sharpetronics/liboqs
1
0
Fork 0
mirror of https://github.com/open-quantum-safe/liboqs.git synced 2025-10-15 00:01:37 -04:00
Code Issues Projects Releases Wiki Activity
liboqs/docs/algorithms/kem/frodokem.md
Jason Goertzen 769412623c
Adding multiple upstream support to doc generation (#1123) 
* Fix an issue where run_tests tried to run tests from upstream. Fix by @DStebila

* No longer checking spdx on files copied from upstream

* Added compiler checking for gcc. Must be at least 9.4.0.

* Added pqclean's aarch64 optimized kyber implementation to liboqs

* stripping asimd flag for ARM64_V8 as it isn't needed and will cause errors when trying to specify it during compilation

* Updated kyber docs

* Updated kyber markdown so that no-secret-dependent-branching-checked-by-valgrind correctly says false for the new aarch64 implementation

* Added automated updating of legacy yaml format, and added some yaml files which don't get automatically updated

* Fixed a bug where optimized upstreams would use the primary upstream's supported platform

* Fixed a bug with copy_from_upstream.py's verify function where it would always use the default upstream location when comparing with diff

* Added reporting for implementations that are in upstream but aren't yet integrated into liboqs

* Added support to ignore implementations from upstream in copy_from_upstream.yml. This is to prevent implementations that haven't been integrated into LIBOQS yet from being pulled in by copy_from_upstream.py. It also silences the warning when verifying.

* Adding updated ymls and md files for docs

* copy_from_upstream.py now also calls update_docs_from_yaml.py
2021-11-18 06:56:19 +01:00

9.4 KiB
Raw Blame History

FrodoKEM

  • Algorithm type: Key encapsulation mechanism.
  • Main cryptographic assumption: learning with errors (LWE).
  • Principal submitters: Michael Naehrig, Erdem Alkim, Joppe Bos, Léo Ducas, Karen Easterbrook, Brian LaMacchia, Patrick Longa, Ilya Mironov, Valeria Nikolaenko, Christopher Peikert, Ananth Raghunathan, Douglas Stebila.
  • Authors' website: https://frodokem.org/
  • Specification version: NIST Round 3 submission.
  • Primary Source:
    • Source: b6609d30a9
    • Implementation license (SPDX-Identifier): MIT

Parameter set summary

Parameter set Security model Claimed NIST Level Public key size (bytes) Secret key size (bytes) Ciphertext size (bytes) Shared secret size (bytes)
FrodoKEM-640-AES IND-CCA2 1 9616 19888 9720 16
FrodoKEM-640-SHAKE IND-CCA2 1 9616 19888 9720 16
FrodoKEM-976-AES IND-CCA2 3 15632 31296 15744 24
FrodoKEM-976-SHAKE IND-CCA2 3 15632 31296 15744 24
FrodoKEM-1344-AES IND-CCA2 5 21520 43088 21632 32
FrodoKEM-1344-SHAKE IND-CCA2 5 21520 43088 21632 32

FrodoKEM-640-AES implementation characteristics

Implementation source Identifier in upstream Supported architecture(s) Supported operating system(s) CPU extension(s) used No branching-on-secrets claimed? No branching-on-secrets checked by valgrind? Large stack usage?‡
Primary Source master All All None True True False
Primary Source master x86_64 Linux,Darwin,Windows AVX2 True True False

Are implementations chosen based on runtime CPU feature detection? Yes.

‡For an explanation of what this denotes, consult the Explanation of Terms section at the end of this file.

FrodoKEM-640-SHAKE implementation characteristics

Implementation source Identifier in upstream Supported architecture(s) Supported operating system(s) CPU extension(s) used No branching-on-secrets claimed? No branching-on-secrets checked by valgrind? Large stack usage?
Primary Source master All All None True True False
Primary Source master x86_64 Linux,Darwin,Windows AVX2 True True False

Are implementations chosen based on runtime CPU feature detection? Yes.

FrodoKEM-976-AES implementation characteristics

Implementation source Identifier in upstream Supported architecture(s) Supported operating system(s) CPU extension(s) used No branching-on-secrets claimed? No branching-on-secrets checked by valgrind? Large stack usage?
Primary Source master All All None True True False
Primary Source master x86_64 Linux,Darwin,Windows AVX2 True True False

Are implementations chosen based on runtime CPU feature detection? Yes.

FrodoKEM-976-SHAKE implementation characteristics

Implementation source Identifier in upstream Supported architecture(s) Supported operating system(s) CPU extension(s) used No branching-on-secrets claimed? No branching-on-secrets checked by valgrind? Large stack usage?
Primary Source master All All None True True False
Primary Source master x86_64 Linux,Darwin,Windows AVX2 True True False

Are implementations chosen based on runtime CPU feature detection? Yes.

FrodoKEM-1344-AES implementation characteristics

Implementation source Identifier in upstream Supported architecture(s) Supported operating system(s) CPU extension(s) used No branching-on-secrets claimed? No branching-on-secrets checked by valgrind? Large stack usage?
Primary Source master All All None True True False
Primary Source master x86_64 Linux,Darwin,Windows AVX2 True True False

Are implementations chosen based on runtime CPU feature detection? Yes.

FrodoKEM-1344-SHAKE implementation characteristics

Implementation source Identifier in upstream Supported architecture(s) Supported operating system(s) CPU extension(s) used No branching-on-secrets claimed? No branching-on-secrets checked by valgrind? Large stack usage?
Primary Source master All All None True True False
Primary Source master x86_64 Linux,Darwin,Windows AVX2 True True False

Are implementations chosen based on runtime CPU feature detection? Yes.

Explanation of Terms

  • Large Stack Usage: Implementations identified as having such may cause failures when running in threads or in constrained environments.