Skip to content

Commit

Permalink
pull kyber/standard & update patches
Browse files Browse the repository at this point in the history
  • Loading branch information
@bhess
bhess committed Aug 30, 2023
1 parent 28f32db commit cea8d5f
Show file tree
Hide file tree
Showing 65 changed files with 915 additions and 1,473 deletions.
30 changes: 0 additions & 30 deletions .CMake/alg_support.cmake
View file
Original file line number Diff line number Diff line change
Expand Up @@ -205,50 +205,20 @@ if(OQS_DIST_X86_64_BUILD OR (OQS_USE_AVX2_INSTRUCTIONS AND OQS_USE_BMI2_INSTRUCT
endif()
endif()

if(CMAKE_SYSTEM_NAME MATCHES "Linux|Darwin")
if((OQS_DIST_ARM64_V8_BUILD OR (OQS_USE_ARM_NEON_INSTRUCTIONS AND OQS_USE_ARM_NEON_INSTRUCTIONS)))
if(((CMAKE_C_COMPILER_ID STREQUAL "GNU") AND (CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL "9.4.0")) OR ((CMAKE_CXX_COMPILER_ID STREQUAL "GNU") AND (CMAKE_CXX_COMPILER_VERSION VERSION_GREATER_EQUAL "9.4.0")) OR ((NOT (CMAKE_C_COMPILER_ID STREQUAL "GNU")) AND (NOT (CMAKE_CXX_COMPILER_ID STREQUAL "GNU"))))
cmake_dependent_option(OQS_ENABLE_KEM_kyber_512_aarch64 "" ON "OQS_ENABLE_KEM_kyber_512" OFF)
else()
message(WARNING " ARM optimizations are not fully supported on this compiler version.")
endif()
endif()
endif()

cmake_dependent_option(OQS_ENABLE_KEM_kyber_768 "" ON "OQS_ENABLE_KEM_KYBER" OFF)
if(CMAKE_SYSTEM_NAME MATCHES "Linux|Darwin")
if(OQS_DIST_X86_64_BUILD OR (OQS_USE_AVX2_INSTRUCTIONS AND OQS_USE_BMI2_INSTRUCTIONS AND OQS_USE_POPCNT_INSTRUCTIONS))
cmake_dependent_option(OQS_ENABLE_KEM_kyber_768_avx2 "" ON "OQS_ENABLE_KEM_kyber_768" OFF)
endif()
endif()

if(CMAKE_SYSTEM_NAME MATCHES "Linux|Darwin")
if((OQS_DIST_ARM64_V8_BUILD OR (OQS_USE_ARM_NEON_INSTRUCTIONS AND OQS_USE_ARM_NEON_INSTRUCTIONS)))
if(((CMAKE_C_COMPILER_ID STREQUAL "GNU") AND (CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL "9.4.0")) OR ((CMAKE_CXX_COMPILER_ID STREQUAL "GNU") AND (CMAKE_CXX_COMPILER_VERSION VERSION_GREATER_EQUAL "9.4.0")) OR ((NOT (CMAKE_C_COMPILER_ID STREQUAL "GNU")) AND (NOT (CMAKE_CXX_COMPILER_ID STREQUAL "GNU"))))
cmake_dependent_option(OQS_ENABLE_KEM_kyber_768_aarch64 "" ON "OQS_ENABLE_KEM_kyber_768" OFF)
else()
message(WARNING " ARM optimizations are not fully supported on this compiler version.")
endif()
endif()
endif()

cmake_dependent_option(OQS_ENABLE_KEM_kyber_1024 "" ON "OQS_ENABLE_KEM_KYBER" OFF)
if(CMAKE_SYSTEM_NAME MATCHES "Linux|Darwin")
if(OQS_DIST_X86_64_BUILD OR (OQS_USE_AVX2_INSTRUCTIONS AND OQS_USE_BMI2_INSTRUCTIONS AND OQS_USE_POPCNT_INSTRUCTIONS))
cmake_dependent_option(OQS_ENABLE_KEM_kyber_1024_avx2 "" ON "OQS_ENABLE_KEM_kyber_1024" OFF)
endif()
endif()

if(CMAKE_SYSTEM_NAME MATCHES "Linux|Darwin")
if((OQS_DIST_ARM64_V8_BUILD OR (OQS_USE_ARM_NEON_INSTRUCTIONS AND OQS_USE_ARM_NEON_INSTRUCTIONS)))
if(((CMAKE_C_COMPILER_ID STREQUAL "GNU") AND (CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL "9.4.0")) OR ((CMAKE_CXX_COMPILER_ID STREQUAL "GNU") AND (CMAKE_CXX_COMPILER_VERSION VERSION_GREATER_EQUAL "9.4.0")) OR ((NOT (CMAKE_C_COMPILER_ID STREQUAL "GNU")) AND (NOT (CMAKE_CXX_COMPILER_ID STREQUAL "GNU"))))
cmake_dependent_option(OQS_ENABLE_KEM_kyber_1024_aarch64 "" ON "OQS_ENABLE_KEM_kyber_1024" OFF)
else()
message(WARNING " ARM optimizations are not fully supported on this compiler version.")
endif()
endif()
endif()


option(OQS_ENABLE_SIG_DILITHIUM "Enable dilithium algorithm family" ON)
cmake_dependent_option(OQS_ENABLE_SIG_dilithium_2 "" ON "OQS_ENABLE_SIG_DILITHIUM" OFF)
Expand Down
33 changes: 13 additions & 20 deletions docs/algorithms/kem/kyber.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,12 +7,8 @@
- **Authors' website**: https://pq-crystals.org/
- **Specification version**: NIST Round 3 submission.
- **Primary Source**<a name="primary-source"></a>:
- **Source**: https://github.com/pq-crystals/kyber/commit/518de2414a85052bb91349bcbcc347f391292d5b with copy_from_upstream patches
- **Source**: https://github.com/bhess/kyber/commit/0bf4adf5a0a93d7ff51b89fac228d0f65e148fea with copy_from_upstream patches
- **Implementation license (SPDX-Identifier)**: CC0-1.0 or Apache-2.0
- **Optimized Implementation sources**: https://github.com/pq-crystals/kyber/commit/518de2414a85052bb91349bcbcc347f391292d5b with copy_from_upstream patches
- **pqclean-aarch64**:<a name="pqclean-aarch64"></a>
- **Source**: https://github.com/PQClean/PQClean/commit/c3abebf4ab1ff516ffa71e6337f06d898952c299 with copy_from_upstream patches
- **Implementation license (SPDX-Identifier)**: CC0-1.0 and (CC0-1.0 or Apache-2.0) and (CC0-1.0 or MIT) and MIT


## Parameter set summary
Expand All @@ -25,33 +21,30 @@

## Kyber512 implementation characteristics

| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:-----------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| [Primary Source](#primary-source) | ref | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2,POPCNT | True | True | False |
| [pqclean-aarch64](#pqclean-aarch64) | aarch64 | ARM64\_V8 | Linux,Darwin | None | True | False | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| [Primary Source](#primary-source) | ref | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2,POPCNT | True | True | False |

Are implementations chosen based on runtime CPU feature detection? **Yes**.

‡For an explanation of what this denotes, consult the [Explanation of Terms](#explanation-of-terms) section at the end of this file.

## Kyber768 implementation characteristics

| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:-----------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | ref | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2,POPCNT | True | True | False |
| [pqclean-aarch64](#pqclean-aarch64) | aarch64 | ARM64\_V8 | Linux,Darwin | None | True | False | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | ref | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2,POPCNT | True | True | False |

Are implementations chosen based on runtime CPU feature detection? **Yes**.

## Kyber1024 implementation characteristics

| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:-----------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | ref | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2,POPCNT | True | True | False |
| [pqclean-aarch64](#pqclean-aarch64) | aarch64 | ARM64\_V8 | Linux,Darwin | None | True | False | False |
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | ref | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2,POPCNT | True | True | False |

Are implementations chosen based on runtime CPU feature detection? **Yes**.

Expand Down
44 changes: 1 addition & 43 deletions docs/algorithms/kem/kyber.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,15 +17,9 @@ website: https://pq-crystals.org/
nist-round: 3
spec-version: NIST Round 3 submission
primary-upstream:
source: https://github.com/pq-crystals/kyber/commit/518de2414a85052bb91349bcbcc347f391292d5b
source: https://github.com/bhess/kyber/commit/0bf4adf5a0a93d7ff51b89fac228d0f65e148fea
with copy_from_upstream patches
spdx-license-identifier: CC0-1.0 or Apache-2.0
optimized-upstreams:
pqclean-aarch64:
source: https://github.com/PQClean/PQClean/commit/c3abebf4ab1ff516ffa71e6337f06d898952c299
with copy_from_upstream patches
spdx-license-identifier: CC0-1.0 and (CC0-1.0 or Apache-2.0) and (CC0-1.0 or MIT)
and MIT
parameter-sets:
- name: Kyber512
claimed-nist-level: 1
Expand Down Expand Up @@ -60,18 +54,6 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream: pqclean-aarch64
upstream-id: aarch64
supported-platforms:
- architecture: ARM64_V8
operating_systems:
- Linux
- Darwin
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: false
- name: Kyber768
claimed-nist-level: 3
claimed-security: IND-CCA2
Expand Down Expand Up @@ -105,18 +87,6 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream: pqclean-aarch64
upstream-id: aarch64
supported-platforms:
- architecture: ARM64_V8
operating_systems:
- Linux
- Darwin
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: false
- name: Kyber1024
claimed-nist-level: 5
claimed-security: IND-CCA2
Expand Down Expand Up @@ -150,15 +120,3 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream: pqclean-aarch64
upstream-id: aarch64
supported-platforms:
- architecture: ARM64_V8
operating_systems:
- Linux
- Darwin
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: false
98 changes: 7 additions & 91 deletions docs/cbom.json
View file
Original file line number Diff line number Diff line change
@@ -1,23 +1,23 @@
{
"bomFormat": "CBOM",
"specVersion": "1.4-cbom-1.0",
"serialNumber": "urn:uuid:99426048-4f9a-4c52-80ea-57bff62ae697",
"serialNumber": "urn:uuid:59cc5324-3dea-44e3-976b-b498462d97af",
"version": 1,
"metadata": {
"timestamp": "2023-08-30T14:45:52.905958",
"timestamp": "2023-08-30T16:20:15.423429",
"component": {
"type": "library",
"bom-ref": "pkg:github/open-quantum-safe/liboqs@5bf38ed4232148caf0794bbb3a8468571706078b",
"bom-ref": "pkg:github/open-quantum-safe/liboqs@28f32db2bdfe7efe39d7750a6505f21fc305de6a",
"name": "liboqs",
"version": "5bf38ed4232148caf0794bbb3a8468571706078b"
"version": "28f32db2bdfe7efe39d7750a6505f21fc305de6a"
}
},
"components": [
{
"type": "library",
"bom-ref": "pkg:github/open-quantum-safe/liboqs@5bf38ed4232148caf0794bbb3a8468571706078b",
"bom-ref": "pkg:github/open-quantum-safe/liboqs@28f32db2bdfe7efe39d7750a6505f21fc305de6a",
"name": "liboqs",
"version": "5bf38ed4232148caf0794bbb3a8468571706078b"
"version": "28f32db2bdfe7efe39d7750a6505f21fc305de6a"
},
{
"type": "crypto-asset",
Expand Down Expand Up @@ -879,26 +879,6 @@
"nistQuantumSecurityLevel": 1
}
},
{
"type": "crypto-asset",
"bom-ref": "alg:Kyber512:armv8-a",
"name": "Kyber",
"cryptoProperties": {
"assetType": "algorithm",
"algorithmProperties": {
"variant": "Kyber512",
"primitive": "kem",
"implementationLevel": "softwarePlainRam",
"cryptoFunctions": [
"keygen",
"encapsulate",
"decapsulate"
],
"implementationPlatform": "armv8-a"
},
"nistQuantumSecurityLevel": 1
}
},
{
"type": "crypto-asset",
"bom-ref": "alg:Kyber768:generic",
Expand Down Expand Up @@ -939,26 +919,6 @@
"nistQuantumSecurityLevel": 3
}
},
{
"type": "crypto-asset",
"bom-ref": "alg:Kyber768:armv8-a",
"name": "Kyber",
"cryptoProperties": {
"assetType": "algorithm",
"algorithmProperties": {
"variant": "Kyber768",
"primitive": "kem",
"implementationLevel": "softwarePlainRam",
"cryptoFunctions": [
"keygen",
"encapsulate",
"decapsulate"
],
"implementationPlatform": "armv8-a"
},
"nistQuantumSecurityLevel": 3
}
},
{
"type": "crypto-asset",
"bom-ref": "alg:Kyber1024:generic",
Expand Down Expand Up @@ -999,26 +959,6 @@
"nistQuantumSecurityLevel": 5
}
},
{
"type": "crypto-asset",
"bom-ref": "alg:Kyber1024:armv8-a",
"name": "Kyber",
"cryptoProperties": {
"assetType": "algorithm",
"algorithmProperties": {
"variant": "Kyber1024",
"primitive": "kem",
"implementationLevel": "softwarePlainRam",
"cryptoFunctions": [
"keygen",
"encapsulate",
"decapsulate"
],
"implementationPlatform": "armv8-a"
},
"nistQuantumSecurityLevel": 5
}
},
{
"type": "crypto-asset",
"bom-ref": "alg:sntrup761:generic",
Expand Down Expand Up @@ -1768,7 +1708,7 @@
],
"dependencies": [
{
"ref": "pkg:github/open-quantum-safe/liboqs@5bf38ed4232148caf0794bbb3a8468571706078b",
"ref": "pkg:github/open-quantum-safe/liboqs@28f32db2bdfe7efe39d7750a6505f21fc305de6a",
"dependsOn": [
"alg:BIKE-L1:x86_64",
"alg:BIKE-L3:x86_64",
Expand Down Expand Up @@ -1813,13 +1753,10 @@
"alg:HQC-256:x86_64",
"alg:Kyber512:generic",
"alg:Kyber512:x86_64",
"alg:Kyber512:armv8-a",
"alg:Kyber768:generic",
"alg:Kyber768:x86_64",
"alg:Kyber768:armv8-a",
"alg:Kyber1024:generic",
"alg:Kyber1024:x86_64",
"alg:Kyber1024:armv8-a",
"alg:sntrup761:generic",
"alg:sntrup761:x86_64",
"alg:Dilithium2:generic",
Expand Down Expand Up @@ -2192,13 +2129,6 @@
],
"dependencyType": "uses"
},
{
"ref": "alg:Kyber512:armv8-a",
"dependsOn": [
"alg:sha3"
],
"dependencyType": "uses"
},
{
"ref": "alg:Kyber768:generic",
"dependsOn": [
Expand All @@ -2213,13 +2143,6 @@
],
"dependencyType": "uses"
},
{
"ref": "alg:Kyber768:armv8-a",
"dependsOn": [
"alg:sha3"
],
"dependencyType": "uses"
},
{
"ref": "alg:Kyber1024:generic",
"dependsOn": [
Expand All @@ -2234,13 +2157,6 @@
],
"dependencyType": "uses"
},
{
"ref": "alg:Kyber1024:armv8-a",
"dependsOn": [
"alg:sha3"
],
"dependencyType": "uses"
},
{
"ref": "alg:sntrup761:generic",
"dependsOn": [
Expand Down
Loading

0 comments on commit cea8d5f

Please sign in to comment.