Return to ntru_param_set.c CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libstrongswan / plugins / ntru |
1.1 misho 1: /* 2: * Copyright (C) 2014 Andreas Steffen 3: * HSR Hochschule fuer Technik Rapperswil 4: * 5: * Copyright (C) 2009-2013 Security Innovation 6: * 7: * This program is free software; you can redistribute it and/or modify it 8: * under the terms of the GNU General Public License as published by the 9: * Free Software Foundation; either version 2 of the License, or (at your 10: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. 11: * 12: * This program is distributed in the hope that it will be useful, but 13: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY 14: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 15: * for more details. 16: */ 17: 18: #include "ntru_param_set.h" 19: 20: #include <utils/test.h> 21: 22: ENUM(ntru_param_set_id_names, NTRU_EES401EP1, NTRU_EES743EP1, 23: "ees401ep1", 24: "ees449ep1", 25: "ees677ep1", 26: "ees1087ep2", 27: "ees541ep1", 28: "ees613ep1", 29: "ees887ep1", 30: "ees1171ep1", 31: "ees659ep1", 32: "ees761ep1", 33: "ees1087ep1", 34: "ees1499ep1", 35: "ees401ep2", 36: "ees439ep1", 37: "ees593ep1", 38: "ees743ep1" 39: ); 40: 41: /** 42: * NTRU encryption parameter set definitions 43: */ 44: static const ntru_param_set_t ntru_param_sets[] = { 45: 46: /* X9.98/IEEE 1363.1 parameter sets for best bandwidth (smallest size) */ 47: { 48: NTRU_EES401EP1, /* parameter-set id */ 49: {0x00, 0x02, 0x04}, /* OID */ 50: 0x22, /* DER id */ 51: 9, /* no. of bits in N (i.e., in an index) */ 52: 401, /* N */ 53: 14, /* security strength in octets */ 54: 2048, /* q */ 55: 11, /* no. of bits in q (i.e., in a coeff) */ 56: FALSE, /* product form */ 57: 113, /* df, dr */ 58: 133, /* dg */ 59: 60, /* maxMsgLenBytes */ 60: 113, /* dm0 */ 61: 11, /* c */ 62: 1, /* lLen */ 63: }, 64: 65: { 66: NTRU_EES449EP1, /* parameter-set id */ 67: {0x00, 0x03, 0x03}, /* OID */ 68: 0x23, /* DER id */ 69: 9, /* no. of bits in N (i.e., in an index) */ 70: 449, /* N */ 71: 16, /* security strength in octets */ 72: 2048, /* q */ 73: 11, /* no. of bits in q (i.e., in a coeff) */ 74: FALSE, /* product form */ 75: 134, /* df, dr */ 76: 149, /* dg */ 77: 67, /* maxMsgLenBytes */ 78: 134, /* dm0 */ 79: 9, /* c */ 80: 1, /* lLen */ 81: }, 82: 83: { 84: NTRU_EES677EP1, /* parameter-set id */ 85: {0x00, 0x05, 0x03}, /* OID */ 86: 0x24, /* DER id */ 87: 10, /* no. of bits in N (i.e., in an index) */ 88: 677, /* N */ 89: 24, /* security strength in octets */ 90: 2048, /* q */ 91: 11, /* no. of bits in q (i.e., in a coeff) */ 92: FALSE, /* product form */ 93: 157, /* df, dr */ 94: 225, /* dg */ 95: 101, /* maxMsgLenBytes */ 96: 157, /* dm0 */ 97: 11, /* c */ 98: 1, /* lLen */ 99: }, 100: 101: { 102: NTRU_EES1087EP2, /* parameter-set id */ 103: {0x00, 0x06, 0x03}, /* OID */ 104: 0x25, /* DER id */ 105: 11, /* no. of bits in N (i.e., in an index) */ 106: 1087, /* N */ 107: 32, /* security strength in octets */ 108: 2048, /* q */ 109: 11, /* no. of bits in q (i.e., in a coeff) */ 110: FALSE, /* product form */ 111: 120, /* df, dr */ 112: 362, /* dg */ 113: 170, /* maxMsgLenBytes */ 114: 120, /* dm0 */ 115: 13, /* c */ 116: 1, /* lLen */ 117: }, 118: 119: /* X9.98/IEEE 1363.1 parameter sets balancing speed and bandwidth */ 120: { 121: NTRU_EES541EP1, /* parameter-set id */ 122: {0x00, 0x02, 0x05}, /* OID */ 123: 0x26, /* DER id */ 124: 10, /* no. of bits in N (i.e., in an index) */ 125: 541, /* N */ 126: 14, /* security strength in octets */ 127: 2048, /* q */ 128: 11, /* no. of bits in q (i.e., in a coeff) */ 129: FALSE, /* product form */ 130: 49, /* df, dr */ 131: 180, /* dg */ 132: 86, /* maxMsgLenBytes */ 133: 49, /* dm0 */ 134: 12, /* c */ 135: 1, /* lLen */ 136: }, 137: 138: { 139: NTRU_EES613EP1, /* parameter-set id */ 140: {0x00, 0x03, 0x04}, /* OID */ 141: 0x27, /* DER id */ 142: 10, /* no. of bits in N (i.e., in an index) */ 143: 613, /* N */ 144: 16, /* security strength in octets */ 145: 2048, /* q */ 146: 11, /* no. of bits in q (i.e., in a coeff) */ 147: FALSE, /* product form */ 148: 55, /* df, dr */ 149: 204, /* dg */ 150: 97, /* maxMsgLenBytes */ 151: 55, /* dm0 */ 152: 11, /* c */ 153: 1, /* lLen */ 154: }, 155: 156: { 157: NTRU_EES887EP1, /* parameter-set id */ 158: {0x00, 0x05, 0x04}, /* OID */ 159: 0x28, /* DER id */ 160: 10, /* no. of bits in N (i.e., in an index) */ 161: 887, /* N */ 162: 24, /* security strength in octets */ 163: 2048, /* q */ 164: 11, /* no. of bits in q (i.e., in a coeff) */ 165: FALSE, /* product form */ 166: 81, /* df, dr */ 167: 295, /* dg */ 168: 141, /* maxMsgLenBytes */ 169: 81, /* dm0 */ 170: 10, /* c */ 171: 1, /* lLen */ 172: }, 173: 174: { 175: NTRU_EES1171EP1, /* parameter-set id */ 176: {0x00, 0x06, 0x04}, /* OID */ 177: 0x29, /* DER id */ 178: 11, /* no. of bits in N (i.e., in an index) */ 179: 1171, /* N */ 180: 32, /* security strength in octets */ 181: 2048, /* q */ 182: 11, /* no. of bits in q (i.e., in a coeff) */ 183: FALSE, /* product form */ 184: 106, /* df, dr */ 185: 390, /* dg */ 186: 186, /* maxMsgLenBytes */ 187: 106, /* dm0 */ 188: 12, /* c */ 189: 1, /* lLen */ 190: }, 191: 192: /* X9.98/IEEE 1363.1 parameter sets for best speed */ 193: { 194: NTRU_EES659EP1, /* parameter-set id */ 195: {0x00, 0x02, 0x06}, /* OID */ 196: 0x2a, /* DER id */ 197: 10, /* no. of bits in N (i.e., in an index) */ 198: 659, /* N */ 199: 14, /* security strength in octets */ 200: 2048, /* q */ 201: 11, /* no. of bits in q (i.e., in a coeff) */ 202: FALSE, /* product form */ 203: 38, /* df, dr */ 204: 219, /* dg */ 205: 108, /* maxMsgLenBytes */ 206: 38, /* dm0 */ 207: 11, /* c */ 208: 1, /* lLen */ 209: }, 210: 211: { 212: NTRU_EES761EP1, /* parameter-set id */ 213: {0x00, 0x03, 0x05}, /* OID */ 214: 0x2b, /* DER id */ 215: 10, /* no. of bits in N (i.e., in an index) */ 216: 761, /* N */ 217: 16, /* security strength in octets */ 218: 2048, /* q */ 219: 11, /* no. of bits in q (i.e., in a coeff) */ 220: FALSE, /* product form */ 221: 42, /* df, dr */ 222: 253, /* dg */ 223: 125, /* maxMsgLenBytes */ 224: 42, /* dm0 */ 225: 12, /* c */ 226: 1, /* lLen */ 227: }, 228: 229: { 230: NTRU_EES1087EP1, /* parameter-set id */ 231: {0x00, 0x05, 0x05}, /* OID */ 232: 0x2c, /* DER id */ 233: 11, /* no. of bits in N (i.e., in an index) */ 234: 1087, /* N */ 235: 24, /* security strength in octets */ 236: 2048, /* q */ 237: 11, /* no. of bits in q (i.e., in a coeff) */ 238: FALSE, /* product form */ 239: 63, /* df, dr */ 240: 362, /* dg */ 241: 178, /* maxMsgLenBytes */ 242: 63, /* dm0 */ 243: 13, /* c */ 244: 1, /* lLen */ 245: }, 246: 247: { 248: NTRU_EES1499EP1, /* parameter-set id */ 249: {0x00, 0x06, 0x05}, /* OID */ 250: 0x2d, /* DER id */ 251: 11, /* no. of bits in N (i.e., in an index) */ 252: 1499, /* N */ 253: 32, /* security strength in octets */ 254: 2048, /* q */ 255: 11, /* no. of bits in q (i.e., in a coeff) */ 256: FALSE, /* product form */ 257: 79, /* df, dr */ 258: 499, /* dg */ 259: 247, /* maxMsgLenBytes */ 260: 79, /* dm0 */ 261: 13, /* c */ 262: 1, /* lLen */ 263: }, 264: 265: /* Best bandwidth and speed, no X9.98 compatibility */ 266: { 267: NTRU_EES401EP2, /* parameter-set id */ 268: {0x00, 0x02, 0x10}, /* OID */ 269: 0x2e, /* DER id */ 270: 9, /* no. of bits in N (i.e., in an index) */ 271: 401, /* N */ 272: 14, /* security strength in octets */ 273: 2048, /* q */ 274: 11, /* no. of bits in q (i.e., in a coeff) */ 275: TRUE, /* product form */ 276: 8 + (8 << 8) + (6 << 16), /* df, dr */ 277: 133, /* dg */ 278: 60, /* maxMsgLenBytes */ 279: 136, /* m(1)_max */ 280: 11, /* c */ 281: 1, /* lLen */ 282: }, 283: 284: { 285: NTRU_EES439EP1, /* parameter-set id */ 286: {0x00, 0x03, 0x10}, /* OID */ 287: 0x2f, /* DER id */ 288: 9, /* no. of bits in N (i.e., in an index) */ 289: 439, /* N */ 290: 16, /* security strength in octets */ 291: 2048, /* q */ 292: 11, /* no. of bits in q (i.e., in a coeff) */ 293: TRUE, /* product form */ 294: 9 + (8 << 8) + (5 << 16), /* df, dr */ 295: 146, /* dg */ 296: 65, /* maxMsgLenBytes */ 297: 126, /* m(1)_max */ 298: 9, /* c */ 299: 1, /* lLen */ 300: }, 301: 302: { 303: NTRU_EES593EP1, /* parameter-set id */ 304: {0x00, 0x05, 0x10}, /* OID */ 305: 0x30, /* DER id */ 306: 10, /* no. of bits in N (i.e., in an index) */ 307: 593, /* N */ 308: 24, /* security strength in octets */ 309: 2048, /* q */ 310: 11, /* no. of bits in q (i.e., in a coeff) */ 311: TRUE, /* product form */ 312: 10 + (10 << 8) + (8 << 16), /* df, dr */ 313: 197, /* dg */ 314: 86, /* maxMsgLenBytes */ 315: 90, /* m(1)_max */ 316: 11, /* c */ 317: 1, /* lLen */ 318: }, 319: 320: { 321: NTRU_EES743EP1, /* parameter-set id */ 322: {0x00, 0x06, 0x10}, /* OID */ 323: 0x31, /* DER id */ 324: 10, /* no. of bits in N (i.e., in an index) */ 325: 743, /* N */ 326: 32, /* security strength in octets */ 327: 2048, /* q */ 328: 11, /* no. of bits in q (i.e., in a coeff) */ 329: TRUE, /* product form */ 330: 11 + (11 << 8) + (15 << 16), /* df, dr */ 331: 247, /* dg */ 332: 106, /* maxMsgLenBytes */ 333: 60, /* m(1)_max */ 334: 13, /* c */ 335: 1, /* lLen */ 336: }, 337: 338: }; 339: 340: /** 341: * See header. 342: */ 343: const ntru_param_set_t* ntru_param_set_get_by_id(ntru_param_set_id_t id) 344: { 345: int i; 346: 347: for (i = 0; i < countof(ntru_param_sets); i++) 348: { 349: if (ntru_param_sets[i].id == id) 350: { 351: return &ntru_param_sets[i]; 352: } 353: } 354: return NULL; 355: } 356: 357: 358: /** 359: * See header. 360: */ 361: const ntru_param_set_t* ntru_param_set_get_by_oid(uint8_t const *oid) 362: { 363: int i; 364: 365: for (i = 0; i < countof(ntru_param_sets); i++) 366: { 367: if (memeq(ntru_param_sets[i].oid, oid, 3)) 368: { 369: return &ntru_param_sets[i]; 370: } 371: } 372: return NULL; 373: } 374: 375: EXPORT_FUNCTION_FOR_TESTS(ntru, ntru_param_set_get_by_id);