Merge pull request #12 from itzmeanjan/update-to-spec-20230314

Update FrodoKEM to conform to latest specification
itzmeanjan · May 26, 2023 · 5fee3a5 · 5fee3a5
2 parents 8e4b49c + 91a341d
commit 5fee3a5
Show file tree

Hide file tree

Showing 30 changed files with 892 additions and 992 deletions.
diff --git a/.github/workflows/test_ci.yml b/.github/workflows/test_ci.yml
@@ -23,11 +23,9 @@ jobs:
       run: make
     - name: Run Examples
       run: |
-        g++ -std=c++20 -O3 -march=native -mtune=native -Wall -I include -I sha3/include -I subtle/include examples/frodo640_kem.cpp
-        ./a.out
-        g++ -std=c++20 -O3 -march=native -mtune=native -Wall -I include -I sha3/include -I subtle/include examples/frodo976_kem.cpp
+        g++ -std=c++20 -O3 -march=native -mtune=native -Wall -I include -I sha3/include -I subtle/include examples/efrodo640_kem.cpp
         ./a.out
-        g++ -std=c++20 -O3 -march=native -mtune=native -Wall -I include -I sha3/include -I subtle/include examples/frodo1344_kem.cpp
+        g++ -std=c++20 -O3 -march=native -mtune=native -Wall -I include -I sha3/include -I subtle/include examples/frodo640_kem.cpp
         ./a.out
     - name: Cleanup
       run: make clean
diff --git a/README.md b/README.md
diff --git a/bench/main.cpp b/bench/main.cpp
@@ -1,15 +1,45 @@
 #include "bench/bench_kem.hpp"
 
-BENCHMARK(bench_frodo::frodo640_kem_keygen);
-BENCHMARK(bench_frodo::frodo640_kem_encaps);
-BENCHMARK(bench_frodo::frodo640_kem_decaps);
+BENCHMARK(bench_frodo::keygen<640, 8, 128, 256, 128, 2, 15>)
+  ->Name("frodo640-keygen");
+BENCHMARK(bench_frodo::encaps<640, 8, 128, 256, 128, 256, 2, 15>)
+  ->Name("frodo640-encaps");
+BENCHMARK(bench_frodo::decaps<640, 8, 128, 256, 128, 256, 2, 15>)
+  ->Name("frodo640-decaps");
 
-BENCHMARK(bench_frodo::frodo976_kem_keygen);
-BENCHMARK(bench_frodo::frodo976_kem_encaps);
-BENCHMARK(bench_frodo::frodo976_kem_decaps);
+BENCHMARK(bench_frodo::keygen<976, 8, 192, 384, 128, 3, 16>)
+  ->Name("frodo976-keygen");
+BENCHMARK(bench_frodo::encaps<976, 8, 192, 384, 128, 384, 3, 16>)
+  ->Name("frodo976-encaps");
+BENCHMARK(bench_frodo::decaps<976, 8, 192, 384, 128, 384, 3, 16>)
+  ->Name("frodo976-decaps");
 
-BENCHMARK(bench_frodo::frodo1344_kem_keygen);
-BENCHMARK(bench_frodo::frodo1344_kem_encaps);
-BENCHMARK(bench_frodo::frodo1344_kem_decaps);
+BENCHMARK(bench_frodo::keygen<1344, 8, 256, 512, 128, 4, 16>)
+  ->Name("frodo1344-keygen");
+BENCHMARK(bench_frodo::encaps<1344, 8, 256, 512, 128, 512, 4, 16>)
+  ->Name("frodo1344-encaps");
+BENCHMARK(bench_frodo::decaps<1344, 8, 256, 512, 128, 512, 4, 16>)
+  ->Name("frodo1344-decaps");
+
+BENCHMARK(bench_frodo::keygen<640, 8, 128, 128, 128, 2, 15>)
+  ->Name("efrodo640-keygen");
+BENCHMARK(bench_frodo::encaps<640, 8, 128, 128, 128, 0, 2, 15>)
+  ->Name("efrodo640-encaps");
+BENCHMARK(bench_frodo::decaps<640, 8, 128, 128, 128, 0, 2, 15>)
+  ->Name("efrodo640-decaps");
+
+BENCHMARK(bench_frodo::keygen<976, 8, 192, 192, 128, 3, 16>)
+  ->Name("efrodo976-keygen");
+BENCHMARK(bench_frodo::encaps<976, 8, 192, 192, 128, 0, 3, 16>)
+  ->Name("efrodo976-encaps");
+BENCHMARK(bench_frodo::decaps<976, 8, 192, 192, 128, 0, 3, 16>)
+  ->Name("efrodo976-decaps");
+
+BENCHMARK(bench_frodo::keygen<1344, 8, 256, 256, 128, 4, 16>)
+  ->Name("efrodo1344-keygen");
+BENCHMARK(bench_frodo::encaps<1344, 8, 256, 256, 128, 0, 4, 16>)
+  ->Name("efrodo1344-encaps");
+BENCHMARK(bench_frodo::decaps<1344, 8, 256, 256, 128, 0, 4, 16>)
+  ->Name("efrodo1344-decaps");
 
 BENCHMARK_MAIN();
diff --git a/examples/frodo1344_kem.cpp → examples/efrodo640_kem.cpp b/examples/frodo1344_kem.cpp → examples/efrodo640_kem.cpp
@@ -1,4 +1,4 @@
-#include "frodo1344_kem.hpp"
+#include "efrodo640_kem.hpp"
 #include "prng.hpp"
 #include <algorithm>
 #include <cassert>
@@ -9,34 +9,34 @@
 // Compile it using
 //
 // g++ -std=c++20 -O3 -march=native -mtune=native -Wall -I include -I
-// sha3/include -I subtle/include examples/frodo1344_kem.cpp
+// sha3/include -I subtle/include examples/efrodo640_kem.cpp
 int
 main()
 {
-  constexpr size_t S_LEN = 32;
-  constexpr size_t SEED_SE_LEN = 32;
+  constexpr size_t S_LEN = 16;
+  constexpr size_t SEED_SE_LEN = 16;
   constexpr size_t Z_LEN = 16;
-  constexpr size_t μ_LEN = 32;
-  constexpr size_t SS_LEN = 32; // shared secret
+  constexpr size_t μ_LEN = 16;
+  constexpr size_t SS_LEN = 16; // shared secret
 
   std::vector<uint8_t> s(S_LEN, 0);
   std::vector<uint8_t> seedSE(SEED_SE_LEN, 0);
   std::vector<uint8_t> z(Z_LEN, 0);
-  std::vector<uint8_t> pkey(frodo1344_kem::PUB_KEY_LEN, 0);
-  std::vector<uint8_t> skey(frodo1344_kem::SEC_KEY_LEN, 0);
+  std::vector<uint8_t> pkey(efrodo640_kem::PUB_KEY_LEN, 0);
+  std::vector<uint8_t> skey(efrodo640_kem::SEC_KEY_LEN, 0);
   std::vector<uint8_t> μ(μ_LEN, 0);
   std::vector<uint8_t> ss0(SS_LEN, 0);
-  std::vector<uint8_t> cipher(frodo1344_kem::CIPHER_LEN, 0);
+  std::vector<uint8_t> cipher(efrodo640_kem::CIPHER_LEN, 0);
   std::vector<uint8_t> ss1(SS_LEN, 0);
 
   std::span<uint8_t, S_LEN> _s{ s };
   std::span<uint8_t, SEED_SE_LEN> _seedSE{ seedSE };
   std::span<uint8_t, Z_LEN> _z{ z };
-  std::span<uint8_t, frodo1344_kem::PUB_KEY_LEN> _pkey{ pkey };
-  std::span<uint8_t, frodo1344_kem::SEC_KEY_LEN> _skey{ skey };
+  std::span<uint8_t, efrodo640_kem::PUB_KEY_LEN> _pkey{ pkey };
+  std::span<uint8_t, efrodo640_kem::SEC_KEY_LEN> _skey{ skey };
   std::span<uint8_t, μ_LEN> _μ{ μ };
   std::span<uint8_t, SS_LEN> _ss0{ ss0 };
-  std::span<uint8_t, frodo1344_kem::CIPHER_LEN> _cipher{ cipher };
+  std::span<uint8_t, efrodo640_kem::CIPHER_LEN> _cipher{ cipher };
   std::span<uint8_t, SS_LEN> _ss1{ ss1 };
 
   prng::prng_t prng;
@@ -46,17 +46,17 @@ main()
   prng.read(_z);
   prng.read(_μ);
 
-  frodo1344_kem::keygen(_s, _seedSE, _z, _pkey, _skey);
-  frodo1344_kem::encaps(_μ, _pkey, _cipher, _ss0);
-  frodo1344_kem::decaps(_skey, _cipher, _ss1);
+  efrodo640_kem::keygen(_s, _seedSE, _z, _pkey, _skey);
+  efrodo640_kem::encaps(_μ, _pkey, _cipher, _ss0);
+  efrodo640_kem::decaps(_skey, _cipher, _ss1);
 
   // check if both parties arrived at same shared secret or not
   assert(std::ranges::equal(_ss0, _ss1));
 
   {
     using namespace frodo_utils;
 
-    std::cout << "Frodo-1344 KEM\n\n";
+    std::cout << "eFrodo-640 KEM\n\n";
     std::cout << "Public Key    : " << to_hex(_pkey) << "\n";
     std::cout << "Secret Key    : " << to_hex(_skey) << "\n";
     std::cout << "Cipher Text   : " << to_hex(_cipher) << "\n";

diff --git a/examples/frodo640_kem.cpp b/examples/frodo640_kem.cpp
@@ -14,9 +14,10 @@ int
 main()
 {
   constexpr size_t S_LEN = 16;
-  constexpr size_t SEED_SE_LEN = 16;
+  constexpr size_t SEED_SE_LEN = 32;
   constexpr size_t Z_LEN = 16;
   constexpr size_t μ_LEN = 16;
+  constexpr size_t SALT_LEN = 32;
   constexpr size_t SS_LEN = 16; // shared secret
 
   std::vector<uint8_t> s(S_LEN, 0);
@@ -25,6 +26,7 @@ main()
   std::vector<uint8_t> pkey(frodo640_kem::PUB_KEY_LEN, 0);
   std::vector<uint8_t> skey(frodo640_kem::SEC_KEY_LEN, 0);
   std::vector<uint8_t> μ(μ_LEN, 0);
+  std::vector<uint8_t> salt(SALT_LEN, 0);
   std::vector<uint8_t> ss0(SS_LEN, 0);
   std::vector<uint8_t> cipher(frodo640_kem::CIPHER_LEN, 0);
   std::vector<uint8_t> ss1(SS_LEN, 0);
@@ -35,6 +37,7 @@ main()
   std::span<uint8_t, frodo640_kem::PUB_KEY_LEN> _pkey{ pkey };
   std::span<uint8_t, frodo640_kem::SEC_KEY_LEN> _skey{ skey };
   std::span<uint8_t, μ_LEN> _μ{ μ };
+  std::span<uint8_t, SALT_LEN> _salt{ salt };
   std::span<uint8_t, SS_LEN> _ss0{ ss0 };
   std::span<uint8_t, frodo640_kem::CIPHER_LEN> _cipher{ cipher };
   std::span<uint8_t, SS_LEN> _ss1{ ss1 };
@@ -45,23 +48,20 @@ main()
   prng.read(_seedSE);
   prng.read(_z);
   prng.read(_μ);
+  prng.read(_salt);
 
   frodo640_kem::keygen(_s, _seedSE, _z, _pkey, _skey);
-  frodo640_kem::encaps(_μ, _pkey, _cipher, _ss0);
+  frodo640_kem::encaps(_μ, _salt, _pkey, _cipher, _ss0);
   frodo640_kem::decaps(_skey, _cipher, _ss1);
 
   // check if both parties arrived at same shared secret or not
   assert(std::ranges::equal(_ss0, _ss1));
 
-  {
-    using namespace frodo_utils;
-
-    std::cout << "Frodo-640 KEM\n\n";
-    std::cout << "Public Key    : " << to_hex(_pkey) << "\n";
-    std::cout << "Secret Key    : " << to_hex(_skey) << "\n";
-    std::cout << "Cipher Text   : " << to_hex(_cipher) << "\n";
-    std::cout << "Shared Secret : " << to_hex(_ss0) << "\n";
-  }
+  std::cout << "Frodo-640 KEM\n\n";
+  std::cout << "Public Key    : " << frodo_utils::to_hex(_pkey) << "\n";
+  std::cout << "Secret Key    : " << frodo_utils::to_hex(_skey) << "\n";
+  std::cout << "Cipher Text   : " << frodo_utils::to_hex(_cipher) << "\n";
+  std::cout << "Shared Secret : " << frodo_utils::to_hex(_ss0) << "\n";
 
   return 0;
 }
diff --git a/examples/frodo976_kem.cpp b/examples/frodo976_kem.cpp