
resource_class: arm.medium
steps:
- checkout
Expand Down
2 changes: 0 additions & 2 deletions .github/workflows/weekly.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,12 +46,10 @@ jobs:
container: openquantumsafe/ci-ubuntu-focal-x86_64:latest
CMAKE_ARGS: -DOQS_DIST_BUILD=OFF -DOQS_OPT_TARGET=generic
PYTEST_ARGS: --numprocesses=auto -k 'test_kat_all'
SKIP_ALGS: 'Falcon-1024' # re-enable when #1561 is resolved
- name: extensions
container: openquantumsafe/ci-ubuntu-focal-x86_64:latest
CMAKE_ARGS: -DOQS_DIST_BUILD=OFF -DOQS_OPT_TARGET=haswell
PYTEST_ARGS: --numprocesses=auto -k 'test_kat_all'
SKIP_ALGS: 'Falcon-1024' # re-enable when #1561 is resolved
container:
image: ${{ matrix.container }}
steps:
Expand Down
3 changes: 2 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ The list below indicates all algorithms supported by liboqs, but not all those a

<!--- OQS_TEMPLATE_FRAGMENT_LIST_SIGS_START -->
- **CRYSTALS-Dilithium**: Dilithium2, Dilithium3, Dilithium5
- **Falcon**: Falcon-512, Falcon-1024
- **Falcon**: Falcon-512, Falcon-1024, Falcon-padded-512, Falcon-padded-1024
- **ML-DSA**: ML-DSA-44-ipd (alias: ML-DSA-44), ML-DSA-65-ipd (alias: ML-DSA-65), ML-DSA-87-ipd (alias: ML-DSA-87)
- **SPHINCS+-SHA2**: SPHINCS+-SHA2-128f-simple, SPHINCS+-SHA2-128s-simple, SPHINCS+-SHA2-192f-simple, SPHINCS+-SHA2-192s-simple, SPHINCS+-SHA2-256f-simple, SPHINCS+-SHA2-256s-simple
- **SPHINCS+-SHAKE**: SPHINCS+-SHAKE-128f-simple, SPHINCS+-SHAKE-128s-simple, SPHINCS+-SHAKE-192f-simple, SPHINCS+-SHAKE-192s-simple, SPHINCS+-SHAKE-256f-simple, SPHINCS+-SHAKE-256s-simple
Expand Down Expand Up @@ -185,6 +185,7 @@ liboqs includes some third party libraries or modules that are licensed differen
- `src/kem/ml_kem/pqcrystals-*`: public domain (CC0) or Apache License v2.0
- `src/sig/dilithium/pqcrystals-*`: public domain (CC0) or Apache License v2.0
- `src/sig/dilithium/pqclean_*`: public domain (CC0), and public domain (CC0) or Apache License v2.0, and public domain (CC0) or MIT, and MIT
- src/sig/falcon/pqclean_\*\_aarch64 : Apache License v2.0
- `src/sig/ml_dsa/pqcrystals-*`: public domain (CC0) or Apache License v2.0
- `src/sig/sphincs/pqclean_*`: CC0 (public domain)

Expand Down
2 changes: 1 addition & 1 deletion docs/algorithms/kem/classic_mceliece.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
- **Authors' website**: https://classic.mceliece.org
- **Specification version**: SUPERCOP-20221025.
- **Primary Source**<a name="primary-source"></a>:
- **Source**: https://github.com/PQClean/PQClean/commit/0657749a785db30e7f49e9435452cb042edb1852
- **Source**: https://github.com/PQClean/PQClean/commit/8e221ae797b229858a0b0d784577a8cb149d5789
- **Implementation license (SPDX-Identifier)**: Public domain
- **Ancestors of primary source**:
- SUPERCOP-20221025 "clean" and "avx2" implementations
Expand Down
2 changes: 1 addition & 1 deletion docs/algorithms/kem/classic_mceliece.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -378,4 +378,4 @@ parameter-sets:
auxiliary-submitters: []
primary-upstream:
spdx-license-identifier: Public domain
source: https://github.com/PQClean/PQClean/commit/0657749a785db30e7f49e9435452cb042edb1852
source: https://github.com/PQClean/PQClean/commit/8e221ae797b229858a0b0d784577a8cb149d5789
2 changes: 1 addition & 1 deletion docs/algorithms/kem/hqc.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
- **Authors' website**: https://pqc-hqc.org/
- **Specification version**: 2023-04-30.
- **Primary Source**<a name="primary-source"></a>:
- **Source**: https://github.com/PQClean/PQClean/commit/0657749a785db30e7f49e9435452cb042edb1852
- **Source**: https://github.com/PQClean/PQClean/commit/8e221ae797b229858a0b0d784577a8cb149d5789
- **Implementation license (SPDX-Identifier)**: Public domain
- **Ancestors of primary source**:
- https://github.com/SWilson4/package-pqclean/tree/8db1b24b/hqc, which takes it from:
Expand Down
2 changes: 1 addition & 1 deletion docs/algorithms/kem/hqc.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,4 +76,4 @@ parameter-sets:
upstream: primary-upstream
primary-upstream:
spdx-license-identifier: Public domain
source: https://github.com/PQClean/PQClean/commit/0657749a785db30e7f49e9435452cb042edb1852
source: https://github.com/PQClean/PQClean/commit/8e221ae797b229858a0b0d784577a8cb149d5789
56 changes: 41 additions & 15 deletions docs/algorithms/sig/falcon.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,36 +7,62 @@
- **Authors' website**: https://falcon-sign.info
- **Specification version**: 20211101.
- **Primary Source**<a name="primary-source"></a>:
- **Source**: https://github.com/PQClean/PQClean/commit/0657749a785db30e7f49e9435452cb042edb1852
- **Source**: https://github.com/PQClean/PQClean/commit/8e221ae797b229858a0b0d784577a8cb149d5789
- **Implementation license (SPDX-Identifier)**: MIT
- **Optimized Implementation sources**: https://github.com/PQClean/PQClean/commit/8e221ae797b229858a0b0d784577a8cb149d5789
- **pqclean-aarch64**:<a name="pqclean-aarch64"></a>
- **Source**: https://github.com/PQClean/PQClean/commit/7707d1bcc8ae7f9ffd296dd13b1d76d2767d14f8
- **Implementation license (SPDX-Identifier)**: Apache-2.0


## Parameter set summary

| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Signature size (bytes) |
|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|-------------------------:|
| Falcon-512 | NA | EUF-CMA | 1 | 897 | 1281 | 666 |
| Falcon-1024 | NA | EUF-CMA | 5 | 1793 | 2305 | 1280 |
| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Signature size (bytes) |
|:------------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|-------------------------:|
| Falcon-512 | NA | EUF-CMA | 1 | 897 | 1281 | 752 |
| Falcon-1024 | NA | EUF-CMA | 5 | 1793 | 2305 | 1462 |
| Falcon-padded-512 | NA | EUF-CMA | 1 | 897 | 1281 | 666 |
| Falcon-padded-1024 | NA | EUF-CMA | 5 | 1793 | 2305 | 1280 |

## Falcon-512 implementation characteristics

| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | All | AVX2 | False | False | False |
| [Primary Source](#primary-source) | aarch64 | ARM64\_V8 | Linux,Darwin | None | False | False | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:-----------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | All | AVX2 | False | False | False |
| [pqclean-aarch64](#pqclean-aarch64) | aarch64 | ARM64\_V8 | Linux,Darwin | None | False | False | False |

Are implementations chosen based on runtime CPU feature detection? **Yes**.

‡For an explanation of what this denotes, consult the [Explanation of Terms](#explanation-of-terms) section at the end of this file.

## Falcon-1024 implementation characteristics

| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | All | AVX2 | False | False | False |
| [Primary Source](#primary-source) | aarch64 | ARM64\_V8 | Linux,Darwin | None | False | False | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:-----------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | All | AVX2 | False | False | False |
| [pqclean-aarch64](#pqclean-aarch64) | aarch64 | ARM64\_V8 | Linux,Darwin | None | False | False | False |

Are implementations chosen based on runtime CPU feature detection? **Yes**.

## Falcon-padded-512 implementation characteristics

| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:-----------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | All | AVX2 | False | False | False |
| [pqclean-aarch64](#pqclean-aarch64) | aarch64 | ARM64\_V8 | Linux,Darwin | None | False | False | False |

Are implementations chosen based on runtime CPU feature detection? **Yes**.

## Falcon-padded-1024 implementation characteristics

| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:-----------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | All | AVX2 | False | False | False |
| [pqclean-aarch64](#pqclean-aarch64) | aarch64 | ARM64\_V8 | Linux,Darwin | None | False | False | False |

Are implementations chosen based on runtime CPU feature detection? **Yes**.

Expand Down
Loading
Loading