SLH-DSA documentation for v0.2.1

Terra Quantum AG · Terra Quantum AG · commit 99c29236609b · 2024-08-08T13:25:09.000+01:00
GitOrigin-RevId: 9fdce0c3d81b096ffde02661bb99ef62ad7ac5fb
diff --git a/README.md b/README.md
@@ -39,6 +39,7 @@ Key Encapsulation Mechanism:
 -   [Classic McEliece 8192128f](https://terra-quantum-public.github.io/tq42-pqc-oss/post_quantum_algs/kem/mceliece.html)
 
 Digital Signature:
+-   [SLH-DSA](https://terra-quantum-public.github.io/tq42-pqc-oss/post_quantum_algs/digital_signature/slh-dsa.html)
 -   [ML-DSA](https://terra-quantum-public.github.io/tq42-pqc-oss/post_quantum_algs/digital_signature/ml-dsa.html)
 -   [Falcon padded 1024](https://terra-quantum-public.github.io/tq42-pqc-oss/post_quantum_algs/digital_signature/falcon.html)
 
diff --git a/docs/img/introduction_infographic.png b/docs/img/introduction_infographic.png
diff --git a/docs/img/introduction_system_integration.png b/docs/img/introduction_system_integration.png
diff --git a/docs/img/readme_info.png b/docs/img/readme_info.png
diff --git a/docs/index.markdown b/docs/index.markdown
@@ -67,6 +67,7 @@ Key Encapsulation Mechanism:
 Digital Signature:
 
 -   [ML-DSA](post_quantum_algs/digital_signature/ml-dsa.html)
+-   [SLH-DSA](post_quantum_algs/digital_signature/slh-dsa.html)
 -   [Falcon padded 1024](post_quantum_algs/digital_signature/falcon.html)
 
 ### Key Management
diff --git a/docs/keys/keys_container.md b/docs/keys/keys_container.md
@@ -343,7 +343,7 @@ PQC_CONTAINER_HANDLE PQC_asymmetric_container_create(uint32_t cipher);
 
 **Container Initialization**
 
--   **Key Fetching**: As part of the container's creation, cryptographic keys are sourced from a [specified randomness source](/keys/PRNG.html). This ensures that the cryptographic keys are robust and secure, fitting the requirements for secure cryptographic operations.
+-   **Key Fetching**: As part of the container's creation, cryptographic keys are sourced from a [specified randomness source](keys/PRNG.html). This ensures that the cryptographic keys are robust and secure, fitting the requirements for secure cryptographic operations.
 -   **Memory Residency**: It is crucial to note that the container exists only in the memory when created. There's no automatic storage or file association happening during the container's creation.
 
 **Important Note**
diff --git a/docs/post_quantum_algs/digital_signature/ml-dsa.md b/docs/post_quantum_algs/digital_signature/ml-dsa.md
@@ -22,7 +22,7 @@ nav_order: 2
 - **Main cryptographic assumption**:  Scheme based on the Module Learning With Errors problem.
 - **Copyright**:  [Public Domain](https://creativecommons.org/public-domain/cc0/)
 or [Apache 2.0 License](https://www.apache.org/licenses/LICENSE-2.0.html)
-- [**GitHub Source](https://github.com/terra-quantum-public/tq42-pqc-oss/tree/main/src/ml-dsa)
+- [**GitHub Source](https://github.com/terra-quantum-public/tq42-pqc-oss/tree/main/src/mldsa)
 
 
 ## FIPS 204 ML-DSA
@@ -68,7 +68,7 @@ Module-Lattice-based Digital Signature Algorithms (ML-DSA), such as those based
 - Signature size - **4627** bytes
 
 ## NIST's Known Answer Tests (KAT)
-The TQ42 Cryptography ML-DSA algorithm implementation has successfully passed the Known Answer Tests (KAT) provided by NIST. This confirms that the algorithm performs reliably as anticipated. For those interested in a deeper dive into the specifics of these tests, they are available [for review](https://github.com/terra-quantum-public/tq42-pqc-oss/tree/main/test/mlkem).
+The TQ42 Cryptography ML-DSA algorithm implementation has successfully passed the Known Answer Tests (KAT) provided by NIST. This confirms that the algorithm performs reliably as anticipated. For those interested in a deeper dive into the specifics of these tests, they are available [for review](https://github.com/terra-quantum-public/tq42-pqc-oss/tree/main/test/mldsa).
 
 ## Leveraging ML-DSA and True Entropy
 The customization of the ML-DSA algorithm within TQ42 Cryptography is designed to work in synergy with true entropy, sourced from the Single Photon Quantum Random Number Generator (QRNG). This technology ensures that the randomness required for cryptographic keys is of the highest quality, providing unparalleled security for company data. Since the effectiveness of any cryptographic algorithm heavily relies on the randomness of its keys, incorporating QRNG derived true entropy with TQ42's customized ML-DSA algorithm ensures that your company's sensitive information is safeguarded in the most robust manner possible.
diff --git a/docs/post_quantum_algs/digital_signature/slh-dsa.md b/docs/post_quantum_algs/digital_signature/slh-dsa.md
@@ -0,0 +1,90 @@
+---
+layout: default
+title: SLH-DSA
+parent: Digital Signature
+grand_parent: Post-Quantum Algorithms
+nav_order: 2
+---
+
+# **SLH-DSA Overview**
+{: .no_toc }
+
+<details open markdown="block">
+  <summary>
+    Table of contents
+  </summary>
+  {: .text-delta }
+1. TOC
+{:toc}
+</details>
+
+- **Algorithm type**: Digital signature scheme.
+- **Main cryptographic assumption**:  Scheme based on the presumed difficulty of finding preimages for hash functions.
+- **License**: [Public-Domain](https://github.com/terra-quantum-public/tq42-pqc-oss/tree/main/src/slhdsa/LICENSE.txt)
+
+
+## FIPS 205 SLH-DSA
+
+FIPS 205 is the Stateless Hash-Based Digital Signature Algorithm (SLH-DSA), which was developed by the National Institute of Standards and Technology (NIST) to provide a quantum-resistant digital signature mechanism. FIPS 205 defines a method for digital signature generation that can be used for the protection of binary data (commonly called a message) and for the verification and validation of those digital signatures  
+- [FIPS 205](https://csrc.nist.gov/pubs/fips/205/ipd) 
+- [Nist post quantum cryptography](https://www.infosecurity-magazine.com/news/nist-post-quantum-cryptography/)
+
+As part of the NIST standardisation process for post-squantum cryptography, SPHINCS+ has been under consideration and is the basis for Stateless Hash-Based Digital Signature Algorithm (SLH-DSA).
+- [SPHINCS+](https://sphincs.org/data/sphincs+-paper.pdf) 
+
+The security of SLH-DSA relies on the presumed diffculty of finding preimages for hash functions as well as several related properties of the same hash functions. Unlike the algorithms specifed in FIPS 186-5, SLH-DSA is expected to provide resistance to attacks from a large-scale quantum computer.
+    
+The standard specifes the mathematical steps that need to be performed for key generation, signature generation, and signature verifcation.
+
+FIPS 205 was initially published as a draft on August 24, 2023, with a public comment period that concluded on November 22, 2023. Following the public comment period, necessary revisions were made to address feedback, and NIST aims to finalize and publish the standard for use in 2024.
+    
+
+### Applications:
+
+FIPS 205 can be applied in multiple scenarios where secure digital signatures are essential, including:
+
+-   Ensuring the integrity and authenticity of digital communications, documents, and transactions.
+-   Utilizing quantum-resistant signatures within various cryptographic protocols and systems.
+-   Implementing secure and verifiable signatures for sensitive and classified governmental and military communications.
+-   Enhancing the security of electronic transactions, contracts, and records within financial systems.
+-   Ensuring the authenticity and integrity of software updates and installations to prevent tampering and unauthorized alterations.   
+
+## SLH-DSA advantages over classical digital signature algorithms
+
+Stateless Hash-Based Digital Signature Algorithm (SLH-DSA), such as those based on the SPHINCS+, offer several significant advantages over classical digital signature algorithms like RSA or ECDSA (Elliptic Curve Digital Signature Algorithm). Here are some of the key benefits:
+
+- SLH-DSA  is expected to provide resistance to attacks from a large-scale quantum computer. Classical algorithms like RSA and ECDSA can be broken by quantum algorithms (e.g., Shor's algorithm), rendering them insecure in a post-quantum world.
+- SLH-DSA algorithm offer a good balance between security and performance, with efficient key generation, signing, and verification operations.
+- While classical algorithms may require increasingly larger key sizes to maintain security as computational power increases, SLH-DSA algorithms typically provide strong security with more manageable key and signature sizes,
+- SLH-DSA algorithms often come with different parameter sets, allowing users to choose configurations that balance security and performance based on specific needs.
+
+
+## SLH-DSA - Parameter set summary
+
+- SLH-DSA-SHAKE-256f -  security category **5**
+- Public key size - **64** bytes
+- Private key size - **128** bytes 
+- Signature size - **49 856** bytes
+
+## NIST's Known Answer Tests (KAT)
+
+The TQ42 Cryptography SLH-DSA algorithm implementation has successfully passed the Known Answer Tests (KAT) provided by NIST. This confirms that the algorithm performs reliably as anticipated. For those interested in a deeper dive into the specifics of these tests, they are available [for review](https://github.com/terra-quantum-public/tq42-pqc-oss/tree/main/test/slhdsa).
+
+## Leveraging SLH-DSA and True Entropy
+
+The customization of the SLH-DSA algorithm within TQ42 Cryptography is designed to work in synergy with true entropy, sourced from the Single Photon Quantum Random Number Generator (QRNG). This technology ensures that the randomness required for cryptographic keys is of the highest quality, providing unparalleled security for company data. Since the effectiveness of any cryptographic algorithm heavily relies on the randomness of its keys, incorporating QRNG derived true entropy with TQ42's customized SLH-DSA algorithm ensures that your company's sensitive information is safeguarded in the most robust manner possible.
+
+ 
+## API overview
+
+To include the necessary library, please refer to the  [Getting Started Guide](../../getting_started.html).
+After following the guide, include the `pqc/slh-dsa.h` header in your code.
+All Signature Schemes algorithms have a unified API. For SLH-DSA, you can set the algorithm to work using the constant **PQC_CIPHER_SLH_DSA_SHAKE_256F_DRAFT**.
+To learn about all the available methods for signature algorithms, visit the [Signature Schemes Generic API Overview page](api.html).
+
+
+## Example
+
+**Code**
+```cpp 
+{% include examples/signature/example_slhdsa.cpp %}```
diff --git a/docs/post_quantum_algs/kem/api.md b/docs/post_quantum_algs/kem/api.md
@@ -138,7 +138,7 @@ size_t PQC_API PQC_kem_encode_secret(  uint32_t cipher,
 
 This function generates a shared secret key using a given encryption algorithm, a message, and a pre-generated public key. The message is then intended to be sent to the second user, who owns the public key, for decryption.
 
-*   `cipher`: An identifier for selecting the encryption algorithm. [`Cipher constants`](/common_functions.html#cipher)
+*   `cipher`: An identifier for selecting the encryption algorithm. [`Cipher constants`](common_functions.html#cipher)
     
 *   `uint8_t * message`, `size_t message_length`: A pointer to the memory area for the message and its length. The message, which contains ciphertext encrypted with the public key, will be written here to be sent to the other party.
     
diff --git a/docs/post_quantum_algs/kem/ml-kem.md b/docs/post_quantum_algs/kem/ml-kem.md
@@ -22,7 +22,7 @@ nav_order: 2
 - **Cryptographic Assumption:** ML-KEM is a based on CRYSTALS-KYBER, a lattice-based key-encapsulation mechanism.
 - **Copyright**:  [Public Domain](https://creativecommons.org/public-domain/cc0/)
 or [Apache 2.0 License](https://www.apache.org/licenses/LICENSE-2.0.html)
-- [**GitHub Source](https://github.com/terra-quantum-public/tq42-pqc-oss/tree/main/src/ml-kem)
+- [**GitHub Source](https://github.com/terra-quantum-public/tq42-pqc-oss/tree/main/src/mlkem)
 
 ## FIPS-203 ML-KEM
 
