From 9ef3c8711781aebe29879190a648d98b1ac7c3c8 Mon Sep 17 00:00:00 2001 From: Basil Hess Date: Mon, 13 Sep 2021 16:44:16 +0200 Subject: [PATCH] Updated algorithm docs --- docs/algorithms/kem/kyber.md | 32 ++++++++++++------------- docs/algorithms/kem/kyber.yml | 34 ++++++++++++++++----------- docs/algorithms/sig/dilithium.md | 14 +++++------ docs/algorithms/sig/dilithium.yml | 39 ++++++++++++++----------------- 4 files changed, 60 insertions(+), 59 deletions(-) diff --git a/docs/algorithms/kem/kyber.md b/docs/algorithms/kem/kyber.md index f7aaa61d84..8d440f57ef 100644 --- a/docs/algorithms/kem/kyber.md +++ b/docs/algorithms/kem/kyber.md @@ -6,7 +6,7 @@ - **Auxiliary submitters**: Roberto Avanzi, Joppe Bos, Léo Ducas, Eike Kiltz, Tancrède Lepoint, Vadim Lyubashevsky, John M. Schanck, Gregor Seiler, Damien Stehlé. - **Authors' website**: https://pq-crystals.org/ - **Specification version**: NIST Round 3 submission. -- **Implementation source**: https://github.com/pq-crystals/kyber/commit/8e9308bd with copy_from_upstream patches +- **Implementation source**: https://github.com/pq-crystals/kyber/commit/faf5c3fe33e0b61c7c8a7888dd862bf5def17ad2 with copy_from_upstream_patches patches - **Implementation license (SPDX-Identifier)**: CC0-1.0. ## Parameter set summary @@ -25,7 +25,7 @@ | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ | |:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------| | ref | All | All | None | True | True | False | -| avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2,POPCNT | True | True | False | +| avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT,BMI2 | True | True | False | Are implementations chosen based on runtime CPU feature detection? **Yes**. @@ -33,10 +33,10 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**. ## Kyber512-90s implementation characteristics -| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? | -|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------| -| ref | All | All | None | True | True | False | -| avx2 | x86\_64 | Linux,Darwin | AES,AVX2,BMI2,POPCNT | True | True | False | +| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? | +|:------------------------:|:----------------------------|:--------------------------------|:--------------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------| +| ref | All | All | None | True | True | False | +| avx2 | x86\_64 | Linux,Darwin | SSE2,POPCNT,BMI2,SSSE3,AVX2,AES | True | True | False | Are implementations chosen based on runtime CPU feature detection? **Yes**. @@ -45,16 +45,16 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**. | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? | |:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------| | ref | All | All | None | True | True | False | -| avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2,POPCNT | True | True | False | +| avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT,BMI2 | True | True | False | Are implementations chosen based on runtime CPU feature detection? **Yes**. ## Kyber768-90s implementation characteristics -| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? | -|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------| -| ref | All | All | None | True | True | False | -| avx2 | x86\_64 | Linux,Darwin | AES,AVX2,BMI2,POPCNT | True | True | False | +| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? | +|:------------------------:|:----------------------------|:--------------------------------|:--------------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------| +| ref | All | All | None | True | True | False | +| avx2 | x86\_64 | Linux,Darwin | SSE2,POPCNT,BMI2,SSSE3,AVX2,AES | True | True | False | Are implementations chosen based on runtime CPU feature detection? **Yes**. @@ -63,16 +63,16 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**. | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? | |:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------| | ref | All | All | None | True | True | False | -| avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2,POPCNT | True | True | False | +| avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT,BMI2 | True | True | False | Are implementations chosen based on runtime CPU feature detection? **Yes**. ## Kyber1024-90s implementation characteristics -| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? | -|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------| -| ref | All | All | None | True | True | False | -| avx2 | x86\_64 | Linux,Darwin | AES,AVX2,BMI2,POPCNT | True | True | False | +| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? | +|:------------------------:|:----------------------------|:--------------------------------|:--------------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------| +| ref | All | All | None | True | True | False | +| avx2 | x86\_64 | Linux,Darwin | SSE2,POPCNT,BMI2,SSSE3,AVX2,AES | True | True | False | Are implementations chosen based on runtime CPU feature detection? **Yes**. diff --git a/docs/algorithms/kem/kyber.yml b/docs/algorithms/kem/kyber.yml index a01c33adb0..5aba898271 100644 --- a/docs/algorithms/kem/kyber.yml +++ b/docs/algorithms/kem/kyber.yml @@ -17,8 +17,8 @@ website: https://pq-crystals.org/ nist-round: 3 spec-version: NIST Round 3 submission spdx-license-identifier: CC0-1.0 -upstream: https://github.com/pq-crystals/kyber/commit/8e9308bd with copy_from_upstream - patches +upstream: https://github.com/pq-crystals/kyber/commit/faf5c3fe33e0b61c7c8a7888dd862bf5def17ad2 + with copy_from_upstream patches parameter-sets: - name: Kyber512 claimed-nist-level: 1 @@ -44,8 +44,8 @@ parameter-sets: - Darwin required_flags: - avx2 - - bmi2 - popcnt + - bmi2 common-crypto: - SHA3: liboqs no-secret-dependent-branching-claimed: true @@ -75,10 +75,12 @@ parameter-sets: - Linux - Darwin required_flags: - - aes - - avx2 - - bmi2 + - sse2 - popcnt + - bmi2 + - ssse3 + - avx2 + - aes common-crypto: - AES: pqcrystals-kyber_common_aes - SHA3: liboqs @@ -109,8 +111,8 @@ parameter-sets: - Darwin required_flags: - avx2 - - bmi2 - popcnt + - bmi2 common-crypto: - SHA3: liboqs no-secret-dependent-branching-claimed: true @@ -140,10 +142,12 @@ parameter-sets: - Linux - Darwin required_flags: - - aes - - avx2 - - bmi2 + - sse2 - popcnt + - bmi2 + - ssse3 + - avx2 + - aes common-crypto: - AES: pqcrystals-kyber_common_aes - SHA3: liboqs @@ -174,8 +178,8 @@ parameter-sets: - Darwin required_flags: - avx2 - - bmi2 - popcnt + - bmi2 common-crypto: - SHA3: liboqs no-secret-dependent-branching-claimed: true @@ -205,10 +209,12 @@ parameter-sets: - Linux - Darwin required_flags: - - aes - - avx2 - - bmi2 + - sse2 - popcnt + - bmi2 + - ssse3 + - avx2 + - aes common-crypto: - AES: pqcrystals-kyber_common_aes - SHA3: liboqs diff --git a/docs/algorithms/sig/dilithium.md b/docs/algorithms/sig/dilithium.md index 26ae26d7df..c1c778e257 100644 --- a/docs/algorithms/sig/dilithium.md +++ b/docs/algorithms/sig/dilithium.md @@ -6,7 +6,7 @@ - **Auxiliary submitters**: Shi Bai, Léo Ducas, Eike Kiltz, Tancrède Lepoint, Peter Schwabe, Gregor Seiler, Damien Stehlé. - **Authors' website**: https://pq-crystals.org/dilithium/ - **Specification version**: 3.1. -- **Implementation source**: https://github.com/pq-crystals/dilithium/commit/d9c885d3f2e11c05529eeeb7d70d808c972b8409 +- **Implementation source**: https://github.com/pq-crystals/dilithium/commit/61b51a71701b8ae9f546a1e5d220e1950ed20d06 with copy_from_upstream_patches patches - **Implementation license (SPDX-Identifier)**: CC0-1.0. ## Parameter set summary @@ -25,7 +25,7 @@ | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ | |:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------| | ref | All | All | None | True | True | False | -| avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT,SSE2,SSSE3 | True | True | False | +| avx2 | x86\_64 | Darwin,Linux | AVX2,POPCNT | True | True | False | Are implementations chosen based on runtime CPU feature detection? **Yes**. @@ -36,7 +36,7 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**. | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? | |:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------| | ref | All | All | None | True | True | False | -| avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT,SSE2,SSSE3 | True | True | False | +| avx2 | x86\_64 | Darwin,Linux | AVX2,POPCNT | True | True | False | Are implementations chosen based on runtime CPU feature detection? **Yes**. @@ -45,7 +45,7 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**. | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? | |:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------| | ref | All | All | None | True | True | False | -| avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT,SSE2,SSSE3 | True | True | False | +| avx2 | x86\_64 | Darwin,Linux | AVX2,POPCNT | True | True | False | Are implementations chosen based on runtime CPU feature detection? **Yes**. @@ -54,7 +54,7 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**. | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? | |:------------------------:|:----------------------------|:--------------------------------|:---------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------| | ref | All | All | None | True | True | False | -| avx2 | x86\_64 | Linux,Darwin | AES,AVX2,POPCNT,SSE2,SSSE3 | True | True | False | +| avx2 | x86\_64 | Darwin,Linux | SSE2,POPCNT,SSSE3,AVX2,AES | True | True | False | Are implementations chosen based on runtime CPU feature detection? **Yes**. @@ -63,7 +63,7 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**. | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? | |:------------------------:|:----------------------------|:--------------------------------|:---------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------| | ref | All | All | None | True | True | False | -| avx2 | x86\_64 | Linux,Darwin | AES,AVX2,POPCNT,SSE2,SSSE3 | True | True | False | +| avx2 | x86\_64 | Darwin,Linux | SSE2,POPCNT,SSSE3,AVX2,AES | True | True | False | Are implementations chosen based on runtime CPU feature detection? **Yes**. @@ -72,7 +72,7 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**. | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? | |:------------------------:|:----------------------------|:--------------------------------|:---------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------| | ref | All | All | None | True | True | False | -| avx2 | x86\_64 | Linux,Darwin | AES,AVX2,POPCNT,SSE2,SSSE3 | True | True | False | +| avx2 | x86\_64 | Darwin,Linux | SSE2,POPCNT,SSSE3,AVX2,AES | True | True | False | Are implementations chosen based on runtime CPU feature detection? **Yes**. diff --git a/docs/algorithms/sig/dilithium.yml b/docs/algorithms/sig/dilithium.yml index 94aef77d30..de6e55d617 100644 --- a/docs/algorithms/sig/dilithium.yml +++ b/docs/algorithms/sig/dilithium.yml @@ -15,7 +15,8 @@ website: https://pq-crystals.org/dilithium/ nist-round: 3 spec-version: 3.1 spdx-license-identifier: CC0-1.0 -upstream: https://github.com/pq-crystals/dilithium/commit/d9c885d3f2e11c05529eeeb7d70d808c972b8409 +upstream: https://github.com/pq-crystals/dilithium/commit/61b51a71701b8ae9f546a1e5d220e1950ed20d06 + with copy_from_upstream patches parameter-sets: - name: Dilithium2 claimed-nist-level: 2 @@ -37,13 +38,11 @@ parameter-sets: supported-platforms: - architecture: x86_64 operating_systems: - - Linux - Darwin + - Linux required_flags: - avx2 - popcnt - - sse2 - - ssse3 common-crypto: - AES: pqcrystals - SHA3: liboqs @@ -70,13 +69,11 @@ parameter-sets: supported-platforms: - architecture: x86_64 operating_systems: - - Linux - Darwin + - Linux required_flags: - avx2 - popcnt - - sse2 - - ssse3 common-crypto: - AES: pqcrystals - SHA3: liboqs @@ -103,13 +100,11 @@ parameter-sets: supported-platforms: - architecture: x86_64 operating_systems: - - Linux - Darwin + - Linux required_flags: - avx2 - popcnt - - sse2 - - ssse3 common-crypto: - AES: pqcrystals - SHA3: liboqs @@ -136,14 +131,14 @@ parameter-sets: supported-platforms: - architecture: x86_64 operating_systems: - - Linux - Darwin + - Linux required_flags: - - aes - - avx2 - - popcnt - sse2 + - popcnt - ssse3 + - avx2 + - aes common-crypto: - AES: pqcrystals - SHA3: liboqs @@ -170,14 +165,14 @@ parameter-sets: supported-platforms: - architecture: x86_64 operating_systems: - - Linux - Darwin + - Linux required_flags: - - aes - - avx2 - - popcnt - sse2 + - popcnt - ssse3 + - avx2 + - aes common-crypto: - AES: pqcrystals - SHA3: liboqs @@ -204,14 +199,14 @@ parameter-sets: supported-platforms: - architecture: x86_64 operating_systems: - - Linux - Darwin + - Linux required_flags: - - aes - - avx2 - - popcnt - sse2 + - popcnt - ssse3 + - avx2 + - aes common-crypto: - AES: pqcrystals - SHA3: liboqs