New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use NIST PQC Round 4 implementation of Classic McEliece #91
Comments
@koraa Should we maybe create a v1 milestone in GitHub to track the issues which need to be resolved before v1? If you agree, I would add this issue to this milestone. |
This comment was marked as off-topic.
This comment was marked as off-topic.
https://crates.io/crates/pqcrypto This might be a good alternative. |
Note that liboqs has switched to the round 4 specification with oqs-sys v0.9.0. Perhaps you could bump the dependency? As a bonus, this would also permit unbundling liboqs as per issue #19. |
Closed by #292 |
Blockers:
Cloudflare's CIRCL McEliece implementation implements the KEM based on the NIST PQC round 4 specification.
Round 4 has removed the plaintext confirmation (pc) from the ciphertext and as a result uses 32-byte shorted secret keys which are incompatible with the liboqs implementation which is based on the Round 3 specification (or Round 2 which rosenpass is actually using).
The website of Classic McEliece also mentioned this explicitly in their implementations section:
The Rosenpass whitepaper does not specify which version of the KEM must be used.
The Rust implementation of Rosenpass uses the even older Round 2 implementation provided by liboqs.
I propose to switch to the updated Round 4 version.
See also
The text was updated successfully, but these errors were encountered: