Commit Graph

1059 Commits

Author SHA1 Message Date
John Schanck
0d7743d576 Update NTRU (#311)
* Update NTRU

version: https://github.com/jschanck/ntru/tree/485dde03

* Fixed ntruhrss701/clean/Makefile.Microsoft_nmake
2021-03-24 21:02:46 +00:00
Sofía Celi
c59580a355 Fix overflow in multiplication in Saber 2021-03-24 21:02:46 +00:00
Thom Wiggers
3d05000b2c Update README for Round 3 (#306)
See also #305
2021-03-24 21:02:46 +00:00
Matthias J. Kannwischer
22babfef8a remove threebears, ledakem, newhope, mqdss, qtesla
NIST announced the Round 3 finalists and alternate candidates today:
https://groups.google.com/a/list.nist.gov/d/msg/pqc-forum/0ieuPB-b8eg/Cl7Ji8TpCwAJ

Some of the schemes in PQClean did not make it to Round 3 and this commit
removes them.
2021-03-24 21:02:46 +00:00
Thom Wiggers
8e27bd0915 Add MQDSS AVX2 implementations (#288)
* Add AVX2 version of mqdss

* Fix duplicate consistency
2021-03-24 21:02:46 +00:00
Douglas Stebila
106365bfa3 Mention FrodoKEM timing leak in SECURITY.md 2021-03-24 21:02:46 +00:00
Douglas Stebila
96e5f1d7ae Fix timing leak in decapsulation.
As identified in: Qian Guo, Thomas Johansson, Alexander Nilsson. A 
key-recovery timing attack on post-quantum primitives using the 
Fujisaki-Okamoto transformation and its application on FrodoKEM. In 
CRYPTO 2020.

Based on 
155c24c3df
2021-03-24 21:02:46 +00:00
Thom Wiggers
1f8b852e8f Speed up test collection (#298)
* don't do filesystem operations during collection

* Greatly speed up test collection

* fixup! Greatly speed up test collection

* Silence junit warning

* fixup! Greatly speed up test collection
2021-03-24 21:02:46 +00:00
Thom Wiggers
4604907c4c Kyber768 and Kyber1024 don't need -maes (see #296) 2021-03-24 21:02:46 +00:00
Ko-
be16fceb68 Fix whitespace to satisfy test_duplicate_consistency 2021-03-24 21:02:46 +00:00
Ko-
0116179381 Update KAT values 2021-03-24 21:02:46 +00:00
Ko-
f5bc4052c7 Add domain separation to NewHope
NewHope announced a new version of their specification that adds
explicit domain separation. This is a port of
https://github.com/newhopecrypto/newhope/commit/607a9d3
2021-03-24 21:02:46 +00:00
Thom Wiggers
4409c6f44f Add Keccakx4 to build 2021-03-24 21:02:46 +00:00
Thom Wiggers
e81295480a remove duplicate from Makefiles 2021-03-24 21:02:46 +00:00
Thom Wiggers
95ea8b314b Remove duplicate sha256x8 2021-03-24 21:02:46 +00:00
Thom Wiggers
d4d6d09ff7 Fix makefiles 2021-03-24 21:02:46 +00:00
Thom Wiggers
3d95a501a8 Fix haraka Makefile.Microsoft_nmake 2021-03-24 21:02:46 +00:00
Thom Wiggers
eb59820e21 Add missing obj file to Windows SPHINCS+ AVX2 builds 2021-03-24 21:02:46 +00:00
xvzcf
77e01fc95c Update required_flags for Dilithium's META.ymls. 2021-03-24 21:02:46 +00:00
Thom Wiggers
e22b54b8ba Update MQDSS round numbers
Based on this change:

00608d7610
2021-03-24 21:02:46 +00:00
Douglas Stebila
f9afa9063e Rename aes256_keyexp based on #279 2021-03-24 21:02:46 +00:00
Thom Wiggers
1edad0d3cc Filter out clang-tidy on alternate platforms 2021-03-24 21:02:46 +00:00
Thom Wiggers
a66d24971f Speed up circleci tests 2021-03-24 21:02:46 +00:00
Douglas Stebila
33ac64d922 Use the right AES CTX 2021-03-24 21:02:46 +00:00
Douglas Stebila
b6ecd70ac7 Don't return void 2021-03-24 21:02:46 +00:00
Douglas Stebila
cf5107b69f Split aes*_keyexp up into ecb and ctr variants 2021-03-24 21:02:46 +00:00
Sebastian
4054af0c42 HQC submission (#202)
* Sebastian's HQC merge request

* Clean up changes to common infrastructure

* Fix Bitmask macro

It assumed that ``unsigned long`` was 64 bit

* Remove maxlen from nistseedexpander

It's a complicated thing to handle because the value is larger than size_t supports on 32-bit platforms

* Initialize buffers to help linter

* Add Nistseedexpander test

* Resolve UB in gf2x.c

Some of the shifts could be larger than WORD_SIZE_BITS, ie. larger than
the width of uint64_t. This apparently on Intel gets interpreted as the
shift mod 64, but on ARM something else happened.

* Fix Windows complaints

* rename log, exp which appear to be existing functions on MS

* Solve endianness problems

* remove all spaces before ';'

* Fix duplicate consistency

* Fix duplicate consistency

* Fix complaints by MSVC about narrowing int

* Add nistseedexpander.obj to COMMON_OBJECTS_NOPATH

* astyle format util.[ch]

* add util.h to makefile

* Sort includes in util.h

* Fix more Windows MSVC complaints

Co-authored-by: Sebastian Verschoor <sebastian@zeroknowledge.me>
Co-authored-by: Thom Wiggers <thom@thomwiggers.nl>
2021-03-24 21:02:46 +00:00
Michael Baentsch
9248977595 Wshadow at Dilithium/avx2 2021-03-24 21:02:46 +00:00
Matthias J. Kannwischer
999b76cb90 fix MSVS warning 2021-03-24 21:02:46 +00:00
Matthias J. Kannwischer
e93a6bef1f Fix NewHope verify
https://github.com/mupq/pqm4/issues/132 repoorted that the NewHope verify function does not actually return 0 or 1, but 0 or -1, which consequenctly breaks the cmov in the FO transform.
This bug was introduced when I integrated this into PQClean.
2021-03-24 21:02:46 +00:00
Douglas Stebila
5a4b5f7358 Trigger build 2021-03-24 21:02:46 +00:00
Douglas Stebila
ca0e28bc43 Change formatting
[skip ci]
2021-03-24 21:02:46 +00:00
Douglas Stebila
f4f51db4eb Avoid type-punning error when strict-aliasing turned on 2021-03-24 21:02:46 +00:00
Thom Wiggers
e39dbecb6a Clean up README and CONTRIBUTING (#273)
* Clean up the docs a bit

* Document that qemu-user-static needs Linux
2021-03-24 21:02:46 +00:00
Thom Wiggers
5b5956c2ef fixup! Fix uint8_t to uint16_t upcast in Frodo 2021-03-24 21:02:46 +00:00
Thom Wiggers
3b655f3f72 Fix uint8_t to uint16_t upcast in Frodo 2021-03-24 21:02:46 +00:00
Thom Wiggers
d257525360 Fix UB in qTESLA
Lots of shifts left of signed integers
2021-03-24 21:02:46 +00:00
Thom Wiggers
507617f30f fixup! Run sanitizers after running AMD64 tests 2021-03-24 21:02:46 +00:00
Thom Wiggers
fcd81030d6 Fix too-large shift in mceliece*f 2021-03-24 21:02:46 +00:00
Thom Wiggers
c5f8131c8b fixup! Run sanitizers after running AMD64 tests 2021-03-24 21:02:46 +00:00
Thom Wiggers
73704e2224 Run sanitizers after running AMD64 tests 2021-03-24 21:02:46 +00:00
Thom Wiggers
3307f05c49 Clean up SABER 2021-03-24 21:02:46 +00:00
Thom Wiggers
5f02a4e80c Fix overflowing mults in NTRUHRSS701 2021-03-24 21:02:46 +00:00
Thom Wiggers
3ef983c459 Fix reduce.c's overflowing multiplication 2021-03-24 21:02:46 +00:00
Thom Wiggers
ea5ede6e80 Make sure tests respond to undefined behaviour 2021-03-24 21:02:46 +00:00
Thom Wiggers
83750a2fb2 Fix duplicate consistency 2021-03-24 21:02:46 +00:00
Thom Wiggers
698738c263 Enable leak check in Valgrind 2021-03-24 21:02:46 +00:00
Thom Wiggers
d8c9c431cf Fix memory leaks in LEDAkem 2021-03-24 21:02:46 +00:00
Thom Wiggers
0912b1821c Fix memory leaks in NewHope 2021-03-24 21:02:46 +00:00
Thom Wiggers
160030400d Fix FIPS202 API memory leaks in Dilithium 2021-03-24 21:02:46 +00:00