Conversation
baentsch
left a comment
There was a problem hiding this comment.
Hi @rben-dev -- thanks very much for bringing up this PR. For starters, could you please fix up the DCO error message as per CI help messages? I also triggered the other CI jobs to see how things look like before taking a deeper look into your contribution.
Signed-off-by: Ryad Benadjila <ryadbenadjila@gmail.com>
* avoid inlined exponentiation, check siglen during verification [extended tests] Signed-off-by: rtjk <47841774+rtjk@users.noreply.github.com> Signed-off-by: Ryad Benadjila <ryadbenadjila@gmail.com>
Signed-off-by: Ryad Benadjila <ryadbenadjila@gmail.com>
|
Hi @baentsch, Thank you very much for your prompt reply and help. The DCO issue should be resolved. However, from the CI failures:
The local CI on my fork was happy with the original commits, although not performing these basic checks for some unkown reason ... I am really sorry if I have missed something obvious here. Thanks in advance, |
|
For completeness regarding the supported platforms flag, I actually inspired my META
I guess the issue might lie within the fact that the MQOM META provides two generic implementations that can run on all platforms, hence an ambiguity about the default implementation? Then, how is it possible to include two such generic implementations leaving the choice of the one included in the compiled lib to the user at compilation time? |
This PR adds the MQOM signature scheme. MQOM is part of on-ramp Round 2 NIST candidates, In order to avoid too many variants that would overload the library, we only provide implementations for GF(16) MQOM fast and short (with 3 or 5 rounds), as this is the best choice for a speed and signature size balance.
Three implementation profiles are integrated to
liboqs:AVX2: this makes use of AVX2 and AES-NI extensions, suited for modern amd64 platforms.default: this is a portable implementation suitable for most desktop-like platforms (e.g. arm64 Mac M1, etc.)memopt: this is a portable implementation with memory optimizations that are more suitable for platforms with stringent memory constraints (e.g. embedded platforms or targets with small stacks, etc.)Here are some notable elements for this MQOM integration:
liboqsAPI for this.liboqsAPI for this. However, for security levels 3 and 5 Rijndael-256-256 is used, and hence we had to provide local implementations for this (see in the rijndael/ folder upstream).AVX2anddefaultimplementations:--max-stackframe=20480000tovalgrindas discussed in issue Maximum stack usage for valgrind "leak test" #2360 : without this the CI tests fail with false positives. The strategy for this fix can be of course discussed. The fix is part of the PR.Many elements of this PR have been produces with the
copy_from_upstream.pyautomation (thanks for this): I only had to format withastylethe produced files insrc/sig/mqom/root.Thanks in advance for considering the inclusion of MQOM in the library, as we believe this can be useful for exploring on-ramp candidates. Please do not hesitate if anything is wrong or missing!