search

open-quantum-safe / oqs-provider

OpenSSL 3 provider containing post-quantum algorithms
https://openquantumsafe.org
MIT License
235 stars 91 forks source link

Support deterministic key generation #447

Open knightcode opened 4 months ago

knightcode commented 4 months ago

Is it possible to pass an EVP_RAND instance to be used in the key generation calls? Could it potentially be possible?

dstebila commented 4 months ago

Is your goal to do deterministic key generation? Or do you want to ensure that oqs-provider is using a particular RNG?

knightcode commented 4 months ago

I can imagine both needs, but mine is the former (deterministic key gen). I would like to achieve it in a thread-safe, localized way that doesn't have a chance of bleeding into other operations.

dstebila commented 4 months ago

I can imagine both needs, but mine is the former (deterministic key gen). I would like to achieve it in a thread-safe, localized way that doesn't have a chance of bleeding into other operations.

We don't yet have a thread-safe way of deterministic key gen or encapsulation in liboqs, and thus can't do it in oqs-provider either. There's an issue tracking that functionality; there was someone working on it, but I think that work has stalled over the summer.

knightcode commented 4 months ago

Looks like stalled last year. I could maybe pick it up if I get some time from my company, but I'd need some direction.

SWilson4 commented 4 months ago

Looks like stalled last year. I could maybe pick it up if I get some time from my company, but I'd need some direction.

Hi @knightcode, we do have somebody actively working on it. As Douglas wrote, development has slowed down recently due to the developer's other commitments, but the feature is on the horizon.

baentsch commented 4 months ago

@SWilson4 would it be sensible then to assign this issue to this person so everyone immediately sees this issue as being worked on?

SWilson4 commented 3 months ago

@SWilson4 would it be sensible then to assign this issue to this person so everyone immediately sees this issue as being worked on?

Good call---I tried just now, but the developer (@Eddy-M-K) isn't actually part of any of our GitHub teams, so I don't believe I can assign him issues. I assigned the liboqs issue to myself as I'm overseeing the work. I don't actually know the required steps/effort to lift the future deterministic keygen functionality from liboqs into the provider, but for now I've assigned this one to myself as well to reflect that it is at least in the pipeline pending ongoing work. I also took the liberty of renaming this issue to reflect the discussion after the initial question.

baentsch commented 3 months ago

I don't actually know the required steps/effort to lift the future deterministic keygen functionality from liboqs into the provider

Well, that depends a bit on the API that liboqs will make available for that. When in draft PR status, let's discuss if you didn't already find a good spot to add it yourself (most likely in the init routines of the provider).

baentsch commented 3 months ago

Second thought: Would this have to be part of oqsprovider setup at all? The way I read the discussion it seems to be more sensible to make this a feature of liboqs which oqsprovider then simply "inherits" (if/when activated). What's your current design for activating this @SWilson4 ?

SWilson4 commented 3 months ago

Second thought: Would this have to be part of oqsprovider setup at all? The way I read the discussion it seems to be more sensible to make this a feature of liboqs which oqsprovider then simply "inherits" (if/when activated). What's your current design for activating this @SWilson4 ?

A draft PR exposing ML-KEM's derandomized API is now up in liboqs. How about we discuss the best way to bring this into the provider (if at all) over there?

baentsch commented 3 months ago

How about we discuss the best way to bring this into the provider (if at all) over there?

Good with me. But I'm not seeing any replies to my questions there. Vacation time or bad questions? FWIW, I'll be "on the road" myself again next week and probably not responding then. If we ought to best talk in person, please suggest time and place the week of Aug 19, @SWilson4 .

SWilson4 commented 3 months ago

How about we discuss the best way to bring this into the provider (if at all) over there?

Good with me. But I'm not seeing any replies to my questions there. Vacation time or bad questions? FWIW, I'll be "on the road" myself again next week and probably not responding then. If we ought to best talk in person, please suggest time and place the week of Aug 19, @SWilson4 .

Final exams and vacation time for the Waterloo undergrad student who contributed the PR and a lack of coordination on my part. I'll get back to you over there shortly!