Merge pull request #10 from itzmeanjan/kat

Test FrodoKEM using Known Answer Tests (KATs)
itzmeanjan · May 22, 2023 · 8e4b49c · 8e4b49c
2 parents 11bef1e + 29ab1d5
commit 8e4b49c
Show file tree

Hide file tree

Showing 39 changed files with 3,728 additions and 1,573 deletions.
diff --git a/.github/workflows/test_ci.yml b/.github/workflows/test_ci.yml
@@ -1,4 +1,4 @@
-name: Test Frodo {PKE, KEM} using CI
+name: Test FrodoKEM using CI
 
 on:
   push:
@@ -23,9 +23,11 @@ jobs:
       run: make
     - name: Run Examples
       run: |
-        g++ -std=c++20 -O3 -march=native -mtune=native -Wall -I include -I sha3/include -I subtle/include examples/frodo640_pke.cpp
-        ./a.out
         g++ -std=c++20 -O3 -march=native -mtune=native -Wall -I include -I sha3/include -I subtle/include examples/frodo640_kem.cpp
         ./a.out
+        g++ -std=c++20 -O3 -march=native -mtune=native -Wall -I include -I sha3/include -I subtle/include examples/frodo976_kem.cpp
+        ./a.out
+        g++ -std=c++20 -O3 -march=native -mtune=native -Wall -I include -I sha3/include -I subtle/include examples/frodo1344_kem.cpp
+        ./a.out
     - name: Cleanup
       run: make clean
diff --git a/Makefile b/Makefile
@@ -18,7 +18,7 @@ bench/a.out: bench/main.cpp include/*.hpp include/bench/*.hpp sha3/include/*.hpp
 benchmark: bench/a.out
 	# Don't forget to put all CPU cores on performance mode before running benchmarks,
 	# follow https://github.com/google/benchmark/blob/2dd015df/docs/reducing_variance.md
-	./$< --benchmark_time_unit=us --benchmark_counters_tabular=true
+	./$< --benchmark_time_unit=ms --benchmark_counters_tabular=true
 
 clean:
 	find . -name '*.out' -o -name '*.o' -o -name '*.so' -o -name '*.gch' | xargs rm -rf

diff --git a/README.md b/README.md
diff --git a/bench/main.cpp b/bench/main.cpp
@@ -1,16 +1,4 @@
-#include "bench/bench_frodo.hpp"
-
-BENCHMARK(bench_frodo::frodo640_pke_keygen);
-BENCHMARK(bench_frodo::frodo640_pke_encrypt);
-BENCHMARK(bench_frodo::frodo640_pke_decrypt);
-
-BENCHMARK(bench_frodo::frodo976_pke_keygen);
-BENCHMARK(bench_frodo::frodo976_pke_encrypt);
-BENCHMARK(bench_frodo::frodo976_pke_decrypt);
-
-BENCHMARK(bench_frodo::frodo1344_pke_keygen);
-BENCHMARK(bench_frodo::frodo1344_pke_encrypt);
-BENCHMARK(bench_frodo::frodo1344_pke_decrypt);
+#include "bench/bench_kem.hpp"
 
 BENCHMARK(bench_frodo::frodo640_kem_keygen);
 BENCHMARK(bench_frodo::frodo640_kem_encaps);

diff --git a/examples/frodo1344_kem.cpp b/examples/frodo1344_kem.cpp
@@ -0,0 +1,67 @@
+#include "frodo1344_kem.hpp"
+#include "prng.hpp"
+#include <algorithm>
+#include <cassert>
+#include <iostream>
+#include <span>
+#include <vector>
+
+// Compile it using
+//
+// g++ -std=c++20 -O3 -march=native -mtune=native -Wall -I include -I
+// sha3/include -I subtle/include examples/frodo1344_kem.cpp
+int
+main()
+{
+  constexpr size_t S_LEN = 32;
+  constexpr size_t SEED_SE_LEN = 32;
+  constexpr size_t Z_LEN = 16;
+  constexpr size_t μ_LEN = 32;
+  constexpr size_t SS_LEN = 32; // shared secret
+
+  std::vector<uint8_t> s(S_LEN, 0);
+  std::vector<uint8_t> seedSE(SEED_SE_LEN, 0);
+  std::vector<uint8_t> z(Z_LEN, 0);
+  std::vector<uint8_t> pkey(frodo1344_kem::PUB_KEY_LEN, 0);
+  std::vector<uint8_t> skey(frodo1344_kem::SEC_KEY_LEN, 0);
+  std::vector<uint8_t> μ(μ_LEN, 0);
+  std::vector<uint8_t> ss0(SS_LEN, 0);
+  std::vector<uint8_t> cipher(frodo1344_kem::CIPHER_LEN, 0);
+  std::vector<uint8_t> ss1(SS_LEN, 0);
+
+  std::span<uint8_t, S_LEN> _s{ s };
+  std::span<uint8_t, SEED_SE_LEN> _seedSE{ seedSE };
+  std::span<uint8_t, Z_LEN> _z{ z };
+  std::span<uint8_t, frodo1344_kem::PUB_KEY_LEN> _pkey{ pkey };
+  std::span<uint8_t, frodo1344_kem::SEC_KEY_LEN> _skey{ skey };
+  std::span<uint8_t, μ_LEN> _μ{ μ };
+  std::span<uint8_t, SS_LEN> _ss0{ ss0 };
+  std::span<uint8_t, frodo1344_kem::CIPHER_LEN> _cipher{ cipher };
+  std::span<uint8_t, SS_LEN> _ss1{ ss1 };
+
+  prng::prng_t prng;
+
+  prng.read(_s);
+  prng.read(_seedSE);
+  prng.read(_z);
+  prng.read(_μ);
+
+  frodo1344_kem::keygen(_s, _seedSE, _z, _pkey, _skey);
+  frodo1344_kem::encaps(_μ, _pkey, _cipher, _ss0);
+  frodo1344_kem::decaps(_skey, _cipher, _ss1);
+
+  // check if both parties arrived at same shared secret or not
+  assert(std::ranges::equal(_ss0, _ss1));
+
+  {
+    using namespace frodo_utils;
+
+    std::cout << "Frodo-1344 KEM\n\n";
+    std::cout << "Public Key    : " << to_hex(_pkey) << "\n";
+    std::cout << "Secret Key    : " << to_hex(_skey) << "\n";
+    std::cout << "Cipher Text   : " << to_hex(_cipher) << "\n";
+    std::cout << "Shared Secret : " << to_hex(_ss0) << "\n";
+  }
+
+  return 0;
+}
diff --git a/examples/frodo640_kem.cpp b/examples/frodo640_kem.cpp
@@ -41,10 +41,10 @@ main()
 
   prng::prng_t prng;
 
-  prng.read(_s.data(), _s.size());
-  prng.read(_seedSE.data(), _seedSE.size());
-  prng.read(_z.data(), _z.size());
-  prng.read(_μ.data(), _μ.size());
+  prng.read(_s);
+  prng.read(_seedSE);
+  prng.read(_z);
+  prng.read(_μ);
 
   frodo640_kem::keygen(_s, _seedSE, _z, _pkey, _skey);
   frodo640_kem::encaps(_μ, _pkey, _cipher, _ss0);
@@ -57,11 +57,10 @@ main()
     using namespace frodo_utils;
 
     std::cout << "Frodo-640 KEM\n\n";
-    std::cout << "Public Key    : " << to_hex(pkey.data(), pkey.size()) << "\n";
-    std::cout << "Secret Key    : " << to_hex(skey.data(), skey.size()) << "\n";
-    std::cout << "Cipher Text   : " << to_hex(cipher.data(), cipher.size())
-              << "\n";
-    std::cout << "Shared Secret : " << to_hex(ss0.data(), ss0.size()) << "\n";
+    std::cout << "Public Key    : " << to_hex(_pkey) << "\n";
+    std::cout << "Secret Key    : " << to_hex(_skey) << "\n";
+    std::cout << "Cipher Text   : " << to_hex(_cipher) << "\n";
+    std::cout << "Shared Secret : " << to_hex(_ss0) << "\n";
   }
 
   return 0;

diff --git a/examples/frodo640_pke.cpp b/examples/frodo640_pke.cpp
diff --git a/examples/frodo976_kem.cpp b/examples/frodo976_kem.cpp
@@ -0,0 +1,67 @@
+#include "frodo976_kem.hpp"
+#include "prng.hpp"
+#include <algorithm>
+#include <cassert>
+#include <iostream>
+#include <span>
+#include <vector>
+
+// Compile it using
+//
+// g++ -std=c++20 -O3 -march=native -mtune=native -Wall -I include -I
+// sha3/include -I subtle/include examples/frodo976_kem.cpp
+int
+main()
+{
+  constexpr size_t S_LEN = 24;
+  constexpr size_t SEED_SE_LEN = 24;
+  constexpr size_t Z_LEN = 16;
+  constexpr size_t μ_LEN = 24;
+  constexpr size_t SS_LEN = 24; // shared secret
+
+  std::vector<uint8_t> s(S_LEN, 0);
+  std::vector<uint8_t> seedSE(SEED_SE_LEN, 0);
+  std::vector<uint8_t> z(Z_LEN, 0);
+  std::vector<uint8_t> pkey(frodo976_kem::PUB_KEY_LEN, 0);
+  std::vector<uint8_t> skey(frodo976_kem::SEC_KEY_LEN, 0);
+  std::vector<uint8_t> μ(μ_LEN, 0);
+  std::vector<uint8_t> ss0(SS_LEN, 0);
+  std::vector<uint8_t> cipher(frodo976_kem::CIPHER_LEN, 0);
+  std::vector<uint8_t> ss1(SS_LEN, 0);
+
+  std::span<uint8_t, S_LEN> _s{ s };
+  std::span<uint8_t, SEED_SE_LEN> _seedSE{ seedSE };
+  std::span<uint8_t, Z_LEN> _z{ z };
+  std::span<uint8_t, frodo976_kem::PUB_KEY_LEN> _pkey{ pkey };
+  std::span<uint8_t, frodo976_kem::SEC_KEY_LEN> _skey{ skey };
+  std::span<uint8_t, μ_LEN> _μ{ μ };
+  std::span<uint8_t, SS_LEN> _ss0{ ss0 };
+  std::span<uint8_t, frodo976_kem::CIPHER_LEN> _cipher{ cipher };
+  std::span<uint8_t, SS_LEN> _ss1{ ss1 };
+
+  prng::prng_t prng;
+
+  prng.read(_s);
+  prng.read(_seedSE);
+  prng.read(_z);
+  prng.read(_μ);
+
+  frodo976_kem::keygen(_s, _seedSE, _z, _pkey, _skey);
+  frodo976_kem::encaps(_μ, _pkey, _cipher, _ss0);
+  frodo976_kem::decaps(_skey, _cipher, _ss1);
+
+  // check if both parties arrived at same shared secret or not
+  assert(std::ranges::equal(_ss0, _ss1));
+
+  {
+    using namespace frodo_utils;
+
+    std::cout << "Frodo-976 KEM\n\n";
+    std::cout << "Public Key    : " << to_hex(_pkey) << "\n";
+    std::cout << "Secret Key    : " << to_hex(_skey) << "\n";
+    std::cout << "Cipher Text   : " << to_hex(_cipher) << "\n";
+    std::cout << "Shared Secret : " << to_hex(_ss0) << "\n";
+  }
+
+  return 0;
+}
diff --git a/include/bench/bench_frodo.hpp b/include/bench/bench_frodo.hpp