diff --git a/README.md b/README.md index ac6967d0bb..7ba40bbbaa 100644 --- a/README.md +++ b/README.md @@ -66,24 +66,17 @@ If an algorithm is provided by liboqs but is not listed below, it might still be #### Key Exchange -In addition to `X25519MLKEM768` and `X25519Kyber768Draft00` supported by BoringSSL, this fork also includes support for the following quantum-safe algorithms from liboqs (assuming they have been enabled in liboqs): +Along with `X25519MLKEM768` and `X25519Kyber768Draft00` supported by BoringSSL through Google's implementations, this fork also incorporates support for additional quantum-safe algorithms from liboqs (provided they have been enabled in liboqs): -- **BIKE**: `bikel1`, `bikel3`, `bikel5` -- **CRYSTALS-Kyber**: `kyber512`, `kyber768`, `kyber1024` -- **FrodoKEM**: `frodo640aes`, `frodo640shake`, `frodo976aes`, `frodo976shake`, `frodo1344aes`, `frodo1344shake` -- **HQC**: `hqc128`, `hqc192`, `hqc256`† -- **ML-KEM**: `mlkem768`, `mlkem1024` +- **BIKE**: `bikel1`, `p256_bikel1`, `x25519_bikel1`, `bikel3`, `p384_bikel3`, `bikel5`, `p521_bikel5` +- **CRYSTALS-Kyber**: `kyber512`, `p256_kyber512`, `x25519_kyber512`, `kyber768`, `p384_kyber768`, `kyber1024`, `p521_kyber1024` +- **FrodoKEM**: `frodo640aes`, `p256_frodo640aes`, `x25519_frodo640aes`, `frodo640shake`, `p256_frodo640shake`, `x25519_frodo640shake`, `frodo976aes`, `p384_frodo976aes`, `frodo976shake`, `p384_frodo976shake`, `frodo1344aes`, `p521_frodo1344aes`, `frodo1344shake`, `p521_frodo1344shake` +- **HQC**: `hqc128`, `p256_hqc128`, `x25519_hqc128`, `hqc192`, `p384_hqc192`, `hqc256`, `p521_hqc256`† +- **ML-KEM**: `mlkem768`, `p384_mlkem768`, `mlkem1024`, `p521_mlkem1024` -For each `` listed above, the following hybrid algorithms are made available as follows: - -- If `` has L1 security, the method `p256_` is available, which combines `` with ECDH using NIST's P256 curve -- If `` has L1 security, the method `x25519_` is available, which combines `` with ECDH using X25519 curve -- If `` has L3 security, the method `p384_` is available, which combines `` with ECDH using NIST's P384 curve -- If `` has L5 security, the method `p521_` is available, which combines `` with ECDH using NIST's P521 curve - -For example, since `kyber768` claims L3 security, the hybrid `p384_kyber768` is available. Be aware that hybrid algorithms utlizing `X448` are not supported. If those are needed for a project please use [OQS-provider](https://github.com/open-quantum-safe/oqs-provider) which supports them out of the box, or implement them and create a pull request, or [create an issue](https://github.com/open-quantum-safe/boringssl/issues). +Be aware that hybrid algorithms utlizing `X448` are not supported. If those are needed for a project please use [OQS-provider](https://github.com/open-quantum-safe/oqs-provider) which supports them out of the box, or implement them and create a pull request, or [create an issue](https://github.com/open-quantum-safe/boringssl/issues). Note that algorithms marked with a dagger (†) have large stack usage and may cause failures when run on threads or in constrained environments. diff --git a/oqs_template/README.md/list_kexs.fragment b/oqs_template/README.md/list_kexs.fragment index 377d9cfb8b..b5a7a50631 100644 --- a/oqs_template/README.md/list_kexs.fragment +++ b/oqs_template/README.md/list_kexs.fragment @@ -1,4 +1,4 @@ {%- for family, kems in config['kems'][1:] | groupby('family') %} -- **{{ family }}**: {% for kem in kems -%} `{{ kem['name'] }}` {%- if not loop.last %}, {% endif -%}{%- if loop.last and family == 'HQC' -%}†{%- endif -%}{%- endfor -%} +- **{{ family }}**: {% for kem in kems -%} {%- if not loop.first %}, {% endif -%} `{{ kem['name'] }}` {%- for classical_alg in kem['mix_with'] %}, `{{ classical_alg['name'] }}_{{ kem['name'] }}` {%- endfor %} {%- if loop.last and family == 'HQC' -%}†{%- endif -%}{%- endfor -%} {%- endfor %}