Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="f/KK1NoH2JdTdTYY" --f/KK1NoH2JdTdTYY Content-Type: text/plain; charset="UTF-8" Content-Disposition: inline Manoj Kumar writes: > Looks like some (header) files are missing from the tar file [ ... ] > #include https://csrc.nist.gov/Projects/post-quantum-cryptography/faqs says "Submitters may assume that these libraries are installed on the reference platform and do not need to provide them along with their submissions". NIST's pqc-forum email dated 30 Aug 2017 14:19:29 +0000 (which seems to be missing from Google's pqc-forum archive) guarantees that code can simply use etc. Presumably these details are all clear from the scripts that NIST used to test the submitted code, but those scripts don't seem to be public. Anyway, below is a script to (1) download and compile the official Keccak libraries, (2) download the Classic McEliece submission tarballs, and (3) re-run the Classic McEliece code to check the KATs. This script assumes Linux with xsltproc and standard compiler tools installed, running on a CPU with AVX2. Please speak up if you encounter any problems. Alternatively, just use https://bench.cr.yp.to/supercop.html, which includes the Keccak libraries, includes more comprehensive KEM tests, and isn't AVX2-specific. Beware that buffer overflows have recently been reported in the official Keccak libraries, in particular "when partial data with some specific sizes are queued, where at least one of them has a length of 2^32 - 200 bytes or more": https://mouha.be/sha-3-buffer-overflow/ https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658 KEMs typically use Keccak for short fixed-length inputs, and the Classic McEliece code uses only the all-in-one SHAKE256() function rather than the partial-data functions, but this buffer overflow is still a useful reminder that much more work needs to be done to ensure the correctness of cryptographic software. ---Dan (speaking for myself) cd git clone https://github.com/XKCP/XKCP.git cd XKCP time make AVX2/libXKCP.a time make AVX2/libXKCP.so mkdir -p $HOME/include mkdir -p $HOME/lib ln -s $HOME/XKCP/bin/AVX2/libXKCP.a.headers $HOME/include/libkeccak.a.headers ln -s $HOME/XKCP/bin/AVX2/libXKCP.a $HOME/lib/libkeccak.a ln -s $HOME/XKCP/bin/AVX2/libXKCP.so $HOME/lib/libkeccak.so export CPATH="$CPATH:$HOME/include" export LIBRARY_PATH="$LIBRARY_PATH:$HOME/lib" export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$HOME/lib" cd wget https://classic.mceliece.org/nist/mceliece-20221023.tar.gz tar -xf mceliece-20221023.tar.gz wget https://classic.mceliece.org/nist/mceliece-kat-20221023.tar.gz tar -xf mceliece-kat-20221023.tar.gz cd mceliece-20221023 for x in *Impl*/kem/mceliece* do find "$x" -type d \ | while read dir do [ -e "$dir"/Makefile ] || continue ( cd "$dir" echo "$dir" make for kat in kat_kem.req kat_kem.rsp kat_kem.int do p=`basename "$x"` cmp $kat "$HOME/mceliece-kat-20221023/KAT/kem/$p/$kat" done ) done done -- You received this message because you are subscribed to the Google Groups "pqc-forum" group. To unsubscribe from this group and stop receiving emails from it, send an email to pqc-forum+unsubscribe@list.nist.gov. To view this discussion on the web visit https://groups.google.com/a/list.nist.gov/d/msgid/pqc-forum/20221025155306.173488.qmail%40cr.yp.to. --f/KK1NoH2JdTdTYY Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEE3QolqQXydru4e4ITsMANTjsOVFkFAmNYBmIACgkQsMANTjsO VFldiQ//fLSGioN1zWxMj5TN2H2jaxBnSd1AKl4IaWHpWR5YWyiWdsp2e8DBDpgm q/tgbsMZUaxcfW8Z9k+4exkp7fLRAbTymn8LcO1H+XsTya6Pl1avBHx1pX43I/Ks /avkvCXLs4Ib7naleAsoICzT9otk1Bh7xxaqEtrIhN2uuBnB22jOTjCZEJFtjqMc luQ+0XDVauOmPk6mbQ5Fu6BpdE3ruIZLM0WePeIvX4z/kDR3ar/IE5bUWG9Rw6Q0 JJ9J4XwNSP/nuvsEXYJnmsXOLal1sQNVgOmvNswIl2zHv+M76OWDp2EdBFUka2// 9px1UEPxAeyApo3NJv35A7EQYlKYRT4uczafI9qEo+/Yi1khwo27Z9DobcYImfFA pfSMmgFoHhx4LFEmmPUSbP32wa1IH3CoapnvuN5mMFjzlzB0MyMCIpYO/dxTf5jc Nj6QyaQo6b6YhRZMSAkFJ54vOm87DUO4W4opKKwHqz8hkkOWE7/tHRodjGt/2HRJ bqQ5u7zyJz8OXnFYImbk/eIty0syV8viLk77qrhc5/BO/CghzCXl8mTmrz5/HpgX lBzStDw2K8Z1tf5h6mA8yCoo6xedG/hvuLYz4ApVe0OMDyZXk57isQyGG2a2I43s Cf1n2pcgHhs1o2XIiubB4Za3nd2744OI13vsdlQ0fcG/WDj7suk= =8l1/ -----END PGP SIGNATURE----- --f/KK1NoH2JdTdTYY--