Revised FrodoKEM standardization status to reflect ISO consideration

Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>
revised specification URL to be consistent with spec-version
2025-10-03 00:02:36 -04:00 · 2025-10-01 10:14:33 -04:00 · 2025-10-01 10:14:33 -04:00 · 2025-10-01 10:14:33 -04:00 · 2025-10-01 10:14:33 -04:00 · 2025-10-01 10:14:33 -04:00
26 changed files with 215 additions and 242 deletions
--- a/README.md
+++ b/README.md
--- a/docs/algorithms/kem/bike.yml
+++ b/docs/algorithms/kem/bike.yml
@ -21,6 +21,7 @@ principal-submitters:
 crypto-assumption: QC-MDPC (Quasi-Cyclic Moderate Density Parity-Check)
 website: http://bikesuite.org/
 nist-round: 4
 standardization-status: Not selected by [NIST](https://bikesuite.org/files/v5.1/BIKE_Spec.2022.10.10.1.pdf)
 spec-version: 5.1
 primary-upstream:
  source: https://github.com/awslabs/bike-kem
--- a/docs/algorithms/kem/classic_mceliece.yml
+++ b/docs/algorithms/kem/classic_mceliece.yml
@ -18,6 +18,7 @@ crypto-assumption: Niederreiter's dual version of McEliece's public key encrypti
 website: https://classic.mceliece.org
 nist-round: 3
 spec-version: SUPERCOP-20221025
 standardization-status: Under [ISO](https://classic.mceliece.org/iso.html) consideration
 upstream-ancestors:
 - SUPERCOP-20221025 "clean" and "avx2" implementations
 advisories:
--- a/docs/algorithms/kem/frodokem.yml
+++ b/docs/algorithms/kem/frodokem.yml
@ -17,6 +17,7 @@ crypto-assumption: learning with errors (LWE)
 website: https://frodokem.org/
 nist-round: 3
 spec-version: NIST Round 3 submission
 standardization-status: Under [ISO](https://frodokem.org/) consideration
 primary-upstream:
  source: https://github.com/microsoft/PQCrypto-LWEKE/commit/b6609d30a9982318d7f2937aa3c7b92147b917a2
  spdx-license-identifier: MIT
--- a/docs/algorithms/kem/hqc.yml
+++ b/docs/algorithms/kem/hqc.yml
@ -18,6 +18,8 @@ principal-submitters:
 crypto-assumption: Syndrome decoding of structure codes (Hamming Quasi-Cyclic)
 website: https://pqc-hqc.org/
 nist-round: 4
 standardization-status: Selected by [NIST](https://pqc-hqc.org/doc/hqc_specifications_2025_08_22.pdf)
  for upcoming standardization
 spec-version: 2023-04-30
 upstream-ancestors:
 - https://github.com/SWilson4/package-pqclean/tree/8db1b24b/hqc
--- a/docs/algorithms/kem/kyber.yml
+++ b/docs/algorithms/kem/kyber.yml
@ -15,6 +15,8 @@ auxiliary-submitters:
 crypto-assumption: Module LWE+R with base ring Z[x]/(3329, x^256+1)
 website: https://pq-crystals.org/
 nist-round: 3
 standardization-status: Selected by [NIST](https://csrc.nist.gov/CSRC/media/Projects/post-quantum-cryptography/documents/round-3/submissions/Kyber-Round3.zip)
  as basis for ML-KEM (FIPS 203)
 spec-version: NIST Round 3 submission
 primary-upstream:
  source: https://github.com/pq-crystals/kyber/commit/441c0519a07e8b86c8d079954a6b10bd31d29efc
--- a/docs/algorithms/kem/ml_kem.md
+++ b/docs/algorithms/kem/ml_kem.md
@ -14,7 +14,7 @@
      - **Source**: https://github.com/open-quantum-safe/liboqs-cupqc-meta/commit/b026f4e5475cd9c20c2082c7d9bad80e5b0ba89e
      - **Implementation license (SPDX-Identifier)**: Apache-2.0
  - **icicle-icicle_cuda**:<a name="icicle-icicle_cuda"></a>
-      - **Source**: https://github.com/ingonyama-zk/icicle-liboqs/commit/8f215fd845928abfc2bb7d5ca15db76b839bee5c
+      - **Source**: https://github.com/ingonyama-zk/icicle-liboqs/commit/4ea3e612ff26e3e72b5e5bcfff4cf3dda45dc0a8
      - **Implementation license (SPDX-Identifier)**: MIT
--- a/docs/algorithms/kem/ml_kem.yml
+++ b/docs/algorithms/kem/ml_kem.yml
@ -15,6 +15,7 @@ auxiliary-submitters:
 crypto-assumption: Module LWE+R with base ring Z[x]/(3329, x^256+1)
 website: https://pq-crystals.org/kyber/ and https://csrc.nist.gov/pubs/fips/203
 nist-round: FIPS203
 standardization-status: Standardized by [NIST](https://csrc.nist.gov/pubs/fips/203/final)
 spec-version: ML-KEM
 primary-upstream:
  source: https://github.com/pq-code-package/mlkem-native/commit/048fc2a7a7b4ba0ad4c989c1ac82491aa94d5bfa
@ -24,7 +25,7 @@ optimized-upstreams:
    source: https://github.com/open-quantum-safe/liboqs-cupqc-meta/commit/b026f4e5475cd9c20c2082c7d9bad80e5b0ba89e
    spdx-license-identifier: Apache-2.0
  icicle-icicle_cuda:
-    source: https://github.com/ingonyama-zk/icicle-liboqs/commit/8f215fd845928abfc2bb7d5ca15db76b839bee5c
+    source: https://github.com/ingonyama-zk/icicle-liboqs/commit/4ea3e612ff26e3e72b5e5bcfff4cf3dda45dc0a8
    spdx-license-identifier: MIT
 parameter-sets:
 - name: ML-KEM-512
--- a/docs/algorithms/kem/ntru.yml
+++ b/docs/algorithms/kem/ntru.yml
@ -16,6 +16,7 @@ auxiliary-submitters:
 - Zhenfei Zhang
 crypto-assumption: NTRU in Z[x]/(q, x^n-1) with prime n and power-of-two q
 website: https://ntru.org/
 standardization-status: Not selected by [NIST](https://csrc.nist.gov/CSRC/media/Projects/post-quantum-cryptography/documents/round-3/submissions/NTRU-Round3.zip), under standardization consideration by [NTT](https://info.isl.ntt.co.jp/crypt/ntru/index.html)
 nist-round: 3
 spec-version: NIST Round 3 submission
 upstream-ancestors:
--- a/docs/algorithms/kem/ntruprime.yml
+++ b/docs/algorithms/kem/ntruprime.yml
@ -15,6 +15,7 @@ crypto-assumption: NTRU
 website: https://ntruprime.cr.yp.to
 nist-round: 3
 spec-version: supercop-20200826
 standardization-status: Not selected by [NIST](https://csrc.nist.gov/CSRC/media/Projects/post-quantum-cryptography/documents/round-3/submissions/NTRU-Prime-Round3.zip)
 upstream-ancestors:
 - https://github.com/jschanck/package-pqclean/tree/4d9f08c3/ntruprime
 - supercop-20210604
--- a/docs/algorithms/sig/cross.yml
+++ b/docs/algorithms/sig/cross.yml
@ -22,6 +22,8 @@ crypto-assumption: hardness of the restricted syndrome decoding problem for rand
  linear codes on a finite field
 website: https://www.cross-crypto.com/
 nist-round: 2
 standardization-status: Under [NIST](https://www.cross-crypto.com/CROSS_Specification_v2.2.pdf)
  consideration
 spec-version: 2.2 + PQClean and OQS patches
 primary-upstream:
  source: https://github.com/CROSS-signature/CROSS-lib-oqs/commit/c8f7411fed136f0e37600973fa3dbed53465e54f
--- a/docs/algorithms/sig/falcon.yml
+++ b/docs/algorithms/sig/falcon.yml
@ -16,6 +16,8 @@ auxiliary-submitters:
 crypto-assumption: hardness of NTRU lattice problems
 website: https://falcon-sign.info
 nist-round: 3
 standardization-status: Selected by [NIST](https://csrc.nist.gov/CSRC/media/Projects/post-quantum-cryptography/documents/round-3/submissions/Falcon-Round3.zip)
  for upcoming standardization
 spec-version: 20211101
 primary-upstream:
  source: https://github.com/PQClean/PQClean/commit/1eacfdafc15ddc5d5759d0b85b4cef26627df181
--- a/docs/algorithms/sig/mayo.yml
+++ b/docs/algorithms/sig/mayo.yml
@ -9,6 +9,8 @@ principal-submitters:
 crypto-assumption: multivariable quadratic equations, oil and vinegar
 website: https://pqmayo.org
 nist-round: 2
 standardization-status: Under [NIST](https://csrc.nist.gov/csrc/media/Projects/pqc-dig-sig/documents/round-2/spec-files/mayo-spec-round2-web.pdf)
  consideration
 spec-version: NIST Round 2 (February 2025)
 primary-upstream:
  source: https://github.com/PQCMayo/MAYO-C/commit/4b7cd94c96b9522864efe40c6ad1fa269584a807
--- a/docs/algorithms/sig/ml_dsa.yml
+++ b/docs/algorithms/sig/ml_dsa.yml
@ -13,6 +13,7 @@ auxiliary-submitters:
 crypto-assumption: hardness of lattice problems over module lattices
 website: https://pq-crystals.org/dilithium/ and https://csrc.nist.gov/pubs/fips/204/final
 nist-round: FIPS204
 standardization-status: Standardized by [NIST](https://csrc.nist.gov/pubs/fips/204/final)
 spec-version: ML-DSA
 primary-upstream:
  source: https://github.com/pq-crystals/dilithium/commit/444cdcc84eb36b66fe27b3a2529ee48f6d8150c2
--- a/docs/algorithms/sig/slh_dsa.yml
+++ b/docs/algorithms/sig/slh_dsa.yml
@ -1,3 +1,5 @@
 # Generated from src/sig/slh_dsa/templates/slh_dsa_docs_yml_template.jinja
 # by copy_from_slh_dsa_c.py
 name: SLH-DSA
 type: signature
 principal-submitters:
@ -23,6 +25,8 @@ auxiliary-submitters:
 crypto-assumption: hash-based signatures
 website: https://csrc.nist.gov/pubs/fips/205/final
 nist-round: FIPS205
 standardization-status: Standardized by NIST
 spec-url: https://csrc.nist.gov/pubs/fips/205/final
 spec-version: SLH-DSA
 spdx-license-identifier: MIT or ISC or Apache 2.0
 primary-upstream:
--- a/docs/algorithms/sig/snova.yml
+++ b/docs/algorithms/sig/snova.yml
@ -13,6 +13,8 @@ principal-submitters:
 crypto-assumption: multivariable quadratic equations, oil and vinegar
 website: https://snova.pqclab.org/
 nist-round: 2
 standardization-status: Under [NIST](https://csrc.nist.gov/csrc/media/Projects/pqc-dig-sig/documents/round-2/spec-files/snova-spec-round2-web.pdf)
  consideration
 spec-version: Round 2
 primary-upstream:
  source: https://github.com/vacuas/SNOVA/commit/1c3ca6f4f7286c0bde98d7d6f222cf63b9d52bff
--- a/docs/algorithms/sig/sphincs.yml
+++ b/docs/algorithms/sig/sphincs.yml
@ -23,6 +23,8 @@ auxiliary-submitters:
 crypto-assumption: hash-based signatures
 website: https://sphincs.org/
 nist-round: 3
 standardization-status: Selected by [NIST](https://sphincs.org/data/sphincs+-r3.1-specification.pdf)
  as basis for SLH-DSA (FIPS 205)
 spec-version: NIST Round 3 submission, v3.1 (June 10, 2022)
 spdx-license-identifier: CC0-1.0
 primary-upstream:
--- a/docs/algorithms/sig/uov.yml
+++ b/docs/algorithms/sig/uov.yml
@ -14,6 +14,8 @@ principal-submitters:
 - Bo-Yin Yang
 crypto-assumption: multivariable quadratic equations, oil and vinegar
 website: https://www.uovsig.org/
 standardization-status: Under [NIST](https://csrc.nist.gov/csrc/media/Projects/pqc-dig-sig/documents/round-2/spec-files/uov-spec-round2-web.pdf)
  consideration
 nist-round: 2
 spec-version: NIST Round 2 (February 2025)
 primary-upstream:
--- a/docs/algorithms/sig_stfl/lms.yml
+++ b/docs/algorithms/sig_stfl/lms.yml
@ -9,6 +9,7 @@ auxiliary-submitters:
 crypto-assumption: hash-based signatures
 website: https://www.rfc-editor.org/info/rfc8554
 nist-round: 
 standardization-status: Standardized by [IRTF](https://www.rfc-editor.org/info/rfc8554), approved by [NIST](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-208.pdf)
 spec-version: 
 spdx-license-identifier: 
 primary-upstream:
--- a/docs/algorithms/sig_stfl/xmss.yml
+++ b/docs/algorithms/sig_stfl/xmss.yml
@ -9,6 +9,7 @@ auxiliary-submitters:
 crypto-assumption: hash-based signatures
 website: https://www.rfc-editor.org/info/rfc8391
 standardization-status: Standardized by [IRTF](https://www.rfc-editor.org/info/rfc8391), approved by [NIST](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-208.pdf)
 nist-round:
 spec-version:
 spdx-license-identifier: (Apache-2.0 OR MIT) AND CC0-1.0
--- a/scripts/copy_from_upstream/copy_from_upstream.yml
+++ b/scripts/copy_from_upstream/copy_from_upstream.yml
@ -51,10 +51,10 @@ upstreams:
    name: icicle
    git_url: https://github.com/ingonyama-zk/icicle-liboqs.git
    git_branch: main
-    git_commit: 8f215fd845928abfc2bb7d5ca15db76b839bee5c
+    git_commit: 4ea3e612ff26e3e72b5e5bcfff4cf3dda45dc0a8
    kem_meta_path: '{pretty_name_full}_META.yml'
    kem_scheme_path: '.'
-    patches: [icicle-mlkem-enc-derand.patch]
+    patches: []
  -
    name: pqcrystals-dilithium-standard
    git_url: https://github.com/pq-crystals/dilithium.git
--- a/scripts/copy_from_upstream/patches/icicle-mlkem-enc-derand.patch
+++ b/scripts/copy_from_upstream/patches/icicle-mlkem-enc-derand.patch
@ -1,102 +0,0 @@
 diff --git a/ML-KEM-1024_META.yml b/ML-KEM-1024_META.yml
 index 5ad054f..49aa71a 100644
 --- a/ML-KEM-1024_META.yml
 +++ b/ML-KEM-1024_META.yml
@@ -25,10 +25,11 @@ implementations:
     version: FIPS203
     signature_keypair: icicle_ml_kem_1024_keypair
     signature_enc: icicle_ml_kem_1024_enc
 +    signature_enc_derand: icicle_ml_kem_1024_enc_derand
     signature_dec: icicle_ml_kem_1024_dec
     sources: ./ml-kem-1024/icicle_ml-kem.cpp
     supported_platforms:
       - architecture: CUDA
         operating_systems:
           - Linux
 -          - Darwin
 \ No newline at end of file
 +          - Darwin
 diff --git a/ML-KEM-512_META.yml b/ML-KEM-512_META.yml
 index c14cf33..c93caa1 100644
 --- a/ML-KEM-512_META.yml
 +++ b/ML-KEM-512_META.yml
@@ -25,10 +25,11 @@ implementations:
     version: FIPS203
     signature_keypair: icicle_ml_kem_512_keypair
     signature_enc: icicle_ml_kem_512_enc
 +    signature_enc_derand: icicle_ml_kem_512_enc_derand
     signature_dec: icicle_ml_kem_512_dec
     sources: ./ml-kem-512/icicle_ml-kem.cpp
     supported_platforms:
       - architecture: CUDA
         operating_systems:
           - Linux
 -          - Darwin
 \ No newline at end of file
 +          - Darwin
 diff --git a/ML-KEM-768_META.yml b/ML-KEM-768_META.yml
 index a1b88a8..1d580a8 100644
 --- a/ML-KEM-768_META.yml
 +++ b/ML-KEM-768_META.yml
@@ -25,10 +25,11 @@ implementations:
     version: FIPS203
     signature_keypair: icicle_ml_kem_768_keypair
     signature_enc: icicle_ml_kem_768_enc
 +    signature_enc_derand: icicle_ml_kem_768_enc_derand
     signature_dec: icicle_ml_kem_768_dec
     sources: ./ml-kem-768/icicle_ml-kem.cpp
     supported_platforms:
       - architecture: CUDA
         operating_systems:
           - Linux
 -          - Darwin
 \ No newline at end of file
 +          - Darwin
 diff --git a/icicle_cuda/ml-kem-1024/icicle_ml-kem.cpp b/icicle_cuda/ml-kem-1024/icicle_ml-kem.cpp
 index 33b38cb..793afb6 100644
 --- a/icicle_cuda/ml-kem-1024/icicle_ml-kem.cpp
 +++ b/icicle_cuda/ml-kem-1024/icicle_ml-kem.cpp
@@ -25,6 +25,11 @@ OQS_STATUS icicle_ml_kem_1024_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk) {
     return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
 }
 +OQS_STATUS icicle_ml_kem_1024_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins) {
 +    icicle::pqc::ml_kem::MlKemConfig config;
 +    return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
 +}
 +
 OQS_STATUS icicle_ml_kem_1024_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk) {
     icicle::pqc::ml_kem::MlKemConfig config;
     return icicle::pqc::ml_kem::decapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)sk, (std::byte*)ct, config, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
 diff --git a/icicle_cuda/ml-kem-512/icicle_ml-kem.cpp b/icicle_cuda/ml-kem-512/icicle_ml-kem.cpp
 index 89c4211..f73c539 100644
 --- a/icicle_cuda/ml-kem-512/icicle_ml-kem.cpp
 +++ b/icicle_cuda/ml-kem-512/icicle_ml-kem.cpp
@@ -25,6 +25,11 @@ OQS_STATUS icicle_ml_kem_512_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk) {
     return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber512Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
 }
 +OQS_STATUS icicle_ml_kem_512_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins) {
 +    icicle::pqc::ml_kem::MlKemConfig config;
 +    return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber512Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
 +}
 +
 OQS_STATUS icicle_ml_kem_512_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk) {
     icicle::pqc::ml_kem::MlKemConfig config;
     return icicle::pqc::ml_kem::decapsulate<icicle::pqc::ml_kem::Kyber512Params>((std::byte*)sk, (std::byte*)ct, config, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
 diff --git a/icicle_cuda/ml-kem-768/icicle_ml-kem.cpp b/icicle_cuda/ml-kem-768/icicle_ml-kem.cpp
 index 33b38cb..793afb6 100644
 --- a/icicle_cuda/ml-kem-768/icicle_ml-kem.cpp
 +++ b/icicle_cuda/ml-kem-768/icicle_ml-kem.cpp
@@ -25,6 +25,11 @@ OQS_STATUS icicle_ml_kem_1024_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk) {
     return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
 }
 +OQS_STATUS icicle_ml_kem_1024_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins) {
 +    icicle::pqc::ml_kem::MlKemConfig config;
 +    return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
 +}
 +
 OQS_STATUS icicle_ml_kem_1024_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk) {
     icicle::pqc::ml_kem::MlKemConfig config;
     return icicle::pqc::ml_kem::decapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)sk, (std::byte*)ct, config, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
--- a/scripts/update_alg_support_table.py
+++ b/scripts/update_alg_support_table.py
@ -0,0 +1,130 @@
 #!/usr/bin/env python3
 # SPDX-License-Identifier: MIT
 """Helper functions for rendering the Algorithm Support table in README.md
 This is a separate module to facilitate code formatting and other dev tools,
 but it is not meant to be run by itself. Instead, run the legacy 
 scripts/update_docs_from_yaml.py to invoke update_readme in this module.
 """
 import os
 import tabulate
 import yaml
 YAML_EXTS = [".yaml", ".yml"]
 ALG_SUPPORT_HEADER = [
    "Algorithm family",
    "Standardization status",
    "Primary implementation",
 ]
 COMMIT_HASH_LEN = 7
 def format_upstream_source(source: str) -> str:
    """For each YAML data sheet, the primary-upstream.source field contains some
    URL to the implementation. At this moment all URLs are links to GitHub, so
    we can format them as follows:
    <handle>/<repository>@<commit> if commit is available
    <handle>/<repository> otherwise
    with a link to the repository
    """
    # TODO: we might get GitLab or other non-GH link in the future but oh well
    prefix = "https://github.com/"
    if not prefix in source:
        raise ValueError(f"Non-GitHub source {source}")
    url_start = source.find(prefix)
    # NOTE: split with no argument will split with all whitespaces
    url = source[url_start:].split()[0]
    # example: ["PQClean", "PQClean", "commit", "1eacfdaf..."]
    tokens = url[len(prefix) :].split("/")
    handle, repo = tokens[0], tokens[1]
    output = f"{handle}/{repo}"
    if "commit/" in url:
        commit = tokens[3][:COMMIT_HASH_LEN]
        output += f"@{commit}"
    return f"[`{output}`]({url})"
 def render_alg_support_tbl(doc_dir: str, anchor_alg_name: bool = False) -> str:
    """Render a markdown table summarizing the algorithms described by YAML data
    sheets stored in the specified doc directory
    :param anchor_alg_name: if set to True, then "algorithm family" will link to
    the corresponding markdown document under docs/algorithms/<kem|sig|sig_stfl>
    otherwise "algorithm family" will be plain text with no link.
    """
    # TODO: anchor_alg_name is turned off because Doxygen cannot handle links
    # to markdown files under docs/algorithms/xxx
    yaml_paths = [
        os.path.abspath(os.path.join(doc_dir, filepath))
        for filepath in os.listdir(doc_dir)
        if os.path.splitext(filepath)[1].lower() in YAML_EXTS
    ]
    yaml_paths.sort()
    rows = [ALG_SUPPORT_HEADER]
    for yaml_path in yaml_paths:
        with open(yaml_path) as f:
            algdata = yaml.safe_load(f)
        alg_name = algdata["name"]
        dirname = "kem"
        if "sig/" in yaml_path:
            dirname = "sig"
        elif "sig_stfl/" in yaml_path:
            dirname = "sig_stfl"
        md_basename = os.path.splitext(os.path.split(yaml_path)[1])[0]
        md_url = f"docs/algorithms/{dirname}/{md_basename}.md"
        std_status = algdata["standardization-status"]
        spec_url = algdata.get("spec-url", None)
        primary_impl = format_upstream_source(algdata["primary-upstream"]["source"])
        rows.append(
            [
                f"[{alg_name}]({md_url})" if anchor_alg_name else f"{alg_name}",
                f"[{std_status}]({spec_url})" if spec_url else std_status,
                primary_impl,
            ]
        )
    tbl = tabulate.tabulate(rows, tablefmt="pipe", headers="firstrow")
    return tbl
 def update_readme(liboqs_dir: str):
    """Per liboqs/issues/2045, update README.md with an algorithm support table
    The algorithm support table is a summary of individual algorithms currently
    integrated into liboqs. The primary source of information are the various
    YAML files under docs/algorithms/<kem|sig|sig_stfl> directory. The table
    summarizes the following attributes:
    - Algorithm family (e.g. Kyber, ML-KEM)
    - Standardization status, with link to specification
    - Primary source of implementation
    - (WIP) Maintenance status
    """
    kem_doc_dir = os.path.join(liboqs_dir, "docs", "algorithms", "kem")
    kem_tbl = render_alg_support_tbl(kem_doc_dir)
    sig_doc_dir = os.path.join(liboqs_dir, "docs", "algorithms", "sig")
    sig_tbl = render_alg_support_tbl(sig_doc_dir)
    sig_stfl_doc_dir = os.path.join(liboqs_dir, "docs", "algorithms", "sig_stfl")
    sig_stfl_tbl = render_alg_support_tbl(sig_stfl_doc_dir)
    md_str = f"""#### Key encapsulation mechanisms
 {kem_tbl}
 #### Signature schemes
 {sig_tbl}
 #### Stateful signature schemes
 {sig_stfl_tbl}
 """
    readme_path = os.path.join(liboqs_dir, "README.md")
    fragment_start = "<!-- OQS_TEMPLATE_FRAGMENT_ALG_SUPPORT_START -->\n"
    fragment_end = "<!-- OQS_TEMPLATE_FRAGMENT_ALG_SUPPORT_END -->"
    with open(readme_path, "r") as f:
        readme = f.read()
        fragment_start_loc = readme.find(fragment_start) + len(fragment_start)
        fragment_end_loc = readme.find(fragment_end)
    with open(readme_path, "w") as f:
        f.write(readme[:fragment_start_loc])
        f.write(md_str)
        f.write(readme[fragment_end_loc:])
--- a/scripts/update_docs_from_yaml.py
+++ b/scripts/update_docs_from_yaml.py
@ -1,11 +1,14 @@
 #!/usr/bin/env python3
 # SPDX-License-Identifier: MIT
 import argparse
 import sys
 import glob
 import os
 import tabulate
 import yaml
-import os
+
 from update_alg_support_table import update_readme
 def load_yaml(filename, encoding='utf-8'):
    with open(filename, mode='r', encoding=encoding) as fh:
@ -15,14 +18,14 @@ def file_get_contents(filename, encoding=None):
    with open(filename, mode='r', encoding=encoding) as fh:
        return fh.read()
 kem_yamls = []
 sig_yamls = []
 sig_stfl_yamls = []
 ########################################
 # Update the KEM markdown documentation.
 ########################################
 def do_it(liboqs_root):
    kem_yamls = []
    sig_yamls = []
    sig_stfl_yamls = []
    for kem_yaml_path in sorted(glob.glob(os.path.join(liboqs_root, 'docs', 'algorithms', 'kem', '*.yml'))):
        kem_yaml = load_yaml(kem_yaml_path)
        kem_yamls.append(kem_yaml)
@ -339,104 +342,9 @@ def do_it(liboqs_root):
            out_md.write(tabulate.tabulate(table, tablefmt="pipe", headers="firstrow", colalign=("center",)))
            out_md.write('\n')
    update_readme(liboqs_root)
    ####################
    # Update the README.
    ####################
    print("Updating README.md")
    readme_path = os.path.join(liboqs_root, 'README.md')
    start_identifier_tmpl = '<!--- OQS_TEMPLATE_FRAGMENT_LIST_{}_START -->'
    end_identifier_tmpl = '<!--- OQS_TEMPLATE_FRAGMENT_LIST_{}_END -->'
    # KEMS
    readme_contents = file_get_contents(readme_path)
    identifier_start = start_identifier_tmpl.format('KEXS')
    identifier_end = end_identifier_tmpl.format('KEXS')
    preamble = readme_contents[:readme_contents.find(identifier_start)]
    postamble = readme_contents[readme_contents.find(identifier_end):]
    with open(readme_path, mode='w', encoding='utf-8') as readme:
        readme.write(preamble + identifier_start + '\n')
        for kem_yaml in kem_yamls:
            parameter_sets = kem_yaml['parameter-sets']
            if any(impl['large-stack-usage'] for impl in parameter_sets[0]['implementations']):
                readme.write('- **{}**: {}†'.format(kem_yaml['name'], parameter_sets[0]['name']))
                if 'alias' in parameter_sets[0]:
                    readme.write(' (alias: {})'.format(parameter_sets[0]['alias']))
            else:
                readme.write('- **{}**: {}'.format(kem_yaml['name'], parameter_sets[0]['name']))
                if 'alias' in parameter_sets[0]:
                    readme.write(' (alias: {})'.format(parameter_sets[0]['alias']))
            for parameter_set in parameter_sets[1:]:
                if any(impl['large-stack-usage'] for impl in parameter_set['implementations']):
                    readme.write(', {}†'.format(parameter_set['name']))
                    if 'alias' in parameter_set:
                        readme.write(' (alias: {})'.format(parameter_set['alias']))
                else:
                    readme.write(', {}'.format(parameter_set['name']))
                    if 'alias' in parameter_set:
                        readme.write(' (alias: {})'.format(parameter_set['alias']))
            readme.write('\n')
        readme.write(postamble)
    # Signatures
    readme_contents = file_get_contents(readme_path)
    identifier_start = start_identifier_tmpl.format('SIGS')
    identifier_end = end_identifier_tmpl.format('SIGS')
    preamble = readme_contents[:readme_contents.find(identifier_start)]
    postamble = readme_contents[readme_contents.find(identifier_end):]
    with open(readme_path, mode='w', encoding='utf-8') as readme:
        readme.write(preamble + identifier_start + '\n')
        for sig_yaml in sig_yamls:
            # SPHINCS requires special handling.
            if "SPHINCS" in sig_yaml["name"]:
                for hash_func in ['SHA2', 'SHAKE']:
                    parameter_sets = [pset for pset in sig_yaml['parameter-sets'] if hash_func in pset['name']]
                    if any(impl['large-stack-usage'] for impl in parameter_sets[0]['implementations']):
                        readme.write('- **SPHINCS+-{}**: {}†'.format(hash_func, parameter_sets[0]['name'].replace('_','\\_')))
                    else:
                        readme.write('- **SPHINCS+-{}**: {}'.format(hash_func, parameter_sets[0]['name'].replace('_','\\_')))
                    for parameter_set in parameter_sets[1:]:
                        if any(impl['large-stack-usage'] for impl in parameter_set['implementations']):
                            readme.write(', {}†'.format(parameter_set['name'].replace('_', '\\_')))
                        else:
                            readme.write(', {}'.format(parameter_set['name'].replace('_', '\\_')))
                    readme.write('\n')
                continue
            parameter_sets = sig_yaml['parameter-sets']
            if any(impl['large-stack-usage'] for impl in parameter_sets[0]['implementations']):
                readme.write('- **{}**: {}†'.format(sig_yaml['name'], parameter_sets[0]['name'].replace('_','\\_')))
                if 'alias' in parameter_sets[0]:
                    readme.write(' (alias: {})'.format(parameter_sets[0]['alias']).replace('_','\\_'))
            else:
                readme.write('- **{}**: {}'.format(sig_yaml['name'], parameter_sets[0]['name'].replace('_','\\_')))
                if 'alias' in parameter_sets[0]:
                    readme.write(' (alias: {})'.format(parameter_sets[0]['alias']).replace('_','\\_'))
            for parameter_set in parameter_sets[1:]:
                if any(impl['large-stack-usage'] for impl in parameter_set['implementations']):
                    readme.write(', {}†'.format(parameter_set['name'].replace('_', '\\_')))
                    if 'alias' in parameter_set:
                        readme.write(' (alias: {})'.format(parameter_set['alias']).replace('_','\\_'))
                else:
                    readme.write(', {}'.format(parameter_set['name'].replace('_', '\\_')))
                    if 'alias' in parameter_set:
                        readme.write(' (alias: {})'.format(parameter_set['alias']).replace('_','\\_'))
            readme.write('\n')
        readme.write(postamble)
 if __name__ == "__main__":
    parser = argparse.ArgumentParser()
    parser.add_argument("--liboqs-root", default=".")
--- a/src/kem/ml_kem/icicle_ml-kem-768_icicle_cuda/icicle_ml-kem.cpp
+++ b/src/kem/ml_kem/icicle_ml-kem-768_icicle_cuda/icicle_ml-kem.cpp
@ -8,31 +8,31 @@
 #include "icicle/errors.h"
 extern "C" {
-#if defined(OQS_ENABLE_KEM_ml_kem_1024_icicle_cuda)
+#if defined(OQS_ENABLE_KEM_ml_kem_768_icicle_cuda)
-OQS_STATUS icicle_ml_kem_1024_keypair(uint8_t *pk, uint8_t *sk) {
+OQS_STATUS icicle_ml_kem_768_keypair(uint8_t *pk, uint8_t *sk) {
    uint8_t coins[icicle::pqc::ml_kem::ENTROPY_BYTES];
    OQS_randombytes(coins, icicle::pqc::ml_kem::ENTROPY_BYTES);
    icicle::pqc::ml_kem::MlKemConfig config;
-    return icicle::pqc::ml_kem::keygen<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)coins, config, (std::byte*)pk, (std::byte*)sk) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
+    return icicle::pqc::ml_kem::keygen<icicle::pqc::ml_kem::Kyber768Params>((std::byte*)coins, config, (std::byte*)pk, (std::byte*)sk) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
 }
-OQS_STATUS icicle_ml_kem_1024_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk) {
+OQS_STATUS icicle_ml_kem_768_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk) {
    uint8_t coins[icicle::pqc::ml_kem::MESSAGE_BYTES];
    OQS_randombytes(coins, icicle::pqc::ml_kem::MESSAGE_BYTES);
    icicle::pqc::ml_kem::MlKemConfig config;
-    return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
+    return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber768Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
 }
-OQS_STATUS icicle_ml_kem_1024_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins) {
+OQS_STATUS icicle_ml_kem_768_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins) {
    icicle::pqc::ml_kem::MlKemConfig config;
-    return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
+    return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber768Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
 }
-OQS_STATUS icicle_ml_kem_1024_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk) {
+OQS_STATUS icicle_ml_kem_768_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk) {
    icicle::pqc::ml_kem::MlKemConfig config;
-    return icicle::pqc::ml_kem::decapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)sk, (std::byte*)ct, config, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
+    return icicle::pqc::ml_kem::decapsulate<icicle::pqc::ml_kem::Kyber768Params>((std::byte*)sk, (std::byte*)ct, config, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
 }
 #endif
 }
--- a/src/sig/slh_dsa/templates/slh_dsa_docs_yml_template.jinja
+++ b/src/sig/slh_dsa/templates/slh_dsa_docs_yml_template.jinja
@ -1,3 +1,5 @@
 # Generated from src/sig/slh_dsa/templates/slh_dsa_docs_yml_template.jinja
 # by copy_from_slh_dsa_c.py
 name: SLH-DSA
 type: signature
 principal-submitters:
@ -23,6 +25,8 @@ auxiliary-submitters:
 crypto-assumption: hash-based signatures
 website: https://csrc.nist.gov/pubs/fips/205/final
 nist-round: FIPS205
 standardization-status: Standardized by NIST
 spec-url: https://csrc.nist.gov/pubs/fips/205/final
 spec-version: SLH-DSA
 spdx-license-identifier: MIT or ISC or Apache 2.0
 primary-upstream:
Author	SHA1	Message	Date
Ganyu (Bruce) Xu	22e4a77725	Revised FrodoKEM standardization status to reflect ISO consideration Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>	2025-10-01 10:14:33 -04:00
Ganyu (Bruce) Xu	af558ebb66	revised specification URL to be consistent with spec-version Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>	2025-10-01 10:14:33 -04:00
Ganyu (Bruce) Xu	7e8edaef85	removed spec-url from lms.yml Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>	2025-10-01 10:14:33 -04:00
Ganyu (Bruce) Xu	402edd47d4	fixed typo Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>	2025-10-01 10:14:33 -04:00
Ganyu (Bruce) Xu	02f068a597	another try at improving phrasing of standardization status Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>	2025-10-01 10:14:33 -04:00
Ganyu (Bruce) Xu	626c827d1c	improved explanation for NTRU's standardization status Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>	2025-10-01 10:14:33 -04:00
Ganyu (Bruce) Xu	51db6ce896	rephrasing standardization status for PQC third round candidates Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>	2025-10-01 10:14:33 -04:00
Ganyu (Bruce) Xu	e0b57e2f1e	resolved failure to consistently produce the same README.md Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>	2025-10-01 10:14:33 -04:00
Ganyu (Bruce) Xu	87cf3df9ce	add git diff to basic check for debugging purpose Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>	2025-10-01 10:14:33 -04:00
Ganyu (Bruce) Xu	54256d31d7	algorithm family names will not link to docs/algorithms markdowns because Doxygen cannot handle them Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>	2025-10-01 10:14:33 -04:00
Ganyu (Bruce) Xu	57308e3d60	fixed invalid markdown anchors Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>	2025-10-01 10:14:33 -04:00
Ganyu (Bruce) Xu	2c15d82893	docs/algorithms/sig/sld_dsa.yml is generated from a Jinja template elsewhere Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>	2025-10-01 10:14:33 -04:00
Ganyu (Bruce) Xu	3a9f2abfd5	documentation; make primary implementation monospaced Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>	2025-10-01 10:14:33 -04:00
Ganyu (Bruce) Xu	b25cdb3298	Use split with no argument to split against any whitespace, not just space Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>	2025-10-01 10:14:33 -04:00
Ganyu (Bruce) Xu	40cc1a508a	wrap standardization status with url to spec Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>	2025-10-01 10:14:33 -04:00
Ganyu (Bruce) Xu	606ef108c6	some refactoring Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>	2025-10-01 10:14:33 -04:00
Ganyu (Bruce) Xu	c52e0f42c3	first draft of alg support table Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>	2025-10-01 10:14:33 -04:00
Ganyu (Bruce) Xu	44002abae2	still need to fill in the content Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>	2025-10-01 10:14:33 -04:00
Ganyu (Bruce) Xu	7849f3fced	algorithm support table should replace the list of algorithms; minor refactor w.r.t. shebang, imports, and unnecessary global states Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>	2025-10-01 10:14:33 -04:00
nonam3e	e64026e27a	Fix/icicle ml kem 768 (#2288 ) * fix 768 version Signed-off-by: nonam3e <timur@ingonyama.com> * update upstream git commit Signed-off-by: nonam3e <timur@ingonyama.com> --------- Signed-off-by: nonam3e <timur@ingonyama.com>	2025-10-01 09:24:35 -04:00