-
Add Capability CSR to KMAC that includes the configurations but not limited to:
- Masked/ Unmasked
- MSGFIFO Depth / Width
- Secret Key Size
CC: @jadephilipoom @cindychip @vogelpi @ballifati…
-
I'd like to let the interested parties know that, I've written a experimental C implementation of the draft. If anyone's interested in benchmarking or any kind of testing, I'd love to assist. I've als…
-
When reviewing KMAC entropy related error code, here is one concern we want to flag:
There are two KMAC entropy error code: `WaitTimerExpired` and `IncorrectEntropyMode`.
Currently both of the…
-
Apologies for the lengthy issue, but I'm trying to capture as much information as possible.
The **TL;DR** version is that it appears that when requesting vectors sets for `KAS-ECC` revision `Sp800-…
-
In case a protocol does not want to choose a specific value, advise on a default choice.
This should not cause spurious block-splitting
As Ilari suggested on the ML:
> For example, 163 zero byt…
-
Currently, the KMAC script uses variable names from AES (ciphertext instead of mac/tag). We should change this in the script as well as in the trace database to maintain readability.
-
This is related to #223 but unlike KMAC, NIST is permitting legacy use with shorter keys/IV for verification only.
We don't distinguish the two cases generally.
Refer to [SP 800-131Ar2](https://nv…
-
### Test point name
[chip_sw_lc_ctrl_kmac_error](https://github.com/lowRISC/opentitan/blob/72211c306ccacc11da7f4f2059c291690abcf9de/hw/top_earlgrey/data/chip_testplan.hjson#L1712)
### Host side …
-
### Description
Factored out from #22794: we should decide if KMAC needs a way to recover from an error if a hardware application interface does not provide the last data item.
This may happen e.g…
-
#7757 adds an initial implementation for SHA3/KMAC SCA program `sha3_serial.c`. I had to perform several writes to KMAC registers to unblock that PR but most of those should be replaced when they are …