Implementations of NewHope RLWE key exchange as described in the USENIX 2016 paper
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
avx2
ref
scripts
toravx2
torref
README.md

README.md

NewHope-Usenix

Implementations of the NewHope Ring-LWE-based key exchange as described in the USENIX Security 2016 paper Post-quantum key exchange -- a new hope by Erdem Alkım, Léo Ducas, Thomas Pöppelmann, and Peter Schwabe.

Build instructions

To obtain and build the code, run the following sequence of commands:

 git clone https://github.com/newhopecrypto/newhope-usenix.git
 cd newhope-usenix/ref && make
 cd ../avx2 && make
 cd ../torref && make
 cd ../toravx2 && make

This will build the binaries

  • ref/test/test_newhope,
  • ref/test/test_statistical,
  • ref/test/testvectors,
  • ref/test/speed,
  • avx2/test/test_newhope,
  • avx2/test/test_statistical,
  • avx2/test/testvectors,
  • avx2/test/speed,
  • torref/test/test_newhope,
  • torref/test/test_statistical,
  • torref/test/testvectors,
  • torref/test/speed,
  • toravx2/test/test_newhope,
  • toravx2/test/test_statistical,
  • toravx2/test/testvectors, and
  • toravx2/test/speed.

The test_newhope binary performs various key exchanges and outputs nothing if they are successful. The test_statistical generates many keys without final hashing and prints statistics on the distribution of ones and zeroes in those keys. The testvectors binary runs many key exchanges with deterministic "random-number" generation to ensure compatibility of independent implemtenations and the speed binary performs benchmarks and prints results.

The torref and toravx2 implementations use a different, constant-time, generation of the polynomial a from a seed as described in the paper. The testvectors generated by those implementations are not compatible with the testvectors generated by ref and avx2.

Aside from the implementations of the key exchange, the software package also contains 5 Python scripts in the scripts subdirectory. For details of those scripts please refer to the in the paper.

License

All code in this repository is in the public domain. For Keccak, ChaCha, and AES we are using public-domain code from sources and by authors listed in comments on top of the respective files.