pqcrypto-hqc
was updated to addresss a security flaw in decapsulation.
pqcrypto-kyber
andpqcrypto-dilithium
are retired and replaced bypqcrypto-mlkem
andpqcrypto-mldsa
, respectively.pqcrypto-falcon
now separates Falcon into the "compressed" mode and the "padded" variants. The "compressed" variant likely produces shorter signatures than the max size.
- Update Kyber
clean
implementation to avoid potential Kyber side-channel vulnerabilities. Note that theaarch64
implementation is still vulnerable, but it is waiting for other updates. This library is for experimental purposes, so security vulnerabilties are addressed on a best-effort basis.
- Update Kyber to draft FIPS standard
- Remove 90s variants
- Update Dilithium to draft FIPS standard
- Remove 90s variants
- Update McEliece implementation
- Remove Vec variants
- Bring SPHINCS+ to closer to FIPS variants by removing -robust and Haraka variants
- Small fix in Falcon
- Add Falcon NEON implementation
- Update Rust edition to 2021
- Update Rust dependencies
- Update SPHINCS+ implementation
- Update Falcon implementation
- Add support for Dilithium*AES instances
- Remove schemes eliminated from the NIST competition as they are no longer
tracked by PQClean
- Frodo
- NTRU
- NTRU Prime
- Rainbow
- SABER
- Update HQC implementation from PQClean
- Fixes aliasing violation
- Update schemes
- NTRU small fixes
- Dilithium fixes
- McEliece small fix
- SPHINCS+ small fixes
- SABER NEON implementation
- Kyber neon
- Many build system fixes
- Add AArch64 compilation option for supported schemes
- NTT operations can now compute with NEON support
- Add WebAssembly (WASM) support
- Add a general implementation list for each scheme in implementations.yaml which is used by build.rs.j2
- Each scheme now has a list of supported implementation variants
- Refactor build.rs.js2 to use macro calls
- Update the other template files to adapt to this change
- Slight modifications to README.md
- Update PQClean
- Larger-size NTRU parametersets
- Make
pqcrypto-internals
cross-compilable
- Fix small issue in randombytes implementation: should return 0
no_std
support thanks to @rozbb (PR#25)- Extract randombytes from PQClean-provided APIs (avoids symbol conflict) (PR #24)
- Update PQClean:
- NTRUPrime new parametersets
- Small Falcon fixes
- Small NTRU fix
- Falcon updates: remove inline functions from headerfiles
- Enable Falcon AVX2
- NTRU Prime updates
- Move common files into
pqcrypto-internals
and out of individual libs
- Refactor the wrapper methods in scheme.rs.js2 file to macro calls
- Add optional
serde
support - HQC bugfixes
- Issues still remain, disabled AVX2 implementations of HQC for now.
- McEliece fixes
- Round 3 parameters for SPHINCS+
- Update CRYSTALS-Kyber schemes to Round 3
- Update FrodoKEM schemes to Round 3
- Update NTRU schemes to Round 3
- Add NTRU Prime schemes
- Update Saber schemes to Round 3
- Add AVX2 implementation
- Update HQC schemes to Round 3
- Add polynomial carry-less multiplication flag (pclmul) to compile flags
- Disable AVX2 implementation of HQC-RMRS-256 as there is a bug in "compute_syndromes()" in reed_solomon.c
- Update CRYSTALS-Dilithium schemes to Round 3
- Update Falcon schemes
- Update Rainbow schemes to Round 3
- Disable doc-tests for RainbowV because of stack overflow
- Add stack size notification for Rainbow schemes
- Sort the scheme variants alphabetically in implementations.yaml
- :alert: Removed non-round-3 implementations
- Update NTRU
- Small update in Saber code
- Update FrodoKEM implementations to fix timing side channel
- Update MQDSS
- Make paths more resilient to windows
- Add HQC
- Update implementations to PQClean latest versions
- Kyber
- Dilithium
- Falcon
- Add Classic McEliece
- Support MacOS for Dilithium AVX2
- Add ephemeral versions (CPA secure) of Threebears
- Put buffers in tests on the heap
- Include SPHINCS+ AVX2 and AESNI implementations
- Refactor build system to separately build all the implementations.
- Somewhere since the last version we also included Dilithium AVX2 implementations.
- Update Rainbow implementations to mitigate
memcopy
bug (#5) - Don't try to compile Kyber-AVX2 on MacOS
- Add Kyber-90s (with AVX2)
- Add NEWHOPE
- Add qTESLA
- Add Threebears
- Release fixed version of Rainbow
- Don't try to build AVX2 versions of code on Windows
-
Update FALCON implementations, as they were insecure. See IACR ePrint report 2019/893.
-
Support Kyber AVX2 implementations (this may break Windows support).
- Update PQClean upstream
- Support upcoming AVX2 implementations from PQClean
- Update PQClean upstream
- Update FALCON from PQClean
- Update SPHINCS+ from PQClean
- Package LEDAcryptKEM
- Warning: The LEDAcryptKEM implementations currently packaged are known to have timing side-channel vulnerabilities.
- Package Rainbow
- The
clean
implementations are currently known to have undefined behaviour. See pqclean/issues/220
- The
- Hide a internal enum variable from
pqcrypto_traits::sign::VerificationError
- Ditch
pqcrypto-internals
- Update PQClean
- Package Falcon
- Make nicer docs and READMEs
- Update
rand
crate to0.7.0
- Update PQClean implementations
- SPHINCS+ is now thread-safe.
- Frodo now uses
opt
implementation by default.
- Allow for multiple implementations in the
ffi
interface.
- Make
encapsulate
anddecapsulate
take references. - Add Dilithium
- Add SABER
- Remove
pqcrypto-internals
- Added
pqcrypto_traits::{Error,Result}
tofrom_bytes
signature. - Added
pqcrypto::prelude
to allow importing all traits in one easy go. - Removed all uses of
mem::uninitialized()
- Added MQDSS