From 0127ba93f5991d7daeca240d8f8d95d782c9ec59 Mon Sep 17 00:00:00 2001 From: "Matthias J. Kannwischer" Date: Mon, 13 May 2019 17:20:33 +0200 Subject: [PATCH] Add IND-CPA/IND-CCA2 security field to METADATA. add test for it as well (#165) --- CONTRIBUTING.md | 1 + crypto_kem/frodokem1344aes/META.yml | 1 + crypto_kem/frodokem1344shake/META.yml | 1 + crypto_kem/frodokem640aes/META.yml | 1 + crypto_kem/frodokem640shake/META.yml | 1 + crypto_kem/frodokem976aes/META.yml | 1 + crypto_kem/frodokem976shake/META.yml | 1 + crypto_kem/kyber1024/META.yml | 1 + crypto_kem/kyber512/META.yml | 1 + crypto_kem/kyber768/META.yml | 1 + crypto_kem/ntruhps2048509/META.yml | 1 + crypto_kem/ntruhps2048677/META.yml | 1 + crypto_kem/ntruhps4096821/META.yml | 1 + crypto_kem/ntruhrss701/META.yml | 1 + test/test_metadata.py | 5 +++++ 15 files changed, 19 insertions(+) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 64f29fe7..f7ab30e0 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -25,6 +25,7 @@ See the section [API](#API) below. name: Name type: claimed-nist-level: + claimed-security: IND-CPA/IND-CCA2 # KEM only length-public-key: # KEM and signature length-secret-key: # KEM and signature length-ciphertext: # KEM only diff --git a/crypto_kem/frodokem1344aes/META.yml b/crypto_kem/frodokem1344aes/META.yml index cd6b1991..98528881 100644 --- a/crypto_kem/frodokem1344aes/META.yml +++ b/crypto_kem/frodokem1344aes/META.yml @@ -1,6 +1,7 @@ name: FrodoKEM-1344-AES type: kem claimed-nist-level: 5 +claimed-security: IND-CCA2 length-public-key: 21520 length-secret-key: 43088 length-ciphertext: 21632 diff --git a/crypto_kem/frodokem1344shake/META.yml b/crypto_kem/frodokem1344shake/META.yml index 5048603b..534d3f43 100644 --- a/crypto_kem/frodokem1344shake/META.yml +++ b/crypto_kem/frodokem1344shake/META.yml @@ -1,6 +1,7 @@ name: FrodoKEM-1344-SHAKE type: kem claimed-nist-level: 5 +claimed-security: IND-CCA2 length-public-key: 21520 length-secret-key: 43088 length-ciphertext: 21632 diff --git a/crypto_kem/frodokem640aes/META.yml b/crypto_kem/frodokem640aes/META.yml index 44861a47..a4932688 100644 --- a/crypto_kem/frodokem640aes/META.yml +++ b/crypto_kem/frodokem640aes/META.yml @@ -1,6 +1,7 @@ name: FrodoKEM-640-AES type: kem claimed-nist-level: 1 +claimed-security: IND-CCA2 length-public-key: 9616 length-secret-key: 19888 length-ciphertext: 9720 diff --git a/crypto_kem/frodokem640shake/META.yml b/crypto_kem/frodokem640shake/META.yml index db07a8c7..99e685c5 100644 --- a/crypto_kem/frodokem640shake/META.yml +++ b/crypto_kem/frodokem640shake/META.yml @@ -1,6 +1,7 @@ name: FrodoKEM-640-SHAKE type: kem claimed-nist-level: 1 +claimed-security: IND-CCA2 length-public-key: 9616 length-secret-key: 19888 length-ciphertext: 9720 diff --git a/crypto_kem/frodokem976aes/META.yml b/crypto_kem/frodokem976aes/META.yml index 526cc315..78f277b1 100644 --- a/crypto_kem/frodokem976aes/META.yml +++ b/crypto_kem/frodokem976aes/META.yml @@ -1,6 +1,7 @@ name: FrodoKEM-976-AES type: kem claimed-nist-level: 3 +claimed-security: IND-CCA2 length-public-key: 15632 length-secret-key: 31296 length-ciphertext: 15744 diff --git a/crypto_kem/frodokem976shake/META.yml b/crypto_kem/frodokem976shake/META.yml index 181043a8..35c9c8a8 100644 --- a/crypto_kem/frodokem976shake/META.yml +++ b/crypto_kem/frodokem976shake/META.yml @@ -1,6 +1,7 @@ name: FrodoKEM-976-SHAKE type: kem claimed-nist-level: 3 +claimed-security: IND-CCA2 length-public-key: 15632 length-secret-key: 31296 length-ciphertext: 15744 diff --git a/crypto_kem/kyber1024/META.yml b/crypto_kem/kyber1024/META.yml index 5055cd57..e2ab2a5a 100644 --- a/crypto_kem/kyber1024/META.yml +++ b/crypto_kem/kyber1024/META.yml @@ -1,6 +1,7 @@ name: Kyber1024 type: kem claimed-nist-level: 5 +claimed-security: IND-CCA2 length-public-key: 1568 length-ciphertext: 1568 length-secret-key: 3168 diff --git a/crypto_kem/kyber512/META.yml b/crypto_kem/kyber512/META.yml index 47148557..b5e7455a 100644 --- a/crypto_kem/kyber512/META.yml +++ b/crypto_kem/kyber512/META.yml @@ -1,6 +1,7 @@ name: Kyber512 type: kem claimed-nist-level: 1 +claimed-security: IND-CCA2 length-public-key: 800 length-ciphertext: 736 length-secret-key: 1632 diff --git a/crypto_kem/kyber768/META.yml b/crypto_kem/kyber768/META.yml index 2d8a309e..2efae031 100644 --- a/crypto_kem/kyber768/META.yml +++ b/crypto_kem/kyber768/META.yml @@ -1,6 +1,7 @@ name: Kyber768 type: kem claimed-nist-level: 3 +claimed-security: IND-CCA2 length-public-key: 1184 length-ciphertext: 1088 length-secret-key: 2400 diff --git a/crypto_kem/ntruhps2048509/META.yml b/crypto_kem/ntruhps2048509/META.yml index a3a4c1ba..f05a94ac 100644 --- a/crypto_kem/ntruhps2048509/META.yml +++ b/crypto_kem/ntruhps2048509/META.yml @@ -1,6 +1,7 @@ name: ntru-hps2048509 type: kem claimed-nist-level: 1 +claimed-security: IND-CCA2 length-public-key: 699 length-secret-key: 935 length-ciphertext: 699 diff --git a/crypto_kem/ntruhps2048677/META.yml b/crypto_kem/ntruhps2048677/META.yml index d80ff7b8..be3a3d67 100644 --- a/crypto_kem/ntruhps2048677/META.yml +++ b/crypto_kem/ntruhps2048677/META.yml @@ -1,6 +1,7 @@ name: ntru-hps2048677 type: kem claimed-nist-level: 3 +claimed-security: IND-CCA2 length-public-key: 930 length-secret-key: 1234 length-ciphertext: 930 diff --git a/crypto_kem/ntruhps4096821/META.yml b/crypto_kem/ntruhps4096821/META.yml index 308b7cd0..15f072c9 100644 --- a/crypto_kem/ntruhps4096821/META.yml +++ b/crypto_kem/ntruhps4096821/META.yml @@ -1,6 +1,7 @@ name: ntru-hps4096821 type: kem claimed-nist-level: 5 +claimed-security: IND-CCA2 length-public-key: 1230 length-secret-key: 1590 length-ciphertext: 1230 diff --git a/crypto_kem/ntruhrss701/META.yml b/crypto_kem/ntruhrss701/META.yml index e5b53e09..aa389d75 100644 --- a/crypto_kem/ntruhrss701/META.yml +++ b/crypto_kem/ntruhrss701/META.yml @@ -1,6 +1,7 @@ name: ntru-hrss701 type: kem claimed-nist-level: 3 +claimed-security: IND-CCA2 length-public-key: 1138 length-secret-key: 1450 length-ciphertext: 1138 diff --git a/test/test_metadata.py b/test/test_metadata.py index a19a6148..472b92b8 100644 --- a/test/test_metadata.py +++ b/test/test_metadata.py @@ -62,6 +62,7 @@ EXPECTED_FIELDS = { } KEM_FIELDS = { + 'claimed-security' : {'type' : str, 'values' : ['IND-CPA', 'IND-CCA2'] }, 'length-ciphertext': {'type': int, 'min': 1}, 'length-shared-secret': {'type': int, 'min': 1}, 'nistkat-sha256': {'type': str, 'length': 64}, @@ -123,6 +124,10 @@ def check_element(field, element, props): raise ValueError("Value of field '{}' should be length {}" " but was length {}" .format(field, props['length'], actual_len)) + if 'values' in props and element not in props['values']: + raise ValueError("'{}' should be in {}" + .format(element, props['values'])) + if type_ == list: # recursively check the elements for el in element: