| d83e637 | Matthias J. Kannwischer | 06 September 2021, 08:23:25 UTC | clean up | 01 October 2021, 16:14:07 UTC |
| 9a7e415 | Matthias J. Kannwischer | 03 September 2021, 06:45:11 UTC | Add Picnic From https://github.com/dkales/picnic_m4/tree/24c99860e96186a5c9b3b08b6390c7cec6dae242 Only includes the compatible implementations, not the low memory modifications which change testvectors. | 01 October 2021, 16:14:07 UTC |
| eb60c48 | rpls | 03 September 2021, 06:43:11 UTC | Add missing preprocessor flag for scheme archive lib. (#77) Fixes #76 | 03 September 2021, 06:43:11 UTC |
| 9a55f5f | rpls | 03 September 2021, 06:41:57 UTC | Add script for generating the skiplists (#69) * Add script for generating the skiplists * Add usage info to skiplist generator. | 03 September 2021, 06:41:57 UTC |
| 71a6100 | Matthias J. Kannwischer | 19 August 2021, 01:15:13 UTC | properly check for None | 30 August 2021, 20:57:22 UTC |
| d8eeeaa | Matthias J. Kannwischer | 16 August 2021, 09:20:28 UTC | Fix testvectors when bin_type is not .bin Right now the testvectors script does not work when bin_type is not .bin, e.g., it is .hex for the nucleo-l4r5zi. It fails when trying to build the host binary. The script tries to build bin-host/scheme_impl_testvectors.hex rather than bin-host/scheme_impl_testvectors. This is caused by a replace('.bin', ''). | 30 August 2021, 20:57:22 UTC |
| 55b2d6c | Matthias J. Kannwischer | 12 August 2021, 09:07:24 UTC | fix testvectors when cc=clang clang complains about x####y -- it should be x##y. | 18 August 2021, 21:48:44 UTC |
| 64787de | rpls | 06 August 2021, 02:28:11 UTC | Set the canary size properly to staturate the stack to its maximum (#67) | 06 August 2021, 02:28:11 UTC |
| 38a6e2c | Matthias J. Kannwischer | 02 August 2021, 07:28:38 UTC | update PQClean to include round 3 ntruprime (#71) | 02 August 2021, 07:28:38 UTC |
| be6799e | dependabot[bot] | 28 July 2021, 04:34:19 UTC | Bump pqclean from `6f22c50` to `819f906` (#68) Bumps [pqclean](https://github.com/pqclean/pqclean) from `6f22c50` to `819f906`. - [Release notes](https://github.com/pqclean/pqclean/releases) - [Commits](https://github.com/pqclean/pqclean/compare/6f22c50511e2743c4da31d3a37c7a84579cc9765...819f9063d305ade2fbc25762a4bef0a87ae30456) | 28 July 2021, 04:34:19 UTC |
| 0611b33 | Matthias J. Kannwischer | 28 July 2021, 02:47:40 UTC | Create dependabot.yml | 28 July 2021, 02:47:40 UTC |
| ab6f2bb | Matthias J. Kannwischer | 08 June 2021, 16:02:28 UTC | set default extraargs for stlink platform | 08 June 2021, 16:02:54 UTC |
| da3450c | rpls | 06 June 2021, 20:06:52 UTC | Adaptations for multiplatform build system (#57) * Make entire platform running code abstract * Make size benchmark use the new build system * Support for building Intel HEX files (or other formats) * Remove infinite loops at the end of tests Leave this to the specific platforms. Most startup files for embedded systems have an infinite loop after the main call anyway. But if we allow for a propper exit, we can, e.g., indicate an exit via semihosting. * Add new interface to query maximum stack size. * Add reusable buildsystem scripts * Add reusable platform implementations * Define proper targets for testvector generation * Add a documentation for the build system * Make all-in-one compilation the default * Remove references to pqm3 * Fix for older make versions * adjust mupq to run multiple iterations in a single binary * Depend on config file to trigger rebuild instead of an error * Objcopy call doesn't need to depend on config * Fix waiting for start * Reorganize symmetric crypto sources * Set C standard explicitly * Allow for second expansion * Reset input buffer before flashing * Let the platform decide whether to use function/data sections * Flip the order of source files to match the old PQM4 build behaviour * Output the plus seperators as a pseudo-progress bar * Add an environment variable to add optional extra args for st-flash Co-authored-by: Matthias J. Kannwischer <matthias@kannwischer.eu> | 06 June 2021, 20:06:52 UTC |
| f1943b6 | ming-shing chen | 02 May 2021, 11:57:29 UTC | rename folder ref/ -> opt/ because the code is from the 'portable' implementation | 24 May 2021, 04:16:45 UTC |
| 3de5539 | ming-shing chen | 02 May 2021, 11:56:49 UTC | correct license and apply spec v4.1 | 24 May 2021, 04:16:45 UTC |
| 6673aa2 | Diego F. Aranha | 07 May 2021, 11:40:01 UTC | Potential fix to the kyber512 issue. Considering that the loop consumes full blocks, line 50 should just update the remaining bytes. | 24 May 2021, 03:43:28 UTC |
| 3b24e25 | Matthias J. Kannwischer | 12 March 2021, 03:33:30 UTC | optimize fips202.c for stack consumption Our current fips202.c implementation is fairly wasteful in terms of stack usage by always allocating an extra 200-byte state. That is rather stupid. I've refactored it to not use that additional buffer. I do not see any significant impact on the cycle counts by this change. This wants a bit more testing before it can be merged. | 24 May 2021, 03:43:28 UTC |
| dd67c8d | Matthias J. Kannwischer | 02 April 2021, 01:21:24 UTC | Add licensing information | 02 April 2021, 01:21:24 UTC |
| 8517285 | Matthias J. Kannwischer | 29 March 2021, 08:39:36 UTC | update pqclean to include new SPHINCS+ parameter sets (#63) | 29 March 2021, 08:39:36 UTC |
| d452928 | Matthias J. Kannwischer | 18 February 2021, 06:47:24 UTC | Pull Dilithium 3.1 from PQClean (#61) | 18 February 2021, 06:47:24 UTC |
| decc52b | Matthias J. Kannwischer | 18 February 2021, 02:55:08 UTC | Add BIKE reference implementations (#60) | 18 February 2021, 02:55:08 UTC |
| 37c754c | Matthias J. Kannwischer | 01 February 2021, 06:04:28 UTC | update dilithium to round 3 (#59) | 01 February 2021, 06:04:28 UTC |
| 88a9695 | Matthias J. Kannwischer | 09 December 2020, 17:00:11 UTC | Update PQClean (#55) * NTRUPrime from PQClean * https://github.com/PQClean/PQClean/pull/324 * https://github.com/PQClean/PQClean/pull/337 * https://github.com/PQClean/PQClean/pull/341 * https://github.com/PQClean/PQClean/pull/348 * https://github.com/PQClean/PQClean/pull/340 * https://github.com/PQClean/PQClean/pull/350 * https://github.com/PQClean/PQClean/pull/361 * https://github.com/PQClean/PQClean/pull/349 | 09 December 2020, 17:00:11 UTC |
| 55230ef | Diego F. Aranha | 08 December 2020, 16:13:11 UTC | Save memory space on stack measurement for signatures (#54) | 08 December 2020, 16:13:11 UTC |
| 0372d68 | Matthias J. Kannwischer | 24 July 2020, 01:21:36 UTC | remove non-round 3 schemes (#53) NIST announced the Round 3 finalists and alternate candidates: https://groups.google.com/a/list.nist.gov/d/msg/pqc-forum/0ieuPB-b8eg/Cl7Ji8TpCwAJ PQClean already removed threebears, ledakem, newhope, mqdss, qtesla in 9fbfb230a91f3fed1e0a2868671f7c26415f2168 This commit also removed the C implementations of schemes that did not make it to round 3 from mupq. That covers LUOV, RQC, ROLLO, Round5, ThreeBears, and LAC | 24 July 2020, 01:21:36 UTC |
| d582f85 | Ko- | 30 May 2020, 09:30:40 UTC | Update pqclean (changes NewHope clean) | 30 May 2020, 09:30:40 UTC |
| 4de38cd | Ko- | 29 May 2020, 12:09:55 UTC | Update Round5 opt to new version (#52) Version 20200410 of the spec, commit r5embed/r5embed@6e4ebd1. | 29 May 2020, 12:09:55 UTC |
| 468d9eb | Matthias J. Kannwischer | 29 May 2020, 06:11:03 UTC | more robust result parsing (#51) When doing the new benchmarks, I sometimes ran into the problem that the speed benchmarks contained something like keypair cycles: 6639120105 keypair cycles: 6639120105 sign cycles: 103762136231 verify cycles: 154024957 So for what ever reason, the board was reset after the first key gen was done. Our parsing script didn't really handle this well as it was based on line numbers. I made that more robust in this patch. I also made it a bit more consistent across benchmarks. | 29 May 2020, 06:11:03 UTC |
| 1f1ad36 | Ko- | 28 April 2020, 20:08:39 UTC | Add new ROLLO ref implementation (#50) * Remove Rollo-III * Update ROLLO-I-128 * Update ROLLO-I-{192,256} * Update ROLLO-II-128 * Update ROLLO-II-{192,256} | 28 April 2020, 20:08:39 UTC |
| 8fd1941 | Matthias J. Kannwischer | 27 April 2020, 23:06:59 UTC | fix lac to adhere to the new aes keyexp api | 27 April 2020, 23:15:33 UTC |
| 031d557 | Ko- | 22 April 2020, 12:19:52 UTC | Update RQC implementation (#49) * Update RQC-128 to new version * Update RQC-192 * Update RQC-256 | 22 April 2020, 12:19:52 UTC |
| 3e10f22 | Matthias J. Kannwischer | 22 April 2020, 06:54:34 UTC | remove printbytes from randombytes (#48) | 22 April 2020, 06:54:34 UTC |
| e2ae402 | Matthias J. Kannwischer | 21 April 2020, 06:28:43 UTC | switch back to most recent pqclean version somehow I screwed up and switched to an older version in https://github.com/mupq/mupq/pull/46/ | 21 April 2020, 06:28:53 UTC |
| d8cec88 | Matthias J. Kannwischer | 21 April 2020, 06:21:30 UTC | add new LAC v3a/v3a ref/opt implementations (#46) | 21 April 2020, 06:21:30 UTC |
| bef05e9 | Matthias J. Kannwischer | 20 April 2020, 05:18:33 UTC | Update PQClean (#47) * add mceliece * Migrate https://github.com/PQClean/PQClean/pull/266 * Port https://github.com/PQClean/PQClean/pull/279 I'm not a big fan of this change, but we have to do it to be compatible with PQClean. * Port HQC https://github.com/PQClean/PQClean/pull/202 * update mqdss * make rqc and rollo use the common nistseedexpander | 20 April 2020, 05:18:33 UTC |
| 870607a | Matthias J. Kannwischer | 14 April 2020, 05:19:48 UTC | outsource crypto_hashblocks_sha512 (#45) crypto_hashblocks_sha512 now needs to be implemented by the platform-specific common sources. This is to integrate the new faster sha512 for the m4 from supercop20200409 | 14 April 2020, 05:19:48 UTC |
| 3a3850b | Ko- | 25 March 2020, 08:23:53 UTC | Update Round5 to third round (#44) * Remove SNEIK variants * Rename CCA variants * Update r5nd-1cca-5d opt implementation * Update symlinks other opt implementations * Add CPA variants | 25 March 2020, 08:23:53 UTC |
| 4468e2e | Daan Sprenkels | 05 March 2020, 09:23:55 UTC | python: Flush the serial buf chip sync There is an unreported bug present where _wait_for_start will read garbage from the chip *before* the first '=' char is received. It occurs when the chip is not synced with the benchmarking script, and is running an implementation without the benchmarking script listening. In this case, there is still data in the serial buffer from a lost (unsynced) benchmark run. This commit flushes (i.e. erases) the contents of the serial buffer before trying to sync to the '=' chars coming from the chip. | 05 March 2020, 09:32:40 UTC |
| 12f6d39 | Matthias J. Kannwischer | 04 February 2020, 11:29:42 UTC | Add empty sha2_destroy functions (#42) https://github.com/PQClean/PQClean/commit/a655ec8a9d86eadd0cffe1f3b16f5e6e2ead7b94 added sha2_destory functions to the SPHINCS+ implementations. As we have a stack-based implementations, these are no-ops. | 04 February 2020, 11:29:42 UTC |
| d9657a8 | Matthias J. Kannwischer | 04 February 2020, 10:37:34 UTC | Skip AESNI and SSE implementations (#41) https://github.com/PQClean/PQClean/pull/253 adds AESNI implementations of SPHINCS+. https://github.com/PQClean/PQClean/pull/259 adds SSE implementations of McEliece. Those obviously won't work on mupq target, so I added those to the current blacklist. In case more implementation types are added to pqclean in the future we might want to a more clean filtering approach. | 04 February 2020, 10:37:34 UTC |
| 422bd74 | Matthias J. Kannwischer | 04 February 2020, 10:32:15 UTC | re-add opt CCA implementations of three bears; remove ref implementations of CPA three bears (#40) | 04 February 2020, 10:32:15 UTC |
| 0c7162f | Richard Petri | 02 February 2020, 19:01:03 UTC | Make the size executable configurable (#39) | 02 February 2020, 19:01:03 UTC |
| 84b3035 | Ko- | 02 December 2019, 08:35:47 UTC | Fix Round5 CCA KEM (#37) * Update PQClean * Fix Round5 CCA KEM | 02 December 2019, 08:35:47 UTC |
| 6fb7df2 | Matthias J. Kannwischer | 18 November 2019, 09:29:26 UTC | update pqclean to include the CCA threebears | 18 November 2019, 09:29:26 UTC |
| a07b8d9 | Matthias J. Kannwischer | 15 November 2019, 11:10:34 UTC | Flip len and flag for round5 (#35) See https://github.com/mupq/pqm4/pull/123 | 15 November 2019, 11:10:34 UTC |
| 2348846 | Matthias J. Kannwischer | 29 October 2019, 13:35:03 UTC | Update pqclean to include qTesla PQClean added clean implementations of qTesla: https://github.com/PQClean/PQClean/pull/239 | 29 October 2019, 13:35:03 UTC |
| 9015583 | Richard Petri | 28 October 2019, 11:48:34 UTC | Refactor number printing functions and avoid Xprintf functions (#34) The refactoring removes a lot of identical duplicated code. Avoiding the printf functions reduces code size *considerably*. This is may not be necessary for platforms with larger flash sizes as in PQM4, however the printf functions for RISC-V pull in a lot of code. There are the "nano" variants of the libc, which are small enough. However, these don't support printing long longs which we need for the cycle counts. The code for unsigned long long printing uses a division by 10 trick from hackers delight, since the compiler will otherwise use a generic 64-bit division code, which is quite a bit larger. | 28 October 2019, 11:48:34 UTC |
| e41de1a | Ko- | 08 October 2019, 11:01:55 UTC | Add RQC{128,192,256} (#32) * Add RQC128 * Fix memory leak in rqc decapsulation * Add RQC192 and RQC256 | 08 October 2019, 11:01:55 UTC |
| a18199f | Ko- | 08 October 2019, 08:19:49 UTC | Add ROLLO-{I,II,III}-{128,192,256} ref (#31) | 08 October 2019, 08:19:49 UTC |
| 6947d5c | Matthias J. Kannwischer | 07 October 2019, 13:02:19 UTC | Update pqclean to use AES API in Kyber (#30) | 07 October 2019, 13:02:19 UTC |
| 941cae1 | Matthias J. Kannwischer | 01 October 2019, 11:02:16 UTC | Port 'Add abstract state duplication for SHA256 incremental hashing API' from PQClean (#29) https://github.com/PQClean/PQClean/pull/207 | 01 October 2019, 11:02:16 UTC |
| 3676e7d | Matthias J. Kannwischer | 01 October 2019, 09:48:02 UTC | Update PQClean (#28) * update pqclean; handle avx2 implementations * change naming of falcon parameter sets to pqclean naming * remove saber parameter sets since they were moved to PQClean | 01 October 2019, 09:48:02 UTC |
| 7f6ec39 | Matthias J. Kannwischer | 25 September 2019, 07:54:09 UTC | Update falcon to new fixed upstream version. (#27) On the 2019-09-18 the Falcon team announced that their implementation had two severe bugs that caused signatures to leak information about the secret key. These bugs also affected the implementations that were in pqm4. This commit updates our falcon implementation to the new upstream version from https://falcon-sign.info/ which fixes these bugs. | 25 September 2019, 07:54:09 UTC |
| 3a442bf | Ko- | 23 September 2019, 15:10:56 UTC | Update LUOV to v2.1 | 24 September 2019, 07:10:12 UTC |
| b470fe3 | Ko- | 19 September 2019, 07:35:34 UTC | Fix Python 3.6 compatibility and dubious use of printf (#25) * Fix compatibility with Python 3.6 text was only added in Python 3.7 as a more readable alias https://docs.python.org/3/library/subprocess.html?highlight=subprocess#subprocess.check_output * Fix printf calls without a format string * Make stack's print function more similar to others | 19 September 2019, 07:35:34 UTC |
| 881a6f0 | Matthias J. Kannwischer | 10 September 2019, 09:41:04 UTC | fix incremental sha512 (#23) | 10 September 2019, 09:41:04 UTC |
| 152e4c8 | Matthias J. Kannwischer | 20 August 2019, 15:55:45 UTC | remove withdrawn qTesla parameter sets | 20 August 2019, 15:55:45 UTC |
| 3219bff | Matthias J. Kannwischer | 18 July 2019, 05:54:26 UTC | Add Falcon (#22) * add falcon * enable testvector comparison for opt implementations * add constant time implementations of falcon * move opt to opt-leaktime | 18 July 2019, 05:54:26 UTC |
| 7437835 | Matthias J. Kannwischer | 06 July 2019, 14:59:20 UTC | Update qTesla code (#21) | 06 July 2019, 14:59:20 UTC |
| a86fea4 | Ko- | 05 July 2019, 13:49:14 UTC | Fix bug in sha3_512_inc See https://github.com/PQClean/PQClean/pull/203. The non-incremental version was correct. Currently no implementation actually uses the incremental SHA3-512. | 05 July 2019, 13:49:14 UTC |
| 104fff0 | Matthias J. Kannwischer | 01 July 2019, 06:46:36 UTC | add relaese function for AES key schedule (#20) | 01 July 2019, 06:46:36 UTC |
| bf20ddc | Richard Petri | 01 July 2019, 05:45:49 UTC | Fix canary checks for platforms which can't do unaligned access (#19) | 01 July 2019, 05:45:49 UTC |
| 4f9b1dd | Ko- | 26 June 2019, 13:14:07 UTC | Make stack canary size increasing for KEMs Commit f36a88b54d3ff7cf5cec89048297a21ca191b05e contained a change to the way that we measure stack size. However, this was only changed for signatures. This makes measuring KEMs behave the same again. | 26 June 2019, 13:14:07 UTC |
| 10eabd2 | Ko- | 26 June 2019, 13:12:09 UTC | Add Round5 opt (#18) * Add R5ND_1KEMCCA_5d * Add other Round5 parameter sets * Enable using SNEIK from round5_variant_setting.h * Add R5SNEIK variants * Remove traces of ARMV7_ASM | 26 June 2019, 13:12:09 UTC |
| cdb7422 | Matthias J. Kannwischer | 18 June 2019, 13:32:16 UTC | Add ledakemlt12, ledakemlt32, and ledakemlt52 (#17) * update pqclean to include leda * port sha3_384 from PQClean (see 32b3a978091f2c6b318d7cebaa192b08321ead7f) | 18 June 2019, 13:32:16 UTC |
| e63a919 | Matthias J. Kannwischer | 13 June 2019, 09:12:32 UTC | Remove opt implementation of frodokem640shake (#16) | 13 June 2019, 09:12:32 UTC |
| f36a88b | Matthias J. Kannwischer | 13 June 2019, 07:38:58 UTC | port #15 to sp800-185.c | 13 June 2019, 07:44:10 UTC |
| 77eed87 | Matthias J. Kannwischer | 13 June 2019, 06:54:06 UTC | fix stupid mistake in our fips202.c (#15) | 13 June 2019, 06:54:06 UTC |
| 417b7f9 | Ko- | 12 June 2019, 08:43:03 UTC | Add ThreeBears ref and opt (#9) * Add ThreeBears TODO: replace cSHAKE * Add ThreeBears opt implementations * Add ThreeBears ephemeral variants * Use symlinks for ThreeBears ref implementations * Use symlinks for ThreeBears opt implementations * Use sp800-185.h for ThreeBears ref * Use sp800-185.h for ThreeBears opt * Fix warning | 12 June 2019, 08:43:03 UTC |
| e2f82c7 | Matthias J. Kannwischer | 12 June 2019, 08:22:15 UTC | update pqclean, slightly modify stack benchmark (#14) This reduced the stack measurements by 8 bytes for all schemes. I cannot really explain this, but it should matter too much. However, when rebenchmarking this in the future we should be aware of this. | 12 June 2019, 08:22:15 UTC |
| 45e6b1e | Ko- | 12 June 2019, 07:52:30 UTC | Add LUOV ref (#11) * Add LUOV-48-43-222-chacha * Fix bug by fixing warnings - test passes now * Fix LUOV parameter sets that use SHAKE * Add other LUOV parameter sets | 12 June 2019, 07:52:30 UTC |
| 4488e8a | Matthias J. Kannwischer | 11 June 2019, 09:43:09 UTC | update pqclean; remove ref implementation of dilithium2 | 11 June 2019, 09:43:22 UTC |
| 0c2f58a | Ko- | 10 June 2019, 15:19:30 UTC | Remove workaround in NTRU Prime code Now that issue mupq/pqm4#90 is resolved, this ugly hack can be removed. This only affects the ntrulpr parameter sets. Technically this commit makes their performance slighly worse. I checked for ntrulpr761 and the impact was on the order of 0.01%, so negligible. | 10 June 2019, 15:19:30 UTC |
| 132c4c6 | Ko- | 09 June 2019, 18:02:58 UTC | Fix cSHAKE on 32-bit microcontrollers The finalize functions assumed the 64-bit non-bit-interleaved representation of the Keccak state. That caused test vectors not to match. This is solved by using the functions from keccakf1600.h. | 09 June 2019, 18:05:37 UTC |
| f3db38d | Ko- | 09 June 2019, 11:28:21 UTC | Add cSHAKE to common | 09 June 2019, 11:31:05 UTC |
| 701698b | Ko- | 09 June 2019, 11:15:03 UTC | Update pqclean | 09 June 2019, 11:31:05 UTC |
| feea4c7 | Matthias J. Kannwischer | 31 May 2019, 06:43:02 UTC | rename dilithium | 31 May 2019, 06:43:02 UTC |
| 147bc18 | Ko- | 29 May 2019, 12:26:15 UTC | Add NTRU Prime ref Round 2 (#12) * Remove sntrup4591761 Round 1 * Add sntrup761 Round 2 * Add other parameter sets of NTRU Prime * Workaround to guarantee aligned pointer The M4-optimized assembly implementation of AES key expansion can only handle word-aligned pointers. See issue mupq/pqm4#90. | 29 May 2019, 12:26:15 UTC |
| e327bfa | Ko- | 22 May 2019, 13:13:19 UTC | Update pqclean and port the opaque structs for the hashing API (#10) * Update pqclean PQClean now uses opaque structs for the hashing API, which means that everything needs to be changed. * Update SHA-2 with opaque state * Update fips202 with opaque state * Update Dilithium with opaque state * Fix SHAKE The shake{128,256}ctx wasn't zero-initialized. This was different from pqclean because we avoid re-using the same functions. That would mess up the hashing measurements. | 22 May 2019, 13:13:19 UTC |
| f43760d | Matthias J. Kannwischer | 20 May 2019, 09:28:35 UTC | update invalid ciphertext test to work with IND-CPA secure schemes | 20 May 2019, 09:28:35 UTC |
| 5b04060 | Matthias J. Kannwischer | 20 May 2019, 09:27:56 UTC | update pqclean - now includes newhope; remove old newhope code | 20 May 2019, 09:27:56 UTC |
| 23976e9 | Richard Petri | 20 May 2019, 09:14:51 UTC | Refactor calls to make and allow customizing make flags (#7) | 20 May 2019, 09:14:51 UTC |
| c90e8c3 | Matthias J. Kannwischer | 18 May 2019, 12:06:29 UTC | fix tab vs. spaces | 18 May 2019, 12:06:29 UTC |
| 55b99e6 | Joost Rijneveld | 17 May 2019, 15:31:00 UTC | Explicitly track the master branch of pqclean | 17 May 2019, 15:31:00 UTC |
| f50e4fe | Joost Rijneveld | 17 May 2019, 15:29:56 UTC | Bring pqclean up to date | 17 May 2019, 15:29:56 UTC |
| 7ff367e | Matthias J. Kannwischer | 16 May 2019, 08:20:25 UTC | properly check for errors for signatures | 16 May 2019, 08:20:25 UTC |
| 0181f7c | Ko- | 14 May 2019, 14:13:11 UTC | Add SIKEp{434,503,610,751} for Round 2 | 15 May 2019, 08:06:29 UTC |
| 4f0c32f | Ko- | 15 May 2019, 06:41:11 UTC | Add LAC{128,192,256} (#4) * Add SHA-{224,256} and incremental SHA-2 variants * Add LAC{128,192,256} * Make LAC use our randombytes | 15 May 2019, 06:41:11 UTC |
| 9f5292a | Ko- | 14 May 2019, 07:46:21 UTC | Update SABER to round 2, add LightSABER and FireSABER (#5) * Update SABER to round 2, add LightSABER and FireSABER * SABER should not be FireSABER * Hide multiplication internals for SABER * Fix broken compilation SABER | 14 May 2019, 07:46:21 UTC |
| a5b4217 | Ko- | 13 May 2019, 13:13:23 UTC | Add SHA-{224,256} and incremental SHA-2 variants (#3) | 13 May 2019, 13:13:23 UTC |
| be126e6 | Matthias J. Kannwischer | 08 May 2019, 11:54:24 UTC | Updated PQClean New Schemes: - kyber512 - kyber768 - kyber1024 - ntruhps2048677 - ntruhps4096821 - ntruhrss701 | 08 May 2019, 11:54:24 UTC |
| de339e2 | Ko- | 17 April 2019, 15:23:31 UTC | Merge pull request #2 from mupq/codesize Measure code size | 17 April 2019, 15:23:31 UTC |
| beb60f5 | Ko- | 17 April 2019, 15:12:52 UTC | Measure code size | 17 April 2019, 15:12:52 UTC |
| 9f652b0 | Matthias J. Kannwischer | 17 April 2019, 13:58:45 UTC | make frodo scheme naming consistent with PQClean (breaks testvectors) | 17 April 2019, 13:58:45 UTC |
| e1f824f | Matthias J. Kannwischer | 17 April 2019, 13:23:19 UTC | Merge pull request #1 from mupq/pqclean-integration Pqclean integration | 17 April 2019, 13:23:19 UTC |
| 5d9601f | Matthias J. Kannwischer | 17 April 2019, 11:58:52 UTC | fix incremental keccak implementation | 17 April 2019, 12:00:44 UTC |
| fbf7f28 | Ko- | 17 April 2019, 08:44:06 UTC | Fix CTR mode for AES and remove duplicate/unused code | 17 April 2019, 08:44:06 UTC |
| 568bd4c | Ko- | 16 April 2019, 14:56:13 UTC | Make schemes use optimized AES-192/256 implementations TODO: This breaks CTR mode which still needs to be fixed. Currently no scheme uses it, but Round-2-Kyber will. Also, pqriscv is now more or less forced to have optimized AES implementations as well. | 16 April 2019, 14:56:13 UTC |
| b44b47f | Ko- | 16 April 2019, 09:31:10 UTC | Fix bug in testvectors AES-128 | 16 April 2019, 09:31:10 UTC |
| 5aed184 | Ko- | 16 April 2019, 07:47:50 UTC | Update frodo640-aes/ref to use PQClean's AES | 16 April 2019, 07:47:50 UTC |
