Do randomised SPHINCS+ signatures

author Sergey Matveev <stargrave@stargrave.org>

Thu, 17 Apr 2025 08:12:31 +0000 (11:12 +0300)

committer Sergey Matveev <stargrave@stargrave.org>

Thu, 17 Apr 2025 08:19:50 +0000 (11:19 +0300)
author Sergey Matveev <stargrave@stargrave.org>
Thu, 17 Apr 2025 08:12:31 +0000 (11:12 +0300)
committer Sergey Matveev <stargrave@stargrave.org>
Thu, 17 Apr 2025 08:19:50 +0000 (11:19 +0300)
diff --git a/go/cm/hash/algo.go b/go/cm/hash/algo.go

index 58194000ce82a3a3ab504a8c3328ff453b837f4f3718eaea7db151f41239a9f2..703e7d1b71e75e93506f2a77d2cd8e4717096f08f83663e16b4fc7539e2822a4 100644 (file)
--- a/go/cm/hash/algo.go
+++ b/go/cm/hash/algo.go
@@ -73,12 +73,12 @@ func ByName(name string) hash.Hash {
                 return h
         case SHAKE128:
                 return NewSHAKE128()
-       case SHAKE256, SPHINCSPlusSHAKE256sNonRandom, SPHINCSPlusSHAKE256sNonRandomPh:
+       case SHAKE256, SPHINCSPlusSHAKE256s, SPHINCSPlusSHAKE256sPh:
                 return NewSHAKE256()
         case SHAKE128Merkle:
                 return NewSHAKE128MerkleHasher(
                         merkle.DefaultChunkLen, DefaultNumCPU)
-       case SHAKE256Merkle, SPHINCSPlusSHAKE256sNonRandomMerkle:
+       case SHAKE256Merkle, SPHINCSPlusSHAKE256sMerkle:
                 return NewSHAKE256MerkleHasher(
                         merkle.DefaultChunkLen, DefaultNumCPU)
         }
diff --git a/go/cm/hash/shake.go b/go/cm/hash/shake.go

index 4de9849a1e1d233d8c092bb21c0bdbb63fd177378c3c61cabc21150dc8f88825..5051d760045dee7a856724bc0e6a4661164d81ae9d738a8dfcb1f62695f4a673 100644 (file)
--- a/go/cm/hash/shake.go
+++ b/go/cm/hash/shake.go
@@ -27,9 +27,9 @@ const (
         SHAKE128Merkle = "shake128-merkle"
         SHAKE256Merkle = "shake256-merkle"
  
-       SPHINCSPlusSHAKE256sNonRandom       = "sphincs+-shake-256s-nonrandom"
-       SPHINCSPlusSHAKE256sNonRandomPh     = "sphincs+-shake-256s-nonrandom-ph"
-       SPHINCSPlusSHAKE256sNonRandomMerkle = "sphincs+-shake-256s-nonrandom-merkle"
+       SPHINCSPlusSHAKE256s       = "sphincs+-shake-256s"
+       SPHINCSPlusSHAKE256sPh     = "sphincs+-shake-256s-ph"
+       SPHINCSPlusSHAKE256sMerkle = "sphincs+-shake-256s-merkle"
  )
  
  type SHAKE struct {
diff --git a/go/cm/sign/pub.go b/go/cm/sign/pub.go

index bc7bf64d1c9886c43099d8f10a626f04155ba0810c720c92093b3a6d706f46aa..c71076e51942cf81a54ca766d9fdd374403d7950e51c7891566ed7936d82a64f 100644 (file)
--- a/go/cm/sign/pub.go
+++ b/go/cm/sign/pub.go
@@ -141,7 +141,7 @@ func (pub *PubLoad) CheckSignature(algo string, signed, signature []byte) (err e
                         err = ErrSigInvalid
                 }
         case spx.SPHINCSPlusSHAKE256s:
-               if algo != spx.SPHINCSPlusSHAKE256sNonRandom {
+               if algo != spx.SPHINCSPlusSHAKE256s {
                         return ErrBadSigAlgo
                 }
                 valid, err = spx.Verify(key.A, key.V, signed, signature)
@@ -193,8 +193,8 @@ func (pub *PubLoad) CheckSignaturePrehash(
                 }
         case spx.SPHINCSPlusSHAKE256s:
                 switch algo {
-               case spx.SPHINCSPlusSHAKE256sNonRandomPh:
-               case spx.SPHINCSPlusSHAKE256sNonRandomMerkle:
+               case spx.SPHINCSPlusSHAKE256sPh:
+               case spx.SPHINCSPlusSHAKE256sMerkle:
                 default:
                         return ErrBadSigAlgo
                 }
diff --git a/go/cm/sign/spx/kp.go b/go/cm/sign/spx/kp.go

index 10fc55ce603d40214358f950044ffdd19df885c89caa8c60b56af884c67874bb..0a9c0b86cfc226918480106b6e63d4e64c74f6fe6472060ca630385b33c174a7 100644 (file)
--- a/go/cm/sign/spx/kp.go
+++ b/go/cm/sign/spx/kp.go
@@ -21,13 +21,12 @@ import (
  )
  
  const (
-       SPHINCSPlusSHAKE256s                = "sphincs+-shake-256s"
-       SPHINCSPlusSHAKE256sNonRandom       = "sphincs+-shake-256s-nonrandom"
-       SPHINCSPlusSHAKE256sNonRandomPh     = "sphincs+-shake-256s-nonrandom-ph"
-       SPHINCSPlusSHAKE256sNonRandomMerkle = "sphincs+-shake-256s-nonrandom-merkle"
+       SPHINCSPlusSHAKE256s       = "sphincs+-shake-256s"
+       SPHINCSPlusSHAKE256sPh     = "sphincs+-shake-256s-ph"
+       SPHINCSPlusSHAKE256sMerkle = "sphincs+-shake-256s-merkle"
  )
  
-var Params = spxParams.MakeSphincsPlusSHAKE256256sRobust(false)
+var Params = spxParams.MakeSphincsPlusSHAKE256256sRobust(true)
  
  func NewKeypair(algo string) (prv, pub []byte, err error) {
         sk, pk := spx.Spx_keygen(Params)
diff --git a/go/cm/sign/spx/signer.go b/go/cm/sign/spx/signer.go

index 5531a79000e01b52c4c22bf7dc547940d7be22c2b335463b4ee81f98faf9de47..57ddcb4988f39a6c2ce1490e3499d5a4115c3f1eb676ad2294acc74f0aee9428 100644 (file)
--- a/go/cm/sign/spx/signer.go
+++ b/go/cm/sign/spx/signer.go
@@ -67,11 +67,11 @@ func (s *Signer) Prehasher() *hash.Hash {
  func (s *Signer) Algo() string {
         switch s.mode {
         case mode.Pure:
-               return SPHINCSPlusSHAKE256sNonRandom
+               return SPHINCSPlusSHAKE256s
         case mode.Prehash:
-               return SPHINCSPlusSHAKE256sNonRandomPh
+               return SPHINCSPlusSHAKE256sPh
         case mode.Merkle:
-               return SPHINCSPlusSHAKE256sNonRandomMerkle
+               return SPHINCSPlusSHAKE256sMerkle
         }
         return ""
  }
diff --git a/spec/cm/signed.texi b/spec/cm/signed.texi

index 4252f8fcbc660585c5f25b044c0f75ee3082f5a3c3dd3d7ddc7ffbc80f65bf5c..1bf94e59af4a13072a18f5c5e24ac143a53368a4774ce787cfb0a7d83a7e6fa9 100644 (file)
--- a/spec/cm/signed.texi
+++ b/spec/cm/signed.texi
@@ -116,26 +116,27 @@ recipient's public key fingerprint(s).
      HashEdDSA mode is used with @code{ed25519ph-blake2b-merkle}
      algorithm identifier for signature.
  
-@node cm-signed-sphincs+-shake-256s-nonrandom
-@cindex cm-signed-sphincs+-shake-256s-nonrandom
-@nodedescription cm/signed with SPHINCS+-SHAKE256-256s-robust non-random
-@subsection cm/signed with SPHINCS+-SHAKE256-256s-robust non-random
+@node cm-signed-sphincs+-shake-256s
+@cindex cm-signed-sphincs+-shake-256s
+@cindex cm-signed-sphincs+-shake-256s-ph
+@nodedescription cm/signed with SPHINCS+-SHAKE256-256s-robust
+@subsection cm/signed with SPHINCS+-SHAKE256-256s-robust
  
      @url{https://sphincs.org/, SPHINCS+} with
      @url{https://keccak.team/, SHAKE256} hash,
      255-bit security level, small signatures,
      robust parameters and deterministic signatures.
  
-    @code{sphincs+-shake-256s-nonrandom} algorithm identifier
+    @code{sphincs+-shake-256s} algorithm identifier
      must be used for the signature in pure signing mode.
-    @code{sphincs+-shake-256s-nonrandom-ph} is used in prehash mode.
+    @code{sphincs+-shake-256s-ph} is used in prehash mode.
  
-@node cm-signed-sphincs+-shake-256s-nonrandom-merkle
-@cindex cm-signed-sphincs+-shake-256s-nonrandom-merkle
-@nodedescription cm-signed-sphincs+-shake-256s-nonrandom with Merkle-tree hashing
-@subsection cm-signed-sphincs+-shake-256s-nonrandom with Merkle-tree hashing
+@node cm-signed-sphincs+-shake-256s-merkle
+@cindex cm-signed-sphincs+-shake-256s-merkle
+@nodedescription cm-signed-sphincs+-shake-256s with Merkle-tree hashing
+@subsection cm-signed-sphincs+-shake-256s with Merkle-tree hashing
  
      @ref{cm-hashed-shake-merkle, shake256-merkle} Merkle-tree hashing is used.
  
-    @code{sphincs+-shake-256s-nonrandom-merkle} algorithm
+    @code{sphincs+-shake-256s-merkle} algorithm
      identifier must be used for the signature.
author	Sergey Matveev <stargrave@stargrave.org>
	Thu, 17 Apr 2025 08:12:31 +0000 (11:12 +0300)
committer	Sergey Matveev <stargrave@stargrave.org>
	Thu, 17 Apr 2025 08:19:50 +0000 (11:19 +0300)
go/cm/hash/algo.go		patch \| blob \| history
go/cm/hash/shake.go		patch \| blob \| history
go/cm/sign/pub.go		patch \| blob \| history
go/cm/sign/spx/kp.go		patch \| blob \| history
go/cm/sign/spx/signer.go		patch \| blob \| history
spec/cm/signed.texi		patch \| blob \| history