kris/pqcrypto
1
1
Fork 0
mirror of https://github.com/henrydcase/pqc.git synced 2024-11-22 15:39:07 +00:00
Code Issues 1 Releases Wiki Activity
70 Commits 9 Branches 2 Tags 14 MiB
Assembly 52.6%
C 46.8%
SQL 0.4%
0c65364f34
Go to file
Thom Wiggers 0c65364f34
Remove obsolete SHA3 hash from META.yml files. 
We moved to SHA256 for compatibility with older versions of Python 3, and this hash is thus unchecked. It will only get out of date, so it seems better to remove it.
2019-01-29 16:39:27 +01:00
common Add travis config 2019-01-16 14:54:24 +01:00
crypto_kem/kyber768 Remove obsolete SHA3 hash from META.yml files. 2019-01-29 16:39:27 +01:00
crypto_sign/dilithium-iii Remove obsolete SHA3 hash from META.yml files. 2019-01-29 16:39:27 +01:00
test Don't fail if decapsulating with wrong keys doesn't return -1 2019-01-29 16:05:55 +01:00
.clang-format Normalize whitespace 2019-01-16 11:02:32 +01:00
.clang-tidy Add travis config 2019-01-16 14:54:24 +01:00
.gitattributes Fix tidy for signing 2019-01-16 13:02:35 +01:00
.gitignore Add more binary noise to .gitignore 2019-01-16 11:42:08 +01:00
.travis.yml Don't install Python 3 on Travis OSX 2019-01-23 12:45:32 +01:00
Makefile Use $(CC) instead of gcc 2019-01-23 12:37:00 +01:00
README.md Don't fail if decapsulating with wrong keys doesn't return -1 2019-01-29 16:05:55 +01:00
requirements.txt Don't specify PyYAML version and just get the latest one 2019-01-18 18:07:52 +01:00

README.md

PQClean

Build Status

PQClean, in short, is an effort to collect clean implementations of the post-quantum schemes that are in the NIST post-quantum project. The goal of PQClean is to provide standalone implementations that

  • can easily be integrated into libraries such as liboqs or libpqcrypto;
  • can efficiently upstream into higher-level protocol integration efforts such as Open Quantum Safe;
  • can easily be integrated into benchmarking frameworks such as SUPERCOP;
  • can easily be integrated into frameworks targeting embedded platforms such as pqm4;
  • are suitable starting points for architecture-specific optimized implementations;
  • are suitable starting points for evaluation of implementation security; and
  • are suitable targets for formal verification.

What PQClean is not aiming for is

  • a build system producing an integrated library of all schemes;
  • including benchmarking of implementations; and
  • including integration into higher-level applications or protocols.

As a first main target, we are collecting C implementations that fulfill the requirements listed below.

Requirements on C implementations that are automatically checked

The checking of items on this list is still being developed. Checked items should be working.

  • Code is valid C99
  • Passes functional tests
  • API functions do not write outside provided buffers
  • Compiles with -Wall -Wextra -Wpedantic -Werror with gcc and clang
  • Consistent test vectors across runs
  • Consistent test vectors on big-endian and little-endian machines
  • Consistent test vectors on 32-bit and 64-bit machines
  • No errors/warnings reported by valgrind
  • No errors/warnings reported by address sanitizer
  • Only dependencies:
    • fips202.c
    • sha2.c
    • aes.c
    • randombytes.c
  • API functions return 0 on success, negative on failure
    • 0 on success
    • Negative on failure (within restrictions of FO transform).
  • No dynamic memory allocations
  • No branching on secret data (dynamically checked using valgrind)
  • No access to secret memory locations (dynamically checked using valgrind)
  • Separate subdirectories (without symlinks) for each parameter set of each scheme
  • Builds under Linux, MacOS, and Windows
    • Linux
    • MacOS
    • Windows
  • Makefile-based build for each separate scheme
  • Makefile-based build for Windows (nmake)
  • All exported symbols are namespaced with PQCLEAN_SCHEMENAME_
  • Each implementation comes with a LICENSE file (see below)
  • Each implementation comes with a META file giving details about version of the algorithm, designers, etc.

Requirements on C implementations that are manually checked

  • Makefiles without explicit rules (rely on implicit, built-in rules)
  • #ifdefs only for header encapsulation
  • No stringification macros
  • Output-parameter pointers in functions are on the left
  • const arguments are labeled as const
  • All exported symbols are namespaced in place
  • All integer types are of fixed size, using stdint.h types (including uint8_t instead of unsigned char)
  • Integers used for indexing are of size size_t
  • variable declarations at the beginning (except in for (size_t i=...)

Clean C implementations currently in PQClean

Currently, the continuous-integration and testing environment of PQClean is still work in progress and as a consequence PQClean does not yet have many implementations.

API used by PQClean

PQClean is essentially using the same API as required for the NIST reference implementations, which is also used by SUPERCOP and by libpqcrypto. The only two differences to that API are the following:

  • All lengths are passed as type size_t instead of unsigned long long; and
  • Signatures offer two additional functions that follow the "traditional" approach used in most software stacks of computing and verifying signatures instead of producing and recovering signed messages. Specifically, those functions have the following name and signature:
int crypto_sign_signature(uint8_t *sig, size_t *siglen, const uint8_t *m, size_t mlen, const uint8_t *sk);
int crypto_sign_verify(const uint8_t *sig, size_t siglen, const uint8_t *m, size_t mlen, const uint8_t *pk);

License

Each subdirectory containing implementations contains a LICENSE file stating under what license that specific implementation is released. All other code for testing etc. in this repository is released under the conditions of CC0.