Reference implementations of PQC
Nelze vybrat více než 25 témat Téma musí začínat písmenem nebo číslem, může obsahovat pomlčky („-“) a může být dlouhé až 35 znaků.
 
 
 
 
Thom Wiggers 904f91cf9b Update README with github actions info před 4 roky
.github Update README with github actions info před 3 roky
common Remove CFLAGS from keccak4x makefile (closes #321) před 3 roky
crypto_kem ntru: Match sample_fixed_weight to spec. Changes KATs. (c.f. Simone Dutto pqcforum 20200731) před 3 roky
crypto_sign dilithium: format nttconsts.c před 3 roky
test Implement testing via Github actions před 3 roky
.astylerc Disable AStyle line endings formatter před 5 roky
.clang-tidy SPHINCS+ optimized implementations (#253) před 3 roky
.gitattributes Fix tidy for signing před 5 roky
.gitignore Parallel tests (#206) před 5 roky
.gitmodules Prohibit using char without explicit sign modifier před 5 roky
.mergify.yml Allow to automatically merge PRs if approved and CI agrees (#234) před 5 roky
.travis.yml Implement testing via Github actions před 3 roky
CONTRIBUTING.md Implement testing via Github actions před 3 roky
README.md Update README with github actions info před 3 roky
SECURITY.md Mention FrodoKEM timing leak in SECURITY.md před 3 roky
requirements.txt Implement testing via Github actions před 3 roky

README.md

PQClean

Build Status on Travis CI Test dilithium2 Test dilithium3 Test dilithium4 Test falcon-1024 Test falcon-512 Test firesaber Test frodokem1344aes Test frodokem1344shake Test frodokem640aes Test frodokem640shake Test frodokem976aes Test frodokem976shake Test hqc-128 Test hqc-192 Test hqc-256 Test hqc-rmrs-128 Test hqc-rmrs-192 Test hqc-rmrs-256 Test kyber1024-90s Test kyber1024 Test kyber512-90s Test kyber512 Test kyber768-90s Test kyber768 Test lightsaber Test mceliece348864 Test mceliece348864f Test mceliece460896 Test mceliece460896f Test mceliece6688128 Test mceliece6688128f Test mceliece6960119 Test mceliece6960119f Test mceliece8192128 Test mceliece8192128f Test ntruhps2048509 Test ntruhps2048677 Test ntruhps4096821 Test ntruhrss701 Test ntrulpr653 Test ntrulpr761 Test ntrulpr857 Test rainbowIIIc-classic Test rainbowIIIc-cyclic-compressed Test rainbowIIIc-cyclic Test rainbowIa-classic Test rainbowIa-cyclic-compressed Test rainbowIa-cyclic Test rainbowVc-classic Test rainbowVc-cyclic-compressed Test rainbowVc-cyclic Test saber Test sntrup653 Test sntrup761 Test sntrup857 Test sphincs-haraka-128f-robust Test sphincs-haraka-128f-simple Test sphincs-haraka-128s-robust Test sphincs-haraka-128s-simple Test sphincs-haraka-192f-robust Test sphincs-haraka-192f-simple Test sphincs-haraka-192s-robust Test sphincs-haraka-192s-simple Test sphincs-haraka-256f-robust Test sphincs-haraka-256f-simple Test sphincs-haraka-256s-robust Test sphincs-haraka-256s-simple Test sphincs-sha256-128f-robust Test sphincs-sha256-128f-simple Test sphincs-sha256-128s-robust Test sphincs-sha256-128s-simple Test sphincs-sha256-192f-robust Test sphincs-sha256-192f-simple Test sphincs-sha256-192s-robust Test sphincs-sha256-192s-simple Test sphincs-sha256-256f-robust Test sphincs-sha256-256f-simple Test sphincs-sha256-256s-robust Test sphincs-sha256-256s-simple Test sphincs-shake256-128f-robust Test sphincs-shake256-128f-simple Test sphincs-shake256-128s-robust Test sphincs-shake256-128s-simple Test sphincs-shake256-192f-robust Test sphincs-shake256-192f-simple Test sphincs-shake256-192s-robust Test sphincs-shake256-192s-simple Test sphincs-shake256-256f-robust Test sphincs-shake256-256f-simple Test sphincs-shake256-256s-robust Test sphincs-shake256-256s-simple PQClean, in short, is an effort to collect clean implementations of the post-quantum schemes that are in the NIST post-quantum project. The goal of PQClean is to provide standalone implementations that

  • can easily be integrated into libraries such as liboqs.
  • can efficiently upstream into higher-level protocol integration efforts such as Open Quantum Safe;
  • can easily be integrated into benchmarking frameworks such as SUPERCOP;
  • can easily be integrated into frameworks targeting embedded platforms such as pqm4;
  • are suitable starting points for architecture-specific optimized implementations;
  • are suitable starting points for evaluation of implementation security; and
  • are suitable targets for formal verification.

What PQClean is not aiming for is

  • a build system producing an integrated library of all schemes;
  • including benchmarking of implementations; and
  • including integration into higher-level applications or protocols.

As a first main target, we are collecting C implementations that fulfill the requirements listed below. We also accept optimised implementations, but still requiring high-quality, tested code.

Please also review our guidelines for contributors if you are interested in adding a scheme to PQClean.

Requirements on C implementations that are automatically checked

The checking of items on this list is still being developed. Checked items should be working.

Requirements on C implementations that are manually checked

  • Minimalist Makefiles
  • No stringification macros
  • Output-parameter pointers in functions are on the left
  • All exported symbols are namespaced in place
  • Integer types are of fixed size where relevant, using stdint.h types (optional, recommended)
  • Integers used for indexing memory are of size size_t (optional, recommended)
  • Variable declarations at the beginning (except in for (size_t i=...) (optional, recommended)

Schemes currently in PQClean

For the following schemes we have implementations of one or more of their parameter sets. For all of these schemes we have clean C code, but for some we also have optimised code.

Key Encapsulation Mechanisms

Finalists:

  • Classic McEliece
  • Kyber
  • NTRU
  • SABER

Alternate candidates:

  • FrodoKEM
  • HQC

Signature schemes

Finalists:

  • Dilithium
  • Falcon
  • Rainbow

Alternate candidates:

  • SPHINCS+

Implementations previously available in PQClean and dropped in Round 3 of the NIST standardization effort are available in the round2 tag.

API used by PQClean

PQClean is essentially using the same API as required for the NIST reference implementations, which is also used by SUPERCOP and by libpqcrypto. The only differences to that API are the following:

  • All functions are namespaced;
  • All lengths are passed as type size_t instead of unsigned long long; and
  • Signatures offer two additional functions that follow the “traditional” approach used in most software stacks of computing and verifying signatures instead of producing and recovering signed messages. Specifically, those functions have the following name and signature:
int PQCLEAN_SCHEME_IMPL_crypto_sign_signature(
    uint8_t *sig, size_t *siglen,
    const uint8_t *m, size_t mlen,
    const uint8_t *sk);
int PQCLEAN_SCHEME_IMPL_crypto_sign_verify(
    const uint8_t *sig, size_t siglen,
    const uint8_t *m, size_t mlen,
    const uint8_t *pk);

Building PQClean

As noted above, PQClean is not meant to be built as a single library: it is a collection of source code that can be easily integrated into other libraries. The PQClean repository includes various test programs which do build various files, but you should not use the resulting binaries.

List of required dependencies: gcc or clang, make, python3, python-yaml library, valgrind, astyle (>= 3.0).

Using source code from PQClean in your own project

Each implementation directory in PQClean (e.g., crypto_kem/kyber768\clean) can be extracted for use in your own project. You will need to:

  1. Copy the source code from the implementation’s directory into your project.
  2. Add the files to your project’s build system.
  3. Provide instantiations of any of the common cryptographic algorithms used by the implementation. This likely includes common/randombytes.h (a cryptographic random number generator), and possibly common/sha2.h (the SHA-2 hash function family), common/aes.h (AES implementations), common/fips202.h (the SHA-3 hash function family) and common/sp800-185.h (the cSHAKE family).

Regarding #2, adding the files to your project’s build system, each implementation in PQClean is accompanied by example two makefiles that show how one could build the files for that implementation:

  • The file Makefile which can be used with GNU Make, BSD Make, and possibly others.
  • The file Makefile.Microsoft_nmake which can be used with Visual Studio’s nmake.

Projects integrating PQClean-distributed source code

The following projects consume implementations from PQClean and provide their own wrappers around the implementations. Their integration strategies may serve as examples for your own projects.

  • pqcrypto crate: Rust integration that automatically generates wrappers from PQClean source code.
  • mupq: Runs the implementations from PQClean as reference implementations to compare with microcontroller-optimized code.
  • Open Quantum Safe: The Open Quantum Safe project integrates implementations from PQClean into their liboqs C library, which then exposes them via C++, C# / .NET, and Python wrappers, as well as to forks of OpenSSL and OpenSSH.

License

Each subdirectory containing implementations contains a LICENSE file stating under what license that specific implementation is released. The files in common contain licensing information at the top of the file (and are currently either public domain or MIT). All other code in this repository is released under the conditions of CC0.

Running tests locally

See https://github.com/PQClean/PQClean/wiki/Test-framework for details about the PQClean test framework.

While we run extensive automatic testing on Github Actions ((emulated) Linux builds, MacOS and Windows builds) and Travis CI (Aarch64 builds), and most tests can also be run locally. To do this, make sure the following is installed:

  • Python 3.6+
  • pytest for python 3.

We also recommend installing pytest-xdist to allow running tests in parallel.

You will also need to make sure the submodules are initialized by running:

git submodule update --init

Run the Python-based tests by going into the test directory and running pytest -v or (recommended) pytest -n=auto for parallel testing.

You may also run python3 <testmodule> where <testmodule> is any of the files starting with test_ in the test/ folder.