| 4de38cd | Ko- | 29 May 2020, 12:09:55 UTC | Update Round5 opt to new version (#52) Version 20200410 of the spec, commit r5embed/r5embed@6e4ebd1. | 29 May 2020, 12:09:55 UTC |
| 468d9eb | Matthias J. Kannwischer | 29 May 2020, 06:11:03 UTC | more robust result parsing (#51) When doing the new benchmarks, I sometimes ran into the problem that the speed benchmarks contained something like keypair cycles: 6639120105 keypair cycles: 6639120105 sign cycles: 103762136231 verify cycles: 154024957 So for what ever reason, the board was reset after the first key gen was done. Our parsing script didn't really handle this well as it was based on line numbers. I made that more robust in this patch. I also made it a bit more consistent across benchmarks. | 29 May 2020, 06:11:03 UTC |
| 1f1ad36 | Ko- | 28 April 2020, 20:08:39 UTC | Add new ROLLO ref implementation (#50) * Remove Rollo-III * Update ROLLO-I-128 * Update ROLLO-I-{192,256} * Update ROLLO-II-128 * Update ROLLO-II-{192,256} | 28 April 2020, 20:08:39 UTC |
| 8fd1941 | Matthias J. Kannwischer | 27 April 2020, 23:06:59 UTC | fix lac to adhere to the new aes keyexp api | 27 April 2020, 23:15:33 UTC |
| 031d557 | Ko- | 22 April 2020, 12:19:52 UTC | Update RQC implementation (#49) * Update RQC-128 to new version * Update RQC-192 * Update RQC-256 | 22 April 2020, 12:19:52 UTC |
| 3e10f22 | Matthias J. Kannwischer | 22 April 2020, 06:54:34 UTC | remove printbytes from randombytes (#48) | 22 April 2020, 06:54:34 UTC |
| e2ae402 | Matthias J. Kannwischer | 21 April 2020, 06:28:43 UTC | switch back to most recent pqclean version somehow I screwed up and switched to an older version in https://github.com/mupq/mupq/pull/46/ | 21 April 2020, 06:28:53 UTC |
| d8cec88 | Matthias J. Kannwischer | 21 April 2020, 06:21:30 UTC | add new LAC v3a/v3a ref/opt implementations (#46) | 21 April 2020, 06:21:30 UTC |
| bef05e9 | Matthias J. Kannwischer | 20 April 2020, 05:18:33 UTC | Update PQClean (#47) * add mceliece * Migrate https://github.com/PQClean/PQClean/pull/266 * Port https://github.com/PQClean/PQClean/pull/279 I'm not a big fan of this change, but we have to do it to be compatible with PQClean. * Port HQC https://github.com/PQClean/PQClean/pull/202 * update mqdss * make rqc and rollo use the common nistseedexpander | 20 April 2020, 05:18:33 UTC |
| 870607a | Matthias J. Kannwischer | 14 April 2020, 05:19:48 UTC | outsource crypto_hashblocks_sha512 (#45) crypto_hashblocks_sha512 now needs to be implemented by the platform-specific common sources. This is to integrate the new faster sha512 for the m4 from supercop20200409 | 14 April 2020, 05:19:48 UTC |
| 3a3850b | Ko- | 25 March 2020, 08:23:53 UTC | Update Round5 to third round (#44) * Remove SNEIK variants * Rename CCA variants * Update r5nd-1cca-5d opt implementation * Update symlinks other opt implementations * Add CPA variants | 25 March 2020, 08:23:53 UTC |
| 4468e2e | Daan Sprenkels | 05 March 2020, 09:23:55 UTC | python: Flush the serial buf chip sync There is an unreported bug present where _wait_for_start will read garbage from the chip *before* the first '=' char is received. It occurs when the chip is not synced with the benchmarking script, and is running an implementation without the benchmarking script listening. In this case, there is still data in the serial buffer from a lost (unsynced) benchmark run. This commit flushes (i.e. erases) the contents of the serial buffer before trying to sync to the '=' chars coming from the chip. | 05 March 2020, 09:32:40 UTC |
| 12f6d39 | Matthias J. Kannwischer | 04 February 2020, 11:29:42 UTC | Add empty sha2_destroy functions (#42) https://github.com/PQClean/PQClean/commit/a655ec8a9d86eadd0cffe1f3b16f5e6e2ead7b94 added sha2_destory functions to the SPHINCS+ implementations. As we have a stack-based implementations, these are no-ops. | 04 February 2020, 11:29:42 UTC |
| d9657a8 | Matthias J. Kannwischer | 04 February 2020, 10:37:34 UTC | Skip AESNI and SSE implementations (#41) https://github.com/PQClean/PQClean/pull/253 adds AESNI implementations of SPHINCS+. https://github.com/PQClean/PQClean/pull/259 adds SSE implementations of McEliece. Those obviously won't work on mupq target, so I added those to the current blacklist. In case more implementation types are added to pqclean in the future we might want to a more clean filtering approach. | 04 February 2020, 10:37:34 UTC |
| 422bd74 | Matthias J. Kannwischer | 04 February 2020, 10:32:15 UTC | re-add opt CCA implementations of three bears; remove ref implementations of CPA three bears (#40) | 04 February 2020, 10:32:15 UTC |
| 0c7162f | Richard Petri | 02 February 2020, 19:01:03 UTC | Make the size executable configurable (#39) | 02 February 2020, 19:01:03 UTC |
| 84b3035 | Ko- | 02 December 2019, 08:35:47 UTC | Fix Round5 CCA KEM (#37) * Update PQClean * Fix Round5 CCA KEM | 02 December 2019, 08:35:47 UTC |
| 6fb7df2 | Matthias J. Kannwischer | 18 November 2019, 09:29:26 UTC | update pqclean to include the CCA threebears | 18 November 2019, 09:29:26 UTC |
| a07b8d9 | Matthias J. Kannwischer | 15 November 2019, 11:10:34 UTC | Flip len and flag for round5 (#35) See https://github.com/mupq/pqm4/pull/123 | 15 November 2019, 11:10:34 UTC |
| 2348846 | Matthias J. Kannwischer | 29 October 2019, 13:35:03 UTC | Update pqclean to include qTesla PQClean added clean implementations of qTesla: https://github.com/PQClean/PQClean/pull/239 | 29 October 2019, 13:35:03 UTC |
| 9015583 | Richard Petri | 28 October 2019, 11:48:34 UTC | Refactor number printing functions and avoid Xprintf functions (#34) The refactoring removes a lot of identical duplicated code. Avoiding the printf functions reduces code size *considerably*. This is may not be necessary for platforms with larger flash sizes as in PQM4, however the printf functions for RISC-V pull in a lot of code. There are the "nano" variants of the libc, which are small enough. However, these don't support printing long longs which we need for the cycle counts. The code for unsigned long long printing uses a division by 10 trick from hackers delight, since the compiler will otherwise use a generic 64-bit division code, which is quite a bit larger. | 28 October 2019, 11:48:34 UTC |
| e41de1a | Ko- | 08 October 2019, 11:01:55 UTC | Add RQC{128,192,256} (#32) * Add RQC128 * Fix memory leak in rqc decapsulation * Add RQC192 and RQC256 | 08 October 2019, 11:01:55 UTC |
| a18199f | Ko- | 08 October 2019, 08:19:49 UTC | Add ROLLO-{I,II,III}-{128,192,256} ref (#31) | 08 October 2019, 08:19:49 UTC |
| 6947d5c | Matthias J. Kannwischer | 07 October 2019, 13:02:19 UTC | Update pqclean to use AES API in Kyber (#30) | 07 October 2019, 13:02:19 UTC |
| 941cae1 | Matthias J. Kannwischer | 01 October 2019, 11:02:16 UTC | Port 'Add abstract state duplication for SHA256 incremental hashing API' from PQClean (#29) https://github.com/PQClean/PQClean/pull/207 | 01 October 2019, 11:02:16 UTC |
| 3676e7d | Matthias J. Kannwischer | 01 October 2019, 09:48:02 UTC | Update PQClean (#28) * update pqclean; handle avx2 implementations * change naming of falcon parameter sets to pqclean naming * remove saber parameter sets since they were moved to PQClean | 01 October 2019, 09:48:02 UTC |
| 7f6ec39 | Matthias J. Kannwischer | 25 September 2019, 07:54:09 UTC | Update falcon to new fixed upstream version. (#27) On the 2019-09-18 the Falcon team announced that their implementation had two severe bugs that caused signatures to leak information about the secret key. These bugs also affected the implementations that were in pqm4. This commit updates our falcon implementation to the new upstream version from https://falcon-sign.info/ which fixes these bugs. | 25 September 2019, 07:54:09 UTC |
| 3a442bf | Ko- | 23 September 2019, 15:10:56 UTC | Update LUOV to v2.1 | 24 September 2019, 07:10:12 UTC |
| b470fe3 | Ko- | 19 September 2019, 07:35:34 UTC | Fix Python 3.6 compatibility and dubious use of printf (#25) * Fix compatibility with Python 3.6 text was only added in Python 3.7 as a more readable alias https://docs.python.org/3/library/subprocess.html?highlight=subprocess#subprocess.check_output * Fix printf calls without a format string * Make stack's print function more similar to others | 19 September 2019, 07:35:34 UTC |
| 881a6f0 | Matthias J. Kannwischer | 10 September 2019, 09:41:04 UTC | fix incremental sha512 (#23) | 10 September 2019, 09:41:04 UTC |
| 152e4c8 | Matthias J. Kannwischer | 20 August 2019, 15:55:45 UTC | remove withdrawn qTesla parameter sets | 20 August 2019, 15:55:45 UTC |
| 3219bff | Matthias J. Kannwischer | 18 July 2019, 05:54:26 UTC | Add Falcon (#22) * add falcon * enable testvector comparison for opt implementations * add constant time implementations of falcon * move opt to opt-leaktime | 18 July 2019, 05:54:26 UTC |
| 7437835 | Matthias J. Kannwischer | 06 July 2019, 14:59:20 UTC | Update qTesla code (#21) | 06 July 2019, 14:59:20 UTC |
| a86fea4 | Ko- | 05 July 2019, 13:49:14 UTC | Fix bug in sha3_512_inc See https://github.com/PQClean/PQClean/pull/203. The non-incremental version was correct. Currently no implementation actually uses the incremental SHA3-512. | 05 July 2019, 13:49:14 UTC |
| 104fff0 | Matthias J. Kannwischer | 01 July 2019, 06:46:36 UTC | add relaese function for AES key schedule (#20) | 01 July 2019, 06:46:36 UTC |
| bf20ddc | Richard Petri | 01 July 2019, 05:45:49 UTC | Fix canary checks for platforms which can't do unaligned access (#19) | 01 July 2019, 05:45:49 UTC |
| 4f9b1dd | Ko- | 26 June 2019, 13:14:07 UTC | Make stack canary size increasing for KEMs Commit f36a88b54d3ff7cf5cec89048297a21ca191b05e contained a change to the way that we measure stack size. However, this was only changed for signatures. This makes measuring KEMs behave the same again. | 26 June 2019, 13:14:07 UTC |
| 10eabd2 | Ko- | 26 June 2019, 13:12:09 UTC | Add Round5 opt (#18) * Add R5ND_1KEMCCA_5d * Add other Round5 parameter sets * Enable using SNEIK from round5_variant_setting.h * Add R5SNEIK variants * Remove traces of ARMV7_ASM | 26 June 2019, 13:12:09 UTC |
| cdb7422 | Matthias J. Kannwischer | 18 June 2019, 13:32:16 UTC | Add ledakemlt12, ledakemlt32, and ledakemlt52 (#17) * update pqclean to include leda * port sha3_384 from PQClean (see 32b3a978091f2c6b318d7cebaa192b08321ead7f) | 18 June 2019, 13:32:16 UTC |
| e63a919 | Matthias J. Kannwischer | 13 June 2019, 09:12:32 UTC | Remove opt implementation of frodokem640shake (#16) | 13 June 2019, 09:12:32 UTC |
| f36a88b | Matthias J. Kannwischer | 13 June 2019, 07:38:58 UTC | port #15 to sp800-185.c | 13 June 2019, 07:44:10 UTC |
| 77eed87 | Matthias J. Kannwischer | 13 June 2019, 06:54:06 UTC | fix stupid mistake in our fips202.c (#15) | 13 June 2019, 06:54:06 UTC |
| 417b7f9 | Ko- | 12 June 2019, 08:43:03 UTC | Add ThreeBears ref and opt (#9) * Add ThreeBears TODO: replace cSHAKE * Add ThreeBears opt implementations * Add ThreeBears ephemeral variants * Use symlinks for ThreeBears ref implementations * Use symlinks for ThreeBears opt implementations * Use sp800-185.h for ThreeBears ref * Use sp800-185.h for ThreeBears opt * Fix warning | 12 June 2019, 08:43:03 UTC |
| e2f82c7 | Matthias J. Kannwischer | 12 June 2019, 08:22:15 UTC | update pqclean, slightly modify stack benchmark (#14) This reduced the stack measurements by 8 bytes for all schemes. I cannot really explain this, but it should matter too much. However, when rebenchmarking this in the future we should be aware of this. | 12 June 2019, 08:22:15 UTC |
| 45e6b1e | Ko- | 12 June 2019, 07:52:30 UTC | Add LUOV ref (#11) * Add LUOV-48-43-222-chacha * Fix bug by fixing warnings - test passes now * Fix LUOV parameter sets that use SHAKE * Add other LUOV parameter sets | 12 June 2019, 07:52:30 UTC |
| 4488e8a | Matthias J. Kannwischer | 11 June 2019, 09:43:09 UTC | update pqclean; remove ref implementation of dilithium2 | 11 June 2019, 09:43:22 UTC |
| 0c2f58a | Ko- | 10 June 2019, 15:19:30 UTC | Remove workaround in NTRU Prime code Now that issue mupq/pqm4#90 is resolved, this ugly hack can be removed. This only affects the ntrulpr parameter sets. Technically this commit makes their performance slighly worse. I checked for ntrulpr761 and the impact was on the order of 0.01%, so negligible. | 10 June 2019, 15:19:30 UTC |
| 132c4c6 | Ko- | 09 June 2019, 18:02:58 UTC | Fix cSHAKE on 32-bit microcontrollers The finalize functions assumed the 64-bit non-bit-interleaved representation of the Keccak state. That caused test vectors not to match. This is solved by using the functions from keccakf1600.h. | 09 June 2019, 18:05:37 UTC |
| f3db38d | Ko- | 09 June 2019, 11:28:21 UTC | Add cSHAKE to common | 09 June 2019, 11:31:05 UTC |
| 701698b | Ko- | 09 June 2019, 11:15:03 UTC | Update pqclean | 09 June 2019, 11:31:05 UTC |
| feea4c7 | Matthias J. Kannwischer | 31 May 2019, 06:43:02 UTC | rename dilithium | 31 May 2019, 06:43:02 UTC |
| 147bc18 | Ko- | 29 May 2019, 12:26:15 UTC | Add NTRU Prime ref Round 2 (#12) * Remove sntrup4591761 Round 1 * Add sntrup761 Round 2 * Add other parameter sets of NTRU Prime * Workaround to guarantee aligned pointer The M4-optimized assembly implementation of AES key expansion can only handle word-aligned pointers. See issue mupq/pqm4#90. | 29 May 2019, 12:26:15 UTC |
| e327bfa | Ko- | 22 May 2019, 13:13:19 UTC | Update pqclean and port the opaque structs for the hashing API (#10) * Update pqclean PQClean now uses opaque structs for the hashing API, which means that everything needs to be changed. * Update SHA-2 with opaque state * Update fips202 with opaque state * Update Dilithium with opaque state * Fix SHAKE The shake{128,256}ctx wasn't zero-initialized. This was different from pqclean because we avoid re-using the same functions. That would mess up the hashing measurements. | 22 May 2019, 13:13:19 UTC |
| f43760d | Matthias J. Kannwischer | 20 May 2019, 09:28:35 UTC | update invalid ciphertext test to work with IND-CPA secure schemes | 20 May 2019, 09:28:35 UTC |
| 5b04060 | Matthias J. Kannwischer | 20 May 2019, 09:27:56 UTC | update pqclean - now includes newhope; remove old newhope code | 20 May 2019, 09:27:56 UTC |
| 23976e9 | Richard Petri | 20 May 2019, 09:14:51 UTC | Refactor calls to make and allow customizing make flags (#7) | 20 May 2019, 09:14:51 UTC |
| c90e8c3 | Matthias J. Kannwischer | 18 May 2019, 12:06:29 UTC | fix tab vs. spaces | 18 May 2019, 12:06:29 UTC |
| 55b99e6 | Joost Rijneveld | 17 May 2019, 15:31:00 UTC | Explicitly track the master branch of pqclean | 17 May 2019, 15:31:00 UTC |
| f50e4fe | Joost Rijneveld | 17 May 2019, 15:29:56 UTC | Bring pqclean up to date | 17 May 2019, 15:29:56 UTC |
| 7ff367e | Matthias J. Kannwischer | 16 May 2019, 08:20:25 UTC | properly check for errors for signatures | 16 May 2019, 08:20:25 UTC |
| 0181f7c | Ko- | 14 May 2019, 14:13:11 UTC | Add SIKEp{434,503,610,751} for Round 2 | 15 May 2019, 08:06:29 UTC |
| 4f0c32f | Ko- | 15 May 2019, 06:41:11 UTC | Add LAC{128,192,256} (#4) * Add SHA-{224,256} and incremental SHA-2 variants * Add LAC{128,192,256} * Make LAC use our randombytes | 15 May 2019, 06:41:11 UTC |
| 9f5292a | Ko- | 14 May 2019, 07:46:21 UTC | Update SABER to round 2, add LightSABER and FireSABER (#5) * Update SABER to round 2, add LightSABER and FireSABER * SABER should not be FireSABER * Hide multiplication internals for SABER * Fix broken compilation SABER | 14 May 2019, 07:46:21 UTC |
| a5b4217 | Ko- | 13 May 2019, 13:13:23 UTC | Add SHA-{224,256} and incremental SHA-2 variants (#3) | 13 May 2019, 13:13:23 UTC |
| be126e6 | Matthias J. Kannwischer | 08 May 2019, 11:54:24 UTC | Updated PQClean New Schemes: - kyber512 - kyber768 - kyber1024 - ntruhps2048677 - ntruhps4096821 - ntruhrss701 | 08 May 2019, 11:54:24 UTC |
| de339e2 | Ko- | 17 April 2019, 15:23:31 UTC | Merge pull request #2 from mupq/codesize Measure code size | 17 April 2019, 15:23:31 UTC |
| beb60f5 | Ko- | 17 April 2019, 15:12:52 UTC | Measure code size | 17 April 2019, 15:12:52 UTC |
| 9f652b0 | Matthias J. Kannwischer | 17 April 2019, 13:58:45 UTC | make frodo scheme naming consistent with PQClean (breaks testvectors) | 17 April 2019, 13:58:45 UTC |
| e1f824f | Matthias J. Kannwischer | 17 April 2019, 13:23:19 UTC | Merge pull request #1 from mupq/pqclean-integration Pqclean integration | 17 April 2019, 13:23:19 UTC |
| 5d9601f | Matthias J. Kannwischer | 17 April 2019, 11:58:52 UTC | fix incremental keccak implementation | 17 April 2019, 12:00:44 UTC |
| fbf7f28 | Ko- | 17 April 2019, 08:44:06 UTC | Fix CTR mode for AES and remove duplicate/unused code | 17 April 2019, 08:44:06 UTC |
| 568bd4c | Ko- | 16 April 2019, 14:56:13 UTC | Make schemes use optimized AES-192/256 implementations TODO: This breaks CTR mode which still needs to be fixed. Currently no scheme uses it, but Round-2-Kyber will. Also, pqriscv is now more or less forced to have optimized AES implementations as well. | 16 April 2019, 14:56:13 UTC |
| b44b47f | Ko- | 16 April 2019, 09:31:10 UTC | Fix bug in testvectors AES-128 | 16 April 2019, 09:31:10 UTC |
| 5aed184 | Ko- | 16 April 2019, 07:47:50 UTC | Update frodo640-aes/ref to use PQClean's AES | 16 April 2019, 07:47:50 UTC |
| 2d83b71 | Ko- | 15 April 2019, 15:16:33 UTC | Integrate PQClean's AES in mupq | 15 April 2019, 19:38:57 UTC |
| 3209005 | Matthias J. Kannwischer | 15 April 2019, 13:03:33 UTC | namespacing in testvectors on host | 15 April 2019, 13:03:33 UTC |
| a90a516 | Matthias J. Kannwischer | 15 April 2019, 12:43:01 UTC | namespacing for kems | 15 April 2019, 12:43:01 UTC |
| e07177b | Matthias J. Kannwischer | 15 April 2019, 12:03:55 UTC | namespacing in mupq.py | 15 April 2019, 12:03:55 UTC |
| 18df414 | Matthias J. Kannwischer | 15 April 2019, 12:02:41 UTC | migrate qTesla and dilithium to pqclean api (size_t) | 15 April 2019, 12:02:41 UTC |
| 1dbcd53 | Matthias J. Kannwischer | 15 April 2019, 12:02:18 UTC | namespacing for crypto_sign | 15 April 2019, 12:02:18 UTC |
| a6129e4 | Matthias J. Kannwischer | 15 April 2019, 12:01:25 UTC | incremental hash api for fips202 | 15 April 2019, 12:01:25 UTC |
| 97a8490 | Matthias J. Kannwischer | 15 April 2019, 11:51:36 UTC | update pqclean | 15 April 2019, 11:51:36 UTC |
| c8be7e6 | Matthias J. Kannwischer | 15 April 2019, 11:51:16 UTC | remove round1 sphincs | 15 April 2019, 11:51:16 UTC |
| 1b9d96e | Matthias J. Kannwischer | 11 April 2019, 13:04:43 UTC | fix column number in csv | 11 April 2019, 13:18:23 UTC |
| c706984 | Matthias J. Kannwischer | 11 April 2019, 12:49:38 UTC | benchmarks in separate file | 11 April 2019, 12:49:38 UTC |
| 201ef5a | Matthias J. Kannwischer | 11 April 2019, 12:48:17 UTC | fix hashing profiling for cshake128/cshake256 | 11 April 2019, 12:48:17 UTC |
| 9753a72 | Matthias J. Kannwischer | 11 April 2019, 12:17:31 UTC | some more refactoring | 11 April 2019, 12:17:31 UTC |
| 89ceaba | Matthias J. Kannwischer | 11 April 2019, 11:28:50 UTC | refactored benchmark conversion and added hashing | 11 April 2019, 11:28:50 UTC |
| 86e9ee3 | Matthias J. Kannwischer | 28 March 2019, 14:32:06 UTC | fix recovery after flashing fails | 28 March 2019, 14:32:06 UTC |
| 3cdfdfc | Matthias J. Kannwischer | 28 March 2019, 13:56:07 UTC | fix build everything | 28 March 2019, 13:56:07 UTC |
| b1360be | Matthias J. Kannwischer | 28 March 2019, 13:36:44 UTC | allow partial benchmarks+tests | 28 March 2019, 13:36:44 UTC |
| 5dee7f3 | Matthias J. Kannwischer | 28 March 2019, 10:38:08 UTC | allow project name in path of binary | 28 March 2019, 10:43:44 UTC |
| 1974dc9 | Thom Wiggers | 28 March 2019, 10:34:17 UTC | Use context manager to handle device | 28 March 2019, 10:34:17 UTC |
| bf85dae | Robert Primas | 28 March 2019, 07:36:12 UTC | deleted .m4ignore | 28 March 2019, 07:36:12 UTC |
| 9d5a670 | Robert Primas | 28 March 2019, 07:33:26 UTC | moved common c stuff from pqm4, removed makefiles | 28 March 2019, 07:33:26 UTC |
| 6dff4eb | Thom Wiggers | 22 March 2019, 14:49:19 UTC | Add hashing to build-all | 22 March 2019, 14:49:19 UTC |
| d2764e0 | Thom Wiggers | 22 March 2019, 14:43:52 UTC | add BuildAll thingy | 22 March 2019, 14:44:02 UTC |
| c4c72d2 | Matthias J. Kannwischer | 22 March 2019, 14:32:31 UTC | add hashing benchmark | 22 March 2019, 14:32:31 UTC |
| e27f555 | Thom Wiggers | 21 March 2019, 15:34:48 UTC | Update build_binary with new Makefile | 21 March 2019, 15:34:52 UTC |
| ab49291 | Thom Wiggers | 21 March 2019, 15:07:15 UTC | Add common library | 21 March 2019, 15:07:24 UTC |
