From a47a23a15008b5a15e800d2e765475ee3038fd4c Mon Sep 17 00:00:00 2001 From: Basil Hess Date: Tue, 19 Nov 2024 10:42:35 +0100 Subject: [PATCH] Update ml-dsa security claim to SUF-CMA [skip ci] Signed-off-by: Basil Hess --- docs/algorithms/sig/ml_dsa.md | 6 +++--- docs/algorithms/sig/ml_dsa.yml | 6 +++--- scripts/copy_from_upstream/update_upstream_alg_docs.py | 3 ++- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/docs/algorithms/sig/ml_dsa.md b/docs/algorithms/sig/ml_dsa.md index 69b786c0b..929eb6991 100644 --- a/docs/algorithms/sig/ml_dsa.md +++ b/docs/algorithms/sig/ml_dsa.md @@ -15,9 +15,9 @@ | Parameter set | Parameter set alias | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Signature size (bytes) | |:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|-------------------------:| -| ML-DSA-44 | NA | EUF-CMA | 2 | 1312 | 2560 | 2420 | -| ML-DSA-65 | NA | EUF-CMA | 3 | 1952 | 4032 | 3309 | -| ML-DSA-87 | NA | EUF-CMA | 5 | 2592 | 4896 | 4627 | +| ML-DSA-44 | NA | SUF-CMA | 2 | 1312 | 2560 | 2420 | +| ML-DSA-65 | NA | SUF-CMA | 3 | 1952 | 4032 | 3309 | +| ML-DSA-87 | NA | SUF-CMA | 5 | 2592 | 4896 | 4627 | ## ML-DSA-44 implementation characteristics diff --git a/docs/algorithms/sig/ml_dsa.yml b/docs/algorithms/sig/ml_dsa.yml index abc7a0723..ee29c2024 100644 --- a/docs/algorithms/sig/ml_dsa.yml +++ b/docs/algorithms/sig/ml_dsa.yml @@ -21,7 +21,7 @@ primary-upstream: parameter-sets: - name: ML-DSA-44 claimed-nist-level: 2 - claimed-security: EUF-CMA + claimed-security: SUF-CMA length-public-key: 1312 length-secret-key: 2560 length-signature: 2420 @@ -52,7 +52,7 @@ parameter-sets: large-stack-usage: false - name: ML-DSA-65 claimed-nist-level: 3 - claimed-security: EUF-CMA + claimed-security: SUF-CMA length-public-key: 1952 length-secret-key: 4032 length-signature: 3309 @@ -83,7 +83,7 @@ parameter-sets: large-stack-usage: false - name: ML-DSA-87 claimed-nist-level: 5 - claimed-security: EUF-CMA + claimed-security: SUF-CMA length-public-key: 2592 length-secret-key: 4896 length-signature: 4627 diff --git a/scripts/copy_from_upstream/update_upstream_alg_docs.py b/scripts/copy_from_upstream/update_upstream_alg_docs.py index 9bcc98eb1..33483067e 100755 --- a/scripts/copy_from_upstream/update_upstream_alg_docs.py +++ b/scripts/copy_from_upstream/update_upstream_alg_docs.py @@ -383,7 +383,8 @@ def update_upstream_sig_alg_docs(liboqs_root, sigs, upstream_info, write_changes oqs_scheme_yaml['name'] = rhs_if_not_equal(oqs_scheme_yaml['name'], upstream_yaml['name'], "scheme pretty name") oqs_scheme_yaml['claimed-nist-level'] = rhs_if_not_equal(oqs_scheme_yaml['claimed-nist-level'], upstream_yaml['claimed-nist-level'], "claimed-nist-level") - oqs_scheme_yaml['claimed-security'] = rhs_if_not_equal(oqs_scheme_yaml['claimed-security'], 'EUF-CMA', "claimed-security") + if oqs_scheme_yaml['claimed-security'] not in ["EUF-CMA", "SUF-CMA"]: + oqs_scheme_yaml['claimed-security'] = rhs_if_not_equal(oqs_scheme_yaml['claimed-security'], 'EUF-CMA', "claimed-security") oqs_scheme_yaml['length-public-key'] = rhs_if_not_equal(oqs_scheme_yaml['length-public-key'], upstream_yaml['length-public-key'], "length-public-key") oqs_scheme_yaml['length-secret-key'] = rhs_if_not_equal(oqs_scheme_yaml['length-secret-key'], upstream_yaml['length-secret-key'], "legnth-secret-key") oqs_scheme_yaml['length-signature'] = rhs_if_not_equal(oqs_scheme_yaml['length-signature'], upstream_yaml['length-signature'], "length-signature")