Threshold Call (2pd): test vectors / KAT values

64 views

Skip to first unread message

Brandao, Luis (IntlAssoc)

unread,

Sep 18, 2024, 2:45:56 PM9/18/24

to mptc-...@list.nist.gov

Dear MPTC-forum,

In a spirit of collaboration in the scope of the Threshold Call (IR 8214C), and before publishing its Second Public Draft, we welcome public comments here about how teams expect to produce test vectors for their implementations, and how they can be verified.

Producing test vectors can be especially difficult for distributed protocols. This may be due to non-determinism in the timing/ordering of messages, the numerous possible paths until ending a protocol execution (even in terms of which parties participate), and possibly even the sheer size of data involved in the state of each party during a distributed protocol. The challenges may also differ across the various crypto-systems that are in scope of the Threshold Call.

While teams should include “known answer-test” (KAT) values to aid in correctness verification of the execution of the protocol, the actual requirement in the initial public draft is quite open to each team's interpretation and availability to propose testing mechanisms.

We welcome feedback about this topic, including suggestions for the submitter teams. In particular, what is the right balance between allowing for some correctness verification of main procedures, and not making a submission overly difficult? We envision that some testing will be improved by the community once a set of specifications/implementations is made public.

Example considerations:

What level of granularity (which sub-procedures) should be included in testing?
Can/should message ordering be enforceable for testing modes?
Can/should some test vectors (KAT values) specify PRG-seeds of inputs, and hashes of outputs, instead of plain inputs and outputs, as a way of allowing small byte-size?

Thank you in advance for considering this question.

Regards, Luís

(On behalf of the MPTC Project)

P.S. For those curious about the NIST Cryptographic Algorithm Testing and Validation (CAVP) program, here is their main webpage:

https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program

Luís Brandão

Foreign Guest Researcher at NIST (Contractor via Strativia)

Reply all

Reply to author

Forward

0 new messages