From d9fac0cd1efa89ceb52e1975b08bffced8f1f5b7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20Meusel?= Date: Tue, 29 Oct 2024 15:32:28 +0100 Subject: [PATCH] Fix a few minor issues --- docs/audit_report/src/06_bibliography.rst | 6 ------ docs/audit_report/src/side_channels/01_04_slh_dsa.rst | 11 +++++++++-- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/docs/audit_report/src/06_bibliography.rst b/docs/audit_report/src/06_bibliography.rst index fb010b81..1d602761 100644 --- a/docs/audit_report/src/06_bibliography.rst +++ b/docs/audit_report/src/06_bibliography.rst @@ -36,12 +36,6 @@ .. [DATA_GIT] https://github.com/Fraunhofer-AISEC/DATA -.. [NIST_SP_800_208] https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-208.pdf - -.. [BOTAN_LMS_PROCESS] https://github.com/randombit/botan/blob/1900c9e1f021b395dce2baba868a6427c1690ff1/src/lib/pubkey/hss_lms/lm_ots.cpp#L31 - -.. [BOTAN_LMS_Q_WITH_CKSM] https://github.com/randombit/botan/blob/1900c9e1f021b395dce2baba868a6427c1690ff1/src/lib/pubkey/hss_lms/lm_ots.cpp#L80 - .. [BOTAN_SLH_DSA_TREEHASH] https://github.com/randombit/botan/blob/7353a40e7ee1a0b845a798d94f8d88110e79347a/src/lib/pubkey/sphincsplus/sphincsplus_common/sp_treehash.cpp#L64 .. [BOTAN_SLH_DSA_WOTS_SIGN_AND_PKGEN_SIG_NODE] https://github.com/randombit/botan/blob/7353a40e7ee1a0b845a798d94f8d88110e79347a/src/lib/pubkey/sphincsplus/sphincsplus_common/sp_wots.cpp#L159 diff --git a/docs/audit_report/src/side_channels/01_04_slh_dsa.rst b/docs/audit_report/src/side_channels/01_04_slh_dsa.rst index 861ed54c..fddfb66e 100644 --- a/docs/audit_report/src/side_channels/01_04_slh_dsa.rst +++ b/docs/audit_report/src/side_channels/01_04_slh_dsa.rst @@ -1,6 +1,6 @@ -""""" +""""""" SLH DSA -""""" +""""""" Analysed variants: @@ -22,6 +22,7 @@ The following call is used to generate a signature: The Botan library is configured using the following console prompt: .. code-block:: + ./configure.py --prefix=~/workspace/bsi/DATA/cryptolib/botan/build --cc=gcc \ --cc-bin=g++-12 --cc-abi=-fno-plt --disable-modules sm4 --disable-sse2 \ --disable-ssse3 --disable-sse4.1 --disable-sse4.2 --disable-avx2 \ @@ -32,6 +33,7 @@ The Botan library is configured using the following console prompt: The binary is compiled with the `gcc` compiler with the following version: .. code-block:: + $ g++-12 --version g++-12 (Debian 12.2.0-14) 12.2.0 @@ -47,6 +49,7 @@ To reduce the runtime, the total height is limited to four and two Merkle trees This change has no influence on the code coverage of the side channel analysis performed. .. code-block:: + --- a/src/lib/pubkey/sphincsplus/sphincsplus_common/sp_parameters.cpp +++ b/src/lib/pubkey/sphincsplus/sphincsplus_common/sp_parameters.cpp @@ -230,7 +230,7 @@ Sphincs_Parameters Sphincs_Parameters::create(Sphincs_Parameter_Set set, Sphincs @@ -90,6 +93,7 @@ Consequently, it is also uncritical if the differences indicate which nodes belo This knowledge can also be derived from a message and the associated signature. .. code-block:: cpp + void treehash(StrongSpan out_root, StrongSpan out_auth_path, const Sphincs_Parameters& params, @@ -119,6 +123,7 @@ Here too, there is a similar difference in programme execution when adding indiv As with the FORS method, this difference is also uncritical with the XMSS method. .. code-block:: cpp + void treehash(StrongSpan out_root, StrongSpan out_auth_path, const Sphincs_Parameters& params, @@ -150,6 +155,7 @@ The implementation distinguishes whether signature data must be created for the This information can also be calculated using the message and the associated signature, which classifies the difference as non-critical. .. code-block:: cpp + void wots_sign_and_pkgen(StrongSpan sig_out, StrongSpan leaf_out, const SphincsSecretSeed& secret_seed, @@ -183,6 +189,7 @@ This shows the number of steps performed in a hash chain. This is not critical because this information is also calculated during verification using the message and signature. .. code-block:: cpp + void wots_sign_and_pkgen(StrongSpan sig_out, StrongSpan leaf_out, const SphincsSecretSeed& secret_seed,