Skip to content

Commit

Permalink
Document Falcon constant time errors (#1552)
Browse files Browse the repository at this point in the history 
* Document Falcon constant time errors.

* Update McEliece docs.

* Update Falcon YML to include aarch64 implementation

* Correct Falcon docs.

---------

Co-authored-by: Spencer Wilson <[email protected]>
  • Loading branch information
@praveksharma @SWilson4
praveksharma and SWilson4 authored Sep 18, 2023
1 parent b8a0bc7 commit e6c650c
Show file tree
Hide file tree
Showing 6 changed files with 144 additions and 47 deletions.
60 changes: 30 additions & 30 deletions docs/algorithms/kem/classic_mceliece.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,8 +42,8 @@ parameter-sets:
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
Expand All @@ -59,7 +59,7 @@ parameter-sets:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-348864f
Expand All @@ -76,8 +76,8 @@ parameter-sets:
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
Expand All @@ -94,7 +94,7 @@ parameter-sets:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-460896
Expand All @@ -111,8 +111,8 @@ parameter-sets:
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
Expand All @@ -128,7 +128,7 @@ parameter-sets:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-460896f
Expand All @@ -145,8 +145,8 @@ parameter-sets:
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
Expand All @@ -163,7 +163,7 @@ parameter-sets:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-6688128
Expand All @@ -180,8 +180,8 @@ parameter-sets:
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
Expand All @@ -197,7 +197,7 @@ parameter-sets:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-6688128f
Expand All @@ -214,8 +214,8 @@ parameter-sets:
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
Expand All @@ -232,7 +232,7 @@ parameter-sets:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-6960119
Expand All @@ -249,8 +249,8 @@ parameter-sets:
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
Expand All @@ -266,7 +266,7 @@ parameter-sets:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-6960119f
Expand All @@ -283,8 +283,8 @@ parameter-sets:
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
Expand All @@ -301,7 +301,7 @@ parameter-sets:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-8192128
Expand All @@ -318,8 +318,8 @@ parameter-sets:
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
Expand All @@ -335,7 +335,7 @@ parameter-sets:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-8192128f
Expand All @@ -352,8 +352,8 @@ parameter-sets:
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
Expand All @@ -370,7 +370,7 @@ parameter-sets:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
auxiliary-submitters: []
Expand Down
10 changes: 6 additions & 4 deletions docs/algorithms/sig/falcon.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,9 @@

| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | All | AVX2 | True | True | False |
| [Primary Source](#primary-source) | clean | All | All | None | False | False | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | All | AVX2 | False | False | False |
| [Primary Source](#primary-source) | aarch64 | ARM64\_V8 | Linux,Darwin | None | False | False | False |

Are implementations chosen based on runtime CPU feature detection? **Yes**.

Expand All @@ -33,8 +34,9 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.

| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | All | AVX2 | True | True | False |
| [Primary Source](#primary-source) | clean | All | All | None | False | False | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | All | AVX2 | False | False | False |
| [Primary Source](#primary-source) | aarch64 | ARM64\_V8 | Linux,Darwin | None | False | False | False |

Are implementations chosen based on runtime CPU feature detection? **Yes**.

Expand Down
32 changes: 28 additions & 4 deletions docs/algorithms/sig/falcon.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,8 +47,20 @@ parameter-sets:
- avx2
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: false
- upstream: primary-upstream
upstream-id: aarch64
supported-platforms:
- architecture: ARM64_V8
operating_systems:
- Linux
- Darwin
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: false
- name: Falcon-1024
claimed-nist-level: 5
Expand All @@ -74,6 +86,18 @@ parameter-sets:
- avx2
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: false
- upstream: primary-upstream
upstream-id: aarch64
supported-platforms:
- architecture: ARM64_V8
operating_systems:
- Linux
- Darwin
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: false
70 changes: 63 additions & 7 deletions docs/cbom.json
View file
Original file line number Diff line number Diff line change
@@ -1,23 +1,23 @@
{
"bomFormat": "CBOM",
"specVersion": "1.4-cbom-1.0",
"serialNumber": "urn:uuid:76fbea76-f6a8-441a-9ad0-4f3df1b91d3c",
"serialNumber": "urn:uuid:c2efdd72-2a86-4ba2-ad1b-870e67bdcdab",
"version": 1,
"metadata": {
"timestamp": "2023-05-16T14:01:59.927404",
"timestamp": "2023-09-14T13:03:34.914420",
"component": {
"type": "library",
"bom-ref": "pkg:github/open-quantum-safe/liboqs@3052cb8e01343126bb7eb1de0c9b90f9b9230ed4",
"bom-ref": "pkg:github/open-quantum-safe/liboqs@f6acbec0428a6f6d46b5d55fabfd9192ad63b89c",
"name": "liboqs",
"version": "3052cb8e01343126bb7eb1de0c9b90f9b9230ed4"
"version": "f6acbec0428a6f6d46b5d55fabfd9192ad63b89c"
}
},
"components": [
{
"type": "library",
"bom-ref": "pkg:github/open-quantum-safe/liboqs@3052cb8e01343126bb7eb1de0c9b90f9b9230ed4",
"bom-ref": "pkg:github/open-quantum-safe/liboqs@f6acbec0428a6f6d46b5d55fabfd9192ad63b89c",
"name": "liboqs",
"version": "3052cb8e01343126bb7eb1de0c9b90f9b9230ed4"
"version": "f6acbec0428a6f6d46b5d55fabfd9192ad63b89c"
},
{
"type": "crypto-asset",
Expand Down Expand Up @@ -1279,6 +1279,26 @@
"nistQuantumSecurityLevel": 1
}
},
{
"type": "crypto-asset",
"bom-ref": "alg:Falcon-512:armv8-a",
"name": "Falcon",
"cryptoProperties": {
"assetType": "algorithm",
"algorithmProperties": {
"variant": "Falcon-512",
"primitive": "signature",
"implementationLevel": "softwarePlainRam",
"cryptoFunctions": [
"keygen",
"sign",
"verify"
],
"implementationPlatform": "armv8-a"
},
"nistQuantumSecurityLevel": 1
}
},
{
"type": "crypto-asset",
"bom-ref": "alg:Falcon-1024:generic",
Expand Down Expand Up @@ -1319,6 +1339,26 @@
"nistQuantumSecurityLevel": 5
}
},
{
"type": "crypto-asset",
"bom-ref": "alg:Falcon-1024:armv8-a",
"name": "Falcon",
"cryptoProperties": {
"assetType": "algorithm",
"algorithmProperties": {
"variant": "Falcon-1024",
"primitive": "signature",
"implementationLevel": "softwarePlainRam",
"cryptoFunctions": [
"keygen",
"sign",
"verify"
],
"implementationPlatform": "armv8-a"
},
"nistQuantumSecurityLevel": 5
}
},
{
"type": "crypto-asset",
"bom-ref": "alg:SPHINCS+-SHA2-128f-simple:generic",
Expand Down Expand Up @@ -1828,7 +1868,7 @@
],
"dependencies": [
{
"ref": "pkg:github/open-quantum-safe/liboqs@3052cb8e01343126bb7eb1de0c9b90f9b9230ed4",
"ref": "pkg:github/open-quantum-safe/liboqs@f6acbec0428a6f6d46b5d55fabfd9192ad63b89c",
"dependsOn": [
"alg:BIKE-L1:x86_64",
"alg:BIKE-L3:x86_64",
Expand Down Expand Up @@ -1893,8 +1933,10 @@
"alg:Dilithium5:armv8-a",
"alg:Falcon-512:generic",
"alg:Falcon-512:x86_64",
"alg:Falcon-512:armv8-a",
"alg:Falcon-1024:generic",
"alg:Falcon-1024:x86_64",
"alg:Falcon-1024:armv8-a",
"alg:SPHINCS+-SHA2-128f-simple:generic",
"alg:SPHINCS+-SHA2-128f-simple:x86_64",
"alg:SPHINCS+-SHA2-128s-simple:generic",
Expand Down Expand Up @@ -2395,6 +2437,13 @@
],
"dependencyType": "uses"
},
{
"ref": "alg:Falcon-512:armv8-a",
"dependsOn": [
"alg:sha3"
],
"dependencyType": "uses"
},
{
"ref": "alg:Falcon-1024:generic",
"dependsOn": [
Expand All @@ -2409,6 +2458,13 @@
],
"dependencyType": "uses"
},
{
"ref": "alg:Falcon-1024:armv8-a",
"dependsOn": [
"alg:sha3"
],
"dependencyType": "uses"
},
{
"ref": "alg:SPHINCS+-SHAKE-128f-simple:generic",
"dependsOn": [
Expand Down
Loading

0 comments on commit e6c650c

Please sign in to comment.