This is the first official release of cryptol-specs!
The cryptol-specs repo has been under development since September 2018, with many of its specs developed earlier. This release aims to highlight the work done from June 2024 to January 2025. The primary contribution of this release is to bring many NIST-approved standards up to a higher standard: increased documentation, closer alignment with the formal specifications, and improved properties and testing.
Improved existing specifications
- Improve quality of AES specification.
- Improve quality of block cipher modes of operation, including CTR, GCM, and CBC mode.
- Consolidate elliptic curve specifications into one high-quality version.
- Consolidate ECDSA specifications into one high-quality version.
- Add a fast version of NTT for ML-KEM.
- Improve quality of SHA2 specification.
- Improve quality of SHA3 specification.
Wrote new and updated specifications from scratch
- Add ECDH primitives.
- Add high-quality ML-KEM specification for the finalized NIST specification.
- Add WOTS+ specification.
- Add high-quality ML-DSA specification for the finalized NIST specification.
Improved CI and documentation
- Add a copyright check to CI.
- Improve READMEs throughout, including adding historical context, fixing links, and documenting structure.
- Remove outdated versions of Sphincs+, ML-KEM, and ML-DSA.