Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Document Falcon constant time errors #1552

Merged
merged 4 commits into from
Sep 18, 2023
Merged

Document Falcon constant time errors #1552

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
2cb368e
Document Falcon constant time errors.
praveksharma Sep 14, 2023
d22a23a
Update McEliece docs.
praveksharma Sep 14, 2023
8de2492
Update Falcon YML to include aarch64 implementation
SWilson4 Sep 14, 2023
5889bab
Correct Falcon docs.
praveksharma Sep 18, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
60 changes: 30 additions & 30 deletions docs/algorithms/kem/classic_mceliece.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,8 +42,8 @@ parameter-sets:
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
Expand All @@ -59,7 +59,7 @@ parameter-sets:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-348864f
Expand All @@ -76,8 +76,8 @@ parameter-sets:
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
Expand All @@ -94,7 +94,7 @@ parameter-sets:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-460896
Expand All @@ -111,8 +111,8 @@ parameter-sets:
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
Expand All @@ -128,7 +128,7 @@ parameter-sets:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-460896f
Expand All @@ -145,8 +145,8 @@ parameter-sets:
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
Expand All @@ -163,7 +163,7 @@ parameter-sets:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-6688128
Expand All @@ -180,8 +180,8 @@ parameter-sets:
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
Expand All @@ -197,7 +197,7 @@ parameter-sets:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-6688128f
Expand All @@ -214,8 +214,8 @@ parameter-sets:
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
Expand All @@ -232,7 +232,7 @@ parameter-sets:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-6960119
Expand All @@ -249,8 +249,8 @@ parameter-sets:
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
Expand All @@ -266,7 +266,7 @@ parameter-sets:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-6960119f
Expand All @@ -283,8 +283,8 @@ parameter-sets:
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
Expand All @@ -301,7 +301,7 @@ parameter-sets:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-8192128
Expand All @@ -318,8 +318,8 @@ parameter-sets:
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
Expand All @@ -335,7 +335,7 @@ parameter-sets:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-8192128f
Expand All @@ -352,8 +352,8 @@ parameter-sets:
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
Expand All @@ -370,7 +370,7 @@ parameter-sets:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
auxiliary-submitters: []
Expand Down
10 changes: 6 additions & 4 deletions docs/algorithms/sig/falcon.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,9 @@

| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | All | AVX2 | True | True | False |
| [Primary Source](#primary-source) | clean | All | All | None | False | False | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | All | AVX2 | False | False | False |
| [Primary Source](#primary-source) | aarch64 | ARM64\_V8 | Linux,Darwin | None | False | False | False |

Are implementations chosen based on runtime CPU feature detection? **Yes**.

Expand All @@ -33,8 +34,9 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.

| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | clean | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | All | AVX2 | True | True | False |
| [Primary Source](#primary-source) | clean | All | All | None | False | False | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | All | AVX2 | False | False | False |
| [Primary Source](#primary-source) | aarch64 | ARM64\_V8 | Linux,Darwin | None | False | False | False |

Are implementations chosen based on runtime CPU feature detection? **Yes**.

Expand Down
32 changes: 28 additions & 4 deletions docs/algorithms/sig/falcon.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,8 +47,20 @@ parameter-sets:
- avx2
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: false
- upstream: primary-upstream
upstream-id: aarch64
supported-platforms:
- architecture: ARM64_V8
operating_systems:
- Linux
- Darwin
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: false
- name: Falcon-1024
claimed-nist-level: 5
Expand All @@ -74,6 +86,18 @@ parameter-sets:
- avx2
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: false
- upstream: primary-upstream
upstream-id: aarch64
supported-platforms:
- architecture: ARM64_V8
operating_systems:
- Linux
- Darwin
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: false
70 changes: 63 additions & 7 deletions docs/cbom.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,23 +1,23 @@
{
"bomFormat": "CBOM",
"specVersion": "1.4-cbom-1.0",
"serialNumber": "urn:uuid:76fbea76-f6a8-441a-9ad0-4f3df1b91d3c",
"serialNumber": "urn:uuid:c2efdd72-2a86-4ba2-ad1b-870e67bdcdab",
"version": 1,
"metadata": {
"timestamp": "2023-05-16T14:01:59.927404",
"timestamp": "2023-09-14T13:03:34.914420",
"component": {
"type": "library",
"bom-ref": "pkg:github/open-quantum-safe/liboqs@3052cb8e01343126bb7eb1de0c9b90f9b9230ed4",
"bom-ref": "pkg:github/open-quantum-safe/liboqs@f6acbec0428a6f6d46b5d55fabfd9192ad63b89c",
"name": "liboqs",
"version": "3052cb8e01343126bb7eb1de0c9b90f9b9230ed4"
"version": "f6acbec0428a6f6d46b5d55fabfd9192ad63b89c"
}
},
"components": [
{
"type": "library",
"bom-ref": "pkg:github/open-quantum-safe/liboqs@3052cb8e01343126bb7eb1de0c9b90f9b9230ed4",
"bom-ref": "pkg:github/open-quantum-safe/liboqs@f6acbec0428a6f6d46b5d55fabfd9192ad63b89c",
"name": "liboqs",
"version": "3052cb8e01343126bb7eb1de0c9b90f9b9230ed4"
"version": "f6acbec0428a6f6d46b5d55fabfd9192ad63b89c"
},
{
"type": "crypto-asset",
Expand Down Expand Up @@ -1279,6 +1279,26 @@
"nistQuantumSecurityLevel": 1
}
},
{
"type": "crypto-asset",
"bom-ref": "alg:Falcon-512:armv8-a",
"name": "Falcon",
"cryptoProperties": {
"assetType": "algorithm",
"algorithmProperties": {
"variant": "Falcon-512",
"primitive": "signature",
"implementationLevel": "softwarePlainRam",
"cryptoFunctions": [
"keygen",
"sign",
"verify"
],
"implementationPlatform": "armv8-a"
},
"nistQuantumSecurityLevel": 1
}
},
{
"type": "crypto-asset",
"bom-ref": "alg:Falcon-1024:generic",
Expand Down Expand Up @@ -1319,6 +1339,26 @@
"nistQuantumSecurityLevel": 5
}
},
{
"type": "crypto-asset",
"bom-ref": "alg:Falcon-1024:armv8-a",
"name": "Falcon",
"cryptoProperties": {
"assetType": "algorithm",
"algorithmProperties": {
"variant": "Falcon-1024",
"primitive": "signature",
"implementationLevel": "softwarePlainRam",
"cryptoFunctions": [
"keygen",
"sign",
"verify"
],
"implementationPlatform": "armv8-a"
},
"nistQuantumSecurityLevel": 5
}
},
{
"type": "crypto-asset",
"bom-ref": "alg:SPHINCS+-SHA2-128f-simple:generic",
Expand Down Expand Up @@ -1828,7 +1868,7 @@
],
"dependencies": [
{
"ref": "pkg:github/open-quantum-safe/liboqs@3052cb8e01343126bb7eb1de0c9b90f9b9230ed4",
"ref": "pkg:github/open-quantum-safe/liboqs@f6acbec0428a6f6d46b5d55fabfd9192ad63b89c",
"dependsOn": [
"alg:BIKE-L1:x86_64",
"alg:BIKE-L3:x86_64",
Expand Down Expand Up @@ -1893,8 +1933,10 @@
"alg:Dilithium5:armv8-a",
"alg:Falcon-512:generic",
"alg:Falcon-512:x86_64",
"alg:Falcon-512:armv8-a",
"alg:Falcon-1024:generic",
"alg:Falcon-1024:x86_64",
"alg:Falcon-1024:armv8-a",
"alg:SPHINCS+-SHA2-128f-simple:generic",
"alg:SPHINCS+-SHA2-128f-simple:x86_64",
"alg:SPHINCS+-SHA2-128s-simple:generic",
Expand Down Expand Up @@ -2395,6 +2437,13 @@
],
"dependencyType": "uses"
},
{
"ref": "alg:Falcon-512:armv8-a",
"dependsOn": [
"alg:sha3"
],
"dependencyType": "uses"
},
{
"ref": "alg:Falcon-1024:generic",
"dependsOn": [
Expand All @@ -2409,6 +2458,13 @@
],
"dependencyType": "uses"
},
{
"ref": "alg:Falcon-1024:armv8-a",
"dependsOn": [
"alg:sha3"
],
"dependencyType": "uses"
},
{
"ref": "alg:SPHINCS+-SHAKE-128f-simple:generic",
"dependsOn": [
Expand Down
Loading
Loading