diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 7c249698..4b69ac92 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -30,7 +30,7 @@ jobs: - name: Checkout code uses: actions/checkout@v2 - name: Full build - run: OPENSSL_BRANCH=${{ matrix.ossl-branch }} ./scripts/fullbuild.sh + run: LIBOQS_BRANCH=standard OPENSSL_BRANCH=${{ matrix.ossl-branch }} ./scripts/fullbuild.sh - name: Enable sibling oqsprovider for testing run: cd _build/lib && ln -s oqsprovider.so oqsprovider2.so - name: Test diff --git a/ALGORITHMS.md b/ALGORITHMS.md index ef208b76..dac75e0f 100644 --- a/ALGORITHMS.md +++ b/ALGORITHMS.md @@ -28,16 +28,16 @@ As standardization for these algorithms within TLS is not done, all TLS code poi | p521_frodo1344aes | 0x2F04 | Yes | OQS_CODEPOINT_P521_FRODO1344AES | | frodo1344shake | 0x0205 | Yes | OQS_CODEPOINT_FRODO1344SHAKE | | p521_frodo1344shake | 0x2F05 | Yes | OQS_CODEPOINT_P521_FRODO1344SHAKE | -| kyber512 | 0x023A | Yes | OQS_CODEPOINT_KYBER512 | -| p256_kyber512 | 0x2F3A | Yes | OQS_CODEPOINT_P256_KYBER512 | -| x25519_kyber512 | 0x2F39 | Yes | OQS_CODEPOINT_X25519_KYBER512 | -| kyber768 | 0x023C | Yes | OQS_CODEPOINT_KYBER768 | -| p384_kyber768 | 0x2F3C | Yes | OQS_CODEPOINT_P384_KYBER768 | -| x448_kyber768 | 0x2F90 | Yes | OQS_CODEPOINT_X448_KYBER768 | -| x25519_kyber768 | 0x6399 | Yes | OQS_CODEPOINT_X25519_KYBER768 | -| p256_kyber768 | 0x639A | Yes | OQS_CODEPOINT_P256_KYBER768 | -| kyber1024 | 0x023D | Yes | OQS_CODEPOINT_KYBER1024 | -| p521_kyber1024 | 0x2F3D | Yes | OQS_CODEPOINT_P521_KYBER1024 | +| kyber512 | 0x0244 | Yes | OQS_CODEPOINT_KYBER512 | +| p256_kyber512 | 0x2F44 | Yes | OQS_CODEPOINT_P256_KYBER512 | +| x25519_kyber512 | 0x2FB0 | Yes | OQS_CODEPOINT_X25519_KYBER512 | +| kyber768 | 0x0245 | Yes | OQS_CODEPOINT_KYBER768 | +| p384_kyber768 | 0x2F45 | Yes | OQS_CODEPOINT_P384_KYBER768 | +| x448_kyber768 | 0x2FB1 | Yes | OQS_CODEPOINT_X448_KYBER768 | +| x25519_kyber768 | 0x2FB2 | Yes | OQS_CODEPOINT_X25519_KYBER768 | +| p256_kyber768 | 0x2FB3 | Yes | OQS_CODEPOINT_P256_KYBER768 | +| kyber1024 | 0x0246 | Yes | OQS_CODEPOINT_KYBER1024 | +| p521_kyber1024 | 0x2F46 | Yes | OQS_CODEPOINT_P521_KYBER1024 | | bikel1 | 0x0241 | Yes | OQS_CODEPOINT_BIKEL1 | | p256_bikel1 | 0x2F41 | Yes | OQS_CODEPOINT_P256_BIKEL1 | | x25519_bikel1 | 0x2FAE | Yes | OQS_CODEPOINT_X25519_BIKEL1 | @@ -54,13 +54,13 @@ As standardization for these algorithms within TLS is not done, all TLS code poi | x448_hqc192 | 0x2FAD | Yes | OQS_CODEPOINT_X448_HQC192 | | hqc256 | 0x022E | Yes | OQS_CODEPOINT_HQC256 | | p521_hqc256 | 0x2F2E | Yes | OQS_CODEPOINT_P521_HQC256 | -| dilithium2 | 0xfea0 |Yes| OQS_CODEPOINT_DILITHIUM2 -| p256_dilithium2 | 0xfea1 |Yes| OQS_CODEPOINT_P256_DILITHIUM2 -| rsa3072_dilithium2 | 0xfea2 |Yes| OQS_CODEPOINT_RSA3072_DILITHIUM2 -| dilithium3 | 0xfea3 |Yes| OQS_CODEPOINT_DILITHIUM3 -| p384_dilithium3 | 0xfea4 |Yes| OQS_CODEPOINT_P384_DILITHIUM3 -| dilithium5 | 0xfea5 |Yes| OQS_CODEPOINT_DILITHIUM5 -| p521_dilithium5 | 0xfea6 |Yes| OQS_CODEPOINT_P521_DILITHIUM5 +| dilithium2 | 0xfed0 |Yes| OQS_CODEPOINT_DILITHIUM2 +| p256_dilithium2 | 0xfed1 |Yes| OQS_CODEPOINT_P256_DILITHIUM2 +| rsa3072_dilithium2 | 0xfed2 |Yes| OQS_CODEPOINT_RSA3072_DILITHIUM2 +| dilithium3 | 0xfed3 |Yes| OQS_CODEPOINT_DILITHIUM3 +| p384_dilithium3 | 0xfed4 |Yes| OQS_CODEPOINT_P384_DILITHIUM3 +| dilithium5 | 0xfed5 |Yes| OQS_CODEPOINT_DILITHIUM5 +| p521_dilithium5 | 0xfed6 |Yes| OQS_CODEPOINT_P521_DILITHIUM5 | falcon512 | 0xfeae |Yes| OQS_CODEPOINT_FALCON512 | p256_falcon512 | 0xfeaf |Yes| OQS_CODEPOINT_P256_FALCON512 | rsa3072_falcon512 | 0xfeb0 |Yes| OQS_CODEPOINT_RSA3072_FALCON512 @@ -119,13 +119,13 @@ adapting the OIDs of all supported signature algorithms as per the table below. |Algorithm name | default OID | enabled | environment variable | |---------------|:-----------------:|:-------:|----------------------| -| dilithium2 | 1.3.6.1.4.1.2.267.7.4.4 |Yes| OQS_OID_DILITHIUM2 -| p256_dilithium2 | 1.3.9999.2.7.1 |Yes| OQS_OID_P256_DILITHIUM2 -| rsa3072_dilithium2 | 1.3.9999.2.7.2 |Yes| OQS_OID_RSA3072_DILITHIUM2 -| dilithium3 | 1.3.6.1.4.1.2.267.7.6.5 |Yes| OQS_OID_DILITHIUM3 -| p384_dilithium3 | 1.3.9999.2.7.3 |Yes| OQS_OID_P384_DILITHIUM3 -| dilithium5 | 1.3.6.1.4.1.2.267.7.8.7 |Yes| OQS_OID_DILITHIUM5 -| p521_dilithium5 | 1.3.9999.2.7.4 |Yes| OQS_OID_P521_DILITHIUM5 +| dilithium2 | 1.3.6.1.4.1.2.267.12.4.4 |Yes| OQS_OID_DILITHIUM2 +| p256_dilithium2 | 1.3.9999.2.7.5 |Yes| OQS_OID_P256_DILITHIUM2 +| rsa3072_dilithium2 | 1.3.9999.2.7.6 |Yes| OQS_OID_RSA3072_DILITHIUM2 +| dilithium3 | 1.3.6.1.4.1.2.267.12.6.5 |Yes| OQS_OID_DILITHIUM3 +| p384_dilithium3 | 1.3.9999.2.7.7 |Yes| OQS_OID_P384_DILITHIUM3 +| dilithium5 | 1.3.6.1.4.1.2.267.12.8.7 |Yes| OQS_OID_DILITHIUM5 +| p521_dilithium5 | 1.3.9999.2.7.8 |Yes| OQS_OID_P521_DILITHIUM5 | falcon512 | 1.3.9999.3.6 |Yes| OQS_OID_FALCON512 | p256_falcon512 | 1.3.9999.3.7 |Yes| OQS_OID_P256_FALCON512 | rsa3072_falcon512 | 1.3.9999.3.8 |Yes| OQS_OID_RSA3072_FALCON512 diff --git a/CMakeLists.txt b/CMakeLists.txt index de0143e5..a27c3044 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -25,7 +25,7 @@ else() set(OQS_ADDL_SOCKET_LIBS "") endif() -option(NOPUBKEY_IN_PRIVKEY "Do not include public keys in private key structures/PKCS#8 " OFF) +option(NOPUBKEY_IN_PRIVKEY "Do not include public keys in private key structures/PKCS#8 " ON) if(${NOPUBKEY_IN_PRIVKEY}) message(STATUS "Build will not store public keys alongside private keys in PKCS#8 structures") add_compile_definitions( NOPUBKEY_IN_PRIVKEY ) diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml index 4865eb79..552853b1 100644 --- a/oqs-template/generate.yml +++ b/oqs-template/generate.yml @@ -1,5 +1,5 @@ # This is the master document for ID interoperability for KEM IDs, p-hybrid KEM IDs, SIG (O)IDs -# Next free plain KEM ID: 0x0244, p-hybrid: 0x2F44, X-hybrid: 0x2FB0 +# Next free plain KEM ID: 0x0247, p-hybrid: 0x2F47, X-hybrid: 0x2FB4 kems: - family: 'FrodoKEM' @@ -84,14 +84,25 @@ kems: - family: 'CRYSTALS-Kyber' name_group: 'kyber512' - nid: '0x023A' - nid_hybrid: '0x2F3A' + nid: '0x0244' + nid_hybrid: '0x2F44' oqs_alg: 'OQS_KEM_alg_kyber_512' extra_nids: current: - hybrid_group: "x25519" - nid: '0x2F39' + nid: '0x2FB0' old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + nid: '0x023A' + - implementation_version: NIST Round 3 submission + nist-round: 3 + hybrid_group: secp256_r1 + nid: '0x2F3A' + - implementation_version: NIST Round 3 submission + nist-round: 3 + hybrid_group: x25519 + nid: '0x2F39' - implementation_version: NIST Round 2 submission nist-round: 2 nid: '0x020F' @@ -106,17 +117,32 @@ kems: - family: 'CRYSTALS-Kyber' name_group: 'kyber768' - nid: '0x023C' - nid_hybrid: '0x2F3C' + nid: '0x0245' + nid_hybrid: '0x2F45' extra_nids: current: - hybrid_group: "x448" - nid: '0x2F90' + nid: '0x2FB1' - hybrid_group: "x25519" - nid: '0x6399' + nid: '0x2FB2' - hybrid_group: "p256" - nid: '0x639A' + nid: '0x2FB3' old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + nid: '0x023C' + - implementation_version: NIST Round 3 submission + nist-round: 3 + hybrid_group: secp384_r1 + nid: '0x2F3C' + - implementation_version: NIST Round 3 submission + nist-round: 3 + hybrid_group: x25519 + nid: '0x6399' + - implementation_version: NIST Round 3 submission + nist-round: 3 + hybrid_group: x448 + nid: '0x639A' - implementation_version: NIST Round 2 submission nist-round: 2 nid: '0x0210' @@ -128,10 +154,17 @@ kems: - family: 'CRYSTALS-Kyber' name_group: 'kyber1024' - nid: '0x023D' - nid_hybrid: '0x2F3D' + nid: '0x0246' + nid_hybrid: '0x2F46' extra_nids: old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + nid: '0x023D' + - implementation_version: NIST Round 3 submission + nist-round: 3 + hybrid_group: secp521_r1 + nid: '0x2F3D' - implementation_version: NIST Round 2 submission nist-round: 2 nid: '0x0211' @@ -320,7 +353,7 @@ kem_nid_end: '0x0250' kem_nid_hybrid_end: '0x2FFF' # need to edit ssl_local.h macros IS_OQS_KEM_CURVEID and IS_OQS_KEM_HYBRID_CURVEID with the above _end values -# Next free signature ID: 0xfed0 +# Next free signature ID: 0xfed7 sigs: # - # iso (1) @@ -366,42 +399,79 @@ sigs: name: 'dilithium2' pretty_name: 'Dilithium2' oqs_meth: 'OQS_SIG_alg_dilithium_2' - oid: '1.3.6.1.4.1.2.267.7.4.4' - code_point: '0xfea0' + oid: '1.3.6.1.4.1.2.267.12.4.4' + code_point: '0xfed0' supported_encodings: ['draft-uni-qsckeys-dilithium-00/sk-pk'] enable: true mix_with: [{'name': 'p256', 'pretty_name': 'ECDSA p256', - 'oid': '1.3.9999.2.7.1', - 'code_point': '0xfea1'}, + 'oid': '1.3.9999.2.7.5', + 'code_point': '0xfed1'}, {'name': 'rsa3072', 'pretty_name': 'RSA3072', - 'oid': '1.3.9999.2.7.2', - 'code_point': '0xfea2'}] + 'oid': '1.3.9999.2.7.6', + 'code_point': '0xfed2'}] + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.6.1.4.1.2.267.7.4.4' + code_point: '0xfea0' + supported_encodings: ['draft-uni-qsckeys-dilithium-00/sk-pk'] + mix_with: [{'name': 'p256', + 'pretty_name': 'ECDSA p256', + 'oid': '1.3.9999.2.7.1', + 'code_point': '0xfea1'}, + {'name': 'rsa3072', + 'pretty_name': 'RSA3072', + 'oid': '1.3.9999.2.7.2', + 'code_point': '0xfea2'}] - name: 'dilithium3' pretty_name: 'Dilithium3' oqs_meth: 'OQS_SIG_alg_dilithium_3' - oid: '1.3.6.1.4.1.2.267.7.6.5' - code_point: '0xfea3' + oid: '1.3.6.1.4.1.2.267.12.6.5' + code_point: '0xfed3' supported_encodings: ['draft-uni-qsckeys-dilithium-00/sk-pk'] enable: true mix_with: [{'name': 'p384', 'pretty_name': 'ECDSA p384', - 'oid': '1.3.9999.2.7.3', - 'code_point': '0xfea4'}] + 'oid': '1.3.9999.2.7.7', + 'code_point': '0xfed4'}] + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.6.1.4.1.2.267.7.6.5' + code_point: '0xfea3' + supported_encodings: ['draft-uni-qsckeys-dilithium-00/sk-pk'] + mix_with: [{'name': 'p384', + 'pretty_name': 'ECDSA p384', + 'oid': '1.3.9999.2.7.3', + 'code_point': '0xfea4'}] - name: 'dilithium5' pretty_name: 'Dilithium5' oqs_meth: 'OQS_SIG_alg_dilithium_5' - oid: '1.3.6.1.4.1.2.267.7.8.7' - code_point: '0xfea5' + oid: '1.3.6.1.4.1.2.267.12.8.7' + code_point: '0xfed5' supported_encodings: ['draft-uni-qsckeys-dilithium-00/sk-pk'] enable: true mix_with: [{'name': 'p521', 'pretty_name': 'ECDSA p521', - 'oid': '1.3.9999.2.7.4', - 'code_point': '0xfea6'}] + 'oid': '1.3.9999.2.7.8', + 'code_point': '0xfed6'}] + extra_nids: + old: + - implementation_version: NIST Round 3 submission + nist-round: 3 + oid: '1.3.6.1.4.1.2.267.7.8.7' + code_point: '0xfea5' + supported_encodings: ['draft-uni-qsckeys-dilithium-00/sk-pk'] + mix_with: [{'name': 'p521', + 'pretty_name': 'ECDSA p521', + 'oid': '1.3.9999.2.7.4', + 'code_point': '0xfea6'}] - name: 'dilithium2_aes' pretty_name: 'Dilithium2_AES' diff --git a/oqs-template/generate_oid_nid_table.py b/oqs-template/generate_oid_nid_table.py index 24a0ac24..a3b0fefd 100644 --- a/oqs-template/generate_oid_nid_table.py +++ b/oqs-template/generate_oid_nid_table.py @@ -138,7 +138,7 @@ def gen_kem_table(oqslibdocdir): entry['hybrid_group'] if 'hybrid_group' in entry else ""]) # sort by: family, version, security level, variant, hybrid - table.sort(key = lambda row: "{:s}|{:s}|{:d}|{:s}|{:s}".format(row[0], row[1], row[3], row[2], row[5])) + table.sort(key = lambda row: "{:s}|{:s}|{:s}|{:s}|{:s}".format(row[0], row[1], str(row[3]), row[2], row[5])) table = [table_header] + table diff --git a/oqs-template/oqs-kem-info.md b/oqs-template/oqs-kem-info.md index d45c8a1e..d9461f8c 100644 --- a/oqs-template/oqs-kem-info.md +++ b/oqs-template/oqs-kem-info.md @@ -1,79 +1,88 @@ -| Family | Implementation Version | Variant | NIST round | Claimed NIST Level | Code Point | Hybrid Elliptic Curve (if any) | -|:---------------|:-------------------------|:---------------|-------------:|---------------------:|:-------------|:---------------------------------| -| BIKE | 5.1 | bikel1 | 4 | 1 | 0x0241 | | -| BIKE | 5.1 | bikel1 | 4 | 1 | 0x2F41 | secp256_r1 | -| BIKE | 5.1 | bikel1 | 4 | 1 | 0x2FAE | x25519 | -| BIKE | 5.1 | bikel3 | 4 | 3 | 0x0242 | | -| BIKE | 5.1 | bikel3 | 4 | 3 | 0x2F42 | secp384_r1 | -| BIKE | 5.1 | bikel3 | 4 | 3 | 0x2FAF | x448 | -| BIKE | 5.1 | bikel5 | 4 | 5 | 0x0243 | | -| BIKE | 5.1 | bikel5 | 4 | 5 | 0x2F43 | secp521_r1 | -| BIKE | NIST Round 2 submission | bike1l1cpa | 2 | 1 | 0x0206 | | -| BIKE | NIST Round 2 submission | bike1l1cpa | 2 | 1 | 0x2F06 | secp256_r1 | -| BIKE | NIST Round 2 submission | bike1l1fo | 2 | 1 | 0x0223 | | -| BIKE | NIST Round 2 submission | bike1l1fo | 2 | 1 | 0x2F23 | secp256_r1 | -| BIKE | NIST Round 2 submission | bike1l1fo | 2 | 1 | 0x2F28 | x25519 | -| BIKE | NIST Round 2 submission | bike1l3cpa | 2 | 3 | 0x0207 | | -| BIKE | NIST Round 2 submission | bike1l3cpa | 2 | 3 | 0x2F07 | secp384_r1 | -| BIKE | NIST Round 2 submission | bike1l3fo | 2 | 3 | 0x0224 | | -| BIKE | NIST Round 2 submission | bike1l3fo | 2 | 3 | 0x2F24 | secp384_r1 | -| BIKE | NIST Round 3 submission | bikel1 | 3 | 1 | 0x0238 | | -| BIKE | NIST Round 3 submission | bikel1 | 3 | 1 | 0x2F37 | x25519 | -| BIKE | NIST Round 3 submission | bikel1 | 3 | 1 | 0x2F38 | secp256_r1 | -| BIKE | NIST Round 3 submission | bikel3 | 3 | 3 | 0x023B | | -| BIKE | NIST Round 3 submission | bikel3 | 3 | 3 | 0x2F3B | secp384_r1 | -| CRYSTALS-Kyber | NIST Round 2 submission | kyber1024 | 2 | 5 | 0x0211 | | -| CRYSTALS-Kyber | NIST Round 2 submission | kyber1024 | 2 | 5 | 0x2F11 | secp521_r1 | -| CRYSTALS-Kyber | NIST Round 2 submission | kyber512 | 2 | 1 | 0x020F | | -| CRYSTALS-Kyber | NIST Round 2 submission | kyber512 | 2 | 1 | 0x2F0F | secp256_r1 | -| CRYSTALS-Kyber | NIST Round 2 submission | kyber512 | 2 | 1 | 0x2F26 | x25519 | -| CRYSTALS-Kyber | NIST Round 2 submission | kyber768 | 2 | 3 | 0x0210 | | -| CRYSTALS-Kyber | NIST Round 2 submission | kyber768 | 2 | 3 | 0x2F10 | secp384_r1 | -| CRYSTALS-Kyber | NIST Round 2 submission | kyber90s1024 | 2 | 5 | 0x022B | | -| CRYSTALS-Kyber | NIST Round 2 submission | kyber90s1024 | 2 | 5 | 0x2F2B | secp521_r1 | -| CRYSTALS-Kyber | NIST Round 2 submission | kyber90s512 | 2 | 1 | 0x0229 | | -| CRYSTALS-Kyber | NIST Round 2 submission | kyber90s512 | 2 | 1 | 0x2F29 | secp256_r1 | -| CRYSTALS-Kyber | NIST Round 2 submission | kyber90s768 | 2 | 3 | 0x022A | | -| CRYSTALS-Kyber | NIST Round 2 submission | kyber90s768 | 2 | 3 | 0x2F2A | secp384_r1 | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber1024 | 3 | 5 | 0x023D | | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber1024 | 3 | 5 | 0x2F3D | secp521_r1 | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber512 | 3 | 1 | 0x023A | | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber512 | 3 | 1 | 0x2F39 | x25519 | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber512 | 3 | 1 | 0x2F3A | secp256_r1 | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber768 | 3 | 3 | 0x023C | | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber768 | 3 | 3 | 0x2F3C | secp384_r1 | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber768 | 3 | 3 | 0x2F90 | x448 | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber768 | 3 | 3 | 0x6399 | x25519 | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber768 | 3 | 3 | 0x639A | p256 | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s1024 | 3 | 5 | 0x0240 | | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s1024 | 3 | 5 | 0x2F40 | secp521_r1 | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s512 | 3 | 1 | 0x023E | | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s512 | 3 | 1 | 0x2F3E | secp256_r1 | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s512 | 3 | 1 | 0x2FA9 | x25519 | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s768 | 3 | 3 | 0x023F | | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s768 | 3 | 3 | 0x2F3F | secp384_r1 | -| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s768 | 3 | 3 | 0x2FAA | x448 | -| FrodoKEM | NIST Round 3 submission | frodo1344aes | 3 | 5 | 0x0204 | | -| FrodoKEM | NIST Round 3 submission | frodo1344aes | 3 | 5 | 0x2F04 | secp521_r1 | -| FrodoKEM | NIST Round 3 submission | frodo1344shake | 3 | 5 | 0x0205 | | -| FrodoKEM | NIST Round 3 submission | frodo1344shake | 3 | 5 | 0x2F05 | secp521_r1 | -| FrodoKEM | NIST Round 3 submission | frodo640aes | 3 | 1 | 0x0200 | | -| FrodoKEM | NIST Round 3 submission | frodo640aes | 3 | 1 | 0x2F00 | secp256_r1 | -| FrodoKEM | NIST Round 3 submission | frodo640aes | 3 | 1 | 0x2F80 | x25519 | -| FrodoKEM | NIST Round 3 submission | frodo640shake | 3 | 1 | 0x0201 | | -| FrodoKEM | NIST Round 3 submission | frodo640shake | 3 | 1 | 0x2F01 | secp256_r1 | -| FrodoKEM | NIST Round 3 submission | frodo640shake | 3 | 1 | 0x2F81 | x25519 | -| FrodoKEM | NIST Round 3 submission | frodo976aes | 3 | 3 | 0x0202 | | -| FrodoKEM | NIST Round 3 submission | frodo976aes | 3 | 3 | 0x2F02 | secp384_r1 | -| FrodoKEM | NIST Round 3 submission | frodo976aes | 3 | 3 | 0x2F82 | x448 | -| FrodoKEM | NIST Round 3 submission | frodo976shake | 3 | 3 | 0x0203 | | -| FrodoKEM | NIST Round 3 submission | frodo976shake | 3 | 3 | 0x2F03 | secp384_r1 | -| FrodoKEM | NIST Round 3 submission | frodo976shake | 3 | 3 | 0x2F83 | x448 | -| HQC | NIST Round 3 submission | hqc128 | 3 | 1 | 0x022C | | -| HQC | NIST Round 3 submission | hqc128 | 3 | 1 | 0x2F2C | secp256_r1 | -| HQC | NIST Round 3 submission | hqc128 | 3 | 1 | 0x2FAC | x25519 | -| HQC | NIST Round 3 submission | hqc192 | 3 | 3 | 0x022D | | -| HQC | NIST Round 3 submission | hqc192 | 3 | 3 | 0x2F2D | secp384_r1 | -| HQC | NIST Round 3 submission | hqc192 | 3 | 3 | 0x2FAD | x448 | -| HQC | NIST Round 3 submission | hqc256 | 3 | 5 | 0x022E | | -| HQC | NIST Round 3 submission | hqc256 | 3 | 5 | 0x2F2E | secp521_r1 | +| Family | Implementation Version | Variant | NIST round | Claimed NIST Level | Code Point | Hybrid Elliptic Curve (if any) | +|:---------------|:-------------------------|:---------------|:---------------|---------------------:|:-------------|:---------------------------------| +| BIKE | 5.1 | bikel1 | 4 | 1 | 0x0241 | | +| BIKE | 5.1 | bikel1 | 4 | 1 | 0x2F41 | secp256_r1 | +| BIKE | 5.1 | bikel1 | 4 | 1 | 0x2FAE | x25519 | +| BIKE | 5.1 | bikel3 | 4 | 3 | 0x0242 | | +| BIKE | 5.1 | bikel3 | 4 | 3 | 0x2F42 | secp384_r1 | +| BIKE | 5.1 | bikel3 | 4 | 3 | 0x2FAF | x448 | +| BIKE | 5.1 | bikel5 | 4 | 5 | 0x0243 | | +| BIKE | 5.1 | bikel5 | 4 | 5 | 0x2F43 | secp521_r1 | +| BIKE | NIST Round 2 submission | bike1l1cpa | 2 | 1 | 0x0206 | | +| BIKE | NIST Round 2 submission | bike1l1cpa | 2 | 1 | 0x2F06 | secp256_r1 | +| BIKE | NIST Round 2 submission | bike1l1fo | 2 | 1 | 0x0223 | | +| BIKE | NIST Round 2 submission | bike1l1fo | 2 | 1 | 0x2F23 | secp256_r1 | +| BIKE | NIST Round 2 submission | bike1l1fo | 2 | 1 | 0x2F28 | x25519 | +| BIKE | NIST Round 2 submission | bike1l3cpa | 2 | 3 | 0x0207 | | +| BIKE | NIST Round 2 submission | bike1l3cpa | 2 | 3 | 0x2F07 | secp384_r1 | +| BIKE | NIST Round 2 submission | bike1l3fo | 2 | 3 | 0x0224 | | +| BIKE | NIST Round 2 submission | bike1l3fo | 2 | 3 | 0x2F24 | secp384_r1 | +| BIKE | NIST Round 3 submission | bikel1 | 3 | 1 | 0x0238 | | +| BIKE | NIST Round 3 submission | bikel1 | 3 | 1 | 0x2F37 | x25519 | +| BIKE | NIST Round 3 submission | bikel1 | 3 | 1 | 0x2F38 | secp256_r1 | +| BIKE | NIST Round 3 submission | bikel3 | 3 | 3 | 0x023B | | +| BIKE | NIST Round 3 submission | bikel3 | 3 | 3 | 0x2F3B | secp384_r1 | +| CRYSTALS-Kyber | NIST Round 2 submission | kyber1024 | 2 | 5 | 0x0211 | | +| CRYSTALS-Kyber | NIST Round 2 submission | kyber1024 | 2 | 5 | 0x2F11 | secp521_r1 | +| CRYSTALS-Kyber | NIST Round 2 submission | kyber512 | 2 | 1 | 0x020F | | +| CRYSTALS-Kyber | NIST Round 2 submission | kyber512 | 2 | 1 | 0x2F0F | secp256_r1 | +| CRYSTALS-Kyber | NIST Round 2 submission | kyber512 | 2 | 1 | 0x2F26 | x25519 | +| CRYSTALS-Kyber | NIST Round 2 submission | kyber768 | 2 | 3 | 0x0210 | | +| CRYSTALS-Kyber | NIST Round 2 submission | kyber768 | 2 | 3 | 0x2F10 | secp384_r1 | +| CRYSTALS-Kyber | NIST Round 2 submission | kyber90s1024 | 2 | 5 | 0x022B | | +| CRYSTALS-Kyber | NIST Round 2 submission | kyber90s1024 | 2 | 5 | 0x2F2B | secp521_r1 | +| CRYSTALS-Kyber | NIST Round 2 submission | kyber90s512 | 2 | 1 | 0x0229 | | +| CRYSTALS-Kyber | NIST Round 2 submission | kyber90s512 | 2 | 1 | 0x2F29 | secp256_r1 | +| CRYSTALS-Kyber | NIST Round 2 submission | kyber90s768 | 2 | 3 | 0x022A | | +| CRYSTALS-Kyber | NIST Round 2 submission | kyber90s768 | 2 | 3 | 0x2F2A | secp384_r1 | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber1024 | 3 | 5 | 0x023D | | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber1024 | 3 | 5 | 0x2F3D | secp521_r1 | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber512 | 3 | 1 | 0x023A | | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber512 | 3 | 1 | 0x2F39 | x25519 | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber512 | 3 | 1 | 0x2F3A | secp256_r1 | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber768 | 3 | 3 | 0x023C | | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber768 | 3 | 3 | 0x2F3C | secp384_r1 | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber768 | 3 | 3 | 0x6399 | x25519 | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber768 | 3 | 3 | 0x639A | x448 | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s1024 | 3 | 5 | 0x0240 | | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s1024 | 3 | 5 | 0x2F40 | secp521_r1 | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s512 | 3 | 1 | 0x023E | | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s512 | 3 | 1 | 0x2F3E | secp256_r1 | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s512 | 3 | 1 | 0x2FA9 | x25519 | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s768 | 3 | 3 | 0x023F | | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s768 | 3 | 3 | 0x2F3F | secp384_r1 | +| CRYSTALS-Kyber | NIST Round 3 submission | kyber90s768 | 3 | 3 | 0x2FAA | x448 | +| CRYSTALS-Kyber | pq-crystals 20230726 | kyber1024 | standard draft | 5 | 0x0246 | | +| CRYSTALS-Kyber | pq-crystals 20230726 | kyber1024 | standard draft | 5 | 0x2F46 | secp521_r1 | +| CRYSTALS-Kyber | pq-crystals 20230726 | kyber512 | standard draft | 1 | 0x0244 | | +| CRYSTALS-Kyber | pq-crystals 20230726 | kyber512 | standard draft | 1 | 0x2F44 | secp256_r1 | +| CRYSTALS-Kyber | pq-crystals 20230726 | kyber512 | standard draft | 1 | 0x2FB0 | x25519 | +| CRYSTALS-Kyber | pq-crystals 20230726 | kyber768 | standard draft | 3 | 0x0245 | | +| CRYSTALS-Kyber | pq-crystals 20230726 | kyber768 | standard draft | 3 | 0x2F45 | secp384_r1 | +| CRYSTALS-Kyber | pq-crystals 20230726 | kyber768 | standard draft | 3 | 0x2FB1 | x448 | +| CRYSTALS-Kyber | pq-crystals 20230726 | kyber768 | standard draft | 3 | 0x2FB2 | x25519 | +| CRYSTALS-Kyber | pq-crystals 20230726 | kyber768 | standard draft | 3 | 0x2FB3 | p256 | +| FrodoKEM | NIST Round 3 submission | frodo1344aes | 3 | 5 | 0x0204 | | +| FrodoKEM | NIST Round 3 submission | frodo1344aes | 3 | 5 | 0x2F04 | secp521_r1 | +| FrodoKEM | NIST Round 3 submission | frodo1344shake | 3 | 5 | 0x0205 | | +| FrodoKEM | NIST Round 3 submission | frodo1344shake | 3 | 5 | 0x2F05 | secp521_r1 | +| FrodoKEM | NIST Round 3 submission | frodo640aes | 3 | 1 | 0x0200 | | +| FrodoKEM | NIST Round 3 submission | frodo640aes | 3 | 1 | 0x2F00 | secp256_r1 | +| FrodoKEM | NIST Round 3 submission | frodo640aes | 3 | 1 | 0x2F80 | x25519 | +| FrodoKEM | NIST Round 3 submission | frodo640shake | 3 | 1 | 0x0201 | | +| FrodoKEM | NIST Round 3 submission | frodo640shake | 3 | 1 | 0x2F01 | secp256_r1 | +| FrodoKEM | NIST Round 3 submission | frodo640shake | 3 | 1 | 0x2F81 | x25519 | +| FrodoKEM | NIST Round 3 submission | frodo976aes | 3 | 3 | 0x0202 | | +| FrodoKEM | NIST Round 3 submission | frodo976aes | 3 | 3 | 0x2F02 | secp384_r1 | +| FrodoKEM | NIST Round 3 submission | frodo976aes | 3 | 3 | 0x2F82 | x448 | +| FrodoKEM | NIST Round 3 submission | frodo976shake | 3 | 3 | 0x0203 | | +| FrodoKEM | NIST Round 3 submission | frodo976shake | 3 | 3 | 0x2F03 | secp384_r1 | +| FrodoKEM | NIST Round 3 submission | frodo976shake | 3 | 3 | 0x2F83 | x448 | +| HQC | NIST Round 3 submission | hqc128 | 3 | 1 | 0x022C | | +| HQC | NIST Round 3 submission | hqc128 | 3 | 1 | 0x2F2C | secp256_r1 | +| HQC | NIST Round 3 submission | hqc128 | 3 | 1 | 0x2FAC | x25519 | +| HQC | NIST Round 3 submission | hqc192 | 3 | 3 | 0x022D | | +| HQC | NIST Round 3 submission | hqc192 | 3 | 3 | 0x2F2D | secp384_r1 | +| HQC | NIST Round 3 submission | hqc192 | 3 | 3 | 0x2FAD | x448 | +| HQC | NIST Round 3 submission | hqc256 | 3 | 5 | 0x022E | | +| HQC | NIST Round 3 submission | hqc256 | 3 | 5 | 0x2F2E | secp521_r1 | diff --git a/oqs-template/oqs-sig-info.md b/oqs-template/oqs-sig-info.md index 9f084982..0fc1fd99 100644 --- a/oqs-template/oqs-sig-info.md +++ b/oqs-template/oqs-sig-info.md @@ -1,138 +1,145 @@ -| Algorithm | Implementation Version | NIST round | Claimed NIST Level | Code Point | OID | -|:--------------------------------------------------|:----------------------------------------------|-------------:|---------------------:|:-------------|:-------------------------| -| dilithium2 | 3.1 | 3 | 2 | 0xfea0 | 1.3.6.1.4.1.2.267.7.4.4 | -| dilithium2 **hybrid with** p256 | 3.1 | 3 | 2 | 0xfea1 | 1.3.9999.2.7.1 | -| dilithium2 **hybrid with** rsa3072 | 3.1 | 3 | 2 | 0xfea2 | 1.3.9999.2.7.2 | -| dilithium3 | 3.1 | 3 | 3 | 0xfea3 | 1.3.6.1.4.1.2.267.7.6.5 | -| dilithium3 **hybrid with** p384 | 3.1 | 3 | 3 | 0xfea4 | 1.3.9999.2.7.3 | -| dilithium5 | 3.1 | 3 | 5 | 0xfea5 | 1.3.6.1.4.1.2.267.7.8.7 | -| dilithium5 **hybrid with** p521 | 3.1 | 3 | 5 | 0xfea6 | 1.3.9999.2.7.4 | -| dilithium2_aes | NIST Round 3 submission | 3 | 2 | 0xfea7 | 1.3.6.1.4.1.2.267.11.4.4 | -| dilithium2_aes **hybrid with** p256 | NIST Round 3 submission | 3 | 2 | 0xfea8 | 1.3.9999.2.11.1 | -| dilithium2_aes **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 2 | 0xfea9 | 1.3.9999.2.11.2 | -| dilithium3_aes | NIST Round 3 submission | 3 | 3 | 0xfeaa | 1.3.6.1.4.1.2.267.11.6.5 | -| dilithium3_aes **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfeab | 1.3.9999.2.11.3 | -| dilithium5_aes | NIST Round 3 submission | 3 | 5 | 0xfeac | 1.3.6.1.4.1.2.267.11.8.7 | -| dilithium5_aes **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfead | 1.3.9999.2.11.4 | -| falcon512 | 20211101 | 3 | 1 | 0xfeae | 1.3.9999.3.6 | -| falcon512 **hybrid with** p256 | 20211101 | 3 | 1 | 0xfeaf | 1.3.9999.3.7 | -| falcon512 **hybrid with** rsa3072 | 20211101 | 3 | 1 | 0xfeb0 | 1.3.9999.3.8 | -| falcon512 | NIST Round 3 submission | 3 | 1 | 0xfe0b | 1.3.9999.3.1 | -| falcon512 **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe0c | 1.3.9999.3.2 | -| falcon512 **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe0d | 1.3.9999.3.3 | -| falcon1024 | 20211101 | 3 | 5 | 0xfeb1 | 1.3.9999.3.9 | -| falcon1024 **hybrid with** p521 | 20211101 | 3 | 5 | 0xfeb2 | 1.3.9999.3.10 | -| falcon1024 | NIST Round 3 submission | 3 | 5 | 0xfe0e | 1.3.9999.3.4 | -| falcon1024 **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe0f | 1.3.9999.3.5 | -| sphincsharaka128frobust | NIST Round 3 submission | 3 | 1 | 0xfe42 | 1.3.9999.6.1.1 | -| sphincsharaka128frobust **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe43 | 1.3.9999.6.1.2 | -| sphincsharaka128frobust **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe44 | 1.3.9999.6.1.3 | -| sphincsharaka128fsimple | NIST Round 3 submission | 3 | 1 | 0xfe45 | 1.3.9999.6.1.4 | -| sphincsharaka128fsimple **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe46 | 1.3.9999.6.1.5 | -| sphincsharaka128fsimple **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe47 | 1.3.9999.6.1.6 | -| sphincsharaka128srobust | NIST Round 3 submission | 3 | 1 | 0xfe48 | 1.3.9999.6.1.7 | -| sphincsharaka128srobust **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe49 | 1.3.9999.6.1.8 | -| sphincsharaka128srobust **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe4a | 1.3.9999.6.1.9 | -| sphincsharaka128ssimple | NIST Round 3 submission | 3 | 1 | 0xfe4b | 1.3.9999.6.1.10 | -| sphincsharaka128ssimple **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe4c | 1.3.9999.6.1.11 | -| sphincsharaka128ssimple **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe4d | 1.3.9999.6.1.12 | -| sphincsharaka192frobust | NIST Round 3 submission | 3 | 3 | 0xfe4e | 1.3.9999.6.2.1 | -| sphincsharaka192frobust **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe4f | 1.3.9999.6.2.2 | -| sphincsharaka192fsimple | NIST Round 3 submission | 3 | 3 | 0xfe50 | 1.3.9999.6.2.3 | -| sphincsharaka192fsimple **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe51 | 1.3.9999.6.2.4 | -| sphincsharaka192srobust | NIST Round 3 submission | 3 | 3 | 0xfe52 | 1.3.9999.6.2.5 | -| sphincsharaka192srobust **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe53 | 1.3.9999.6.2.6 | -| sphincsharaka192ssimple | NIST Round 3 submission | 3 | 3 | 0xfe54 | 1.3.9999.6.2.7 | -| sphincsharaka192ssimple **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe55 | 1.3.9999.6.2.8 | -| sphincsharaka256frobust | NIST Round 3 submission | 3 | 3 | 0xfe56 | 1.3.9999.6.3.1 | -| sphincsharaka256frobust **hybrid with** p521 | NIST Round 3 submission | 3 | 3 | 0xfe57 | 1.3.9999.6.3.2 | -| sphincsharaka256fsimple | NIST Round 3 submission | 3 | 5 | 0xfe58 | 1.3.9999.6.3.3 | -| sphincsharaka256fsimple **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe59 | 1.3.9999.6.3.4 | -| sphincsharaka256srobust | NIST Round 3 submission | 3 | 5 | 0xfe5a | 1.3.9999.6.3.5 | -| sphincsharaka256srobust **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe5b | 1.3.9999.6.3.6 | -| sphincsharaka256ssimple | NIST Round 3 submission | 3 | 5 | 0xfe5c | 1.3.9999.6.3.7 | -| sphincsharaka256ssimple **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe5d | 1.3.9999.6.3.8 | -| sphincssha26128frobust | NIST Round 3 submission | 3 | 5 | 0xfe5e | 1.3.9999.6.4.1 | -| sphincssha26128frobust **hybrid with** p256 | NIST Round 3 submission | 3 | 5 | 0xfe5f | 1.3.9999.6.4.2 | -| sphincssha26128frobust **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 5 | 0xfe60 | 1.3.9999.6.4.3 | -| sphincssha2128fsimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfeb3 | 1.3.9999.6.4.13 | -| sphincssha2128fsimple **hybrid with** p256 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfeb4 | 1.3.9999.6.4.14 | -| sphincssha2128fsimple **hybrid with** rsa3072 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfeb5 | 1.3.9999.6.4.15 | -| sphincssha2128fsimple | NIST Round 3 submission | 3 | 1 | 0xfe61 | 1.3.9999.6.4.4 | -| sphincssha2128fsimple **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe62 | 1.3.9999.6.4.5 | -| sphincssha2128fsimple **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe63 | 1.3.9999.6.4.6 | -| sphincssha256128srobust | NIST Round 3 submission | 3 | 5 | 0xfe64 | 1.3.9999.6.4.7 | -| sphincssha256128srobust **hybrid with** p256 | NIST Round 3 submission | 3 | 5 | 0xfe65 | 1.3.9999.6.4.8 | -| sphincssha256128srobust **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 5 | 0xfe66 | 1.3.9999.6.4.9 | -| sphincssha2128ssimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfeb6 | 1.3.9999.6.4.16 | -| sphincssha2128ssimple **hybrid with** p256 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfeb7 | 1.3.9999.6.4.17 | -| sphincssha2128ssimple **hybrid with** rsa3072 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfeb8 | 1.3.9999.6.4.18 | -| sphincssha2128ssimple | NIST Round 3 submission | 3 | 1 | 0xfe67 | 1.3.9999.6.4.10 | -| sphincssha2128ssimple **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe68 | 1.3.9999.6.4.11 | -| sphincssha2128ssimple **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe69 | 1.3.9999.6.4.12 | -| sphincssha256192frobust | NIST Round 3 submission | 3 | 5 | 0xfe6a | 1.3.9999.6.5.1 | -| sphincssha256192frobust **hybrid with** p384 | NIST Round 3 submission | 3 | 5 | 0xfe6b | 1.3.9999.6.5.2 | -| sphincssha2192fsimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfeb9 | 1.3.9999.6.5.10 | -| sphincssha2192fsimple **hybrid with** p384 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfeba | 1.3.9999.6.5.11 | -| sphincssha2192fsimple | NIST Round 3 submission | 3 | 3 | 0xfe6c | 1.3.9999.6.5.3 | -| sphincssha2192fsimple **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe6d | 1.3.9999.6.5.4 | -| sphincssha256192srobust | NIST Round 3 submission | 3 | 5 | 0xfe6e | 1.3.9999.6.5.5 | -| sphincssha256192srobust **hybrid with** p384 | NIST Round 3 submission | 3 | 5 | 0xfe6f | 1.3.9999.6.5.6 | -| sphincssha2192ssimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfebb | 1.3.9999.6.5.12 | -| sphincssha2192ssimple **hybrid with** p384 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfebc | 1.3.9999.6.5.13 | -| sphincssha2192ssimple | NIST Round 3 submission | 3 | 3 | 0xfe70 | 1.3.9999.6.5.7 | -| sphincssha2192ssimple **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe71 | 1.3.9999.6.5.8 | -| sphincssha256256frobust | NIST Round 3 submission | 3 | 5 | 0xfe72 | 1.3.9999.6.6.1 | -| sphincssha256256frobust **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe73 | 1.3.9999.6.6.2 | -| sphincssha2256fsimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfebd | 1.3.9999.6.6.10 | -| sphincssha2256fsimple **hybrid with** p521 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfebe | 1.3.9999.6.6.11 | -| sphincssha2256fsimple | NIST Round 3 submission | 3 | 5 | 0xfe74 | 1.3.9999.6.6.3 | -| sphincssha2256fsimple **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe75 | 1.3.9999.6.6.4 | -| sphincssha256256srobust | NIST Round 3 submission | 3 | 5 | 0xfe76 | 1.3.9999.6.6.5 | -| sphincssha256256srobust **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe77 | 1.3.9999.6.6.6 | -| sphincssha2256ssimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfec0 | 1.3.9999.6.6.12 | -| sphincssha2256ssimple **hybrid with** p521 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfec1 | 1.3.9999.6.6.13 | -| sphincssha2256ssimple | NIST Round 3 submission | 3 | 5 | 0xfe78 | 1.3.9999.6.6.7 | -| sphincssha2256ssimple **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe79 | 1.3.9999.6.6.8 | -| sphincsshake256128frobust | NIST Round 3 submission | 3 | 1 | 0xfe7a | 1.3.9999.6.7.1 | -| sphincsshake256128frobust **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe7b | 1.3.9999.6.7.2 | -| sphincsshake256128frobust **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe7c | 1.3.9999.6.7.3 | -| sphincsshake128fsimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfec2 | 1.3.9999.6.7.13 | -| sphincsshake128fsimple **hybrid with** p256 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfec3 | 1.3.9999.6.7.14 | -| sphincsshake128fsimple **hybrid with** rsa3072 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfec4 | 1.3.9999.6.7.15 | -| sphincsshake128fsimple | NIST Round 3 submission | 3 | 1 | 0xfe7d | 1.3.9999.6.7.4 | -| sphincsshake128fsimple **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe7e | 1.3.9999.6.7.5 | -| sphincsshake128fsimple **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe7f | 1.3.9999.6.7.6 | -| sphincsshake256128srobust | NIST Round 3 submission | 3 | 1 | 0xfe80 | 1.3.9999.6.7.7 | -| sphincsshake256128srobust **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe81 | 1.3.9999.6.7.8 | -| sphincsshake256128srobust **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe82 | 1.3.9999.6.7.9 | -| sphincsshake128ssimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfec5 | 1.3.9999.6.7.16 | -| sphincsshake128ssimple **hybrid with** p256 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfec6 | 1.3.9999.6.7.17 | -| sphincsshake128ssimple **hybrid with** rsa3072 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfec7 | 1.3.9999.6.7.18 | -| sphincsshake128ssimple | NIST Round 3 submission | 3 | 1 | 0xfe83 | 1.3.9999.6.7.10 | -| sphincsshake128ssimple **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe84 | 1.3.9999.6.7.11 | -| sphincsshake128ssimple **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe85 | 1.3.9999.6.7.12 | -| sphincsshake256192frobust | NIST Round 3 submission | 3 | 3 | 0xfe86 | 1.3.9999.6.8.1 | -| sphincsshake256192frobust **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe87 | 1.3.9999.6.8.2 | -| sphincsshake192fsimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfec8 | 1.3.9999.6.8.10 | -| sphincsshake192fsimple **hybrid with** p384 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfec9 | 1.3.9999.6.8.11 | -| sphincsshake192fsimple | NIST Round 3 submission | 3 | 3 | 0xfe88 | 1.3.9999.6.8.3 | -| sphincsshake192fsimple **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe89 | 1.3.9999.6.8.4 | -| sphincsshake256192srobust | NIST Round 3 submission | 3 | 3 | 0xfe8a | 1.3.9999.6.8.5 | -| sphincsshake256192srobust **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe8b | 1.3.9999.6.8.6 | -| sphincsshake192ssimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfeca | 1.3.9999.6.8.12 | -| sphincsshake192ssimple **hybrid with** p384 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfecb | 1.3.9999.6.8.13 | -| sphincsshake192ssimple | NIST Round 3 submission | 3 | 3 | 0xfe8c | 1.3.9999.6.8.7 | -| sphincsshake192ssimple **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe8d | 1.3.9999.6.8.8 | -| sphincsshake256256frobust | NIST Round 3 submission | 3 | 5 | 0xfe8e | 1.3.9999.6.9.1 | -| sphincsshake256256frobust **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe8f | 1.3.9999.6.9.2 | -| sphincsshake256fsimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfecc | 1.3.9999.6.9.10 | -| sphincsshake256fsimple **hybrid with** p521 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfecd | 1.3.9999.6.9.11 | -| sphincsshake256fsimple | NIST Round 3 submission | 3 | 5 | 0xfe90 | 1.3.9999.6.9.3 | -| sphincsshake256fsimple **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe91 | 1.3.9999.6.9.4 | -| sphincsshake256256srobust | NIST Round 3 submission | 3 | 5 | 0xfe92 | 1.3.9999.6.9.5 | -| sphincsshake256256srobust **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe93 | 1.3.9999.6.9.6 | -| sphincsshake256ssimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfece | 1.3.9999.6.9.12 | -| sphincsshake256ssimple **hybrid with** p521 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfecf | 1.3.9999.6.9.13 | -| sphincsshake256ssimple | NIST Round 3 submission | 3 | 5 | 0xfe94 | 1.3.9999.6.9.7 | -| sphincsshake256ssimple **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe95 | 1.3.9999.6.9.8 | \ No newline at end of file +| Algorithm | Implementation Version | NIST round | Claimed NIST Level | Code Point | OID | +|:--------------------------------------------------|:----------------------------------------------|:---------------|---------------------:|:-------------|:-------------------------| +| dilithium2 | pq-crystals 20230825 | standard draft | 2 | 0xfed0 | 1.3.6.1.4.1.2.267.12.4.4 | +| dilithium2 **hybrid with** p256 | pq-crystals 20230825 | standard draft | 2 | 0xfed1 | 1.3.9999.2.7.5 | +| dilithium2 **hybrid with** rsa3072 | pq-crystals 20230825 | standard draft | 2 | 0xfed2 | 1.3.9999.2.7.6 | +| dilithium2 | NIST Round 3 submission | 3 | 2 | 0xfea0 | 1.3.6.1.4.1.2.267.7.4.4 | +| dilithium2 **hybrid with** p256 | NIST Round 3 submission | 3 | 2 | 0xfea1 | 1.3.9999.2.7.1 | +| dilithium2 **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 2 | 0xfea2 | 1.3.9999.2.7.2 | +| dilithium3 | pq-crystals 20230825 | standard draft | 3 | 0xfed3 | 1.3.6.1.4.1.2.267.12.6.5 | +| dilithium3 **hybrid with** p384 | pq-crystals 20230825 | standard draft | 3 | 0xfed4 | 1.3.9999.2.7.7 | +| dilithium3 | NIST Round 3 submission | 3 | 3 | 0xfea3 | 1.3.6.1.4.1.2.267.7.6.5 | +| dilithium3 **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfea4 | 1.3.9999.2.7.3 | +| dilithium5 | pq-crystals 20230825 | standard draft | 5 | 0xfed5 | 1.3.6.1.4.1.2.267.12.8.7 | +| dilithium5 **hybrid with** p521 | pq-crystals 20230825 | standard draft | 5 | 0xfed6 | 1.3.9999.2.7.8 | +| dilithium5 | NIST Round 3 submission | 3 | 5 | 0xfea5 | 1.3.6.1.4.1.2.267.7.8.7 | +| dilithium5 **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfea6 | 1.3.9999.2.7.4 | +| dilithium2_aes | NIST Round 3 submission | 3 | 2 | 0xfea7 | 1.3.6.1.4.1.2.267.11.4.4 | +| dilithium2_aes **hybrid with** p256 | NIST Round 3 submission | 3 | 2 | 0xfea8 | 1.3.9999.2.11.1 | +| dilithium2_aes **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 2 | 0xfea9 | 1.3.9999.2.11.2 | +| dilithium3_aes | NIST Round 3 submission | 3 | 3 | 0xfeaa | 1.3.6.1.4.1.2.267.11.6.5 | +| dilithium3_aes **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfeab | 1.3.9999.2.11.3 | +| dilithium5_aes | NIST Round 3 submission | 3 | 5 | 0xfeac | 1.3.6.1.4.1.2.267.11.8.7 | +| dilithium5_aes **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfead | 1.3.9999.2.11.4 | +| falcon512 | 20211101 | 3 | 1 | 0xfeae | 1.3.9999.3.6 | +| falcon512 **hybrid with** p256 | 20211101 | 3 | 1 | 0xfeaf | 1.3.9999.3.7 | +| falcon512 **hybrid with** rsa3072 | 20211101 | 3 | 1 | 0xfeb0 | 1.3.9999.3.8 | +| falcon512 | NIST Round 3 submission | 3 | 1 | 0xfe0b | 1.3.9999.3.1 | +| falcon512 **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe0c | 1.3.9999.3.2 | +| falcon512 **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe0d | 1.3.9999.3.3 | +| falcon1024 | 20211101 | 3 | 5 | 0xfeb1 | 1.3.9999.3.9 | +| falcon1024 **hybrid with** p521 | 20211101 | 3 | 5 | 0xfeb2 | 1.3.9999.3.10 | +| falcon1024 | NIST Round 3 submission | 3 | 5 | 0xfe0e | 1.3.9999.3.4 | +| falcon1024 **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe0f | 1.3.9999.3.5 | +| sphincsharaka128frobust | NIST Round 3 submission | 3 | 1 | 0xfe42 | 1.3.9999.6.1.1 | +| sphincsharaka128frobust **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe43 | 1.3.9999.6.1.2 | +| sphincsharaka128frobust **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe44 | 1.3.9999.6.1.3 | +| sphincsharaka128fsimple | NIST Round 3 submission | 3 | 1 | 0xfe45 | 1.3.9999.6.1.4 | +| sphincsharaka128fsimple **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe46 | 1.3.9999.6.1.5 | +| sphincsharaka128fsimple **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe47 | 1.3.9999.6.1.6 | +| sphincsharaka128srobust | NIST Round 3 submission | 3 | 1 | 0xfe48 | 1.3.9999.6.1.7 | +| sphincsharaka128srobust **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe49 | 1.3.9999.6.1.8 | +| sphincsharaka128srobust **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe4a | 1.3.9999.6.1.9 | +| sphincsharaka128ssimple | NIST Round 3 submission | 3 | 1 | 0xfe4b | 1.3.9999.6.1.10 | +| sphincsharaka128ssimple **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe4c | 1.3.9999.6.1.11 | +| sphincsharaka128ssimple **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe4d | 1.3.9999.6.1.12 | +| sphincsharaka192frobust | NIST Round 3 submission | 3 | 3 | 0xfe4e | 1.3.9999.6.2.1 | +| sphincsharaka192frobust **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe4f | 1.3.9999.6.2.2 | +| sphincsharaka192fsimple | NIST Round 3 submission | 3 | 3 | 0xfe50 | 1.3.9999.6.2.3 | +| sphincsharaka192fsimple **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe51 | 1.3.9999.6.2.4 | +| sphincsharaka192srobust | NIST Round 3 submission | 3 | 3 | 0xfe52 | 1.3.9999.6.2.5 | +| sphincsharaka192srobust **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe53 | 1.3.9999.6.2.6 | +| sphincsharaka192ssimple | NIST Round 3 submission | 3 | 3 | 0xfe54 | 1.3.9999.6.2.7 | +| sphincsharaka192ssimple **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe55 | 1.3.9999.6.2.8 | +| sphincsharaka256frobust | NIST Round 3 submission | 3 | 3 | 0xfe56 | 1.3.9999.6.3.1 | +| sphincsharaka256frobust **hybrid with** p521 | NIST Round 3 submission | 3 | 3 | 0xfe57 | 1.3.9999.6.3.2 | +| sphincsharaka256fsimple | NIST Round 3 submission | 3 | 5 | 0xfe58 | 1.3.9999.6.3.3 | +| sphincsharaka256fsimple **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe59 | 1.3.9999.6.3.4 | +| sphincsharaka256srobust | NIST Round 3 submission | 3 | 5 | 0xfe5a | 1.3.9999.6.3.5 | +| sphincsharaka256srobust **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe5b | 1.3.9999.6.3.6 | +| sphincsharaka256ssimple | NIST Round 3 submission | 3 | 5 | 0xfe5c | 1.3.9999.6.3.7 | +| sphincsharaka256ssimple **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe5d | 1.3.9999.6.3.8 | +| sphincssha26128frobust | NIST Round 3 submission | 3 | 5 | 0xfe5e | 1.3.9999.6.4.1 | +| sphincssha26128frobust **hybrid with** p256 | NIST Round 3 submission | 3 | 5 | 0xfe5f | 1.3.9999.6.4.2 | +| sphincssha26128frobust **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 5 | 0xfe60 | 1.3.9999.6.4.3 | +| sphincssha2128fsimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfeb3 | 1.3.9999.6.4.13 | +| sphincssha2128fsimple **hybrid with** p256 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfeb4 | 1.3.9999.6.4.14 | +| sphincssha2128fsimple **hybrid with** rsa3072 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfeb5 | 1.3.9999.6.4.15 | +| sphincssha2128fsimple | NIST Round 3 submission | 3 | 1 | 0xfe61 | 1.3.9999.6.4.4 | +| sphincssha2128fsimple **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe62 | 1.3.9999.6.4.5 | +| sphincssha2128fsimple **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe63 | 1.3.9999.6.4.6 | +| sphincssha256128srobust | NIST Round 3 submission | 3 | 5 | 0xfe64 | 1.3.9999.6.4.7 | +| sphincssha256128srobust **hybrid with** p256 | NIST Round 3 submission | 3 | 5 | 0xfe65 | 1.3.9999.6.4.8 | +| sphincssha256128srobust **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 5 | 0xfe66 | 1.3.9999.6.4.9 | +| sphincssha2128ssimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfeb6 | 1.3.9999.6.4.16 | +| sphincssha2128ssimple **hybrid with** p256 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfeb7 | 1.3.9999.6.4.17 | +| sphincssha2128ssimple **hybrid with** rsa3072 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfeb8 | 1.3.9999.6.4.18 | +| sphincssha2128ssimple | NIST Round 3 submission | 3 | 1 | 0xfe67 | 1.3.9999.6.4.10 | +| sphincssha2128ssimple **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe68 | 1.3.9999.6.4.11 | +| sphincssha2128ssimple **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe69 | 1.3.9999.6.4.12 | +| sphincssha256192frobust | NIST Round 3 submission | 3 | 5 | 0xfe6a | 1.3.9999.6.5.1 | +| sphincssha256192frobust **hybrid with** p384 | NIST Round 3 submission | 3 | 5 | 0xfe6b | 1.3.9999.6.5.2 | +| sphincssha2192fsimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfeb9 | 1.3.9999.6.5.10 | +| sphincssha2192fsimple **hybrid with** p384 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfeba | 1.3.9999.6.5.11 | +| sphincssha2192fsimple | NIST Round 3 submission | 3 | 3 | 0xfe6c | 1.3.9999.6.5.3 | +| sphincssha2192fsimple **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe6d | 1.3.9999.6.5.4 | +| sphincssha256192srobust | NIST Round 3 submission | 3 | 5 | 0xfe6e | 1.3.9999.6.5.5 | +| sphincssha256192srobust **hybrid with** p384 | NIST Round 3 submission | 3 | 5 | 0xfe6f | 1.3.9999.6.5.6 | +| sphincssha2192ssimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfebb | 1.3.9999.6.5.12 | +| sphincssha2192ssimple **hybrid with** p384 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfebc | 1.3.9999.6.5.13 | +| sphincssha2192ssimple | NIST Round 3 submission | 3 | 3 | 0xfe70 | 1.3.9999.6.5.7 | +| sphincssha2192ssimple **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe71 | 1.3.9999.6.5.8 | +| sphincssha256256frobust | NIST Round 3 submission | 3 | 5 | 0xfe72 | 1.3.9999.6.6.1 | +| sphincssha256256frobust **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe73 | 1.3.9999.6.6.2 | +| sphincssha2256fsimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfebd | 1.3.9999.6.6.10 | +| sphincssha2256fsimple **hybrid with** p521 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfebe | 1.3.9999.6.6.11 | +| sphincssha2256fsimple | NIST Round 3 submission | 3 | 5 | 0xfe74 | 1.3.9999.6.6.3 | +| sphincssha2256fsimple **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe75 | 1.3.9999.6.6.4 | +| sphincssha256256srobust | NIST Round 3 submission | 3 | 5 | 0xfe76 | 1.3.9999.6.6.5 | +| sphincssha256256srobust **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe77 | 1.3.9999.6.6.6 | +| sphincssha2256ssimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfec0 | 1.3.9999.6.6.12 | +| sphincssha2256ssimple **hybrid with** p521 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfec1 | 1.3.9999.6.6.13 | +| sphincssha2256ssimple | NIST Round 3 submission | 3 | 5 | 0xfe78 | 1.3.9999.6.6.7 | +| sphincssha2256ssimple **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe79 | 1.3.9999.6.6.8 | +| sphincsshake256128frobust | NIST Round 3 submission | 3 | 1 | 0xfe7a | 1.3.9999.6.7.1 | +| sphincsshake256128frobust **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe7b | 1.3.9999.6.7.2 | +| sphincsshake256128frobust **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe7c | 1.3.9999.6.7.3 | +| sphincsshake128fsimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfec2 | 1.3.9999.6.7.13 | +| sphincsshake128fsimple **hybrid with** p256 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfec3 | 1.3.9999.6.7.14 | +| sphincsshake128fsimple **hybrid with** rsa3072 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfec4 | 1.3.9999.6.7.15 | +| sphincsshake128fsimple | NIST Round 3 submission | 3 | 1 | 0xfe7d | 1.3.9999.6.7.4 | +| sphincsshake128fsimple **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe7e | 1.3.9999.6.7.5 | +| sphincsshake128fsimple **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe7f | 1.3.9999.6.7.6 | +| sphincsshake256128srobust | NIST Round 3 submission | 3 | 1 | 0xfe80 | 1.3.9999.6.7.7 | +| sphincsshake256128srobust **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe81 | 1.3.9999.6.7.8 | +| sphincsshake256128srobust **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe82 | 1.3.9999.6.7.9 | +| sphincsshake128ssimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfec5 | 1.3.9999.6.7.16 | +| sphincsshake128ssimple **hybrid with** p256 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfec6 | 1.3.9999.6.7.17 | +| sphincsshake128ssimple **hybrid with** rsa3072 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 1 | 0xfec7 | 1.3.9999.6.7.18 | +| sphincsshake128ssimple | NIST Round 3 submission | 3 | 1 | 0xfe83 | 1.3.9999.6.7.10 | +| sphincsshake128ssimple **hybrid with** p256 | NIST Round 3 submission | 3 | 1 | 0xfe84 | 1.3.9999.6.7.11 | +| sphincsshake128ssimple **hybrid with** rsa3072 | NIST Round 3 submission | 3 | 1 | 0xfe85 | 1.3.9999.6.7.12 | +| sphincsshake256192frobust | NIST Round 3 submission | 3 | 3 | 0xfe86 | 1.3.9999.6.8.1 | +| sphincsshake256192frobust **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe87 | 1.3.9999.6.8.2 | +| sphincsshake192fsimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfec8 | 1.3.9999.6.8.10 | +| sphincsshake192fsimple **hybrid with** p384 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfec9 | 1.3.9999.6.8.11 | +| sphincsshake192fsimple | NIST Round 3 submission | 3 | 3 | 0xfe88 | 1.3.9999.6.8.3 | +| sphincsshake192fsimple **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe89 | 1.3.9999.6.8.4 | +| sphincsshake256192srobust | NIST Round 3 submission | 3 | 3 | 0xfe8a | 1.3.9999.6.8.5 | +| sphincsshake256192srobust **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe8b | 1.3.9999.6.8.6 | +| sphincsshake192ssimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfeca | 1.3.9999.6.8.12 | +| sphincsshake192ssimple **hybrid with** p384 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 3 | 0xfecb | 1.3.9999.6.8.13 | +| sphincsshake192ssimple | NIST Round 3 submission | 3 | 3 | 0xfe8c | 1.3.9999.6.8.7 | +| sphincsshake192ssimple **hybrid with** p384 | NIST Round 3 submission | 3 | 3 | 0xfe8d | 1.3.9999.6.8.8 | +| sphincsshake256256frobust | NIST Round 3 submission | 3 | 5 | 0xfe8e | 1.3.9999.6.9.1 | +| sphincsshake256256frobust **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe8f | 1.3.9999.6.9.2 | +| sphincsshake256fsimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfecc | 1.3.9999.6.9.10 | +| sphincsshake256fsimple **hybrid with** p521 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfecd | 1.3.9999.6.9.11 | +| sphincsshake256fsimple | NIST Round 3 submission | 3 | 5 | 0xfe90 | 1.3.9999.6.9.3 | +| sphincsshake256fsimple **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe91 | 1.3.9999.6.9.4 | +| sphincsshake256256srobust | NIST Round 3 submission | 3 | 5 | 0xfe92 | 1.3.9999.6.9.5 | +| sphincsshake256256srobust **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe93 | 1.3.9999.6.9.6 | +| sphincsshake256ssimple | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfece | 1.3.9999.6.9.12 | +| sphincsshake256ssimple **hybrid with** p521 | NIST Round 3 submission, v3.1 (June 10, 2022) | 3 | 5 | 0xfecf | 1.3.9999.6.9.13 | +| sphincsshake256ssimple | NIST Round 3 submission | 3 | 5 | 0xfe94 | 1.3.9999.6.9.7 | +| sphincsshake256ssimple **hybrid with** p521 | NIST Round 3 submission | 3 | 5 | 0xfe95 | 1.3.9999.6.9.8 | \ No newline at end of file diff --git a/oqsprov/oqsprov.c b/oqsprov/oqsprov.c index cd32a5a3..6b56ee5e 100644 --- a/oqsprov/oqsprov.c +++ b/oqsprov/oqsprov.c @@ -49,19 +49,19 @@ extern OSSL_FUNC_provider_get_capabilities_fn oqs_provider_get_capabilities; ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_SIG_OIDS_START #define OQS_OID_CNT 46 const char *oqs_oid_alg_list[OQS_OID_CNT] = { - "1.3.6.1.4.1.2.267.7.4.4", + "1.3.6.1.4.1.2.267.12.4.4", "dilithium2", - "1.3.9999.2.7.1", + "1.3.9999.2.7.5", "p256_dilithium2", - "1.3.9999.2.7.2", + "1.3.9999.2.7.6", "rsa3072_dilithium2", - "1.3.6.1.4.1.2.267.7.6.5", + "1.3.6.1.4.1.2.267.12.6.5", "dilithium3", - "1.3.9999.2.7.3", + "1.3.9999.2.7.7", "p384_dilithium3", - "1.3.6.1.4.1.2.267.7.8.7", + "1.3.6.1.4.1.2.267.12.8.7", "dilithium5", - "1.3.9999.2.7.4", + "1.3.9999.2.7.8", "p521_dilithium5", "1.3.9999.3.6", "falcon512", diff --git a/oqsprov/oqsprov_capabilities.c b/oqsprov/oqsprov_capabilities.c index 001dd419..b04eadf2 100644 --- a/oqsprov/oqsprov_capabilities.c +++ b/oqsprov/oqsprov_capabilities.c @@ -57,19 +57,19 @@ static OQS_GROUP_CONSTANTS oqs_group_list[] = { {0x0205, 256, TLS1_3_VERSION, 0, -1, -1, 1}, {0x2F05, 256, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x023A, 128, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x0244, 128, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x2F3A, 128, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x2F39, 128, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x023C, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2F44, 128, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2FB0, 128, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x0245, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x2F3C, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x2F90, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x6399, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x639A, 192, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x023D, 256, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2F45, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2FB1, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2FB2, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2FB3, 192, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x0246, 256, TLS1_3_VERSION, 0, -1, -1, 1}, - {0x2F3D, 256, TLS1_3_VERSION, 0, -1, -1, 1}, + {0x2F46, 256, TLS1_3_VERSION, 0, -1, -1, 1}, {0x0241, 128, TLS1_3_VERSION, 0, -1, -1, 1}, {0x2F41, 128, TLS1_3_VERSION, 0, -1, -1, 1}, @@ -231,10 +231,10 @@ typedef struct oqs_sigalg_constants_st { static OQS_SIGALG_CONSTANTS oqs_sigalg_list[] = { // ad-hoc assignments - take from OQS generate data structures ///// OQS_TEMPLATE_FRAGMENT_SIGALG_ASSIGNMENTS_START - {0xfea0, 128, TLS1_3_VERSION, 0}, {0xfea1, 128, TLS1_3_VERSION, 0}, - {0xfea2, 128, TLS1_3_VERSION, 0}, {0xfea3, 192, TLS1_3_VERSION, 0}, - {0xfea4, 192, TLS1_3_VERSION, 0}, {0xfea5, 256, TLS1_3_VERSION, 0}, - {0xfea6, 256, TLS1_3_VERSION, 0}, {0xfeae, 128, TLS1_3_VERSION, 0}, + {0xfed0, 128, TLS1_3_VERSION, 0}, {0xfed1, 128, TLS1_3_VERSION, 0}, + {0xfed2, 128, TLS1_3_VERSION, 0}, {0xfed3, 192, TLS1_3_VERSION, 0}, + {0xfed4, 192, TLS1_3_VERSION, 0}, {0xfed5, 256, TLS1_3_VERSION, 0}, + {0xfed6, 256, TLS1_3_VERSION, 0}, {0xfeae, 128, TLS1_3_VERSION, 0}, {0xfeaf, 128, TLS1_3_VERSION, 0}, {0xfeb0, 128, TLS1_3_VERSION, 0}, {0xfeb1, 256, TLS1_3_VERSION, 0}, {0xfeb2, 256, TLS1_3_VERSION, 0}, {0xfeb3, 128, TLS1_3_VERSION, 0}, {0xfeb4, 128, TLS1_3_VERSION, 0}, @@ -468,23 +468,23 @@ static const OSSL_PARAM oqs_param_sigalg_list[][12] = { ///// OQS_TEMPLATE_FRAGMENT_SIGALG_NAMES_START # ifdef OQS_ENABLE_SIG_dilithium_2 OQS_SIGALG_ENTRY(dilithium2, dilithium2, dilithium2, - "1.3.6.1.4.1.2.267.7.4.4", 0), + "1.3.6.1.4.1.2.267.12.4.4", 0), OQS_SIGALG_ENTRY(p256_dilithium2, p256_dilithium2, p256_dilithium2, - "1.3.9999.2.7.1", 1), + "1.3.9999.2.7.5", 1), OQS_SIGALG_ENTRY(rsa3072_dilithium2, rsa3072_dilithium2, rsa3072_dilithium2, - "1.3.9999.2.7.2", 2), + "1.3.9999.2.7.6", 2), # endif # ifdef OQS_ENABLE_SIG_dilithium_3 OQS_SIGALG_ENTRY(dilithium3, dilithium3, dilithium3, - "1.3.6.1.4.1.2.267.7.6.5", 3), + "1.3.6.1.4.1.2.267.12.6.5", 3), OQS_SIGALG_ENTRY(p384_dilithium3, p384_dilithium3, p384_dilithium3, - "1.3.9999.2.7.3", 4), + "1.3.9999.2.7.7", 4), # endif # ifdef OQS_ENABLE_SIG_dilithium_5 OQS_SIGALG_ENTRY(dilithium5, dilithium5, dilithium5, - "1.3.6.1.4.1.2.267.7.8.7", 5), + "1.3.6.1.4.1.2.267.12.8.7", 5), OQS_SIGALG_ENTRY(p521_dilithium5, p521_dilithium5, p521_dilithium5, - "1.3.9999.2.7.4", 6), + "1.3.9999.2.7.8", 6), # endif # ifdef OQS_ENABLE_SIG_falcon_512 OQS_SIGALG_ENTRY(falcon512, falcon512, falcon512, "1.3.9999.3.6", 7),