-
Notifications
You must be signed in to change notification settings - Fork 28
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Understand why SLH-DSA implementation is mostly failing against LibOQS Provider #132
Comments
I believe that most SPHINCS+ variants are switched off by default due to an issue in OpenSSL limiting the number of signature algorithms a provider can advertise without causing hangups: see open-quantum-safe/oqs-provider#465 for a recent reference and open-quantum-safe/oqs-provider#399 for an in-depth discussion. Our SPHINCS+ code is still at the Round 3 version and hasn't been updated to support the SLH-DSA draft version. The liboqs implementation is inherited from PQClean, which is in turn inherited from https://github.com/sphincs/sphincsplus. As far as I can tell, neither of those upstreams have implemented the draft modifications. |
Here is the current list of sig algs, OIDs and alg code levels made available by If anyone wants to enable other sig algs, follow this guidance. If anyone has specific wishes for default sig algs, please chime in to this discussion. Edit/add: There's something fishy with Composite algs in the file mentioned above. Will be fixed. |
There is conflict with oqsprovider OIDs and IETF hackathon ones at https://github.com/IETF-Hackathon/pqc-certificates/blob/master/docs/oid_mapping.md IETF hackathon calls ones SLH-DSA while oqsprovider calls the same OID sphincsplus. For example 1.3.9999.6.9.10. The SLH-SDA and sphincsplus versions aren't interoperable (unlike some of the lower parameter sets). How did this OID conflict come about? |
We've been using those OIDs since before the SLH-DSA standard was released. |
SLH-DSA in automation tables doesn't look good. In OQS they are not enabled by default.
https://ietf-hackathon.github.io/pqc-certificates/pqc_hackathon_results_certs_r3_automated_tests.html
Does anyone know if the LibOQS provider has only enabled 4 SLH-DSA parameters sets? Is there a good reason? The only change is the pre-hash coming in the final document. LibOQS claims support for SPHINCS+ in their documentation, so do they actually support SLH-DSA or is that a documentation issue?
Action John: Send an email to the OQS team to try and sort out SLH-DSA / SPHINCS+ support and clarify OIDs and why they are off by default.
The text was updated successfully, but these errors were encountered: