mirror of
https://github.com/open-quantum-safe/liboqs.git
synced 2025-10-15 00:01:37 -04:00
* Updated sig templates to add support for arch specific upstreams. Currently behaves as expected, but still need to test (and integrate) dilithium * Fixed a couple of build errors, and started work on dilithium integration from pqclean. Currently failing kat tests * Updated templating for both sig and kem to make them look a little better * Renamed dilithium folders so they are consistent across pqclean and pqcrystals so that copy_from_upstream script will function correctly * Added arm optimized version of dilithium[2|3|5] * Updating other signature schemes CMakeLists.txt to be the output of the updated templates * Arm optimized implementation of dilithium is added, with randomized signing patched into it. copy_from_upstream script is working properly. Still need to update the update_docs scripts before ready to merge * Finished updating docs scripts and yml files. Builds pass, so should be ready for a merge * Fixed template issue with multiple compile flags * Updated doc generation scripts so that all '_' in scheme names are replaced with '\_'
5.5 KiB
5.5 KiB
HQC
- Algorithm type: Key encapsulation mechanism.
- Main cryptographic assumption: Syndrome decoding of structure codes (Hamming Quasi-Cyclic).
- Principal submitters: Carlos Aguilar Melchor, Nicolas Aragon, Slim Bettaieb, Olivier Blazy, Jurjen Bos, Jean-Christophe Deneuville, Philippe Gaborit, Edoardo Persichetti, Jean-Marc Robert, Pascal Véron, Gilles Zémor, Loïc Bidoux.
- Authors' website: https://pqc-hqc.org/
- Specification version: NIST Round 3 submission.
- Primary Source:
- Source:
4c9e5a3aa7
- Implementation license (SPDX-Identifier): Public domain , which takes it from:
- https://github.com/jschanck/package-pqclean/tree/29f79e72/hqc, which takes it from:
- submission 2020-10-01 at https://pqc-hqc.org/implementation.html
- Source:
Parameter set summary
Parameter set | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Ciphertext size (bytes) | Shared secret size (bytes) |
---|---|---|---|---|---|---|
HQC-128 | IND-CCA2 | 1 | 2249 | 2289 | 4481 | 64 |
HQC-192 | IND-CCA2 | 3 | 4522 | 4562 | 9026 | 64 |
HQC-256 | IND-CCA2 | 5 | 7245 | 7285 | 14469 | 64 |
HQC-128 implementation characteristics
Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
---|---|---|---|---|---|---|---|
Primary Source | clean | All | All | None | True | True | False |
Primary Source | avx2 | x86_64 | Linux,Darwin | AVX2,BMI1,PCLMULQDQ | False | True | False |
Are implementations chosen based on runtime CPU feature detection? Yes.
‡For an explanation of what this denotes, consult the Explanation of Terms section at the end of this file.
HQC-192 implementation characteristics
Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
---|---|---|---|---|---|---|---|
Primary Source | clean | All | All | None | True | True | False |
Primary Source | avx2 | x86_64 | Linux,Darwin | AVX2,BMI1,PCLMULQDQ | False | True | False |
Are implementations chosen based on runtime CPU feature detection? Yes.
HQC-256 implementation characteristics
Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
---|---|---|---|---|---|---|---|
Primary Source | clean | All | All | None | True | True | False |
Primary Source | avx2 | x86_64 | Linux,Darwin | AVX2,BMI1,PCLMULQDQ | False | True | True |
Are implementations chosen based on runtime CPU feature detection? Yes.
Explanation of Terms
- Large Stack Usage: Implementations identified as having such may cause failures when running in threads or in constrained environments.