Skip to content
forked from IAIK/Picnic

Optimized implementation of the Picnic signature scheme

License

Notifications You must be signed in to change notification settings

ait-crypto/Picnic

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Picnic: Post-Quantum Signatures

The Picnic signature scheme is a family of digital signature schemes secure against attacks by quantum computers. This repository contains an optimized implementation of these schemes. The scheme and parameter sets are specified in the Picnic Specification Document. The public API of the library and the serialization format is compatible with the reference implementation.

Research paper describing the signature scheme and the optimizations are also available:

  • Post-Quantum Zero-Knowledge and Signatures from Symmetric-Key Primitives Melissa Chase and David Derler and Steven Goldfeder and Claudio Orlandi and Sebastian Ramacher and Christian Rechberger and Daniel Slamanig and Greg Zaverucha. In Proceedings of ACM CCS 2017. Cryptology ePrint Archive: Report 2017/279
  • Improved Non-Interactive Zero Knowledge with Applications to Post-Quantum Signatures Jonathan Katz and Vladimir Kolesnikov and Xiao Wang. In Proceedings of ACM CCS 2018. Cryptology ePrint Archive: Report 2018/475
  • Linear Equivalence of Block Ciphers with Partial Non-Linear Layers: Application to LowMC Itai Dinur and Daniel Kales and Angela Promitzer and Sebastian Ramacher and Christian Rechberger. In Proceedings of Eurocrypt 2019. Cryptology ePrint Archive: Report 2018/772
  • Improving the Performance of the Picnic Signature Scheme Daniel Kales and Greg Zaverucha. Cryptology ePrint Archive: Report 2020/427

Packages

Packages for Ubuntu bionic, disco, and eoan are available via a PPA.

Building

First configure the build with cmake and then run make:

mkdir build
cd build
cmake ..
make

The cmake based build system supports the following flags:

  • WITH_ZKBPP: Enable ZKB++-based Picnic instances.
  • WITH_UNRUH: Enables ZKB++-based Picnic instances using the Unruh transform (requires WITH_ZKBPP to be enabled).
  • WITH_KKW: Enable KKW-based Picnic instances.
  • WITH_SIMD_OPT: Enable SIMD optimizations.
  • WITH_AVX2: Use AVX2 if available.
  • WITH_SSE2: Use SSE2 if available.
  • WITH_NEON: Use NEON if available.
  • WITH_MARCH_NATIVE: Build with -march=native -mtune=native (if supported).
  • WITH_LTO: Enable link-time optimization (if supported).
  • WITH_SHA3_IMPL={opt64,avx2,armv8a-neon,s390-cpacf}: Select SHA3 implementation opt64 (the default, from Keccak code package), avx2 (for AVX2 capable x86-64 systems, from Keccak code package), armv8a-neon (for NEON capable ARM systems, from Keccak code package), s390-cpacf (for IBM z14 and newer systems supporting SHAKE)

Furthermore, the availability of specific LowMC instances can be controlled with WITH_LOWMC_$n_$k_$r. Note though, that at least one instance needs to be enabled, and if WITH_KKW is enabled, at least one of full Sbox layer instances needs to be enabled as well:

  • WITH_LOWMC_128_128_20: Enable partial Sbox layer instance for L1.
  • WITH_LOWMC_192_192_30: Enable partial Sbox layer instance for L3.
  • WITH_LOWMC_256_256_38: Enable partial Sbox layer instance for L5.
  • WITH_LOWMC_129_129_4: Enable full Sbox layer instance for L1.
  • WITH_LOWMC_192_192_4: Enable full Sbox layer instance for L3.
  • WITH_LOWMC_255_255_4: Enable full Sbox layer instance for L5.

Building on Windows

On Windows the code can be built using Visual Studio and cmake's Visual Studio solution generator as follows: Open the "Developer Command Prompt for VS 2017" and from the source folder, run:

mkdir build
cd build
cmake -G "Visual Studio 15 2017 Win64" ..
msbuild  /t:Rebuild /p:Configuration=Release picnic.sln

After running cmake, one can also open and build the solution directly with the Visual Studio IDE. The code was tested using `cmake' for Windows version 3.10 and Visual Studio 15 2017.

Cross-compiling to Windows using MinGW

Using MinGW, Picnic can be cross-compiled from Linux to Windows. First create a cmake toolchain file with the following content:

SET(CMAKE_SYSTEM_NAME Windows)

# compilers, etc
SET(CMAKE_C_COMPILER x86_64-w64-mingw32-gcc)
SET(CMAKE_CXX_COMPILER x86_64-w64-mingw32-g++)
SET(CMAKE_RC_COMPILER x86_64-w64-mingw32-windres)
SET(CMAKE_DLLTOOL x86_64-w64-mingw32-dlltool)
# use wine to execute tests
set(CMAKE_CROSSCOMPILING_EMULATOR wine)

# target environment
SET(CMAKE_FIND_ROOT_PATH /usr/x86_64-w64-mingw32/)

set(CMAKE_FIND_ROOT_PATH_MODE_PROGRAM NEVER)
set(CMAKE_FIND_ROOT_PATH_MODE_LIBRARY ONLY)
set(CMAKE_FIND_ROOT_PATH_MODE_INCLUDE ONLY)

Now invoke cmake as usual and also pass -DCMAKE_TOOLCHAIN_FILE=<path> where <path> refers to the toolchain file. After that build with make.

If the the cross-built DLLs are intended to be used in a Visual Studio project, some post-processing of the build artifacts is required. Create a file named libpicnic.def with the following content:

EXPORTS
picnic_clear_private_key
picnic_get_param_name
picnic_get_private_key_param
picnic_get_private_key_size
picnic_get_public_key_param
picnic_get_public_key_size
picnic_keygen
picnic_read_private_key
picnic_read_public_key
picnic_sign
picnic_signature_size
picnic_sk_to_pk
picnic_validate_keypair
picnic_verify
picnic_write_private_key
picnic_write_public_key

Then run

lib /def:"libpicnic.def" /out:"libpicnic.lib" /machine:x64

to produce the lib file required by Visual Studio for linking.

The instructions were tested for a 64 bit build of Picnic on a recent Debian and Ubuntu installation with mingw-w64 installed. For a 32 bits the paths need to be changed in the toolchain file and lib needs to be called with /machine:x86.

License

The code is licensed under the MIT license.

About

Optimized implementation of the Picnic signature scheme

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • C 94.5%
  • C++ 2.4%
  • Assembly 1.9%
  • CMake 1.0%
  • SWIG 0.1%
  • Python 0.1%