Matthias J. Kannwischer
1eb8fbe8d3
FrodoKEM: Fix bug in the output of the ct_verify function ( #367 )
...
* Fix bug in the output of the ct_verify function
A bug in the CCA transformation was reported on the pqc-forum on 2020-12-10
https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/kSUKzDNc5ME
It was fixed today in 669522db63
.
This commit ports that fix to PQClean
* add note to SECURITY.md
* update upstream commit in META.yml
2021-03-24 21:02:50 +00:00
Thom Wiggers
560ac15334
Fix missed overflowing mul in FrodoKEM
...
It happened in another place
2021-03-24 21:02:49 +00:00
Thom Wiggers
af9b25b8fa
Fix more overflowing muls in Frodo
2021-03-24 21:02:49 +00:00
Thom Wiggers
9a1319454f
Also fix problem in FrodoKEM-SHAKE
2021-03-24 21:02:49 +00:00
Thom Wiggers
747908d35b
Fix overflowing multiplication in FrodoKEM AES
2021-03-24 21:02:49 +00:00
John M. Schanck
6154c0d7d3
astyle
2021-03-24 21:02:48 +00:00
John M. Schanck
512adcc0db
frodo: satisfy test_boolean
2021-03-24 21:02:48 +00:00
Douglas Stebila
96e5f1d7ae
Fix timing leak in decapsulation.
...
As identified in: Qian Guo, Thomas Johansson, Alexander Nilsson. A
key-recovery timing attack on post-quantum primitives using the
Fujisaki-Okamoto transformation and its application on FrodoKEM. In
CRYPTO 2020.
Based on
155c24c3df
2021-03-24 21:02:46 +00:00
Douglas Stebila
cf5107b69f
Split aes*_keyexp up into ecb and ctr variants
2021-03-24 21:02:46 +00:00
Thom Wiggers
5b5956c2ef
fixup! Fix uint8_t to uint16_t upcast in Frodo
2021-03-24 21:02:46 +00:00
Thom Wiggers
3b655f3f72
Fix uint8_t to uint16_t upcast in Frodo
2021-03-24 21:02:46 +00:00
Thom Wiggers
f792b925b4
Enable optimizers on Windows ( #244 )
2019-10-21 14:23:59 +02:00
Thom Wiggers
2108bdcdb5
Make a static global explicitly const
2019-07-18 13:42:37 +02:00
Douglas Stebila
4157e0fbad
Add release function for AES key schedule
2019-06-25 09:37:23 -04:00
Thom Wiggers
4cea81d15f
Convert principal-submitter
into a list
...
There are schemes, like SABER (#192 ) that have more than one principal
submitter. Consistency warrants that we turn it into a list for all
schemes and don't do something with allowing either a str or a list:
that would just be very annoying to parse.
Closes #194
2019-06-21 09:30:55 +02:00
Douglas Stebila
9a82706697
Merge pull request #176 from PQClean/frodoopt
...
Add optimized FrodoKEM
2019-05-22 11:45:20 +02:00
Matthias J. Kannwischer
743b28f7a8
make VS compiler happy in matrix_aes.c
2019-05-22 07:31:03 +02:00
Matthias J. Kannwischer
cf8e4e5179
add optimized frodokem640aes
2019-05-21 15:46:59 +02:00
Thom Wiggers
199adb8072
Add -Wredundant-decls
2019-05-20 16:12:01 +02:00
Matthias J. Kannwischer
0127ba93f5
Add IND-CPA/IND-CCA2 security field to METADATA. add test for it as well ( #165 )
2019-05-13 11:20:32 -04:00
Douglas Stebila
3494c96e53
Update to latest changes from upstream, fix correctness on MS Visual Studio ( #163 )
2019-05-05 18:33:34 -04:00
Douglas Stebila
6e1f66d047
Don't run testvectors checks on KEMs ( #161 )
2019-04-30 11:15:57 -04:00
Joost Rijneveld
68b12866ce
Use more standard Wvla
2019-04-24 13:52:02 +02:00
Joost Rijneveld
e32666a0ab
Throw errors when using variable-length arrays
...
Windows already complains about this in CI, but this will
let us catch these issues on Linux as well.
2019-04-24 12:35:17 +02:00
Joost Rijneveld
baf93e2826
Merge pull request #146 from PQClean/move-secret-key-to-scheme-meta
...
Move secret key length back to scheme-level META
2019-04-18 17:14:08 +02:00
Thom Wiggers
b5d4e93478
Add -O3 to CFLAGS
2019-04-17 11:56:16 +02:00
Joost Rijneveld
972315dec5
Move secret key length back to scheme-level META
2019-04-17 11:08:45 +02:00
Douglas Stebila
c0cf260113
Merge branch 'master' into nist-kat
2019-04-16 16:20:31 -04:00
Thom Wiggers
eb5f7f1e57
Fix int/size_t comparison in frodo
2019-04-16 13:37:50 +02:00
Douglas Stebila
c42619d855
Merge branch 'master' into nist-kat
2019-04-14 19:28:59 -04:00
Douglas Stebila
ff71e7de11
Correct FrodoKEM submitter list
2019-04-14 17:38:53 -04:00
Douglas Stebila
8e7cf2b5cd
Fix linter complaints
2019-04-14 17:29:58 -04:00
Douglas Stebila
a815543f32
Add NIST KAT check for KEMs
2019-04-14 17:17:11 -04:00
Matthias J. Kannwischer
5587cdb4a8
Add -Wmissing-prototypes ( #109 )
...
* fix prototypes for sphincs and static functions in aes.c
* fix missing prototypes in all frodo variants
* fix missing prototypes in kyber
* remove const from non-pointer arguments in Frodo
* add missing prototypes to requirements in README
2019-04-13 11:47:29 -04:00
Douglas Stebila
6ca367e2e6
Apply astyle
2019-04-11 08:18:49 -04:00
Douglas Stebila
7e8bd90d8c
Fix Windows compiler warnings and endianness
2019-04-10 12:21:53 -04:00
Douglas Stebila
e9427afeb2
Add FrodoKEM-640-AES
2019-04-10 11:51:09 -04:00