Niels Möller <[email protected]> writes:
> void > dsa_slh_shake128_sign (const uint8_t *pub, > const uint8_t *priv, > size_t length, const uint8_t *msg, > uint8_t *signature); ... > Another naming question, should it be dsa_slh_shake128, or maybe > dsa_slh128_shake ? There's a shake128 algorithm, but that's *not* used > for dsa-slh, it uses shake256. Instead, 128/192/256 refers to the size > of the values used internally in slh-dsa and in the resulting signature. It would be nice to get naming right... some considerations: - SPHINCS+ is the original name, and is the only one with a stable specification: https://sphincs.org/data/sphincs+-round3-submission-nist.zip - The DSA-SLH specification aren't final, are they? NIST is known to make last minute incompatible changes that can complicate naming, or make a small change in five years that modify the algorithm. - https://github.com/sphincs/sphincsplus has a table with names of the core primitives that are available, but the hash choice needs to be added too. - Using "s" (for "small") and "f" (for "fast") variants is in common use. - Round 2 submission of SPHINCS+ introduced the variants "simple" and "robust" which has consequences for naming. The most complete list of parameter names I can find is page 55 of the round 3 submission, I'm including the complete list of variants below. Some ideas based on the above: void sphincp_128ss_sha2_sign (const uint8_t *pub, const uint8_t *priv, size_t length, const uint8_t *msg, uint8_t *signature); sphincp_192fr_sha3_sign (const uint8_t *pub, sphincp_192fr_sha3_sign (const uint8_t *pub, Or more expanded as sphincp_smallsimple128_sha2_sign (const uint8_t *pub, sphincp_fastrobust192_sha2_sign (const uint8_t *pub, sphincp_fastsimple256_sha3_sign (const uint8_t *pub, Using 'sha2' and 'sha3' seems clearer than including hash size like 'shake256' or 'sha256'. Expanding 'small', 'fast, 'simple' and 'robust' may avoid some confusion. I've made the mistake of confusing 'small' with 'simple' when I used 's' myself. /Simon SPHINCS+ -SHAKE256-128s-simple SPHINCS+ -SHAKE256-128s-robust SPHINCS+ -SHAKE256-128f-simple SPHINCS+ -SHAKE256-128f-robust SPHINCS+ -SHAKE256-192s-simple SPHINCS+ -SHAKE256-192s-robust SPHINCS+ -SHAKE256-192f-simple SPHINCS+ -SHAKE256-192f-robust SPHINCS+ -SHAKE256-256s-simple SPHINCS+ -SHAKE256-256s-robust SPHINCS+ -SHAKE256-256f-simple SPHINCS+ -SHAKE256-256f-robust SPHINCS+ -SHA-256-128s-simple SPHINCS+ -SHA-256-128s-robust SPHINCS+ -SHA-256-128f-simple SPHINCS+ -SHA-256-128f-robust SPHINCS+ -SHA-256-192s-simple SPHINCS+ -SHA-256-192s-robust SPHINCS+ -SHA-256-192f-simple SPHINCS+ -SHA-256-192f-robust SPHINCS+ -SHA-256-256s-simple SPHINCS+ -SHA-256-256s-robust SPHINCS+ -SHA-256-256f-simple SPHINCS+ -SHA-256-256f-robust SPHINCS+ -Haraka-128s-simple SPHINCS+ -Haraka-128s-robust SPHINCS+ -Haraka-128f-simple SPHINCS+ -Haraka-128f-robust SPHINCS+ -Haraka-192f-simple SPHINCS+ -Haraka-192f-robust SPHINCS+ -Haraka-192s-simple SPHINCS+ -Haraka-192s-robust SPHINCS+ -Haraka-256f-simple SPHINCS+ -Haraka-256f-robust SPHINCS+ -Haraka-256s-simple SPHINCS+ -Haraka-256s-robust SPHINCS+ -Haraka-128s-simple SPHINCS+ -Haraka-128s-robust SPHINCS+ -Haraka-128f-simple SPHINCS+ -Haraka-128f-robust SPHINCS+ -Haraka-192s-simple SPHINCS+ -Haraka-192s-robust SPHINCS+ -Haraka-192f-simple SPHINCS+ -Haraka-192f-robust SPHINCS+ -Haraka-256s-simple SPHINCS+ -Haraka-256s-robust SPHINCS+ -Haraka-256f-simple SPHINCS+ -Haraka-256f-robust SPHINCS+ -SHA-256-128s-simple SPHINCS+ -SHA-256-128s-robust SPHINCS+ -SHA-256-128f-simple SPHINCS+ -SHA-256-128f-robust SPHINCS+ -SHA-256-192s-simple SPHINCS+ -SHA-256-192s-robust SPHINCS+ -SHA-256-192f-simple SPHINCS+ -SHA-256-192f-robust SPHINCS+ -SHA-256-256s-simple SPHINCS+ -SHA-256-256s-robust SPHINCS+ -SHA-256-256f-simple SPHINCS+ -SHA-256-256f-robust SPHINCS+ -SHAKE256-128s-simple SPHINCS+ -SHAKE256-128s-robust SPHINCS+ -SHAKE256-128f-simple SPHINCS+ -SHAKE256-128f-robust SPHINCS+ -SHAKE256-192s-simple SPHINCS+ -SHAKE256-192s-robust SPHINCS+ -SHAKE256-192f-simple SPHINCS+ -SHAKE256-192f-robust SPHINCS+ -SHAKE256-256s-simple SPHINCS+ -SHAKE256-256s-robust SPHINCS+ -SHAKE256-256f-simple SPHINCS+ -SHAKE256-256f-robust
signature.asc
Description: PGP signature
_______________________________________________ nettle-bugs mailing list -- [email protected] To unsubscribe send an email to [email protected]
