Skip to content

Commit

Permalink
Support Falcon PADDED format (#1710)
Browse files Browse the repository at this point in the history 
Additionally:
- re-enable Falcon-1024 in weekly KAT tests
- Update Falcon licence documentation
- Update deprecated CircleCI image
  • Loading branch information
@SWilson4
SWilson4 authored Mar 6, 2024
1 parent bdce954 commit 7e5dbaf
Show file tree
Hide file tree
Showing 171 changed files with 75,919 additions and 278 deletions.
24 changes: 23 additions & 1 deletion .CMake/alg_support.cmake
View file
Original file line number Diff line number Diff line change
Expand Up @@ -348,6 +348,28 @@ if(OQS_DIST_ARM64_V8_BUILD OR (OQS_USE_ARM_NEON_INSTRUCTIONS AND OQS_USE_ARM_NEO
endif()
endif()

cmake_dependent_option(OQS_ENABLE_SIG_falcon_padded_512 "" ON "OQS_ENABLE_SIG_FALCON" OFF)
if(OQS_DIST_X86_64_BUILD OR (OQS_USE_AVX2_INSTRUCTIONS))
cmake_dependent_option(OQS_ENABLE_SIG_falcon_padded_512_avx2 "" ON "OQS_ENABLE_SIG_falcon_padded_512" OFF)
endif()

if(CMAKE_SYSTEM_NAME MATCHES "Linux|Darwin")
if(OQS_DIST_ARM64_V8_BUILD OR (OQS_USE_ARM_NEON_INSTRUCTIONS AND OQS_USE_ARM_NEON_INSTRUCTIONS))
cmake_dependent_option(OQS_ENABLE_SIG_falcon_padded_512_aarch64 "" ON "OQS_ENABLE_SIG_falcon_padded_512" OFF)
endif()
endif()

cmake_dependent_option(OQS_ENABLE_SIG_falcon_padded_1024 "" ON "OQS_ENABLE_SIG_FALCON" OFF)
if(OQS_DIST_X86_64_BUILD OR (OQS_USE_AVX2_INSTRUCTIONS))
cmake_dependent_option(OQS_ENABLE_SIG_falcon_padded_1024_avx2 "" ON "OQS_ENABLE_SIG_falcon_padded_1024" OFF)
endif()

if(CMAKE_SYSTEM_NAME MATCHES "Linux|Darwin")
if(OQS_DIST_ARM64_V8_BUILD OR (OQS_USE_ARM_NEON_INSTRUCTIONS AND OQS_USE_ARM_NEON_INSTRUCTIONS))
cmake_dependent_option(OQS_ENABLE_SIG_falcon_padded_1024_aarch64 "" ON "OQS_ENABLE_SIG_falcon_padded_1024" OFF)
endif()
endif()


option(OQS_ENABLE_SIG_SPHINCS "Enable sphincs algorithm family" ON)
cmake_dependent_option(OQS_ENABLE_SIG_sphincs_sha2_128f_simple "" ON "OQS_ENABLE_SIG_SPHINCS" OFF)
Expand Down Expand Up @@ -448,7 +470,7 @@ if(NOT ((OQS_MINIMAL_BUILD STREQUAL "") OR (OQS_MINIMAL_BUILD STREQUAL "OFF")))
filter_algs("${OQS_MINIMAL_BUILD}")
elseif (${OQS_ALGS_ENABLED} STREQUAL "STD")
##### OQS_COPY_FROM_UPSTREAM_FRAGMENT_LIST_STANDARDIZED_ALGS_START
filter_algs("KEM_ml_kem_512_ipd;KEM_ml_kem_512;KEM_ml_kem_768_ipd;KEM_ml_kem_768;KEM_ml_kem_1024_ipd;KEM_ml_kem_1024;SIG_ml_dsa_44_ipd;SIG_ml_dsa_44;SIG_ml_dsa_65_ipd;SIG_ml_dsa_65;SIG_ml_dsa_87_ipd;SIG_ml_dsa_87;SIG_falcon_512;SIG_falcon_1024;SIG_sphincs_sha2_128f_simple;SIG_sphincs_sha2_128s_simple;SIG_sphincs_sha2_192f_simple;SIG_sphincs_sha2_192s_simple;SIG_sphincs_sha2_256f_simple;SIG_sphincs_sha2_256s_simple;SIG_sphincs_shake_128f_simple;SIG_sphincs_shake_128s_simple;SIG_sphincs_shake_192f_simple;SIG_sphincs_shake_192s_simple;SIG_sphincs_shake_256f_simple;SIG_sphincs_shake_256s_simple")
filter_algs("KEM_ml_kem_512_ipd;KEM_ml_kem_512;KEM_ml_kem_768_ipd;KEM_ml_kem_768;KEM_ml_kem_1024_ipd;KEM_ml_kem_1024;SIG_ml_dsa_44_ipd;SIG_ml_dsa_44;SIG_ml_dsa_65_ipd;SIG_ml_dsa_65;SIG_ml_dsa_87_ipd;SIG_ml_dsa_87;SIG_falcon_512;SIG_falcon_1024;SIG_falcon_padded_512;SIG_falcon_padded_1024;SIG_sphincs_sha2_128f_simple;SIG_sphincs_sha2_128s_simple;SIG_sphincs_sha2_192f_simple;SIG_sphincs_sha2_192s_simple;SIG_sphincs_sha2_256f_simple;SIG_sphincs_sha2_256s_simple;SIG_sphincs_shake_128f_simple;SIG_sphincs_shake_128s_simple;SIG_sphincs_shake_192f_simple;SIG_sphincs_shake_192s_simple;SIG_sphincs_shake_256f_simple;SIG_sphincs_shake_256s_simple")
##### OQS_COPY_FROM_UPSTREAM_FRAGMENT_LIST_STANDARDIZED_ALGS_END
elseif(${OQS_ALGS_ENABLED} STREQUAL "NIST_R4")
filter_algs("KEM_classic_mceliece_348864;KEM_classic_mceliece_348864f;KEM_classic_mceliece_460896;KEM_classic_mceliece_460896f;KEM_classic_mceliece_6688128;KEM_classic_mceliece_6688128f;KEM_classic_mceliece_6960119;KEM_classic_mceliece_6960119f;KEM_classic_mceliece_8192128;KEM_classic_mceliece_8192128f;KEM_hqc_128;KEM_hqc_192;KEM_hqc_256;KEM_bike_l1;KEM_bike_l3")
Expand Down
2 changes: 1 addition & 1 deletion .circleci/config.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -158,7 +158,7 @@ jobs:
# See https://github.com/open-quantum-safe/liboqs/issues/738#issuecomment-621394744
default: --numprocesses=auto
machine:
image: ubuntu-2004:202101-01
image: default # analogous to ubuntu-latest on GH Actions
resource_class: arm.medium
steps:
- checkout
Expand Down
2 changes: 0 additions & 2 deletions .github/workflows/weekly.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,12 +46,10 @@ jobs:
container: openquantumsafe/ci-ubuntu-focal-x86_64:latest
CMAKE_ARGS: -DOQS_DIST_BUILD=OFF -DOQS_OPT_TARGET=generic
PYTEST_ARGS: --numprocesses=auto -k 'test_kat_all'
SKIP_ALGS: 'Falcon-1024' # re-enable when #1561 is resolved
- name: extensions
container: openquantumsafe/ci-ubuntu-focal-x86_64:latest
CMAKE_ARGS: -DOQS_DIST_BUILD=OFF -DOQS_OPT_TARGET=haswell
PYTEST_ARGS: --numprocesses=auto -k 'test_kat_all'
SKIP_ALGS: 'Falcon-1024' # re-enable when #1561 is resolved
container:
image: ${{ matrix.container }}
steps:
Expand Down
3 changes: 2 additions & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ The list below indicates all algorithms supported by liboqs, but not all those a

<!--- OQS_TEMPLATE_FRAGMENT_LIST_SIGS_START -->
- **CRYSTALS-Dilithium**: Dilithium2, Dilithium3, Dilithium5
- **Falcon**: Falcon-512, Falcon-1024
- **Falcon**: Falcon-512, Falcon-1024, Falcon-padded-512, Falcon-padded-1024
- **ML-DSA**: ML-DSA-44-ipd (alias: ML-DSA-44), ML-DSA-65-ipd (alias: ML-DSA-65), ML-DSA-87-ipd (alias: ML-DSA-87)
- **SPHINCS+-SHA2**: SPHINCS+-SHA2-128f-simple, SPHINCS+-SHA2-128s-simple, SPHINCS+-SHA2-192f-simple, SPHINCS+-SHA2-192s-simple, SPHINCS+-SHA2-256f-simple, SPHINCS+-SHA2-256s-simple
- **SPHINCS+-SHAKE**: SPHINCS+-SHAKE-128f-simple, SPHINCS+-SHAKE-128s-simple, SPHINCS+-SHAKE-192f-simple, SPHINCS+-SHAKE-192s-simple, SPHINCS+-SHAKE-256f-simple, SPHINCS+-SHAKE-256s-simple
Expand Down Expand Up @@ -185,6 +185,7 @@ liboqs includes some third party libraries or modules that are licensed differen
- `src/kem/ml_kem/pqcrystals-*`: public domain (CC0) or Apache License v2.0
- `src/sig/dilithium/pqcrystals-*`: public domain (CC0) or Apache License v2.0
- `src/sig/dilithium/pqclean_*`: public domain (CC0), and public domain (CC0) or Apache License v2.0, and public domain (CC0) or MIT, and MIT
- src/sig/falcon/pqclean_\*\_aarch64 : Apache License v2.0
- `src/sig/ml_dsa/pqcrystals-*`: public domain (CC0) or Apache License v2.0
- `src/sig/sphincs/pqclean_*`: CC0 (public domain)

Expand Down
2 changes: 1 addition & 1 deletion docs/algorithms/kem/classic_mceliece.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
- **Authors' website**: https://classic.mceliece.org
- **Specification version**: SUPERCOP-20221025.
- **Primary Source**<a name="primary-source"></a>:
- **Source**: https://github.com/PQClean/PQClean/commit/0657749a785db30e7f49e9435452cb042edb1852
- **Source**: https://github.com/PQClean/PQClean/commit/8e221ae797b229858a0b0d784577a8cb149d5789
- **Implementation license (SPDX-Identifier)**: Public domain
- **Ancestors of primary source**:
- SUPERCOP-20221025 "clean" and "avx2" implementations
Expand Down
2 changes: 1 addition & 1 deletion docs/algorithms/kem/classic_mceliece.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -378,4 +378,4 @@ parameter-sets:
auxiliary-submitters: []
primary-upstream:
spdx-license-identifier: Public domain
source: https://github.com/PQClean/PQClean/commit/0657749a785db30e7f49e9435452cb042edb1852
source: https://github.com/PQClean/PQClean/commit/8e221ae797b229858a0b0d784577a8cb149d5789
2 changes: 1 addition & 1 deletion docs/algorithms/kem/hqc.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
- **Authors' website**: https://pqc-hqc.org/
- **Specification version**: 2023-04-30.
- **Primary Source**<a name="primary-source"></a>:
- **Source**: https://github.com/PQClean/PQClean/commit/0657749a785db30e7f49e9435452cb042edb1852
- **Source**: https://github.com/PQClean/PQClean/commit/8e221ae797b229858a0b0d784577a8cb149d5789
- **Implementation license (SPDX-Identifier)**: Public domain
- **Ancestors of primary source**:
- https://github.com/SWilson4/package-pqclean/tree/8db1b24b/hqc, which takes it from:
Expand Down
2 changes: 1 addition & 1 deletion docs/algorithms/kem/hqc.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,4 +76,4 @@ parameter-sets:
upstream: primary-upstream
primary-upstream:
spdx-license-identifier: Public domain
source: https://github.com/PQClean/PQClean/commit/0657749a785db30e7f49e9435452cb042edb1852
source: https://github.com/PQClean/PQClean/commit/8e221ae797b229858a0b0d784577a8cb149d5789
56 changes: 41 additions & 15 deletions docs/algorithms/sig/falcon.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,36 +7,62 @@
- **Authors' website**: https://falcon-sign.info
- **Specification version**: 20211101.
- **Primary Source**<a name="primary-source"></a>:
- **Source**: https://github.com/PQClean/PQClean/commit/0657749a785db30e7f49e9435452cb042edb1852
- **Source**: https://github.com/PQClean/PQClean/commit/8e221ae797b229858a0b0d784577a8cb149d5789
- **Implementation license (SPDX-Identifier)**: MIT
- **Optimized Implementation sources**: https://github.com/PQClean/PQClean/commit/8e221ae797b229858a0b0d784577a8cb149d5789
- **pqclean-aarch64**:<a name="pqclean-aarch64"></a>
- **Source**: https://github.com/PQClean/PQClean/commit/7707d1bcc8ae7f9ffd296dd13b1d76d2767d14f8
- **Implementation license (SPDX-Identifier)**: Apache-2.0


## Parameter set summary

| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Signature size (bytes) |
|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|-------------------------:|
| Falcon-512 | NA | EUF-CMA | 1 | 897 | 1281 | 666 |
| Falcon-1024 | NA | EUF-CMA | 5 | 1793 | 2305 | 1280 |
| Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Signature size (bytes) |
|:------------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|-------------------------:|
| Falcon-512 | NA | EUF-CMA | 1 | 897 | 1281 | 752 |
| Falcon-1024 | NA | EUF-CMA | 5 | 1793 | 2305 | 1462 |
| Falcon-padded-512 | NA | EUF-CMA | 1 | 897 | 1281 | 666 |
| Falcon-padded-1024 | NA | EUF-CMA | 5 | 1793 | 2305 | 1280 |

## Falcon-512 implementation characteristics

| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | All | AVX2 | False | False | False |
| [Primary Source](#primary-source) | aarch64 | ARM64\_V8 | Linux,Darwin | None | False | False | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:-----------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | All | AVX2 | False | False | False |
| [pqclean-aarch64](#pqclean-aarch64) | aarch64 | ARM64\_V8 | Linux,Darwin | None | False | False | False |

Are implementations chosen based on runtime CPU feature detection? **Yes**.

‡For an explanation of what this denotes, consult the [Explanation of Terms](#explanation-of-terms) section at the end of this file.

## Falcon-1024 implementation characteristics

| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | All | AVX2 | False | False | False |
| [Primary Source](#primary-source) | aarch64 | ARM64\_V8 | Linux,Darwin | None | False | False | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:-----------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | All | AVX2 | False | False | False |
| [pqclean-aarch64](#pqclean-aarch64) | aarch64 | ARM64\_V8 | Linux,Darwin | None | False | False | False |

Are implementations chosen based on runtime CPU feature detection? **Yes**.

## Falcon-padded-512 implementation characteristics

| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:-----------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | All | AVX2 | False | False | False |
| [pqclean-aarch64](#pqclean-aarch64) | aarch64 | ARM64\_V8 | Linux,Darwin | None | False | False | False |

Are implementations chosen based on runtime CPU feature detection? **Yes**.

## Falcon-padded-1024 implementation characteristics

| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:-----------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | All | AVX2 | False | False | False |
| [pqclean-aarch64](#pqclean-aarch64) | aarch64 | ARM64\_V8 | Linux,Darwin | None | False | False | False |

Are implementations chosen based on runtime CPU feature detection? **Yes**.

Expand Down
Loading

0 comments on commit 7e5dbaf

Please sign in to comment.