-
Notifications
You must be signed in to change notification settings - Fork 101
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add code points for PADDED variant of Falcon [skip ci] #362
Conversation
So done: LGTM. Thanks for preparing this PR, @SWilson4 ! |
48f6f08
to
75beb11
Compare
oqs-template/oqs-sig-info.md
Outdated
| falcon512 | 20211101 | 3 | 1 | 0xfed7 | 1.3.9999.3.11 | | ||
| falcon512 **hybrid with** p256 | 20211101 | 3 | 1 | 0xfed8 | 1.3.9999.3.12 | | ||
| falcon512 **hybrid with** rsa3072 | 20211101 | 3 | 1 | 0xfed9 | 1.3.9999.3.13 | | ||
| falcon512 | PQClean Round 3 version | 3 | 1 | 0xfeae | 1.3.9999.3.6 | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This seems fishy: Why do OIDs 1.3.999.3.6-8 change algorithm version identifier (from "20211101" to "PQClean Round 3 version"), but neither OIDs, nor code points? Or asked the other way around: Why does the same algorithm version "20211101" get different OIDs?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I did it this way because due to an old PQClean bug, the "20211101" version of Falcon in PQClean / liboqs / oqs-provider doesn't actually implement the upstream 20211101-version spec; the long KATs don't match. The new updates are to correctly implement (hopefully) the 20211101 version of the spec.
I suppose (?) that we shouldn't retroactively re-version things, though... what do you think would be the best way to resolve this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ouch. No, retroactively re-versioning doesn't sound like a good approach. I do now understand the reference to PQClean, though. But this shows that we have an extraordinarily weak and brittle approach to versioning. Created open-quantum-safe/liboqs#1719 to track/improve. For this issue, what about adding to the old OIDs the (admittedly longish) term "PQClean Round 3 version labelled 20211101" ? That way, it becomes clear to the reader of this file that the same version ID had been used but had a different functionality.
75beb11
to
fadaf5a
Compare
fadaf5a
to
73f03fc
Compare
open-quantum-safe/liboqs#1710 has now landed, so this PR should be ready to go. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @SWilson4 ! LGTM.
…safe#362) * Update OIDs to reflect Falcon KAT changes * Update "old" version string to reflect KAT mismatch
…safe#362) * Update OIDs to reflect Falcon KAT changes * Update "old" version string to reflect KAT mismatch Signed-off-by: Felipe Ventura <felipe.ventura@entrust.com>
…safe#362) * Update OIDs to reflect Falcon KAT changes * Update "old" version string to reflect KAT mismatch
…safe#362) * Update OIDs to reflect Falcon KAT changes * Update "old" version string to reflect KAT mismatch
…safe#362) * Update OIDs to reflect Falcon KAT changes * Update "old" version string to reflect KAT mismatch Signed-off-by: Felipe Ventura <felipe.ventura@entrust.com>
Pending merge of open-quantum-safe/liboqs#1710. I assigned the next available OIDs from what appeared to be the appropriate space (1.3.9999.3). Please double-check the changes to
generate.yml
to make sure that I did everything correctly.