Merge pull request #62 from anhu/sphincs

Chage pq instructions: see wolfssl INSTALL ; move cert gen scripts to osp

Author: dgarske

wolfSSL/src/appendix07.md

@@ -44,51 +44,19 @@ One solution is to not put our full faith into these new algorithms. For now, we
 
 The following instructions will get you started from a clean Linux development environment and lead you step by step to performing a quantum-safe TLS 1.3 connection.
 
-### Building Open Quantum Safe
+### Build Instructions
 
-In order be able to use liboqs, you must have it built and installed on your system. We support the `0.7.0` release of liboqs. You can download it from the following link:
+Please see the wolfSSL repo's INSTALL file (https://github.com/wolfSSL/wolfssl/blob/master/INSTALL). Item 15 (Building with liboqs for TLS 1.3 [EXPERIMENTAL]) has instructions on how to configure and build:
 
-<https://github.com/open-quantum-safe/liboqs/archive/refs/tags/0.7.0.tar.gz>
+- liboqs
+- wolfssl
+- patched OQS's OpenSSL fork
 
-Once unpacked, this would be sufficient:
-
-```sh
-cd liboqs-0.7.0
-mkdir build
-cd build
-cmake -DOQS_USE_OPENSSL=0 ..
-make all
-sudo make install
-```
-
-For authentication, you can generate a certificate chain using the Open Quantum Safe project's fork of OpenSSL. We support Dilithium and FALCON certificates and keys generated by the `2021-08 snapshot` of the `OQS-OpenSSL_1_1_1-stable` branch of the fork. You can download it from the following link:
-
-<https://github.com/open-quantum-safe/openssl/archive/refs/tags/OQS-OpenSSL_1_1_1-stable-snapshot-2021-08.tar.gz>
-
-Once unpacked, this would be sufficient for building it:
-
-```sh
-cd openssl-OQS-OpenSSL_1_1_1-stable-snapshot-2021-08/
-./config no-shared
-make all
-```
-
-**Note**: installation is NOT required.
-
-There is a script for generating a FALCON NIST Level 1 and FALCON NIST Level 5 certificate chain which can be found in the `wolfssl-examples` github repo at `pq/generate_falcon_chains.sh.` Please find detailed instructions on how to generate and verify the keys and certificates in `pq/README.md`. As a quick-start, simply copy `generate_falcon_chains.sh` into the `openssl-OQS-OpenSSL_1_1_1-stable-snapshot-2021-08` directory and execute the script. Similarly, we have `pq/generate_dilithum_chains.sh.` which generates Dilithium chains; one chain for each supported variant.
-
-Once the certificates and keys are generated, copy them from the `openssl-OQS-OpenSSL_1_1_1-stable-snapshot-2021-08` directory to the `certs` directory of wolfssl.
-
-### Building wolfSSL
-
-Follow these steps to build wolfSSL with liboqs integration:
-
-```sh
-cd wolfssl
-./autogen.sh (Not necessary if configure script is already present)
-./configure --with-liboqs
-make all
-```
+You will need the patched OQS OpenSSL fork in order to generate X.509
+certificates with post-quantum cryptographic keys and signatures. Instructions
+can be found at https://github.com/wolfSSL/osp/tree/master/oqs/README.md. If you
+do not want to use post-quantum signature schemes, you can skip the step of
+building OpenSSL.
 
 ### Making a Quantum Safe TLS Connection
 
@@ -112,6 +80,10 @@ examples/client/client -v 4 -l TLS_AES_256_GCM_SHA384 \
 
 You have just achieved a fully quantum-safe TLS 1.3 connection using AES-256 for symmetric encryption, the FALCON signature scheme for authentication and ECDHE hybridized with KYBER KEM for key establishment.
 
+Further information about other post-quantum examples can be found at
+https://github.com/wolfSSL/wolfssl-examples/blob/master/pq/README.md.
+
+
 ## Naming Convention Mappings Between wolfSSL and OQS's fork of OpenSSL
 
 All the teams that made submission to the NIST PQC competition supported multiple levels of security as defined by NIST here: <https://csrc.nist.gov/projects/post-quantum-cryptography/post-quantum-cryptography-standardization/evaluation-criteria/security-(evaluation-criteria)>
@@ -130,6 +102,12 @@ DILITHIUM_LEVEL5      |  DILITHIUM5
 DILITHIUM_AES_LEVEL2  |  DILITHIUM2_AES
 DILITHIUM_AES_LEVEL3  |  DILITHIUM3_AES
 DILITHIUM_AES_LEVEL5  |  DILITHIUM5_AES
+SPHINCS_FAST_LEVEL1   |  SPHINCS+-SHAKE256-128f-simple
+SPHINCS_FAST_LEVEL3   |  SPHINCS+-SHAKE256-192f-simple
+SPHINCS_FAST_LEVEL5   |  SPHINCS+-SHAKE256-256f-simple
+SPHINCS_SMALL_LEVEL1  |  SPHINCS+-SHAKE256-128s-simple
+SPHINCS_SMALL_LEVEL3  |  SPHINCS+-SHAKE256-192s-simple
+SPHINCS_SMALL_LEVEL5  |  SPHINCS+-SHAKE256-256s-simple
 
 Post-Quantum KEM Naming Convention:
 
@@ -222,6 +200,12 @@ DILITHIUM_LEVEL5      |  1.3.6.1.4.1.2.267.7.8.7
 DILITHIUM_AES_LEVEL2  |  1.3.6.1.4.1.2.267.11.4.4
 DILITHIUM_AES_LEVEL3  |  1.3.6.1.4.1.2.267.11.6.5
 DILITHIUM_AES_LEVEL5  |  1.3.6.1.4.1.2.267.11.8.7
+SPHINCS_FAST_LEVEL1   |  1.3.9999.6.7.4
+SPHINCS_FAST_LEVEL3   |  1.3.9999.6.8.3
+SPHINCS_FAST_LEVEL5   |  1.3.9999.6.9.3
+SPHINCS_SMALL_LEVEL1  |  1.3.9999.6.7.10
+SPHINCS_SMALL_LEVEL3  |  1.3.9999.6.8.7
+SPHINCS_SMALL_LEVEL5  |  1.3.9999.6.9.7
 
 ## Cryptographic Artifact Sizes
 
@@ -239,7 +223,12 @@ DILITHIUM_LEVEL5     | 2592            | 4864             | 4595
 DILITHIUM_AES_LEVEL2 | 1312            | 2528             | 2420
 DILITHIUM_AES_LEVEL3 | 1952            | 4000             | 3293
 DILITHIUM_AES_LEVEL5 | 2592            | 4864             | 4595
-
+SPHINCS_FAST_LEVEL1  | 32              | 64               | 17088
+SPHINCS_FAST_LEVEL3  | 48              | 96               | 35664
+SPHINCS_FAST_LEVEL5  | 64              | 128              | 49856
+SPHINCS_SMALL_LEVEL1 | 32              | 64               | 7856
+SPHINCS_SMALL_LEVEL3 | 48              | 96               | 16224
+SPHINCS_SMALL_LEVEL5 | 64              | 128              | 29792
 
 **Note**: FALCON has variable signature sizes.