Google Git
Sign in
android / platform / external / liboqs / HEAD / . / docs / algorithms / kem / classic_mceliece.yml
blob: 99a828bc61a1e67fd802dfb3c59d4573b1f4cf14 [file] [log] [blame]
name: Classic McEliece
type: kem
principal-submitters:
- Daniel J. Bernstein
- Tung Chou
- Tanja Lange
- Ingo von Maurich
- Rafael Misoczki
- Ruben Niederhagen
- Edoardo Persichetti
- Christiane Peters
- Peter Schwabe
- Nicolas Sendrier
- Jakub Szefer
- Wen Wang
crypto-assumption: Niederreiter's dual version of McEliece's public key encryption
using binary Goppa codes
website: https://classic.mceliece.org
nist-round: 3
spec-version: SUPERCOP-20221025
upstream-ancestors:
- SUPERCOP-20221025 "clean" and "avx2" implementations
advisories:
- Classic-McEliece-460896, Classic-McEliece-460896f, Classic-McEliece-6960119, and
Classic-McEliece-6960119f parameter sets fail memory leak testing on x86-64 when
building with ``clang`` using optimization level ``-O2`` and ``-O3``. Care is advised
when using the algorithm at higher optimization levels, and any other compiler and
architecture.
- Current implementation of the algorithm may not be constant-time. Additionally,
environment specific constant-time leaks may not be documented; please report potential
constant-time leaks when found.
parameter-sets:
- name: Classic-McEliece-348864
claimed-nist-level: 1
claimed-security: IND-CCA2
length-public-key: 261120
length-ciphertext: 96
length-secret-key: 6492
length-shared-secret: 32
implementations-switch-on-runtime-cpu-features: true
implementations:
- upstream-id: clean
supported-platforms: all
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
operating_systems:
- Linux
- Darwin
required_flags:
- avx2
- popcnt
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-348864f
claimed-nist-level: 1
claimed-security: IND-CCA2
length-public-key: 261120
length-ciphertext: 96
length-secret-key: 6492
length-shared-secret: 32
implementations-switch-on-runtime-cpu-features: true
implementations:
- upstream-id: clean
supported-platforms: all
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
operating_systems:
- Linux
- Darwin
required_flags:
- avx2
- popcnt
- bmi1
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-460896
claimed-nist-level: 3
claimed-security: IND-CCA2
length-public-key: 524160
length-ciphertext: 156
length-secret-key: 13608
length-shared-secret: 32
implementations-switch-on-runtime-cpu-features: true
implementations:
- upstream-id: clean
supported-platforms: all
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
operating_systems:
- Linux
- Darwin
required_flags:
- avx2
- popcnt
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-460896f
claimed-nist-level: 3
claimed-security: IND-CCA2
length-public-key: 524160
length-ciphertext: 156
length-secret-key: 13608
length-shared-secret: 32
implementations-switch-on-runtime-cpu-features: true
implementations:
- upstream-id: clean
supported-platforms: all
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
operating_systems:
- Linux
- Darwin
required_flags:
- avx2
- popcnt
- bmi1
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-6688128
claimed-nist-level: 5
claimed-security: IND-CCA2
length-public-key: 1044992
length-ciphertext: 208
length-secret-key: 13932
length-shared-secret: 32
implementations-switch-on-runtime-cpu-features: true
implementations:
- upstream-id: clean
supported-platforms: all
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
operating_systems:
- Linux
- Darwin
required_flags:
- avx2
- popcnt
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-6688128f
claimed-nist-level: 5
claimed-security: IND-CCA2
length-public-key: 1044992
length-ciphertext: 208
length-secret-key: 13932
length-shared-secret: 32
implementations-switch-on-runtime-cpu-features: true
implementations:
- upstream-id: clean
supported-platforms: all
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
operating_systems:
- Linux
- Darwin
required_flags:
- avx2
- popcnt
- bmi1
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-6960119
claimed-nist-level: 5
claimed-security: IND-CCA2
length-public-key: 1047319
length-ciphertext: 194
length-secret-key: 13948
length-shared-secret: 32
implementations-switch-on-runtime-cpu-features: true
implementations:
- upstream-id: clean
supported-platforms: all
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
operating_systems:
- Linux
- Darwin
required_flags:
- avx2
- popcnt
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-6960119f
claimed-nist-level: 5
claimed-security: IND-CCA2
length-public-key: 1047319
length-ciphertext: 194
length-secret-key: 13948
length-shared-secret: 32
implementations-switch-on-runtime-cpu-features: true
implementations:
- upstream-id: clean
supported-platforms: all
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
operating_systems:
- Linux
- Darwin
required_flags:
- avx2
- popcnt
- bmi1
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-8192128
claimed-nist-level: 5
claimed-security: IND-CCA2
length-public-key: 1357824
length-ciphertext: 208
length-secret-key: 14120
length-shared-secret: 32
implementations-switch-on-runtime-cpu-features: true
implementations:
- upstream-id: clean
supported-platforms: all
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
operating_systems:
- Linux
- Darwin
required_flags:
- avx2
- popcnt
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- name: Classic-McEliece-8192128f
claimed-nist-level: 5
claimed-security: IND-CCA2
length-public-key: 1357824
length-ciphertext: 208
length-secret-key: 14120
length-shared-secret: 32
implementations-switch-on-runtime-cpu-features: true
implementations:
- upstream-id: clean
supported-platforms: all
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
- upstream-id: avx2
supported-platforms:
- architecture: x86_64
operating_systems:
- Linux
- Darwin
required_flags:
- avx2
- popcnt
- bmi1
common-crypto:
- AES: liboqs
- SHA3: liboqs
no-secret-dependent-branching-claimed: false
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: true
upstream: primary-upstream
auxiliary-submitters: []
primary-upstream:
spdx-license-identifier: Public domain
source: https://github.com/PQClean/PQClean/commit/8e221ae797b229858a0b0d784577a8cb149d5789