FIPS 203 Java Implementation
606 views
Skip to first unread message
James Adams
Aug 28, 2024, 12:02:00 PM8/28/24
to PQC Forum
Just made our initial implementation of FIPS 203 in pure Java publicly available for anyone interested.
As a side note, the reliance on SHAKE128 and SHAKE256 as XOFs made this quite difficult to implement, since these algorithms are not exposed through the JDKs MessageDigest from any built-in security providers as of Java 21 (the most recent LTS release).
Thanks,
James Adams
CEO - Mimiclone
Brent Kimberley
Aug 28, 2024, 12:21:01 PM8/28/24
to James Adams, PQC Forum
I suspect Java has been waiting ten years for "Simon says."
August 2015. NIST FIPS 202. Page v. Para 2. last sentence. "The approved uses of XOFs will be specified in NIST Special Publications."
"Simon said":
08/13/24: FIPS 203. Page 18. First para. Second Sentence. "Each function shall be instantiated by means of .. or an approved (XOF), as prescribed below"
From: pqc-...@list.nist.gov <pqc-...@list.nist.gov> on behalf of James Adams <james...@mimiclone.com>
Sent: Wednesday, August 28, 2024 12:01 PM
To: PQC Forum <pqc-...@list.nist.gov>
Subject: [pqc-forum] FIPS 203 Java Implementation
Sent: Wednesday, August 28, 2024 12:01 PM
To: PQC Forum <pqc-...@list.nist.gov>
Subject: [pqc-forum] FIPS 203 Java Implementation
|
You don't often get email from james...@mimiclone.com.
Learn why this is important
|
--
You received this message because you are subscribed to the Google Groups "pqc-forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to pqc-forum+...@list.nist.gov.
To view this discussion on the web visit https://groups.google.com/a/list.nist.gov/d/msgid/pqc-forum/CADxehai%2B%3DpuzE3OP8ew6U-_him74OctMMxfDonME6o3jsZtEWw%40mail.gmail.com.
THIS MESSAGE IS FOR THE USE OF THE INTENDED RECIPIENT(S) ONLY AND MAY CONTAIN INFORMATION THAT IS PRIVILEGED, PROPRIETARY, CONFIDENTIAL, AND/OR EXEMPT FROM DISCLOSURE UNDER ANY RELEVANT PRIVACY LEGISLATION. No rights to any privilege have been waived. If you are not the intended recipient, you are hereby notified that any review, re-transmission, dissemination, distribution, copying, conversion to hard copy, taking of action in reliance on or other use of this communication is strictly prohibited. If you are not the intended recipient and have received this message in error, please notify me by return e-mail and delete or destroy all copies of this message.
You received this message because you are subscribed to the Google Groups "pqc-forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to pqc-forum+...@list.nist.gov.
To view this discussion on the web visit https://groups.google.com/a/list.nist.gov/d/msgid/pqc-forum/CADxehai%2B%3DpuzE3OP8ew6U-_him74OctMMxfDonME6o3jsZtEWw%40mail.gmail.com.
THIS MESSAGE IS FOR THE USE OF THE INTENDED RECIPIENT(S) ONLY AND MAY CONTAIN INFORMATION THAT IS PRIVILEGED, PROPRIETARY, CONFIDENTIAL, AND/OR EXEMPT FROM DISCLOSURE UNDER ANY RELEVANT PRIVACY LEGISLATION. No rights to any privilege have been waived. If you are not the intended recipient, you are hereby notified that any review, re-transmission, dissemination, distribution, copying, conversion to hard copy, taking of action in reliance on or other use of this communication is strictly prohibited. If you are not the intended recipient and have received this message in error, please notify me by return e-mail and delete or destroy all copies of this message.
James Adams
Aug 28, 2024, 12:33:41 PM8/28/24
to Brent Kimberley, PQC Forum
Brent,
I suspect you are right. I did a whole lot of digging when first getting into this, because I was just baffled that these functions were unavailable from the JDK. From some of the rather obscure comments in the JDK source and the discussion in JEP 287, it looks like there were concerns about the fact that a MessageDigest was not designed to be configurable, and since no standard at the time mandated the use of SHAKE they were never exposed through the security provider interface. It looks like there are some changes to the SPI that will allow them to be configurable, but still no implementations exposed.
Best,
James
Reply all
Reply to author
Forward
0 new messages