├── .nojekyll ├── .vscode └── settings.json ├── LICENSE.md ├── README.md ├── css ├── app.css ├── foundation.css ├── foundation.min.css └── theme.default.css ├── data ├── convert.py ├── parametersets.csv └── schemes.csv ├── index.html ├── js ├── app.js ├── jquery.tablesorter.js ├── plot.js ├── vendor │ ├── foundation.js │ ├── foundation.min.js │ ├── jquery.js │ └── what-input.js └── wide.js ├── logo.png ├── round-1 ├── data │ ├── parametersets.csv │ └── schemes.csv ├── index.html ├── js │ ├── app.js │ ├── jquery.tablesorter.js │ ├── plot.js │ ├── vendor │ │ ├── foundation.js │ │ ├── foundation.min.js │ │ ├── jquery.js │ │ └── what-input.js │ └── wide.js └── wide.html ├── static └── d3.v7.min.js └── wide.html /.nojekyll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PQShield/nist-sigs-zoo/d525707d3010edfd5d2f2b32e95dc97388057c77/.nojekyll -------------------------------------------------------------------------------- /.vscode/settings.json: -------------------------------------------------------------------------------- 1 | { 2 | "ltex.enabled": [] 3 | } -------------------------------------------------------------------------------- /LICENSE.md: -------------------------------------------------------------------------------- 1 | # Code 2 | 3 | ``` 4 | MIT License 5 | 6 | Copyright (c) 2023 Thom Wiggers / PQShield 7 | 8 | Permission is hereby granted, free of charge, to any person obtaining a copy 9 | of this software and associated documentation files (the "Software"), to deal 10 | in the Software without restriction, including without limitation the rights 11 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 12 | copies of the Software, and to permit persons to whom the Software is 13 | furnished to do so, subject to the following conditions: 14 | 15 | The above copyright notice and this permission notice shall be included in all 16 | copies or substantial portions of the Software. 17 | 18 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 19 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 20 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 21 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 22 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 23 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 24 | SOFTWARE. 25 | ``` 26 | 27 | # Data and website content 28 | 29 | ``` 30 | Attribution-ShareAlike 4.0 International 31 | 32 | ======================================================================= 33 | 34 | Creative Commons Corporation ("Creative Commons") is not a law firm and 35 | does not provide legal services or legal advice. Distribution of 36 | Creative Commons public licenses does not create a lawyer-client or 37 | other relationship. Creative Commons makes its licenses and related 38 | information available on an "as-is" basis. Creative Commons gives no 39 | warranties regarding its licenses, any material licensed under their 40 | terms and conditions, or any related information. Creative Commons 41 | disclaims all liability for damages resulting from their use to the 42 | fullest extent possible. 43 | 44 | Using Creative Commons Public Licenses 45 | 46 | Creative Commons public licenses provide a standard set of terms and 47 | conditions that creators and other rights holders may use to share 48 | original works of authorship and other material subject to copyright 49 | and certain other rights specified in the public license below. The 50 | following considerations are for informational purposes only, are not 51 | exhaustive, and do not form part of our licenses. 52 | 53 | Considerations for licensors: Our public licenses are 54 | intended for use by those authorized to give the public 55 | permission to use material in ways otherwise restricted by 56 | copyright and certain other rights. Our licenses are 57 | irrevocable. Licensors should read and understand the terms 58 | and conditions of the license they choose before applying it. 59 | Licensors should also secure all rights necessary before 60 | applying our licenses so that the public can reuse the 61 | material as expected. Licensors should clearly mark any 62 | material not subject to the license. This includes other CC- 63 | licensed material, or material used under an exception or 64 | limitation to copyright. More considerations for licensors: 65 | wiki.creativecommons.org/Considerations_for_licensors 66 | 67 | Considerations for the public: By using one of our public 68 | licenses, a licensor grants the public permission to use the 69 | licensed material under specified terms and conditions. If 70 | the licensor's permission is not necessary for any reason--for 71 | example, because of any applicable exception or limitation to 72 | copyright--then that use is not regulated by the license. Our 73 | licenses grant only permissions under copyright and certain 74 | other rights that a licensor has authority to grant. Use of 75 | the licensed material may still be restricted for other 76 | reasons, including because others have copyright or other 77 | rights in the material. A licensor may make special requests, 78 | such as asking that all changes be marked or described. 79 | Although not required by our licenses, you are encouraged to 80 | respect those requests where reasonable. More considerations 81 | for the public: 82 | wiki.creativecommons.org/Considerations_for_licensees 83 | 84 | ======================================================================= 85 | 86 | Creative Commons Attribution-ShareAlike 4.0 International Public 87 | License 88 | 89 | By exercising the Licensed Rights (defined below), You accept and agree 90 | to be bound by the terms and conditions of this Creative Commons 91 | Attribution-ShareAlike 4.0 International Public License ("Public 92 | License"). To the extent this Public License may be interpreted as a 93 | contract, You are granted the Licensed Rights in consideration of Your 94 | acceptance of these terms and conditions, and the Licensor grants You 95 | such rights in consideration of benefits the Licensor receives from 96 | making the Licensed Material available under these terms and 97 | conditions. 98 | 99 | 100 | Section 1 -- Definitions. 101 | 102 | a. Adapted Material means material subject to Copyright and Similar 103 | Rights that is derived from or based upon the Licensed Material 104 | and in which the Licensed Material is translated, altered, 105 | arranged, transformed, or otherwise modified in a manner requiring 106 | permission under the Copyright and Similar Rights held by the 107 | Licensor. For purposes of this Public License, where the Licensed 108 | Material is a musical work, performance, or sound recording, 109 | Adapted Material is always produced where the Licensed Material is 110 | synched in timed relation with a moving image. 111 | 112 | b. Adapter's License means the license You apply to Your Copyright 113 | and Similar Rights in Your contributions to Adapted Material in 114 | accordance with the terms and conditions of this Public License. 115 | 116 | c. BY-SA Compatible License means a license listed at 117 | creativecommons.org/compatiblelicenses, approved by Creative 118 | Commons as essentially the equivalent of this Public License. 119 | 120 | d. Copyright and Similar Rights means copyright and/or similar rights 121 | closely related to copyright including, without limitation, 122 | performance, broadcast, sound recording, and Sui Generis Database 123 | Rights, without regard to how the rights are labeled or 124 | categorized. For purposes of this Public License, the rights 125 | specified in Section 2(b)(1)-(2) are not Copyright and Similar 126 | Rights. 127 | 128 | e. Effective Technological Measures means those measures that, in the 129 | absence of proper authority, may not be circumvented under laws 130 | fulfilling obligations under Article 11 of the WIPO Copyright 131 | Treaty adopted on December 20, 1996, and/or similar international 132 | agreements. 133 | 134 | f. Exceptions and Limitations means fair use, fair dealing, and/or 135 | any other exception or limitation to Copyright and Similar Rights 136 | that applies to Your use of the Licensed Material. 137 | 138 | g. License Elements means the license attributes listed in the name 139 | of a Creative Commons Public License. The License Elements of this 140 | Public License are Attribution and ShareAlike. 141 | 142 | h. Licensed Material means the artistic or literary work, database, 143 | or other material to which the Licensor applied this Public 144 | License. 145 | 146 | i. Licensed Rights means the rights granted to You subject to the 147 | terms and conditions of this Public License, which are limited to 148 | all Copyright and Similar Rights that apply to Your use of the 149 | Licensed Material and that the Licensor has authority to license. 150 | 151 | j. Licensor means the individual(s) or entity(ies) granting rights 152 | under this Public License. 153 | 154 | k. Share means to provide material to the public by any means or 155 | process that requires permission under the Licensed Rights, such 156 | as reproduction, public display, public performance, distribution, 157 | dissemination, communication, or importation, and to make material 158 | available to the public including in ways that members of the 159 | public may access the material from a place and at a time 160 | individually chosen by them. 161 | 162 | l. Sui Generis Database Rights means rights other than copyright 163 | resulting from Directive 96/9/EC of the European Parliament and of 164 | the Council of 11 March 1996 on the legal protection of databases, 165 | as amended and/or succeeded, as well as other essentially 166 | equivalent rights anywhere in the world. 167 | 168 | m. You means the individual or entity exercising the Licensed Rights 169 | under this Public License. Your has a corresponding meaning. 170 | 171 | 172 | Section 2 -- Scope. 173 | 174 | a. License grant. 175 | 176 | 1. Subject to the terms and conditions of this Public License, 177 | the Licensor hereby grants You a worldwide, royalty-free, 178 | non-sublicensable, non-exclusive, irrevocable license to 179 | exercise the Licensed Rights in the Licensed Material to: 180 | 181 | a. reproduce and Share the Licensed Material, in whole or 182 | in part; and 183 | 184 | b. produce, reproduce, and Share Adapted Material. 185 | 186 | 2. Exceptions and Limitations. For the avoidance of doubt, where 187 | Exceptions and Limitations apply to Your use, this Public 188 | License does not apply, and You do not need to comply with 189 | its terms and conditions. 190 | 191 | 3. Term. The term of this Public License is specified in Section 192 | 6(a). 193 | 194 | 4. Media and formats; technical modifications allowed. The 195 | Licensor authorizes You to exercise the Licensed Rights in 196 | all media and formats whether now known or hereafter created, 197 | and to make technical modifications necessary to do so. The 198 | Licensor waives and/or agrees not to assert any right or 199 | authority to forbid You from making technical modifications 200 | necessary to exercise the Licensed Rights, including 201 | technical modifications necessary to circumvent Effective 202 | Technological Measures. For purposes of this Public License, 203 | simply making modifications authorized by this Section 2(a) 204 | (4) never produces Adapted Material. 205 | 206 | 5. Downstream recipients. 207 | 208 | a. Offer from the Licensor -- Licensed Material. Every 209 | recipient of the Licensed Material automatically 210 | receives an offer from the Licensor to exercise the 211 | Licensed Rights under the terms and conditions of this 212 | Public License. 213 | 214 | b. Additional offer from the Licensor -- Adapted Material. 215 | Every recipient of Adapted Material from You 216 | automatically receives an offer from the Licensor to 217 | exercise the Licensed Rights in the Adapted Material 218 | under the conditions of the Adapter's License You apply. 219 | 220 | c. No downstream restrictions. You may not offer or impose 221 | any additional or different terms or conditions on, or 222 | apply any Effective Technological Measures to, the 223 | Licensed Material if doing so restricts exercise of the 224 | Licensed Rights by any recipient of the Licensed 225 | Material. 226 | 227 | 6. No endorsement. Nothing in this Public License constitutes or 228 | may be construed as permission to assert or imply that You 229 | are, or that Your use of the Licensed Material is, connected 230 | with, or sponsored, endorsed, or granted official status by, 231 | the Licensor or others designated to receive attribution as 232 | provided in Section 3(a)(1)(A)(i). 233 | 234 | b. Other rights. 235 | 236 | 1. Moral rights, such as the right of integrity, are not 237 | licensed under this Public License, nor are publicity, 238 | privacy, and/or other similar personality rights; however, to 239 | the extent possible, the Licensor waives and/or agrees not to 240 | assert any such rights held by the Licensor to the limited 241 | extent necessary to allow You to exercise the Licensed 242 | Rights, but not otherwise. 243 | 244 | 2. Patent and trademark rights are not licensed under this 245 | Public License. 246 | 247 | 3. To the extent possible, the Licensor waives any right to 248 | collect royalties from You for the exercise of the Licensed 249 | Rights, whether directly or through a collecting society 250 | under any voluntary or waivable statutory or compulsory 251 | licensing scheme. In all other cases the Licensor expressly 252 | reserves any right to collect such royalties. 253 | 254 | 255 | Section 3 -- License Conditions. 256 | 257 | Your exercise of the Licensed Rights is expressly made subject to the 258 | following conditions. 259 | 260 | a. Attribution. 261 | 262 | 1. If You Share the Licensed Material (including in modified 263 | form), You must: 264 | 265 | a. retain the following if it is supplied by the Licensor 266 | with the Licensed Material: 267 | 268 | i. identification of the creator(s) of the Licensed 269 | Material and any others designated to receive 270 | attribution, in any reasonable manner requested by 271 | the Licensor (including by pseudonym if 272 | designated); 273 | 274 | ii. a copyright notice; 275 | 276 | iii. a notice that refers to this Public License; 277 | 278 | iv. a notice that refers to the disclaimer of 279 | warranties; 280 | 281 | v. a URI or hyperlink to the Licensed Material to the 282 | extent reasonably practicable; 283 | 284 | b. indicate if You modified the Licensed Material and 285 | retain an indication of any previous modifications; and 286 | 287 | c. indicate the Licensed Material is licensed under this 288 | Public License, and include the text of, or the URI or 289 | hyperlink to, this Public License. 290 | 291 | 2. You may satisfy the conditions in Section 3(a)(1) in any 292 | reasonable manner based on the medium, means, and context in 293 | which You Share the Licensed Material. For example, it may be 294 | reasonable to satisfy the conditions by providing a URI or 295 | hyperlink to a resource that includes the required 296 | information. 297 | 298 | 3. If requested by the Licensor, You must remove any of the 299 | information required by Section 3(a)(1)(A) to the extent 300 | reasonably practicable. 301 | 302 | b. ShareAlike. 303 | 304 | In addition to the conditions in Section 3(a), if You Share 305 | Adapted Material You produce, the following conditions also apply. 306 | 307 | 1. The Adapter's License You apply must be a Creative Commons 308 | license with the same License Elements, this version or 309 | later, or a BY-SA Compatible License. 310 | 311 | 2. You must include the text of, or the URI or hyperlink to, the 312 | Adapter's License You apply. You may satisfy this condition 313 | in any reasonable manner based on the medium, means, and 314 | context in which You Share Adapted Material. 315 | 316 | 3. You may not offer or impose any additional or different terms 317 | or conditions on, or apply any Effective Technological 318 | Measures to, Adapted Material that restrict exercise of the 319 | rights granted under the Adapter's License You apply. 320 | 321 | 322 | Section 4 -- Sui Generis Database Rights. 323 | 324 | Where the Licensed Rights include Sui Generis Database Rights that 325 | apply to Your use of the Licensed Material: 326 | 327 | a. for the avoidance of doubt, Section 2(a)(1) grants You the right 328 | to extract, reuse, reproduce, and Share all or a substantial 329 | portion of the contents of the database; 330 | 331 | b. if You include all or a substantial portion of the database 332 | contents in a database in which You have Sui Generis Database 333 | Rights, then the database in which You have Sui Generis Database 334 | Rights (but not its individual contents) is Adapted Material, 335 | including for purposes of Section 3(b); and 336 | 337 | c. You must comply with the conditions in Section 3(a) if You Share 338 | all or a substantial portion of the contents of the database. 339 | 340 | For the avoidance of doubt, this Section 4 supplements and does not 341 | replace Your obligations under this Public License where the Licensed 342 | Rights include other Copyright and Similar Rights. 343 | 344 | 345 | Section 5 -- Disclaimer of Warranties and Limitation of Liability. 346 | 347 | a. UNLESS OTHERWISE SEPARATELY UNDERTAKEN BY THE LICENSOR, TO THE 348 | EXTENT POSSIBLE, THE LICENSOR OFFERS THE LICENSED MATERIAL AS-IS 349 | AND AS-AVAILABLE, AND MAKES NO REPRESENTATIONS OR WARRANTIES OF 350 | ANY KIND CONCERNING THE LICENSED MATERIAL, WHETHER EXPRESS, 351 | IMPLIED, STATUTORY, OR OTHER. THIS INCLUDES, WITHOUT LIMITATION, 352 | WARRANTIES OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR 353 | PURPOSE, NON-INFRINGEMENT, ABSENCE OF LATENT OR OTHER DEFECTS, 354 | ACCURACY, OR THE PRESENCE OR ABSENCE OF ERRORS, WHETHER OR NOT 355 | KNOWN OR DISCOVERABLE. WHERE DISCLAIMERS OF WARRANTIES ARE NOT 356 | ALLOWED IN FULL OR IN PART, THIS DISCLAIMER MAY NOT APPLY TO YOU. 357 | 358 | b. TO THE EXTENT POSSIBLE, IN NO EVENT WILL THE LICENSOR BE LIABLE 359 | TO YOU ON ANY LEGAL THEORY (INCLUDING, WITHOUT LIMITATION, 360 | NEGLIGENCE) OR OTHERWISE FOR ANY DIRECT, SPECIAL, INDIRECT, 361 | INCIDENTAL, CONSEQUENTIAL, PUNITIVE, EXEMPLARY, OR OTHER LOSSES, 362 | COSTS, EXPENSES, OR DAMAGES ARISING OUT OF THIS PUBLIC LICENSE OR 363 | USE OF THE LICENSED MATERIAL, EVEN IF THE LICENSOR HAS BEEN 364 | ADVISED OF THE POSSIBILITY OF SUCH LOSSES, COSTS, EXPENSES, OR 365 | DAMAGES. WHERE A LIMITATION OF LIABILITY IS NOT ALLOWED IN FULL OR 366 | IN PART, THIS LIMITATION MAY NOT APPLY TO YOU. 367 | 368 | c. The disclaimer of warranties and limitation of liability provided 369 | above shall be interpreted in a manner that, to the extent 370 | possible, most closely approximates an absolute disclaimer and 371 | waiver of all liability. 372 | 373 | 374 | Section 6 -- Term and Termination. 375 | 376 | a. This Public License applies for the term of the Copyright and 377 | Similar Rights licensed here. However, if You fail to comply with 378 | this Public License, then Your rights under this Public License 379 | terminate automatically. 380 | 381 | b. Where Your right to use the Licensed Material has terminated under 382 | Section 6(a), it reinstates: 383 | 384 | 1. automatically as of the date the violation is cured, provided 385 | it is cured within 30 days of Your discovery of the 386 | violation; or 387 | 388 | 2. upon express reinstatement by the Licensor. 389 | 390 | For the avoidance of doubt, this Section 6(b) does not affect any 391 | right the Licensor may have to seek remedies for Your violations 392 | of this Public License. 393 | 394 | c. For the avoidance of doubt, the Licensor may also offer the 395 | Licensed Material under separate terms or conditions or stop 396 | distributing the Licensed Material at any time; however, doing so 397 | will not terminate this Public License. 398 | 399 | d. Sections 1, 5, 6, 7, and 8 survive termination of this Public 400 | License. 401 | 402 | 403 | Section 7 -- Other Terms and Conditions. 404 | 405 | a. The Licensor shall not be bound by any additional or different 406 | terms or conditions communicated by You unless expressly agreed. 407 | 408 | b. Any arrangements, understandings, or agreements regarding the 409 | Licensed Material not stated herein are separate from and 410 | independent of the terms and conditions of this Public License. 411 | 412 | 413 | Section 8 -- Interpretation. 414 | 415 | a. For the avoidance of doubt, this Public License does not, and 416 | shall not be interpreted to, reduce, limit, restrict, or impose 417 | conditions on any use of the Licensed Material that could lawfully 418 | be made without permission under this Public License. 419 | 420 | b. To the extent possible, if any provision of this Public License is 421 | deemed unenforceable, it shall be automatically reformed to the 422 | minimum extent necessary to make it enforceable. If the provision 423 | cannot be reformed, it shall be severed from this Public License 424 | without affecting the enforceability of the remaining terms and 425 | conditions. 426 | 427 | c. No term or condition of this Public License will be waived and no 428 | failure to comply consented to unless expressly agreed to by the 429 | Licensor. 430 | 431 | d. Nothing in this Public License constitutes or may be interpreted 432 | as a limitation upon, or waiver of, any privileges and immunities 433 | that apply to the Licensor or You, including from the legal 434 | processes of any jurisdiction or authority. 435 | 436 | 437 | ======================================================================= 438 | 439 | Creative Commons is not a party to its public licenses. 440 | Notwithstanding, Creative Commons may elect to apply one of its public 441 | licenses to material it publishes and in those instances will be 442 | considered the “Licensor.” The text of the Creative Commons public 443 | licenses is dedicated to the public domain under the CC0 Public Domain 444 | Dedication. Except for the limited purpose of indicating that material 445 | is shared under a Creative Commons public license or as otherwise 446 | permitted by the Creative Commons policies published at 447 | creativecommons.org/policies, Creative Commons does not authorize the 448 | use of the trademark "Creative Commons" or any other trademark or logo 449 | of Creative Commons without its prior written consent including, 450 | without limitation, in connection with any unauthorized modifications 451 | to any of its public licenses or any other arrangements, 452 | understandings, or agreements concerning use of licensed material. For 453 | the avoidance of doubt, this paragraph does not form part of the public 454 | licenses. 455 | 456 | Creative Commons may be contacted at creativecommons.org.` 457 | ``` -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Post-Quantum signatures zoo 2 | 3 | In this project, we give an overview of the post-quantum algorithms that have been submitted to the NIST post-quantum signatures on-ramp. 4 | 5 | We have copied the properties of the schemes out of the individual scheme submission documents, so be aware of potential errors. 6 | 7 | ## Data corrections 8 | 9 | The data for this project is kept on Google Sheets. 10 | Please submit corrections by commenting on [the relevant spreadsheet](https://docs.google.com/spreadsheets/d/1Ba8MWRJzcn3DaoAQsAiCnIdRbbVRow1mWf01LzXk-14/edit?usp=sharing) or submit issues in this repository. 11 | 12 | 13 | ## Submitting new features and code improvements 14 | 15 | We welcome any and all suggestions and improvements to this web page: we're not web developers, 16 | so if you know how to do something more elegantly, feel free to contribute. 17 | -------------------------------------------------------------------------------- /css/app.css: -------------------------------------------------------------------------------- 1 | footer { 2 | background: darkgrey; 3 | } 4 | 5 | .extrapolated { 6 | text-decoration: underline wavy red; 7 | } -------------------------------------------------------------------------------- /css/theme.default.css: -------------------------------------------------------------------------------- 1 | /************* 2 | Default Theme 3 | *************/ 4 | /* overall */ 5 | .tablesorter-default { 6 | width: 100%; 7 | font: 12px/18px Arial, Sans-serif; 8 | color: #333; 9 | background-color: #fff; 10 | border-spacing: 0; 11 | margin: 10px 0 15px; 12 | text-align: left; 13 | } 14 | 15 | /* header */ 16 | .tablesorter-default th, 17 | .tablesorter-default thead td { 18 | font-weight: bold; 19 | color: #000; 20 | background-color: #fff; 21 | border-collapse: collapse; 22 | border-bottom: #ccc 2px solid; 23 | padding: 0; 24 | } 25 | .tablesorter-default tfoot th, 26 | .tablesorter-default tfoot td { 27 | border: 0; 28 | } 29 | .tablesorter-default .header, 30 | .tablesorter-default .tablesorter-header { 31 | background-image: url(data:image/gif;base64,R0lGODlhFQAJAIAAACMtMP///yH5BAEAAAEALAAAAAAVAAkAAAIXjI+AywnaYnhUMoqt3gZXPmVg94yJVQAAOw==); 32 | background-position: center right; 33 | background-repeat: no-repeat; 34 | cursor: pointer; 35 | white-space: normal; 36 | padding: 4px 20px 4px 4px; 37 | } 38 | .tablesorter-default thead .headerSortUp, 39 | .tablesorter-default thead .tablesorter-headerSortUp, 40 | .tablesorter-default thead .tablesorter-headerAsc { 41 | background-image: url(data:image/gif;base64,R0lGODlhFQAEAIAAACMtMP///yH5BAEAAAEALAAAAAAVAAQAAAINjI8Bya2wnINUMopZAQA7); 42 | border-bottom: #000 2px solid; 43 | } 44 | .tablesorter-default thead .headerSortDown, 45 | .tablesorter-default thead .tablesorter-headerSortDown, 46 | .tablesorter-default thead .tablesorter-headerDesc { 47 | background-image: url(data:image/gif;base64,R0lGODlhFQAEAIAAACMtMP///yH5BAEAAAEALAAAAAAVAAQAAAINjB+gC+jP2ptn0WskLQA7); 48 | border-bottom: #000 2px solid; 49 | } 50 | .tablesorter-default thead .sorter-false { 51 | background-image: none; 52 | cursor: default; 53 | padding: 4px; 54 | } 55 | 56 | /* tfoot */ 57 | .tablesorter-default tfoot .tablesorter-headerSortUp, 58 | .tablesorter-default tfoot .tablesorter-headerSortDown, 59 | .tablesorter-default tfoot .tablesorter-headerAsc, 60 | .tablesorter-default tfoot .tablesorter-headerDesc { 61 | border-top: #000 2px solid; 62 | } 63 | 64 | /* tbody */ 65 | .tablesorter-default td { 66 | background-color: #fff; 67 | border-bottom: #ccc 1px solid; 68 | padding: 4px; 69 | vertical-align: top; 70 | } 71 | 72 | /* hovered row colors */ 73 | .tablesorter-default tbody > tr.hover > td, 74 | .tablesorter-default tbody > tr:hover > td, 75 | .tablesorter-default tbody > tr.even:hover > td, 76 | .tablesorter-default tbody > tr.odd:hover > td { 77 | background-color: #fff; 78 | color: #000; 79 | } 80 | 81 | /* table processing indicator */ 82 | .tablesorter-default .tablesorter-processing { 83 | background-position: center center !important; 84 | background-repeat: no-repeat !important; 85 | /* background-image: url(images/loading.gif) !important; */ 86 | background-image: url('data:image/gif;base64,R0lGODlhFAAUAKEAAO7u7lpaWgAAAAAAACH/C05FVFNDQVBFMi4wAwEAAAAh+QQBCgACACwAAAAAFAAUAAACQZRvoIDtu1wLQUAlqKTVxqwhXIiBnDg6Y4eyx4lKW5XK7wrLeK3vbq8J2W4T4e1nMhpWrZCTt3xKZ8kgsggdJmUFACH5BAEKAAIALAcAAAALAAcAAAIUVB6ii7jajgCAuUmtovxtXnmdUAAAIfkEAQoAAgAsDQACAAcACwAAAhRUIpmHy/3gUVQAQO9NetuugCFWAAAh+QQBCgACACwNAAcABwALAAACE5QVcZjKbVo6ck2AF95m5/6BSwEAIfkEAQoAAgAsBwANAAsABwAAAhOUH3kr6QaAcSrGWe1VQl+mMUIBACH5BAEKAAIALAIADQALAAcAAAIUlICmh7ncTAgqijkruDiv7n2YUAAAIfkEAQoAAgAsAAAHAAcACwAAAhQUIGmHyedehIoqFXLKfPOAaZdWAAAh+QQFCgACACwAAAIABwALAAACFJQFcJiXb15zLYRl7cla8OtlGGgUADs=') !important; 87 | } 88 | 89 | /* Zebra Widget - row alternating colors */ 90 | .tablesorter-default tr.odd > td { 91 | background-color: #dfdfdf; 92 | } 93 | .tablesorter-default tr.even > td { 94 | background-color: #efefef; 95 | } 96 | 97 | /* Column Widget - column sort colors */ 98 | .tablesorter-default tr.odd td.primary { 99 | background-color: #bfbfbf; 100 | } 101 | .tablesorter-default td.primary, 102 | .tablesorter-default tr.even td.primary { 103 | background-color: #d9d9d9; 104 | } 105 | .tablesorter-default tr.odd td.secondary { 106 | background-color: #d9d9d9; 107 | } 108 | .tablesorter-default td.secondary, 109 | .tablesorter-default tr.even td.secondary { 110 | background-color: #e6e6e6; 111 | } 112 | .tablesorter-default tr.odd td.tertiary { 113 | background-color: #e6e6e6; 114 | } 115 | .tablesorter-default td.tertiary, 116 | .tablesorter-default tr.even td.tertiary { 117 | background-color: #f2f2f2; 118 | } 119 | 120 | /* caption */ 121 | .tablesorter-default > caption { 122 | background-color: #fff; 123 | } 124 | 125 | /* filter widget */ 126 | .tablesorter-default .tablesorter-filter-row { 127 | background-color: #eee; 128 | } 129 | .tablesorter-default .tablesorter-filter-row td { 130 | background-color: #eee; 131 | border-bottom: #ccc 1px solid; 132 | line-height: normal; 133 | text-align: center; /* center the input */ 134 | -webkit-transition: line-height 0.1s ease; 135 | -moz-transition: line-height 0.1s ease; 136 | -o-transition: line-height 0.1s ease; 137 | transition: line-height 0.1s ease; 138 | } 139 | /* optional disabled input styling */ 140 | .tablesorter-default .tablesorter-filter-row .disabled { 141 | opacity: 0.5; 142 | filter: alpha(opacity=50); 143 | cursor: not-allowed; 144 | } 145 | /* hidden filter row */ 146 | .tablesorter-default .tablesorter-filter-row.hideme td { 147 | /*** *********************************************** ***/ 148 | /*** change this padding to modify the thickness ***/ 149 | /*** of the closed filter row (height = padding x 2) ***/ 150 | padding: 2px; 151 | /*** *********************************************** ***/ 152 | margin: 0; 153 | line-height: 0; 154 | cursor: pointer; 155 | } 156 | .tablesorter-default .tablesorter-filter-row.hideme * { 157 | height: 1px; 158 | min-height: 0; 159 | border: 0; 160 | padding: 0; 161 | margin: 0; 162 | /* don't use visibility: hidden because it disables tabbing */ 163 | opacity: 0; 164 | filter: alpha(opacity=0); 165 | } 166 | /* filters */ 167 | .tablesorter-default input.tablesorter-filter, 168 | .tablesorter-default select.tablesorter-filter { 169 | width: 95%; 170 | height: auto; 171 | margin: 4px auto; 172 | padding: 4px; 173 | background-color: #fff; 174 | border: 1px solid #bbb; 175 | color: #333; 176 | -webkit-box-sizing: border-box; 177 | -moz-box-sizing: border-box; 178 | box-sizing: border-box; 179 | -webkit-transition: height 0.1s ease; 180 | -moz-transition: height 0.1s ease; 181 | -o-transition: height 0.1s ease; 182 | transition: height 0.1s ease; 183 | } 184 | /* rows hidden by filtering (needed for child rows) */ 185 | .tablesorter .filtered { 186 | display: none; 187 | } 188 | 189 | /* ajax error row */ 190 | .tablesorter .tablesorter-errorRow td { 191 | text-align: center; 192 | cursor: pointer; 193 | background-color: #e6bf99; 194 | } 195 | -------------------------------------------------------------------------------- /data/convert.py: -------------------------------------------------------------------------------- 1 | import csv 2 | 3 | from pathlib import Path 4 | from pprint import pprint 5 | 6 | 7 | class NumbersDialect(csv.Dialect): 8 | delimiter: str = ";" 9 | quoting = csv.QUOTE_NONE 10 | lineterminator = "\n" 11 | 12 | 13 | with Path("numbers.csv").open("r") as fh: 14 | reader = csv.DictReader(fh, dialect=NumbersDialect) 15 | fields = reader.fieldnames 16 | assert fields is not None 17 | print(fields) 18 | with Path("parametersets.csv").open("w") as fh: 19 | writer = csv.DictWriter(fh, fieldnames=fields) 20 | writer.writeheader() 21 | for row in reader: 22 | for field in fields[3:-2]: 23 | if row[field]: 24 | row[field] = int(row[field].replace(",", "")) 25 | for field in fields[-2:]: 26 | if row[field]: 27 | row[field] = float(row[field].replace(",", ".")) 28 | writer.writerow(row) 29 | -------------------------------------------------------------------------------- /data/parametersets.csv: -------------------------------------------------------------------------------- 1 | Scheme,Parameterset,Security level,pk size,sig size,signing (cycles),verification (cycles),signing (ms),verification (ms) 2 | CROSS,R-SDP 5 small,5,153,50818,11356000,7765000,, 3 | CROSS,R-SDP 5 balanced,5,153,53527,7042000,4752000,, 4 | CROSS,R-SDP 3 small,3,115,28391,6254000,4277000,, 5 | CROSS,R-SDP 3 balanced,3,115,29853,4161000,2776000,, 6 | CROSS,R-SDP 5 fast,5,153,74590,4116000,2512000,, 7 | CROSS,R-SDP(G) 5 small,5,106,36454,6197000,4059000,, 8 | CROSS,R-SDP(G) 5 balanced,5,106,40100,3482000,2248000,, 9 | CROSS,R-SDP 1 small,1,77,12434,4048000,2725000,, 10 | CROSS,R-SDP 1 balanced,1,77,13152,2013000,1270000,, 11 | CROSS,R-SDP(G) 3 small,3,83,20452,4195000,2832000,, 12 | CROSS,R-SDP(G) 3 balanced,3,83,22464,2240000,1446000,, 13 | CROSS,R-SDP 3 fast,3,115,41406,2324000,1398000,, 14 | CROSS,R-SDP(G) 5 fast,5,106,48102,2580000,1634000,, 15 | CROSS,R-SDP(G) 1 small,1,54,8960,3137000,1971000,, 16 | CROSS,R-SDP(G) 1 balanced,1,54,9120,1579000,985000,, 17 | CROSS,R-SDP 1 fast,1,77,18432,1007000,572000,, 18 | CROSS,R-SDP(G) 3 fast,3,83,26772,1555000,982000,, 19 | CROSS,R-SDP(G) 1 fast,1,54,11980,687000,422000,, 20 | ML-DSA,ML-DSA-87,5,2592,4627,642192,279936,, 21 | ML-DSA,ML-DSA-65,3,1952,3309,529106,179424,, 22 | ML-DSA,ML-DSA-44,2,1312,2420,333013,118412,, 23 | FAEST,192s,3,64,11260,54687000,42290000,, 24 | FAEST,192f,3,64,14948,7045000,6079000,, 25 | FAEST,256s,5,64,20696,76330000,74546000,, 26 | FAEST,256f,5,64,26548,11071000,10241000,, 27 | FAEST,EM-256s,5,64,17984,62465000,59738000,, 28 | FAEST,EM-256f,5,64,23476,9436000,8725000,, 29 | FAEST,EM-192s,3,48,9340,39282000,36239000,, 30 | FAEST,EM-192f,3,48,12380,5117000,4665000,, 31 | FAEST,128s,1,32,4506,12787000,9783000,, 32 | FAEST,128f,1,32,5924,1722000,1413000,, 33 | FAEST,EM-128s,1,32,3906,9403000,7398000,, 34 | FAEST,EM-128f,1,32,5060,1404000,1113000,, 35 | Falcon,1024,5,1793,1280,2053080,160596,, 36 | Falcon,512,1,897,666,1009764,81036,, 37 | HAWK,1024,5,2440,1221,180816,302861,, 38 | HAWK,512,1,1024,555,85372,148224,, 39 | LESS,252-192,1,13940,2625,127500000,122700000,, 40 | LESS,252-68,1,41788,1825,45900000,44800000,, 41 | LESS,252-45,1,97484,1329,30600000,30000000,, 42 | LESS,400-220,3,35074,6329,401500000,392700000,, 43 | LESS,400-102,3,105174,4131,184000000,181300000,, 44 | LESS,548-345,5,65793,10680,1424200000,1396000000,, 45 | LESS,548-137,5,197315,7436,560000000,564600000,, 46 | MAYO,five,5,5554,964,2387350,853920,, 47 | MAYO,three,3,2986,681,1017216,347972,, 48 | MAYO,two,1,4912,186,286028,56374,, 49 | MAYO,one,1,1420,454,471028,153266,, 50 | Mirath,1a-Short,1,73,3078,166000000,123000000,, 51 | Mirath,1b-Short,1,57,2902,152000000,101000000,, 52 | Mirath,1a-Fast,1,73,3728,11000000,9800000,, 53 | Mirath,1b-Fast,1,57,3456,15100000,12200000,, 54 | Mirath,3a-Short,3,107,6907,597000000,411000000,, 55 | Mirath,3b-Short,3,84,6514,520000000,327000000,, 56 | Mirath,3a-Fast,3,107,8537,33600000,34400000,, 57 | Mirath,3b-Fast,3,84,7936,55000000,51600000,, 58 | Mirath,5a-Short,5,147,12413,1415000000,712000000,, 59 | Mirath,5b-Short,5,112,11620,1421000000,630000000,, 60 | Mirath,5a-Fast,5,147,15504,88700000,65100000,, 61 | Mirath,5b-Fast,5,112,14262,121000000,88000000,, 62 | MQOM,L1-gf2-short-3r,1,52,2868,26520000,25110000,, 63 | MQOM,L1-gf256-short-3r,1,80,3540,21930000,20600000,, 64 | MQOM,L1-gf2-fast-3r,1,52,3212,14120000,11690000,, 65 | MQOM,L1-gf256-fast-3r,1,80,4164,7010000,5070000,, 66 | MQOM,L3-gf2-short-3r,3,78,6388,11490000,10360000,, 67 | MQOM,L3-gf256-short-3r,3,120,7900,83850000,74410000,, 68 | MQOM,L3-gf2-fast-3r,3,78,7576,57370000,51190000,, 69 | MQOM,L3-gf256-fast-3r,3,120,9844,34180000,24110000,, 70 | MQOM,L5-gf2-short-3r,5,104,11764,278920000,266510000,, 71 | MQOM,L5-gf256-short-3r,5,160,14564,135010000,121590000,, 72 | MQOM,L5-gf2-fast-3r,5,104,13412,145510000,129970000,, 73 | MQOM,L5-gf256-fast-3r,5,160,17444,54690000,36220000,, 74 | MQOM,L1-gf2-short-5r,1,52,2820,31840000,30080000,, 75 | MQOM,L1-gf256-short-5r,1,80,3156,17650000,16450000,, 76 | MQOM,L1-gf2-fast-5r,1,52,3144,14530000,11930000,, 77 | MQOM,L1-gf256-fast-5r,1,80,3620,6150000,4280000,, 78 | MQOM,L3-gf2-short-5r,3,78,6280,108120000,99360000,, 79 | MQOM,L3-gf256-short-5r,3,120,7036,66710000,57490000,, 80 | MQOM,L3-gf2-fast-5r,3,78,7414,56850000,50390000,, 81 | MQOM,L3-gf256-fast-5r,3,120,8548,27470000,18710000,, 82 | MQOM,L5-gf2-short-5r,5,104,11564,306940000,28907000,, 83 | MQOM,L5-gf256-short-5r,5,160,12964,124980000,109730000,, 84 | MQOM,L5-gf2-fast-5r,5,104,13124,150650000,135980000,, 85 | MQOM,L5-gf256-fast-5r,5,160,15140,52640000,33690000,, 86 | PERK,I-fast3,1,150,8360,7300000,5100000,, 87 | PERK,I-fast5,1,240,8030,7000000,4900000,, 88 | PERK,I-short3,1,150,6250,38000000,27000000,, 89 | PERK,I-short5,1,240,5780,35000000,25000000,, 90 | PERK,III-fast3,3,230,18800,15000000,12000000,, 91 | PERK,III-fast5,3,370,18000,15000000,11000000,, 92 | PERK,III-short3,3,230,14300,80000000,64000000,, 93 | PERK,III-short5,3,370,13200,75000000,59000000,, 94 | PERK,V-fast3,5,310,33300,34000000,27000000,, 95 | PERK,V-fast5,5,510,31700,33000000,26000000,, 96 | PERK,V-short3,5,310,25100,182000000,142000000,, 97 | PERK,V-short5,5,510,23000,168000000,131000000,, 98 | QR-UOV,I-(127 156 54 3),1,24255,200,3130000,2748000,, 99 | QR-UOV,I-(31 165 60 3),1,23641,157,4222000,3691000,, 100 | QR-UOV,I-(31 600 70 10),1,12266,435,15010000,15113000,, 101 | QR-UOV,I-(7 740 100 10),1,20641,331,46819000,44924000,, 102 | QR-UOV,III-(127 228 78 3),3,71891,292,9824000,8604000,, 103 | QR-UOV,III-(31 246 87 3),3,70983,232,14469000,12737000,, 104 | QR-UOV,III-(31 890 100 10),3,34399,643,49818000,48728000,, 105 | QR-UOV,III-(7 1100 140 10),3,55149,489,134929000,128632000,, 106 | QR-UOV,V-(127 306 105 3),5,173676,392,23880000,20950000,, 107 | QR-UOV,V-(31 1120 120 10),5,58532,807,90682000,87848000,, 108 | QR-UOV,V-(31 324 114 3),5,158421,306,30072000,26157000,, 109 | QR-UOV,V-(7 1490 190 10),5,135407,662,347789000,329495000,, 110 | RSA,2048,Pre-Quantum,272,256,27000000,45000,, 111 | RYDE,1-Short,1,69,2988,71600000,66300000,, 112 | RYDE,1-Fast,1,69,3597,6700000,6600000,, 113 | RYDE,3-Short,3,101,6728,320000000,282200000,, 114 | RYDE,3-Fast,3,101,8264,27300000,27100000,, 115 | RYDE,5-Short,5,133,11819,639300000,456800000,, 116 | RYDE,5-Fast,5,133,14609,49000000,44500000,, 117 | SDitH,SDitH2-L1-gf2-short,1,70,3705,,,6.73,6.04 118 | SDitH,SDitH2-L1-gf2-fast,1,70,4484,,,2.01,1.79 119 | SDitH,SDitH2-L3-gf2-short,3,98,7964,,,42.26,39.84 120 | SDitH,SDitH2-L3-gf2-fast,3,98,9916,,,6.36,5.75 121 | SDitH,SDitH2-L5-gf2-short,5,132,14121,,,60.48,57.23 122 | SDitH,SDitH2-L5-gf2-fast,5,132,17540,,,9.42,8.7 123 | SNOVA,(60 10 4),5,8016,576,3110898,1504945,, 124 | SNOVA,(66 15 3),5,15204,381,3546746,2460059,, 125 | SNOVA,(75 33 2),5,71890,216,2304920,1165161,, 126 | SNOVA,(37 8 14),3,4112,376,1188690,544395,, 127 | SNOVA,(49 11 3),3,6006,286,1365463,1004519,, 128 | SNOVA,(56 25 2),3,31266,168,964716,507009,, 129 | SNOVA,(24 5 4),1,1016,248,306736,163805,, 130 | SNOVA,(25 8 3),1,2320,165,370046,218801,, 131 | SNOVA,(37 17 2),1,9842,106,338723,146738,, 132 | SLH-DSA,SHAKE-192s,3,48,16224,8091419556,6465506,, 133 | SLH-DSA,SHAKE-256s,5,64,29792,7085272100,10216560,, 134 | SLH-DSA,SHAKE-128s,1,32,7856,4682570992,4764084,, 135 | SLH-DSA,SHAKE-256f,5,64,49856,763942250,19886032,, 136 | SLH-DSA,SHAKE-192f,3,48,35664,386861992,19876926,, 137 | SLH-DSA,SHAKE-128f,1,32,17088,239793806,12909924,, 138 | SQIsign,V,5,129,292,507500000,35700000,, 139 | SQIsign,III,3,97,224,309200000,18600000,, 140 | SQIsign,I,1,65,148,101600000,5100000,, 141 | UOV,V-pkc,5,446992,260,591144,2017472,, 142 | UOV,V-classic,5,2869440,260,591144,530468,, 143 | UOV,III-pkc,3,189232,200,302728,963800,, 144 | UOV,III-classic,3,1225440,200,302728,282514,, 145 | UOV,Is-pkc,1,66576,96,128972,282842,, 146 | UOV,Is-classic,1,412160,96,128972,60916,, 147 | UOV,Ip-pkc,1,43576,128,109328,235006,, 148 | UOV,Ip-classic,1,278432,128,109328,80342,, 149 | EdDSA,Ed25519,Pre-Quantum,32,64,42000,130000,0.00274,8.0 150 | -------------------------------------------------------------------------------- /data/schemes.csv: -------------------------------------------------------------------------------- 1 | Scheme,NIST status,Website,Category,Broken,Warning,Info,Assumption 2 | ML-DSA,FIPS,https://pq-crystals.org/dilithium,Lattices,,,,MLWE/MSIS 3 | SLH-DSA,FIPS,https://sphincs.org/,Symmetric,,,,Hash-based 4 | Falcon,To be standardized,https://falcon-sign.info,Lattices,,,,NTRU-SIS 5 | EdDSA,Classic cryptography,https://ed25519.cr.yp.to/,Pre-Quantum,classical,,,Elliptic Curves 6 | RSA,Classic cryptography,https://web.archive.org/web/20230127011251/http://people.csail.mit.edu/rivest/Rsapaper.pdf,Pre-Quantum,classical,,,Factoring 7 | FAEST,On-ramp,https://faest.info,Symmetric,,,,symmetric / zero-knowledge VOLE-in-the-Head 8 | CROSS,On-ramp,https://cross-crypto.com/,Code-based,,,,Restricted syndrome decoding 9 | Mirath,On-ramp,https://pqc-mirath.org/,MPC-in-the-Head,,,,Min-rank problem 10 | HAWK,On-ramp,https://hawk-sign.info,Lattices,,,,Lattice Isomorphism Problem 11 | LESS,On-ramp,https://less-project.com,Code-based,,,,Linear Equivalence Problem 12 | MAYO,On-ramp,https://pqmayo.org,Multivariate,,There is an attack on a parameterset with a specific structure,,Multivariate quadratic 13 | MQOM,On-ramp,https://mqom.org,MPC-in-the-Head,,,,Multivariate Quadratic 14 | PERK,On-ramp,https://pqc-perk.org/,MPC-in-the-Head,,,,Permuted Kernel 15 | QR-UOV,On-ramp,http://info.isl.ntt.co.jp/crypt/qruov/index.html,Multivariate,,,,Multivariate 16 | RYDE,On-ramp,https://pqc-ryde.org/,MPC-in-the-Head,,,,Rank Syndrome Decoding 17 | SDitH,On-ramp,https://sdith.org/,MPC-in-the-Head,,,,Syndrome Decoding 18 | SNOVA,On-ramp,http://snova.pqclab.org/,Multivariate,,Attacks have reduced the security of the scheme,,Non-commutative ring UOV 19 | SQIsign,On-ramp,https://sqisign.org/,Isogenies,,,,Isogenies 20 | UOV,On-ramp,https://www.uovsig.org/,Multivariate,,There is an attack on some parametersets with a specific structure,,Multivariate 21 | -------------------------------------------------------------------------------- /index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | Post-Quantum signatures zoo 8 | 9 | 10 | 11 | 12 | 13 |
14 |
19 | 24 |
PQ Signatures zoo
25 |
26 | 27 |
34 |
35 | 50 |
51 |
52 | 64 |
65 |
66 |
67 | 68 |
69 |
70 |
71 |

Post-Quantum signatures zoo

72 |

NIST round 2

73 |
74 |
75 | 76 |
77 |
78 |
79 |

Now updated with all Round-2 specifications.

80 |

Please report any errors on GitHub!

81 |
82 |
83 | 84 |
85 |
86 |

87 | A list of post-quantum algorithms and their characteristics. 88 |

89 |

90 | In the below, we give an overview of the post-quantum algorithms 91 | that have been submitted to the NIST post-quantum signatures 92 | on-ramp. 93 |

94 |

95 | We have copied the properties of the schemes out of the individual 96 | scheme submission documents, so be aware of potential errors. 97 |

98 |
99 |
100 |
101 | 104 |
105 |
106 |
107 |
108 | We welcome any and all suggestions and improvements on 109 | this page's GitHub repository. 112 |
113 |
114 | 115 |
116 |
117 | 118 |

Schemes

119 |
120 |
121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 |
SchemeStatusCategoryAssumption
132 |
133 |
134 | 135 |
136 |
137 | Click on the table headers to sort. 138 |
139 |
Filter categories
140 |
141 |
142 |
143 | 144 |
145 |
146 | 147 |

Parameters

148 |
149 |
150 |
151 |
152 |
153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 |
SchemeParametersetNIST levelPk bytesSig bytespk+sig
166 |
167 | 168 |
169 |
170 |
171 | Click on the table headers to sort. 172 |
173 | 174 |
175 |
Filter Security Levels
176 |
177 |
178 | 179 |
180 |
Filter on sizes
181 |
182 |
Public key size
183 |
184 | 188 |
189 |
190 | 198 |
199 |
200 | 201 |
202 |
Signature size
203 |
204 | 208 |
209 |
210 | 218 |
219 |
220 |
221 |
Pk+Sig size
222 |
223 | 227 |
228 |
229 | 237 |
238 |
239 |
240 |
241 |
Sync performance filters
242 |
246 |
247 | 253 | 256 |
257 | Apply performance filters 258 |
259 |
260 |
261 |
Filter schemes
262 | Select none 263 | all 264 |
265 |
266 |
267 |
268 |
269 | 270 |
271 |
272 | 273 |

Performance metrics

274 |
275 |
276 |
277 |
278 | Performance characteristics have been directly taken from the 279 | submission documents! 280 |
281 |

282 | Note that many submissions do not have optimized implementations, 283 | and that the measurements were collected under an enormous 284 | variation of measurement setups. Some implementation are also not 285 | timing-invariant with regards to secrets ("constant-time"), and 286 | fixing this may also come with performance penalties. 287 | 288 | Take the performance metrics with a significant grain of salt. 289 | 290 |

291 |

292 | Some metrics have been extrapolated from reported times in 293 | milliseconds. These have been converted 294 | assuming a 2.5 GHz cpu; independent of the benchmarking 296 | platform 298 | reported. Converted metrics are 299 | marked as such. 300 |

301 |
302 |
303 | 304 |
305 | 306 | 307 | 308 | 309 | 310 | 311 | 312 | 313 | 314 | 315 | 316 |
SchemeParametersetNIST levelSign (cycles)Verify (cycles)
317 |
318 | 319 |
320 |
321 |
322 | Click on the table headers to sort. 323 |
324 | 325 |
326 |
Filter Security Levels
327 |
328 |
329 |
330 |
Filter on runtime
331 |
332 |
Signing cycles
333 |
334 | 338 |
339 |
340 | 348 |
349 |
350 |
351 |
Verification cycles
352 |
353 | 357 |
358 |
359 | 367 |
368 |
369 |
370 |
371 |
Sync size filters
372 |
376 |
377 | 383 | 386 |
387 | Apply size filters 388 |
389 |
390 |
391 |
Filter parameters
392 | Select none 393 | all 394 |
395 |
396 |
397 |
398 |
399 | 400 | 423 |
424 | 425 | 426 | 427 | 428 | 429 | 430 | 431 | 432 | 433 | 434 | -------------------------------------------------------------------------------- /js/vendor/what-input.js: -------------------------------------------------------------------------------- 1 | /** 2 | * what-input - A global utility for tracking the current input method (mouse, keyboard or touch). 3 | * @version v5.2.12 4 | * @link https://github.com/ten1seven/what-input 5 | * @license MIT 6 | */ 7 | (function webpackUniversalModuleDefinition(root, factory) { 8 | if(typeof exports === 'object' && typeof module === 'object') 9 | module.exports = factory(); 10 | else if(typeof define === 'function' && define.amd) 11 | define("whatInput", [], factory); 12 | else if(typeof exports === 'object') 13 | exports["whatInput"] = factory(); 14 | else 15 | root["whatInput"] = factory(); 16 | })(this, function() { 17 | return /******/ (function(modules) { // webpackBootstrap 18 | /******/ // The module cache 19 | /******/ var installedModules = {}; 20 | 21 | /******/ // The require function 22 | /******/ function __webpack_require__(moduleId) { 23 | 24 | /******/ // Check if module is in cache 25 | /******/ if(installedModules[moduleId]) 26 | /******/ return installedModules[moduleId].exports; 27 | 28 | /******/ // Create a new module (and put it into the cache) 29 | /******/ var module = installedModules[moduleId] = { 30 | /******/ exports: {}, 31 | /******/ id: moduleId, 32 | /******/ loaded: false 33 | /******/ }; 34 | 35 | /******/ // Execute the module function 36 | /******/ modules[moduleId].call(module.exports, module, module.exports, __webpack_require__); 37 | 38 | /******/ // Flag the module as loaded 39 | /******/ module.loaded = true; 40 | 41 | /******/ // Return the exports of the module 42 | /******/ return module.exports; 43 | /******/ } 44 | 45 | 46 | /******/ // expose the modules object (__webpack_modules__) 47 | /******/ __webpack_require__.m = modules; 48 | 49 | /******/ // expose the module cache 50 | /******/ __webpack_require__.c = installedModules; 51 | 52 | /******/ // __webpack_public_path__ 53 | /******/ __webpack_require__.p = ""; 54 | 55 | /******/ // Load entry module and return exports 56 | /******/ return __webpack_require__(0); 57 | /******/ }) 58 | /************************************************************************/ 59 | /******/ ([ 60 | /* 0 */ 61 | /***/ (function(module, exports) { 62 | 63 | 'use strict'; 64 | 65 | module.exports = function () { 66 | /* 67 | * bail out if there is no document or window 68 | * (i.e. in a node/non-DOM environment) 69 | * 70 | * Return a stubbed API instead 71 | */ 72 | if (typeof document === 'undefined' || typeof window === 'undefined') { 73 | return { 74 | // always return "initial" because no interaction will ever be detected 75 | ask: function ask() { 76 | return 'initial'; 77 | }, 78 | 79 | // always return null 80 | element: function element() { 81 | return null; 82 | }, 83 | 84 | // no-op 85 | ignoreKeys: function ignoreKeys() {}, 86 | 87 | // no-op 88 | specificKeys: function specificKeys() {}, 89 | 90 | // no-op 91 | registerOnChange: function registerOnChange() {}, 92 | 93 | // no-op 94 | unRegisterOnChange: function unRegisterOnChange() {} 95 | }; 96 | } 97 | 98 | /* 99 | * variables 100 | */ 101 | 102 | // cache document.documentElement 103 | var docElem = document.documentElement; 104 | 105 | // currently focused dom element 106 | var currentElement = null; 107 | 108 | // last used input type 109 | var currentInput = 'initial'; 110 | 111 | // last used input intent 112 | var currentIntent = currentInput; 113 | 114 | // UNIX timestamp of current event 115 | var currentTimestamp = Date.now(); 116 | 117 | // check for a `data-whatpersist` attribute on either the `html` or `body` elements, defaults to `true` 118 | var shouldPersist = false; 119 | 120 | // form input types 121 | var formInputs = ['button', 'input', 'select', 'textarea']; 122 | 123 | // empty array for holding callback functions 124 | var functionList = []; 125 | 126 | // list of modifier keys commonly used with the mouse and 127 | // can be safely ignored to prevent false keyboard detection 128 | var ignoreMap = [16, // shift 129 | 17, // control 130 | 18, // alt 131 | 91, // Windows key / left Apple cmd 132 | 93 // Windows menu / right Apple cmd 133 | ]; 134 | 135 | var specificMap = []; 136 | 137 | // mapping of events to input types 138 | var inputMap = { 139 | keydown: 'keyboard', 140 | keyup: 'keyboard', 141 | mousedown: 'mouse', 142 | mousemove: 'mouse', 143 | MSPointerDown: 'pointer', 144 | MSPointerMove: 'pointer', 145 | pointerdown: 'pointer', 146 | pointermove: 'pointer', 147 | touchstart: 'touch', 148 | touchend: 'touch' 149 | 150 | // boolean: true if the page is being scrolled 151 | };var isScrolling = false; 152 | 153 | // store current mouse position 154 | var mousePos = { 155 | x: null, 156 | y: null 157 | 158 | // map of IE 10 pointer events 159 | };var pointerMap = { 160 | 2: 'touch', 161 | 3: 'touch', // treat pen like touch 162 | 4: 'mouse' 163 | 164 | // check support for passive event listeners 165 | };var supportsPassive = false; 166 | 167 | try { 168 | var opts = Object.defineProperty({}, 'passive', { 169 | get: function get() { 170 | supportsPassive = true; 171 | } 172 | }); 173 | 174 | window.addEventListener('test', null, opts); 175 | } catch (e) {} 176 | // fail silently 177 | 178 | 179 | /* 180 | * set up 181 | */ 182 | 183 | var setUp = function setUp() { 184 | // add correct mouse wheel event mapping to `inputMap` 185 | inputMap[detectWheel()] = 'mouse'; 186 | 187 | addListeners(); 188 | }; 189 | 190 | /* 191 | * events 192 | */ 193 | 194 | var addListeners = function addListeners() { 195 | // `pointermove`, `MSPointerMove`, `mousemove` and mouse wheel event binding 196 | // can only demonstrate potential, but not actual, interaction 197 | // and are treated separately 198 | var options = supportsPassive ? { passive: true, capture: true } : true; 199 | 200 | document.addEventListener('DOMContentLoaded', setPersist, true); 201 | 202 | // pointer events (mouse, pen, touch) 203 | if (window.PointerEvent) { 204 | window.addEventListener('pointerdown', setInput, true); 205 | window.addEventListener('pointermove', setIntent, true); 206 | } else if (window.MSPointerEvent) { 207 | window.addEventListener('MSPointerDown', setInput, true); 208 | window.addEventListener('MSPointerMove', setIntent, true); 209 | } else { 210 | // mouse events 211 | window.addEventListener('mousedown', setInput, true); 212 | window.addEventListener('mousemove', setIntent, true); 213 | 214 | // touch events 215 | if ('ontouchstart' in window) { 216 | window.addEventListener('touchstart', setInput, options); 217 | window.addEventListener('touchend', setInput, true); 218 | } 219 | } 220 | 221 | // mouse wheel 222 | window.addEventListener(detectWheel(), setIntent, options); 223 | 224 | // keyboard events 225 | window.addEventListener('keydown', setInput, true); 226 | window.addEventListener('keyup', setInput, true); 227 | 228 | // focus events 229 | window.addEventListener('focusin', setElement, true); 230 | window.addEventListener('focusout', clearElement, true); 231 | }; 232 | 233 | // checks if input persistence should happen and 234 | // get saved state from session storage if true (defaults to `false`) 235 | var setPersist = function setPersist() { 236 | shouldPersist = !(docElem.getAttribute('data-whatpersist') === 'false' || document.body.getAttribute('data-whatpersist') === 'false'); 237 | 238 | if (shouldPersist) { 239 | // check for session variables and use if available 240 | try { 241 | if (window.sessionStorage.getItem('what-input')) { 242 | currentInput = window.sessionStorage.getItem('what-input'); 243 | } 244 | 245 | if (window.sessionStorage.getItem('what-intent')) { 246 | currentIntent = window.sessionStorage.getItem('what-intent'); 247 | } 248 | } catch (e) { 249 | // fail silently 250 | } 251 | } 252 | 253 | // always run these so at least `initial` state is set 254 | doUpdate('input'); 255 | doUpdate('intent'); 256 | }; 257 | 258 | // checks conditions before updating new input 259 | var setInput = function setInput(event) { 260 | var eventKey = event.which; 261 | var value = inputMap[event.type]; 262 | 263 | if (value === 'pointer') { 264 | value = pointerType(event); 265 | } 266 | 267 | var ignoreMatch = !specificMap.length && ignoreMap.indexOf(eventKey) === -1; 268 | 269 | var specificMatch = specificMap.length && specificMap.indexOf(eventKey) !== -1; 270 | 271 | var shouldUpdate = value === 'keyboard' && eventKey && (ignoreMatch || specificMatch) || value === 'mouse' || value === 'touch'; 272 | 273 | // prevent touch detection from being overridden by event execution order 274 | if (validateTouch(value)) { 275 | shouldUpdate = false; 276 | } 277 | 278 | if (shouldUpdate && currentInput !== value) { 279 | currentInput = value; 280 | 281 | persistInput('input', currentInput); 282 | doUpdate('input'); 283 | } 284 | 285 | if (shouldUpdate && currentIntent !== value) { 286 | // preserve intent for keyboard interaction with form fields 287 | var activeElem = document.activeElement; 288 | var notFormInput = activeElem && activeElem.nodeName && (formInputs.indexOf(activeElem.nodeName.toLowerCase()) === -1 || activeElem.nodeName.toLowerCase() === 'button' && !checkClosest(activeElem, 'form')); 289 | 290 | if (notFormInput) { 291 | currentIntent = value; 292 | 293 | persistInput('intent', currentIntent); 294 | doUpdate('intent'); 295 | } 296 | } 297 | }; 298 | 299 | // updates the doc and `inputTypes` array with new input 300 | var doUpdate = function doUpdate(which) { 301 | docElem.setAttribute('data-what' + which, which === 'input' ? currentInput : currentIntent); 302 | 303 | fireFunctions(which); 304 | }; 305 | 306 | // updates input intent for `mousemove` and `pointermove` 307 | var setIntent = function setIntent(event) { 308 | var value = inputMap[event.type]; 309 | 310 | if (value === 'pointer') { 311 | value = pointerType(event); 312 | } 313 | 314 | // test to see if `mousemove` happened relative to the screen to detect scrolling versus mousemove 315 | detectScrolling(event); 316 | 317 | // only execute if scrolling isn't happening 318 | if ((!isScrolling && !validateTouch(value) || isScrolling && event.type === 'wheel' || event.type === 'mousewheel' || event.type === 'DOMMouseScroll') && currentIntent !== value) { 319 | currentIntent = value; 320 | 321 | persistInput('intent', currentIntent); 322 | doUpdate('intent'); 323 | } 324 | }; 325 | 326 | var setElement = function setElement(event) { 327 | if (!event.target.nodeName) { 328 | // If nodeName is undefined, clear the element 329 | // This can happen if click inside an element. 330 | clearElement(); 331 | return; 332 | } 333 | 334 | currentElement = event.target.nodeName.toLowerCase(); 335 | docElem.setAttribute('data-whatelement', currentElement); 336 | 337 | if (event.target.classList && event.target.classList.length) { 338 | docElem.setAttribute('data-whatclasses', event.target.classList.toString().replace(' ', ',')); 339 | } 340 | }; 341 | 342 | var clearElement = function clearElement() { 343 | currentElement = null; 344 | 345 | docElem.removeAttribute('data-whatelement'); 346 | docElem.removeAttribute('data-whatclasses'); 347 | }; 348 | 349 | var persistInput = function persistInput(which, value) { 350 | if (shouldPersist) { 351 | try { 352 | window.sessionStorage.setItem('what-' + which, value); 353 | } catch (e) { 354 | // fail silently 355 | } 356 | } 357 | }; 358 | 359 | /* 360 | * utilities 361 | */ 362 | 363 | var pointerType = function pointerType(event) { 364 | if (typeof event.pointerType === 'number') { 365 | return pointerMap[event.pointerType]; 366 | } else { 367 | // treat pen like touch 368 | return event.pointerType === 'pen' ? 'touch' : event.pointerType; 369 | } 370 | }; 371 | 372 | // prevent touch detection from being overridden by event execution order 373 | var validateTouch = function validateTouch(value) { 374 | var timestamp = Date.now(); 375 | 376 | var touchIsValid = value === 'mouse' && currentInput === 'touch' && timestamp - currentTimestamp < 200; 377 | 378 | currentTimestamp = timestamp; 379 | 380 | return touchIsValid; 381 | }; 382 | 383 | // detect version of mouse wheel event to use 384 | // via https://developer.mozilla.org/en-US/docs/Web/API/Element/wheel_event 385 | var detectWheel = function detectWheel() { 386 | var wheelType = null; 387 | 388 | // Modern browsers support "wheel" 389 | if ('onwheel' in document.createElement('div')) { 390 | wheelType = 'wheel'; 391 | } else { 392 | // Webkit and IE support at least "mousewheel" 393 | // or assume that remaining browsers are older Firefox 394 | wheelType = document.onmousewheel !== undefined ? 'mousewheel' : 'DOMMouseScroll'; 395 | } 396 | 397 | return wheelType; 398 | }; 399 | 400 | // runs callback functions 401 | var fireFunctions = function fireFunctions(type) { 402 | for (var i = 0, len = functionList.length; i < len; i++) { 403 | if (functionList[i].type === type) { 404 | functionList[i].fn.call(undefined, type === 'input' ? currentInput : currentIntent); 405 | } 406 | } 407 | }; 408 | 409 | // finds matching element in an object 410 | var objPos = function objPos(match) { 411 | for (var i = 0, len = functionList.length; i < len; i++) { 412 | if (functionList[i].fn === match) { 413 | return i; 414 | } 415 | } 416 | }; 417 | 418 | var detectScrolling = function detectScrolling(event) { 419 | if (mousePos.x !== event.screenX || mousePos.y !== event.screenY) { 420 | isScrolling = false; 421 | 422 | mousePos.x = event.screenX; 423 | mousePos.y = event.screenY; 424 | } else { 425 | isScrolling = true; 426 | } 427 | }; 428 | 429 | // manual version of `closest()` 430 | var checkClosest = function checkClosest(elem, tag) { 431 | var ElementPrototype = window.Element.prototype; 432 | 433 | if (!ElementPrototype.matches) { 434 | ElementPrototype.matches = ElementPrototype.msMatchesSelector || ElementPrototype.webkitMatchesSelector; 435 | } 436 | 437 | if (!ElementPrototype.closest) { 438 | do { 439 | if (elem.matches(tag)) { 440 | return elem; 441 | } 442 | 443 | elem = elem.parentElement || elem.parentNode; 444 | } while (elem !== null && elem.nodeType === 1); 445 | 446 | return null; 447 | } else { 448 | return elem.closest(tag); 449 | } 450 | }; 451 | 452 | /* 453 | * init 454 | */ 455 | 456 | // don't start script unless browser cuts the mustard 457 | // (also passes if polyfills are used) 458 | if ('addEventListener' in window && Array.prototype.indexOf) { 459 | setUp(); 460 | } 461 | 462 | /* 463 | * api 464 | */ 465 | 466 | return { 467 | // returns string: the current input type 468 | // opt: 'intent'|'input' 469 | // 'input' (default): returns the same value as the `data-whatinput` attribute 470 | // 'intent': includes `data-whatintent` value if it's different than `data-whatinput` 471 | ask: function ask(opt) { 472 | return opt === 'intent' ? currentIntent : currentInput; 473 | }, 474 | 475 | // returns string: the currently focused element or null 476 | element: function element() { 477 | return currentElement; 478 | }, 479 | 480 | // overwrites ignored keys with provided array 481 | ignoreKeys: function ignoreKeys(arr) { 482 | ignoreMap = arr; 483 | }, 484 | 485 | // overwrites specific char keys to update on 486 | specificKeys: function specificKeys(arr) { 487 | specificMap = arr; 488 | }, 489 | 490 | // attach functions to input and intent "events" 491 | // funct: function to fire on change 492 | // eventType: 'input'|'intent' 493 | registerOnChange: function registerOnChange(fn, eventType) { 494 | functionList.push({ 495 | fn: fn, 496 | type: eventType || 'input' 497 | }); 498 | }, 499 | 500 | unRegisterOnChange: function unRegisterOnChange(fn) { 501 | var position = objPos(fn); 502 | 503 | if (position || position === 0) { 504 | functionList.splice(position, 1); 505 | } 506 | }, 507 | 508 | clearStorage: function clearStorage() { 509 | window.sessionStorage.clear(); 510 | } 511 | }; 512 | }(); 513 | 514 | /***/ }) 515 | /******/ ]) 516 | }); 517 | ; -------------------------------------------------------------------------------- /js/wide.js: -------------------------------------------------------------------------------- 1 | $(document).foundation(); 2 | 3 | const CPUSPEED = 2_500_000_000; 4 | 5 | const schemes = await d3.csv("data/schemes.csv", (d) => { 6 | return { 7 | Scheme: d.Scheme, 8 | Status: d["NIST status"], 9 | Website: d.Website, 10 | Category: d.Category, 11 | Broken: d.Broken === "" ? false : d.Broken, 12 | Info: d.Info === "" ? false : d.Info, 13 | Warning: d.Warning === "" ? false : d.Warning, 14 | Classical: d.Broken === "classical", 15 | Assumption: d.Assumption, 16 | }; 17 | }); 18 | const properties = await d3.csv("data/parametersets.csv", (d) => { 19 | let signcycles; 20 | let verifycycles; 21 | let extrapolated; 22 | if (parseInt(d["signing (cycles)"].replace(/,/g, "")) > 0) { 23 | extrapolated = false; 24 | signcycles = parseInt(d["signing (cycles)"].replace(/,/g, "")); 25 | verifycycles = parseInt(d["verification (cycles)"].replace(/,/g, "")); 26 | } else { 27 | extrapolated = true; 28 | signcycles = 29 | (CPUSPEED * parseFloat(d["signing (ms)"].replace(/,/g, ""))) / 1000; 30 | verifycycles = 31 | (CPUSPEED * parseFloat(d["verification (ms)"].replace(/,/g, ""))) / 1000; 32 | } 33 | 34 | const scheme = schemes.find((s) => s.Scheme == d.Scheme); 35 | 36 | const broken = scheme.Broken; 37 | const warning = scheme.Warning; 38 | const info = scheme.Info; 39 | const classical = scheme.Classical; 40 | 41 | const level = 42 | d["Security level"] === "Pre-Quantum" 43 | ? "Pre-Quantum" 44 | : +d["Security level"]; 45 | 46 | return { 47 | Scheme: d.Scheme, 48 | Parameterset: d.Parameterset, 49 | Category: scheme.Category, 50 | Level: level, 51 | Pk: +d["pk size"].replace(/,/g, ""), 52 | Sig: +d["sig size"].replace(/,/g, ""), 53 | PkPlusSig: 54 | parseFloat(d["pk size"].replace(/,/g, "")) + 55 | parseInt(d["sig size"].replace(/,/g, "")), 56 | SigningCycles: signcycles, 57 | VerificationCycles: verifycycles, 58 | SigningTime: parseFloat(d["signing (ms)"].replace(/,/g, "")), 59 | VerificationTime: parseFloat(d["verification (ms)"].replace(/,/g, "")), 60 | Extrapolated: extrapolated, 61 | Broken: broken, 62 | Info: info, 63 | Warning: warning, 64 | Classical: classical, 65 | SchemeObj: scheme, 66 | }; 67 | }); 68 | 69 | const categories = new Set(schemes.map((s) => s.Category)); 70 | 71 | const propsTable = d3.select("#properties-table"); 72 | 73 | function cleanId(name) { 74 | return name.replace(/[^a-zA-Z0-9]/g, "_"); 75 | } 76 | 77 | let schemeSortingDirection = 1; 78 | let nowSortingScheme = "Scheme"; 79 | let propertiesSortingDirection = 1; 80 | let nowSortingProperties = "Scheme"; 81 | let performanceSortingDirection = 1; 82 | let nowSortingPerformance = "Scheme"; 83 | 84 | function sortAndFilterProperties() { 85 | let selectedPropsSchemes = schemes.map((d) => d.Scheme); 86 | selectedPropsSchemes = d3 87 | .selectAll("#props-schemes-filter input:checked") 88 | .data(); 89 | 90 | const minPk = parseInt(d3.select("#props-min-pk").property("value")); 91 | const maxPk = parseInt(d3.select("#props-max-pk").property("value")); 92 | const minSig = parseInt(d3.select("#props-min-sig").property("value")); 93 | const maxSig = parseInt(d3.select("#props-max-sig").property("value")); 94 | const minPkPlusSig = parseInt( 95 | parseInt(d3.select("#props-min-pkplussig").property("value")) 96 | ); 97 | const maxPkPlusSig = parseInt( 98 | parseInt(d3.select("#props-max-pkplussig").property("value")) 99 | ); 100 | 101 | const minSignCycles = parseInt(d3.select("#perf-min-sign").property("value")); 102 | const maxSignCycles = parseInt(d3.select("#perf-max-sign").property("value")); 103 | const minVerifyCycles = parseInt( 104 | d3.select("#perf-min-verify").property("value") 105 | ); 106 | const maxVerifyCycles = parseInt( 107 | d3.select("#perf-max-verify").property("value") 108 | ); 109 | 110 | const applyCycles = true; 111 | 112 | const selectedPropsLevels = d3 113 | .selectAll("#props-levels-filter input:checked") 114 | .data(); 115 | return properties 116 | .filter( 117 | (p) => 118 | selectedPropsSchemes.includes(p.Scheme) && 119 | selectedPropsLevels.includes(p.Level) && 120 | p.Pk >= minPk && 121 | maxPk >= p.Pk && 122 | p.Sig >= minSig && 123 | maxSig >= p.Sig && 124 | p.PkPlusSig >= minPkPlusSig && 125 | maxPkPlusSig >= p.PkPlusSig && 126 | (!applyCycles || 127 | (p.SigningCycles >= minSignCycles && 128 | p.SigningCycles <= maxSignCycles && 129 | p.VerificationCycles >= minVerifyCycles && 130 | p.VerificationCycles <= maxVerifyCycles)) 131 | ) 132 | .sort( 133 | (a, b) => 134 | propertiesSortingDirection * 135 | d3.ascending(a[nowSortingProperties], b[nowSortingProperties]) 136 | ); 137 | } 138 | 139 | function reenableCategoryForScheme(event, scheme) { 140 | if (!event.target.checked) { 141 | return; 142 | } 143 | schemes.forEach((s) => { 144 | console.log(s, scheme); 145 | if (s.Scheme === scheme) { 146 | d3.select("#switch-" + cleanId(s.Category)).property("checked", true); 147 | return; 148 | } 149 | }); 150 | } 151 | 152 | function updateTable(event) { 153 | console.log("updating tables"); 154 | const selectedCategories = d3.selectAll(".category > input:checked").data(); 155 | console.log(selectedCategories); 156 | 157 | d3.select("#properties-table") 158 | .select("tbody") 159 | .selectAll("tr") 160 | .data(sortAndFilterProperties(), (d) => d.Scheme + d.Parameterset) 161 | .join((enter) => 162 | enter.append((d) => { 163 | const row = d3.create("tr"); 164 | const scheme = schemes.find((s) => s.Scheme === d.Scheme); 165 | 166 | const cell = row 167 | .append("td") 168 | .append("span") 169 | .attr("style", "text-decoration: underline dashed") 170 | .property("title", scheme.Assumption) 171 | .text(d.Scheme); 172 | if (d.Classical) { 173 | cell 174 | .append("span") 175 | .property("title", "This scheme is not resistant to quantum computers") 176 | .text(" 💣"); 177 | } else if (d.Broken) { 178 | cell 179 | .append("span") 180 | .property("title", "This submission has security vulnerabilities: " + d.Broken) 181 | .text(" 🧨"); 182 | } else if (d.Warning) { 183 | cell 184 | .append("span") 185 | .property("title", "This submission has security vulnerabilities: " + d.Warning) 186 | .text(" ⚠️"); 187 | }else if (d.Info) { 188 | cell 189 | .append("span") 190 | .property("title", "This submission has security vulnerabilities: " + d.Info) 191 | .text(" ℹ️"); 192 | } 193 | row.append("td").text(scheme.Category); 194 | row.append("td").text(d.Parameterset); 195 | if (d.Classical) { 196 | row.append("td").text("Pre-Q"); 197 | } else { 198 | row.append("td").text(d.Level); 199 | } 200 | row 201 | .append("td") 202 | .text(d.Pk.toLocaleString()) 203 | .attr("style", "text-align: right"); 204 | row 205 | .append("td") 206 | .text(d.Sig.toLocaleString()) 207 | .attr("style", "text-align: right"); 208 | row 209 | .append("td") 210 | .text(d.PkPlusSig.toLocaleString()) 211 | .attr("style", "text-align: right"); 212 | let extrapolated_text_sign; 213 | let extrapolated_text_verify; 214 | if (d.Extrapolated) { 215 | extrapolated_text_sign = 216 | "Reported as " + d.SigningTime.toLocaleString() + " ms."; 217 | extrapolated_text_verify = 218 | "Reported as " + d.VerificationTime.toLocaleString() + " ms."; 219 | } 220 | row 221 | .append("td") 222 | .text(d.SigningCycles.toLocaleString()) 223 | .classed("extrapolated", d.Extrapolated) 224 | .property("title", extrapolated_text_sign) 225 | .attr("style", "text-align: right"); 226 | row 227 | .append("td") 228 | .text(d.VerificationCycles.toLocaleString()) 229 | .classed("extrapolated", d.Extrapolated) 230 | .property("title", extrapolated_text_verify) 231 | .attr("style", "text-align: right"); 232 | return row.node(); 233 | }) 234 | ); 235 | 236 | updatePlot(); 237 | } 238 | 239 | function switchSchemesForCategory(event, category) { 240 | const enabledCategory = event.target.checked; 241 | schemes.forEach((scheme) => { 242 | console.log(scheme, event,category); 243 | if (scheme.Category === category) { 244 | d3.select("#props-switch-" + cleanId(scheme.Scheme)).property("checked", enabledCategory); 245 | d3.select("#perf-switch-" + cleanId(scheme.Scheme)).property("checked", enabledCategory); 246 | } 247 | }); 248 | } 249 | 250 | d3.select("#categories") 251 | .selectAll("div") 252 | .classed("grid-x", true) 253 | .data([...categories].sort(d3.ascending)) 254 | .enter() 255 | .append((d) => { 256 | const cat = d3.create("div").classed("grid-x", true); 257 | 258 | const toggle = cat 259 | .append("div") 260 | .classed("cell small-3", true) 261 | .classed("switch tiny", true) 262 | .classed("category", true); 263 | toggle 264 | .append("input") 265 | .attr("type", "checkbox") 266 | .attr("id", "switch-" + cleanId(d)) 267 | .classed("switch-input categories-filter", true) 268 | .property("checked", true) 269 | .datum(d) 270 | .on("click", function(event) { 271 | switchSchemesForCategory(event, d); 272 | updateTable(event); 273 | }); 274 | toggle 275 | .append("label") 276 | .classed("switch-paddle", true) 277 | .attr("for", "switch-" + cleanId(d)) 278 | .append((e) => 279 | d3 280 | .create("span") 281 | .classed("show-for-sr", true) 282 | .text("Show/hide " + d) 283 | .node() 284 | ); 285 | cat.append("span").classed("cell auto", true).text(d); 286 | 287 | return cat.node(); 288 | }); 289 | 290 | d3.select("#props-schemes-filter") 291 | .selectAll("div") 292 | .classed("grid-x", true) 293 | .data(schemes.map((s) => s.Scheme).sort(d3.ascending)) 294 | .enter() 295 | .append((d) => { 296 | const cat = d3.create("div").classed("grid-x", true); 297 | 298 | const toggle = cat 299 | .append("div") 300 | .classed("cell small-3", true) 301 | .classed("switch tiny", true); 302 | toggle 303 | .append("input") 304 | .attr("type", "checkbox") 305 | .classed("scheme-filter", true) 306 | .attr("id", "props-switch-" + cleanId(d)) 307 | .classed("switch-input", true) 308 | .property("checked", "checked") 309 | .datum(d) 310 | .on("click", (e) => { 311 | reenableCategoryForScheme(e, d); 312 | updateTable(e); 313 | }); 314 | toggle 315 | .append("label") 316 | .classed("switch-paddle", true) 317 | .attr("for", "props-switch-" + cleanId(d)) 318 | .append((e) => 319 | d3 320 | .create("span") 321 | .classed("show-for-sr", true) 322 | .text("Show/hide " + d) 323 | .node() 324 | ); 325 | cat.append("span").classed("cell auto", true).text(d); 326 | 327 | return cat.node(); 328 | }); 329 | 330 | d3.select("#props-levels-filter") 331 | .selectAll("div") 332 | .classed("grid-x", true) 333 | .data(["Pre-Quantum", 1, 2, 3, 4, 5]) 334 | .enter() 335 | .append((d) => { 336 | const cat = d3.create("div").classed("grid-x", true); 337 | 338 | const toggle = cat 339 | .append("div") 340 | .classed("cell small-3", true) 341 | .classed("switch tiny", true); 342 | toggle 343 | .append("input") 344 | .attr("type", "checkbox") 345 | .classed("nistlevel-filter", true) 346 | .attr("id", "props-switch-level-" + d) 347 | .classed("switch-input", true) 348 | .property("checked", "checked") 349 | .datum(d) 350 | .on("click", (e) => { 351 | updateTable(e); 352 | }); 353 | toggle 354 | .append("label") 355 | .classed("switch-paddle", true) 356 | .attr("for", "props-switch-level-" + d) 357 | .append((e) => 358 | d3 359 | .create("span") 360 | .classed("show-for-sr", true) 361 | .text("Show/hide NIST level " + d) 362 | .node() 363 | ); 364 | cat 365 | .append("span") 366 | .classed("cell auto", true) 367 | .text(d == "Pre-Quantum" ? "Pre-Quantum" : "Level " + d); 368 | 369 | return cat.node(); 370 | }); 371 | 372 | d3.select("#props-min-pk") 373 | .property( 374 | "value", 375 | d3.min(properties, (d) => d.Pk) 376 | ) 377 | .on("change", updateTable); 378 | d3.select("#props-max-pk") 379 | .property( 380 | "value", 381 | d3.max(properties, (d) => d.Pk) 382 | ) 383 | .on("change", updateTable); 384 | d3.select("#props-min-sig") 385 | .property( 386 | "value", 387 | d3.min(properties, (d) => d.Sig) 388 | ) 389 | .on("change", updateTable); 390 | d3.select("#props-max-sig") 391 | .property( 392 | "value", 393 | d3.max(properties, (d) => d.Sig) 394 | ) 395 | .on("change", updateTable); 396 | d3.select("#props-min-pkplussig") 397 | .property( 398 | "value", 399 | d3.min(properties, (d) => d.PkPlusSig) 400 | ) 401 | .on("change", updateTable); 402 | d3.select("#props-max-pkplussig") 403 | .property( 404 | "value", 405 | d3.max(properties, (d) => d.PkPlusSig) 406 | ) 407 | .on("change", updateTable); 408 | 409 | d3.select("#perf-min-sign") 410 | .property( 411 | "value", 412 | d3.min(properties, (d) => d.SigningCycles) 413 | ) 414 | .on("change", updateTable); 415 | d3.select("#perf-max-sign") 416 | .property( 417 | "value", 418 | d3.max(properties, (d) => d.SigningCycles) 419 | ) 420 | .on("change", updateTable); 421 | d3.select("#perf-min-verify") 422 | .property( 423 | "value", 424 | d3.min(properties, (d) => d.VerificationCycles) 425 | ) 426 | .on("change", updateTable); 427 | d3.select("#perf-max-verify") 428 | .property( 429 | "value", 430 | d3.max(properties, (d) => d.VerificationCycles) 431 | ) 432 | .on("change", updateTable); 433 | 434 | d3.select("#perf-schemes-filter") 435 | .selectAll("div") 436 | .classed("grid-x", true) 437 | .data(schemes.map((s) => s.Scheme).sort(d3.ascending)) 438 | .enter() 439 | .append((d) => { 440 | const cat = d3.create("div").classed("grid-x", true); 441 | 442 | const toggle = cat 443 | .append("div") 444 | .classed("cell small-3", true) 445 | .classed("switch tiny", true); 446 | toggle 447 | .append("input") 448 | .attr("type", "checkbox") 449 | .classed("scheme-filter", true) 450 | .attr("id", "perf-switch-" + cleanId(d)) 451 | .classed("switch-input", true) 452 | .property("checked", "checked") 453 | .datum(d) 454 | .on("click", (e) => { 455 | d3.select("#props-switch-" + cleanId(d)).property( 456 | "checked", 457 | e.target.checked 458 | ); 459 | reenableCategoryForScheme(e, d); 460 | updateTable(e); 461 | }); 462 | toggle 463 | .append("label") 464 | .classed("switch-paddle", true) 465 | .attr("for", "perf-switch-" + cleanId(d)) 466 | .append((e) => 467 | d3 468 | .create("span") 469 | .classed("show-for-sr", true) 470 | .text("Show/hide " + d) 471 | .node() 472 | ); 473 | cat.append("span").classed("cell auto", true).text(d); 474 | 475 | return cat.node(); 476 | }); 477 | 478 | d3.selectAll(".select-all-params").on("click", (e) => { 479 | d3.selectAll(".scheme-filter").property("checked", true); 480 | d3.selectAll(".categories-filter").property("checked", true); 481 | updateTable(e); 482 | }); 483 | d3.selectAll(".select-none-params").on("click", (e) => { 484 | d3.selectAll(".scheme-filter").property("checked", false); 485 | updateTable(e); 486 | }); 487 | 488 | updateTable(); 489 | 490 | function handleSortingSchemes(what) { 491 | return (e) => { 492 | if (nowSortingScheme === what) { 493 | schemeSortingDirection *= -1; 494 | } else { 495 | schemeSortingDirection = 1; 496 | nowSortingScheme = what; 497 | } 498 | updateTable(e); 499 | }; 500 | } 501 | 502 | function handleSortingProperties(what) { 503 | return (e) => { 504 | if (nowSortingProperties === what) { 505 | propertiesSortingDirection *= -1; 506 | } else { 507 | propertiesSortingDirection = 1; 508 | nowSortingProperties = what; 509 | } 510 | updateTable(e); 511 | }; 512 | } 513 | 514 | function handleSortingPerformance(what) { 515 | return (e) => { 516 | if (nowSortingPerformance === what) { 517 | performanceSortingDirection *= -1; 518 | } else { 519 | performanceSortingDirection = 1; 520 | nowSortingPerformance = what; 521 | } 522 | updateTable(e); 523 | }; 524 | } 525 | 526 | d3.select("#header-schemes-scheme").on("click", handleSortingSchemes("Scheme")); 527 | d3.select("#header-schemes-status").on("click", handleSortingSchemes("Status")); 528 | d3.select("#header-schemes-category").on( 529 | "click", 530 | handleSortingSchemes("Category") 531 | ); 532 | d3.select("#header-schemes-assumption").on( 533 | "click", 534 | handleSortingSchemes("Assumption") 535 | ); 536 | 537 | d3.select("#header-properties-scheme").on( 538 | "click", 539 | handleSortingProperties("Scheme") 540 | ); 541 | d3.select("#header-properties-category").on( 542 | "click", 543 | handleSortingProperties("Category") 544 | ); 545 | d3.select("#header-properties-parameterset").on( 546 | "click", 547 | handleSortingProperties("Parameterset") 548 | ); 549 | d3.select("#header-properties-level").on( 550 | "click", 551 | handleSortingProperties("Level") 552 | ); 553 | d3.select("#header-properties-pk").on("click", handleSortingProperties("Pk")); 554 | d3.select("#header-properties-sig").on("click", handleSortingProperties("Sig")); 555 | d3.select("#header-properties-pksig").on( 556 | "click", 557 | handleSortingProperties("PkPlusSig") 558 | ); 559 | 560 | 561 | d3.select("#header-properties-sign").on( 562 | "click", 563 | handleSortingProperties("SigningCycles") 564 | ); 565 | d3.select("#header-properties-verify").on( 566 | "click", 567 | handleSortingProperties("VerificationCycles") 568 | ); 569 | 570 | // function getKeySizeChart() { 571 | // // Declare the chart dimensions and margins. 572 | // const width = 600; 573 | // const height = 200; 574 | // const margin = { top: 20, right: 0, bottom: 30, left: 50 }; 575 | 576 | // console.log(properties) 577 | 578 | // function zoom(svg) { 579 | // const extent = [ 580 | // [margin.left, margin.top], 581 | // [width - margin.right, height - margin.top], 582 | // ]; 583 | 584 | // svg.call( 585 | // d3 586 | // .zoom() 587 | // .scaleExtent([1, 8]) 588 | // .translateExtent(extent) 589 | // .extent(extent) 590 | // .on("zoom", zoomed) 591 | // ); 592 | 593 | // function zoomed(event) { 594 | // x.range( 595 | // [margin.left, width - margin.right].map((d) => 596 | // event.transform.applyX(d) 597 | // ) 598 | // ); 599 | // svg.selectAll(".bars rect").attr("x", d => d.Scheme + " " + d.Parameterset).attr("width", x.bandwidth()); 600 | // svg.selectAll(".x-axis").call(xAxis); 601 | // } 602 | // } 603 | 604 | // const x = d3 605 | // .scaleBand(properties.map((d) => d.Scheme + " " + d.Parameterset)) 606 | // .range([margin.left, width - margin.right]) 607 | // .padding(0.1); 608 | 609 | // const y = d3 610 | // .scaleLinear() 611 | // .domain([1, d3.max(properties, (d) => d.Pk)]) 612 | // .nice() 613 | // .range([height - margin.bottom, margin.top]); 614 | 615 | // const xAxis = (g) => 616 | // g 617 | // .attr("transform", `translate(0, ${height - margin.bottom})`) 618 | // .call(d3.axisBottom(x).tickSizeOuter(0)); 619 | 620 | // const yAxis = (g) => 621 | // g 622 | // .attr("transform", `translate(${margin.left},0)`) 623 | // .call(d3.axisLeft(y)) 624 | // .call((g) => g.select(".domain").remove()); 625 | 626 | // const svg = d3 627 | // .create("svg") 628 | // .attr("viewBox", [0, 0, width, height]); 629 | // svg 630 | // .append("g") 631 | // .attr("class", "bars") 632 | // .attr("fill", "steelblue") 633 | // .selectAll("rect") 634 | // .data(properties) 635 | // .join("rect") 636 | // .attr("x", (d) => x(d.Scheme + " " + d.Parameterset)) 637 | // .attr("y", (d) => y(d.Pk)) 638 | // .attr("height", (d) => y(1) - y(d.Pk)) 639 | // .attr("width", x.bandwidth()); 640 | 641 | // svg.call(zoom); 642 | 643 | // svg.append("g").attr("class", "x-axis").call(xAxis); 644 | 645 | // svg.append("g").attr("class", "y-axis").call(yAxis); 646 | 647 | // return svg.node(); 648 | // } 649 | 650 | // const plot = Plot.plot({ 651 | // x: { label: "Key size (bytes)", type: "log" }, 652 | // y: { padding: 3}, 653 | // marginLeft: 150, 654 | // width: 1000, 655 | // height: 9000, 656 | // color: true, 657 | // marks: [ 658 | // Plot.barX(properties, { 659 | // y: (d) => d.Scheme + " " + d.Parameterset, 660 | // x1: 1, 661 | // x2: (d) => { 662 | // console.log(d.Scheme, d.Pk); 663 | // return d.Pk; 664 | // }, 665 | // tip: true, 666 | // width: 1, 667 | // dy: -2, 668 | // }), 669 | // Plot.barX(properties, { 670 | // y: (d) => d.Scheme + " " + d.Parameterset, 671 | // x1: 1, 672 | // x2: (d) => { 673 | // console.log(d.Scheme, d.Sig); 674 | // return d.Sig; 675 | // }, 676 | // tip: true, 677 | // dy: 2, 678 | // fill: "red", 679 | // label: "Signature", 680 | // }), 681 | // ], 682 | // }); 683 | 684 | function dotColor(d) { 685 | if (d.Classical) { 686 | return "blue"; 687 | } 688 | if (d.Broken || d.Warning) { 689 | return "red"; 690 | } 691 | if (d.SchemeObj.Status === "FIPS" || d.SchemeObj.Scheme == "Falcon") { 692 | return "magenta"; 693 | } 694 | return "black"; 695 | } 696 | 697 | function dotSymbol(d) { 698 | console.log(d) 699 | if (d.SchemeObj.Status === "FIPS" || d.SchemeObj.Scheme == "Falcon") { 700 | return "star"; 701 | } 702 | if (d.Classical) { 703 | return "circle"; 704 | } 705 | if (d.Broken) { 706 | return "times"; 707 | } 708 | return "plus"; 709 | } 710 | 711 | function dotTitle(d) { 712 | let str = 713 | d.Scheme + 714 | " " + 715 | d.Parameterset + 716 | "\npk: " + 717 | d.Pk.toLocaleString() + 718 | " B" + 719 | "\nsig: " + 720 | d.Sig.toLocaleString() + 721 | " B"; 722 | if (d.Broken) { 723 | str += "\n ⚠️ " + d.Broken + "!"; 724 | } 725 | return str; 726 | } 727 | 728 | function updatePlot() { 729 | const data = sortAndFilterProperties(properties); 730 | const plot = Plot.plot({ 731 | x: { type: "log", label: "Public key size (bytes)" }, 732 | y: { type: "log", label: "Signature size (bytes)" }, 733 | width: "1000", 734 | grid: true, 735 | marks: [ 736 | Plot.dot(data, { 737 | x: "Pk", 738 | y: "Sig", 739 | tip: true, 740 | title: dotTitle, 741 | stroke: dotColor, 742 | symbol: dotSymbol, 743 | fill: dotColor, 744 | legend: (d) => d.Category, 745 | }), 746 | Plot.crosshair(data, { x: "Pk", y: "Sig" }), 747 | ], 748 | }); 749 | 750 | document.querySelector("#keySizeChart").replaceChildren(plot); 751 | } 752 | -------------------------------------------------------------------------------- /logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PQShield/nist-sigs-zoo/d525707d3010edfd5d2f2b32e95dc97388057c77/logo.png -------------------------------------------------------------------------------- /round-1/data/parametersets.csv: -------------------------------------------------------------------------------- 1 | Scheme,Parameterset,Security level,pk size,sig size,signing (cycles),verification (cycles),signing (ms),verification (ms) 2 | 3WISE,256,5,2860000,64,,,0.093,15.33 3 | 3WISE,192,4,918750,48,,,0.06,5.22 4 | 3WISE,128,2,187000,32,,,0.038,1.11 5 | AIMer,L5_PARAM4,5,64,15392,"321,174,411","310,906,616",91.76,88.83 6 | AIMer,L3_PARAM4,3,48,8352,"186,813,161","177,567,471",53.38,50.73 7 | AIMer,L1_PARAM4,1,32,3840,"78,022,625","73,813,256",22.29,21.09 8 | AIMer,L5_PARAM3,5,64,17088,"65,302,783","62,135,635",18.66,17.75 9 | AIMer,L3_PARAM3,3,48,9144,"34,202,905","33,670,751",9.77,9.62 10 | AIMer,L5_PARAM2,5,64,19904,"21,925,850","21,245,240",6.26,6.07 11 | AIMer,L1_PARAM3,1,32,4176,"15,476,644","15,075,635",4.42,4.31 12 | AIMer,L3_PARAM2,3,48,10440,"12,562,067","12,048,460",3.59,3.44 13 | AIMer,L5_PARAM1,5,64,25152,"8,573,223","8,181,552",2.45,2.34 14 | AIMer,L3_PARAM1,3,48,13080,"4,838,748","4,494,766",1.38,1.28 15 | AIMer,L1_PARAM2,1,32,4880,"4,747,229","4,474,325",1.36,1.28 16 | AIMer,L1_PARAM1,1,32,5904,"2,079,167","1,840,810",0.59,0.53 17 | ALTEQ,Balanced-V,5,"73,632","122,336","59,708,622","103,463,869",, 18 | ALTEQ,Balanced-III,3,"31,944","49,000","36,460,660","46,054,633",, 19 | ALTEQ,ShortSig-V,5,"2,088,432","63,908","30,558,103","50,354,691",, 20 | ALTEQ,ShortSig-III,3,"1,044,264","32,504","7,815,599","14,609,046",, 21 | ALTEQ,Balanced-I,1,"8,024","15,896","2,847,138","4,226,834",, 22 | ALTEQ,ShortSig-I,1,"523,968","9,528","725,973","1,766,808",, 23 | Ascon-Sign,192s robust,3,48,16224,"8,893,090,510","7,664,451",, 24 | Ascon-Sign,192s simple,3,48,16224,"5,046,224,790","4,357,430",, 25 | Ascon-Sign,128s robust,1,32,7856,"4,038,032,800","4,232,362",, 26 | Ascon-Sign,128s simple,1,32,7856,"2,224,377,542","2,137,821",, 27 | Ascon-Sign,192f robust,3,48,35664,"381,735,599","21,408,883",, 28 | Ascon-Sign,192f simple,3,48,35664,"226,197,880","12,333,664",, 29 | Ascon-Sign,128f robust,1,32,17088,"182,601,975","11,279,318",, 30 | Ascon-Sign,128f simple,1,32,17088,"107,020,221","6,535,295",, 31 | Biscuit,256s,5,93,"20,192","1,291,111,734","1,274,568,395",, 32 | Biscuit,192s,3,69,"11,349","724,466,241","714,947,231",, 33 | Biscuit,256f,5,93,"27,348","147,099,575","137,359,832",, 34 | Biscuit,192f,3,69,"15,129","81,492,308","75,826,788",, 35 | Biscuit,128s,1,50,"4,758","80,555,671","78,899,797",, 36 | Biscuit,128f,1,50,"6,726","9,653,412","8,734,302",, 37 | CROSS,R-SDP 5 small,5,121,"43,373","74,830,000","26,130,000",, 38 | CROSS,R-SDP 3 small,3,91,"23,407","46,490,000","18,340,000",, 39 | CROSS,R-SDP 5 fast,5,121,"51,120","37,090,000","14,560,000",, 40 | CROSS,R-SDP(G) 5 small,5,77,"31,696","29,080,000","19,440,000",, 41 | CROSS,R-SDP 1 small,1,61,"10,304","22,000,000","10,280,000",, 42 | CROSS,R-SDP(G) 3 small,3,56,"17,429","18,060,000","12,240,000",, 43 | CROSS,R-SDP 3 fast,3,91,"37,080","11,810,000","5,870,000",, 44 | CROSS,R-SDP(G) 5 fast,5,77,"37,924","11,050,000","7,490,000",, 45 | CROSS,R-SDP(G) 1 small,1,38,"7,625","11,040,000","7,490,000",, 46 | CROSS,R-SDP 1 fast,1,61,"12,944","6,700,000","3,170,000",, 47 | CROSS,R-SDP(G) 3 fast,3,56,"21,697","4,910,000","3,230,000",, 48 | CROSS,R-SDP(G) 1 fast,1,38,"8,665","3,080,000","2,110,000",, 49 | ML-DSA (Dilithium),ML-DSA-87,5,"2,592","4,627","642,192","279,936",, 50 | ML-DSA (Dilithium),ML-DSA-65,3,"1,952","3,309","529,106","179,424",, 51 | ML-DSA (Dilithium),ML-DSA-44,2,"1,312","2,420","333,013","118,412",, 52 | DME-Sign,2^64,5,2889,64,,,0.04,0.01 53 | DME-Sign,2^48,3,2169,48,,,0.04,0.01 54 | DME-Sign,2^32,1,1449,32,,,0.02,0.01 55 | EagleSign,Recomm I,3,"1,824","2,336","1,286,413","2,251,036",, 56 | EagleSign,High I,5,"3,616","3,488","917,213","1,503,004",, 57 | EagleSign,Recomm II,3,"3,616","2,464",,,, 58 | EagleSign,Medium,2,1824,"2,144",,,, 59 | EdDSA,Ed25519,Pre-Quantum,32,64,42000,"130,000",, 60 | EHTv3 / EHTv4,v3-5,5,"349,000",344,,,305.00,3.16 61 | EHTv3 / EHTv4,v3-3,3,"191,600",255,,,206.00,1.78 62 | EHTv3 / EHTv4,v3-1,1,"83,500",169,,,75.80,0.82 63 | EHTv3 / EHTv4,v4-5,5,"2,630",857,,,59.30,26.20 64 | EHTv3 / EHTv4,v4-1,1,"1,110",369,,,9.00,3.85 65 | eMLE-Sig 2.0,Level V,5,960,640,114965,63110,, 66 | eMLE-Sig 2.0,Level III,3,672,456,80653,38175,, 67 | eMLE-Sig 2.0,Level I,1,416,280,"52,597",21755,, 68 | Enhanced pqsigRM,128,1,"2,000,000","1,032","1,366,500","242,901",, 69 | FAEST,192s,3,64,"12,744",,,19.18,19.31 70 | FAEST,192f,3,64,"16,792",,,1.96,1.96 71 | FAEST,256s,5,64,"22,100",,,26.65,26.76 72 | FAEST,256f,5,64,"28,400",,,3.10,3.10 73 | FAEST,EM-256s,5,64,"20,956",,,25.65,25.87 74 | FAEST,EM-256f,5,64,"26,736",,,3.04,3.03 75 | FAEST,EM-192s,3,48,"10,824",,,18.46,18.52 76 | FAEST,EM-192f,3,48,"13,912",,,1.87,1.87 77 | FAEST,128s,1,32,"5,006",,,8.10,8.10 78 | FAEST,128f,1,32,"6,336",,,0.87,0.87 79 | FAEST,EM-128s,1,32,"4,566",,,8.09,8.05 80 | FAEST,EM-128f,1,32,"5,696",,,0.85,0.86 81 | Falcon,1024,5,"1,793","1,280","2,053,080","160,596",, 82 | Falcon,512,1,897,666,"1,009,764","81,036",, 83 | FuLeeca,V,5,"2,638","2,130","12,327,726,000","3,789,000","4,250.00",1.31 84 | FuLeeca,III,3,"1,982","1,620","2,111,156,000","2,447,000",727.00,0.84 85 | FuLeeca,I,1,"1,318","1,100","1,846,779,000","1,260,000",636.00,0.43 86 | HAETAE,180,3,"1,472","2,337","9,472,724","718,010",, 87 | HAETAE,260,5,2080,"2,908","8,989,980","913,378",, 88 | HAETAE,120,2,992,"1,463","6,253,166","387,594",, 89 | HAWK,1024,5,"2,440","1,221","180,816","302,861",, 90 | HAWK,512,1,"1,024",555,"85,372","148,224",, 91 | HPPC,256,5,1028000,33,,,1200,25.1 92 | HPPC,192,4,434250,25,,,1000,10.7 93 | HPPC,128,2,129000,21,,,689.75,3.18 94 | HuFu,NIST-5 SHAKE,5,"3,573,000","4,520","21,849,000","13,697,000",, 95 | HuFu,NIST-3 SHAKE,3,"2,177,000","3,540","13,022,000","8,510,000",, 96 | HuFu,NIST-5 AES,5,"3,573,000","4,520","12,091,000","3,811,000",, 97 | HuFu,NIST-3 AES,3,"2,177,000","3,540","7,001,000","2,358,000",, 98 | HuFu,NIST-1 SHAKE,1,"1,059,000","2,455","6,342,000","3,069,000",, 99 | HuFu,NIST-1 AES,1,"1,059,000","2,455","3,872,000","801,000",, 100 | KAZ-Sign,KAZ970,5,243,153,,,43319.00,22650.00 101 | KAZ-Sign,KAZ738,3,185,117,,,20822.00,10306.00 102 | KAZ-Sign,KAZ458,1,115,74,,,9955.00,2696.00 103 | LESS,5b,5,"66,151","33,280","10,212,600,000","10,458,800,000",, 104 | LESS,5s,5,"132,096","26,727","6,763,200,000","7,016,500,000",, 105 | LESS,3s,3,"70,554","14,439","2,984,300,000","3,075,100,000",, 106 | LESS,3b,3,"35,328","18,842","2,446,900,000","2,521,400,000",, 107 | LESS,1b,1,"14,029","8,602","263,600,000","271,400,000",, 108 | LESS,1i,1,"42,087","6,247","254,300,000","263,400,000",, 109 | LESS,1s,1,"98,202","5,325","206,600,000","213,400,000",, 110 | MAYO,five,5,"5,008",838,"4,149,954","1,186,132",, 111 | MAYO,three,3,"2,656",577,"1,663,666","610,010",, 112 | MAYO,two,1,"5,488",180,"563,900","91,512",, 113 | MAYO,one,1,"1,168",321,"460,978","175,158",, 114 | MEDS,134180,5,"134,180","132,528","1,629,840,000","1,612,560,000",857.81,848.72 115 | MEDS,41711,3,"41,711","41,080","1,467,000,000","1,461,970,000",772.10,769.46 116 | MEDS,167717,5,"167,717","165,464","961,800,000","938,890,000",506.21,494.15 117 | MEDS,9923,1,"9,923","9,896","518,050,000","515,580,000",262.66,271.36 118 | MEDS,69497,3,"55,604","54,736","386,270,000","380,700,000",203.83,200.37 119 | MEDS,13220,1,"13,220","12,976","88,900,000","87,480,000",46.79,46.04 120 | MIRA,256S,5,150,"20,762","337,700,000","331,400,000",, 121 | MIRA,256F,5,150,"27,678","322,300,000","323,200,000",, 122 | MIRA,192S,3,121,"11,779","119,700,000","116,200,000",, 123 | MIRA,192F,3,121,"15,540","107,200,000","107,000,000",, 124 | MIRA,128S,1,84,"5,640","46,800,000","43,900,000",, 125 | MIRA,128F,1,84,"7,376","37,400,000","36,700,000",, 126 | MiRitH,hypercube-Vb shortest,5,274,"18,292","17,465,014,934","16,113,973,548",, 127 | MiRitH,hypercube-Va shortest,5,253,"17,552","16,708,044,999","16,535,614,637",, 128 | MiRitH,hypercube-IIIb shortest,3,205,"10,314","9,878,242,731","10,063,176,060",, 129 | MiRitH,hypercube-IIIa shortest,3,205,"9,954","9,861,041,315","9,651,788,738",, 130 | MiRitH,hypercube-Ia shortest,1,129,"4,536","6,108,117,293","6,195,562,217",, 131 | MiRitH,hypercube-Ib shortest,1,144,"4,886","6,107,588,818","6,040,512,181",, 132 | MiRitH,hypercube-Vb shorter,5,274,"20,394","1,359,468,059","1,278,699,748",, 133 | MiRitH,hypercube-Va shorter,5,253,"19,393","1,290,986,430","1,272,158,929",, 134 | MiRitH,hypercube-IIIb shorter,3,205,"11,202","727,245,043","732,036,291",, 135 | MiRitH,hypercube-IIIa shorter,3,205,"10,746","723,105,845","708,260,445",, 136 | MiRitH,hypercube-Ib shorter,1,144,"5,491","458,671,636","450,442,537",, 137 | MiRitH,hypercube-Ia shorter,1,129,"5,036","455,493,593","456,564,597",, 138 | MiRitH,Vb short,5,274,"23,182","327,068,513","330,632,038",, 139 | MiRitH,Va short,5,253,"21,795","308,565,196","310,604,452",, 140 | MiRitH,IIIb short,3,205,"13,136","242,531,804","204,853,275",, 141 | MiRitH,IIIa short,3,205,"12,440","192,858,411","175,520,472",, 142 | MiRitH,hypercube-Vb short,5,274,"23,182","138,497,686","138,624,970",, 143 | MiRitH,hypercube-Va short,5,253,"21,795","118,493,608","113,191,871",, 144 | MiRitH,Ia short,1,129,"5,673","76,549,995","76,874,731",, 145 | MiRitH,hypercube-IIIb short,3,205,"13,136","71,813,403","75,999,541",, 146 | MiRitH,hypercube-IIIa short,3,205,"12,440","70,251,731","67,659,810",, 147 | MiRitH,Ib short,1,144,"6,309","65,630,977","65,551,641",, 148 | MiRitH,hypercube-Ib short,1,144,"6,309","42,086,140","42,047,669",, 149 | MiRitH,hypercube-Ia short,1,129,"5,673","41,220,707","40,976,634",, 150 | MiRitH,hypercube-Vb fast,5,274,"33,048","40,665,696","34,718,714",, 151 | MiRitH,Vb fast,5,274,"33,048","38,659,453","38,122,610",, 152 | MiRitH,Va fast,5,253,"30,458","36,361,915","36,665,342",, 153 | MiRitH,hypercube-Va fast,5,253,"30,458","33,245,024","28,269,718",, 154 | MiRitH,IIIb fast,3,205,"18,459","24,538,474","22,470,437",, 155 | MiRitH,IIIa fast,3,205,"17,139","22,485,807","18,431,919",, 156 | MiRitH,hypercube-IIIb fast,3,205,"18,459","18,384,614","15,550,479",, 157 | MiRitH,hypercube-IIIa fast,3,205,"17,139","15,571,845","13,030,031",, 158 | MiRitH,hypercube-Ib fast,1,144,"9,105","9,462,556","7,914,458",, 159 | MiRitH,Ia fast,1,129,"7,877","8,703,311","7,311,069",, 160 | MiRitH,Ib fast,1,144,"9,105","8,015,345","7,558,761",, 161 | MiRitH,hypercube-Ia fast,1,129,"7,877","7,246,084","6,061,955",, 162 | MQOM,L1-gf31-short,1,47,6352,"44,400,000","41,720,000",, 163 | MQOM,L1-gf251-short,1,59,6578,"28,500,000","27,300,000",, 164 | MQOM,L1-gf31-fast,1,47,7657,"17,700,000","15,500,000",, 165 | MQOM,L1-gf251-fast,1,59,7850,"11,500,000","10,200,000",, 166 | MQOM,L3-gf31-short,3,73,13846,"108,000,000","102,000,000",, 167 | MQOM,L3-gf251-short,3,92,14266,"69,500,000","65,600,000",, 168 | MQOM,L3-gf31-fast,3,73,16669,"56,300,000","51,300,000",, 169 | MQOM,L3-gf251-fast,3,92,17252,"32,900,000","29,600,000",, 170 | MQOM,L5-gf31-short,5,99,24158,"224,000,000","214,000,000",, 171 | MQOM,L5-gf251-short,5,125,24942,"148,000,000","142,000,000",, 172 | MQOM,L5-gf31-fast,5,99,29036,"156,000,000","146,000,000",, 173 | MQOM,L5-gf251-fast,5,125,30092,"81,600,000","75,600,000",, 174 | PERK,V-short3,5,310,"26,400","185,000,000","143,000,000",, 175 | PERK,V-short5,5,510,"24,200","171,000,000","131,000,000",, 176 | PERK,III-short3,3,230,"15,000","82,000,000","65,000,000",, 177 | PERK,III-short5,3,370,"13,800","77,000,000","60,000,000",, 178 | PERK,I-short3,1,150,"6,560","39,000,000","27,000,000",, 179 | PERK,V-fast3,5,310,"33,300","36,000,000","28,000,000",, 180 | PERK,I-short5,1,240,"6,060","36,000,000","25,000,000",, 181 | PERK,V-fast5,5,510,"31,700","34,000,000","26,000,000",, 182 | PERK,III-fast3,3,230,"18,800","16,000,000","13,000,000",, 183 | PERK,III-fast5,3,370,"18,000","15,000,000","12,000,000",, 184 | PERK,I-fast3,1,150,"8,350","7,600,000","5,300,000",, 185 | PERK,I-fast5,1,240,"8,030","7,200,000","5,100,000",, 186 | PREON,256A,5,64,598000,,,414713.00,11552.00 187 | PREON,256B,5,64,1157000,,,415207.00,12487.00 188 | PREON,256C,5,64,5248000,,,417464.00,26835.00 189 | PREON,192A,3,56,312000,,,132411.00,2182.00 190 | PREON,192B,3,56,778000,,,137306.00,2688.00 191 | PREON,192C,3,56,3541000,,,137252.00,7460.00 192 | PREON,128A,1,32,139000,,,76067.00,397.00 193 | PREON,128B,1,32,372000,,,80870.00,561.00 194 | PREON,128C,1,32,1725000,,,76919.00,2303.00 195 | PROV,V,5,"524,192",304,,,136.66,182.48 196 | PROV,III,3,"215,694",232,,,59.04,79.08 197 | PROV,I,1,"68,326",160,,,17.71,24.00 198 | QR-UOV,"V-(127, 306, 105, 3)",5,"173,708",392,"4,254,736,000","1,169,402,000",, 199 | QR-UOV,"III-(127, 228, 78, 3)",3,"71,915",292,"1,555,131,000","524,886,000",, 200 | QR-UOV,"V-(31, 1120, 120, 10)",5,"58,564",807,"1,074,835,000","433,574,000",, 201 | QR-UOV,"III-(31, 890, 100, 10)",3,"34,423",643,"573,433,000","232,156,000",, 202 | QR-UOV,"I-(127, 156, 54, 3)",1,"24,271",200,"361,728,000","144,955,000",, 203 | QR-UOV,"V-(31, 324, 114, 3)",5,"158,453",306,"337,483,000","119,098,000",, 204 | QR-UOV,"V-(7, 1490, 190, 10)",5,"135,439",662,"221,341,000","10,865,000",, 205 | QR-UOV,"III-(31, 246, 87, 3)",3,"71,007",232,"153,006,000","5,349,000",, 206 | QR-UOV,"I-(31, 600, 70, 10)",1,"12,282",435,"135,849,000","68,947,000",, 207 | QR-UOV,"III-(7, 1100, 140, 10)",3,"55,173",489,"98,376,000","47,636,000",, 208 | QR-UOV,"I-(31, 165, 60, 3)",1,"23,657",157,"25,217,000","15,973,000",, 209 | QR-UOV,"I-(7, 740, 100, 10)",1,"20,657",331,"24,823,000","13,539,000",, 210 | Raccoon,256-32,5,"4,064","20,330","135,111,000","4,554,000",63.97,2.16 211 | Raccoon,192-32,3,"3,160","14,544","98,984,000","2,764,000",46.87,1.31 212 | Raccoon,128-32,1,"2,256","11,524","74,140,000","1,757,000",35.10,0.83 213 | Raccoon,256-16,5,"4,064","20,330","42,732,000","4,554,000",20.23,2.16 214 | Raccoon,256-8,5,"4,064","20,330","33,433,000","4,554,000",15.83,2.16 215 | Raccoon,192-16,3,"3,160","14,544","30,574,000","2,764,000",14.48,1.31 216 | Raccoon,192-8,3,"3,160","14,544","24,099,000","2,764,000",11.41,1.31 217 | Raccoon,128-16,1,"2,256","11,524","22,588,000","1,757,000",10.70,0.83 218 | Raccoon,128-8,1,"2,256","11,524","17,658,000","1,757,000",8.36,0.83 219 | Raccoon,256-4,5,"4,064","20,330","13,174,000","4,554,000",6.24,2.16 220 | Raccoon,256-2,5,"4,064","20,330","11,123,000","4,554,000",5.27,2.16 221 | Raccoon,256-1,5,"4,064","20,330","10,062,000","4,554,000",4.76,2.16 222 | Raccoon,192-4,3,"3,160","14,544","9,064,000","2,764,000",4.29,1.31 223 | Raccoon,192-2,3,"3,160","14,544","7,697,000","2,764,000",3.64,1.31 224 | Raccoon,192-1,3,"3,160","14,544","6,860,000","2,764,000",3.25,1.31 225 | Raccoon,128-4,1,"2,256","11,524","6,465,000","1,757,000",3.06,0.83 226 | Raccoon,128-2,1,"2,256","11,524","5,412,000","1,757,000",2.56,0.83 227 | Raccoon,128-1,1,"2,256","11,524","4,817,000","1,757,000",2.28,0.83 228 | RSA,2048,Pre-Quantum,272,256,27000000,45000,, 229 | RYDE,256S,5,188,"22,802","105,500,000","94,900,000",, 230 | RYDE,192S,3,131,"12,933","49,600,000","44,800,000",, 231 | RYDE,256F,5,188,"29,134","26,000,000","22,700,000",, 232 | RYDE,128S,1,86,"5,956","23,400,000","20,100,000",, 233 | RYDE,192F,3,131,"16,380","12,200,000","10,700,000",, 234 | RYDE,128F,1,86,"7,446","5,400,000","4,400,000",, 235 | SDitH,gf251-L5-hyp,5,234,"33,370","94,800,000","91,300,000",, 236 | SDitH,gf256-L5-hyp,5,234,"33,370","59,200,000","54,400,000",, 237 | SDitH,gf251-L3-hyp,3,183,"19,161","51,100,000","49,000,000",, 238 | SDitH,gf256-L3-hyp,3,183,"19,161","30,500,000","27,700,000",, 239 | SDitH,gf256-L5-thr,5,234,"43,943","30,500,000","10,200,000",, 240 | SDitH,gf251-L5-thr,5,234,"43,943","23,900,000","3,200,000",, 241 | SDitH,gf251-L1-hyp,1,120,"8,241","22,100,000","21,200,000",, 242 | SDitH,gf256-L3-thr,3,183,"24,918","14,800,000","4,900,000",, 243 | SDitH,gf256-L1-hyp,1,120,"8,241","13,400,000","12,500,000",, 244 | SDitH,gf251-L3-thr,3,183,"24,918","11,700,000","1,500,000",, 245 | SDitH,gf256-L1-thr,1,120,"10,117","5,100,000","1,600,000",, 246 | SDitH,gf251-L1-thr,1,120,"10,117","4,400,000","600,000",, 247 | SNOVA,"(60, 10, 16, 4)",5,8016,576,237150613,90472932,, 248 | SNOVA,"(66, 15, 16, 3)",5,15204,381,172139775,47936266,, 249 | SNOVA,"(61, 33, 16, 2)",5,71890,204,158443732,25289616,, 250 | SNOVA,"(37, 8, 16, 4)",3,4112,376,81382976,31084401,, 251 | SNOVA,"(49, 11, 16, 3)",3,6006,286,60561733,18853861,, 252 | SNOVA,"(43, 25, 16, 2)",3,31266,152,47587816,9443639,, 253 | SNOVA,"(24, 5, 16, 4)",1,1016,248,19681409,8086815,, 254 | SNOVA,"(25, 8, 16, 3)",1,2320,165,12408096,3959869,, 255 | SNOVA,"(28, 17, 16, 2)",1,9842,106,10964945,3161199,, 256 | SPHINCS-alpha,256s SHAKE,5,64,27232,1996754616,7254738,, 257 | SPHINCS-alpha,256f SHAKE,5,64,49312,1582371720,11677806,, 258 | SPHINCS-alpha,192f SHAKE,3,48,34896,92073114,3028500,, 259 | SPHINCS-alpha,256s SHA2,5,64,27232,764352612,6005448,, 260 | SPHINCS-alpha,256f SHA2,5,64,49312,91335474,3175290,, 261 | SPHINCS-alpha,192f SHA2,3,48,34896,45218790,1744038,, 262 | SPHINCS-alpha,192s SHAKE,3,48,14568,1996754616,7254738,, 263 | SPHINCS-alpha,128f SHAKE,1,32,16720,57069090,3558492,, 264 | SPHINCS-alpha,192s SHA2,3,48,14568,988899534,3845970,, 265 | SPHINCS-alpha,128s SHAKE,1,32,6880,1139743980,4891482,, 266 | SPHINCS-alpha,128f SHA2,1,32,16720,26635716,2028186,, 267 | SPHINCS-alpha,128s SHA2,1,32,6880,537033762,2689650,, 268 | SLH-DSA (SPHINCS+),SHAKE-192s,3,48,"16,224","8,091,419,556","6,465,506",, 269 | SLH-DSA (SPHINCS+),SHAKE-256s,5,64,"29,792","7,085,272,100","10,216,560",, 270 | SLH-DSA (SPHINCS+),SHAKE-128s,1,32,"7,856","4,682,570,992","4,764,084",, 271 | SLH-DSA (SPHINCS+),SHAKE-256f,5,64,"49,856","763,942,250","19,886,032",, 272 | SLH-DSA (SPHINCS+),SHAKE-192f,3,48,"35,664","386,861,992","19,876,926",, 273 | SLH-DSA (SPHINCS+),SHAKE-128f,1,32,"17,088","239,793,806","12,909,924",, 274 | SQIsign,V,5,128,335,"158,544,000,000","2,177,000,000",, 275 | SQIsign,III,3,96,263,"43,760,000,000","654,000,000",, 276 | SQIsign,I,1,64,177,"5,669,000,000","108,000,000",, 277 | Squirrels,V,5,"2,786,580","2,025","10,670,614","481,938",, 278 | Squirrels,VI,4,"1,888,700","1,676","9,097,631","329,066",, 279 | Squirrels,III,3,"1,629,640","1,554","7,139,278","287,974",, 280 | Squirrels,II,2,"874,576","1,147","3,732,387","159,887",, 281 | Squirrels,I,1,"681,780","1,019","3,164,772","145,351",, 282 | TUOV,V,5,442384,244,"1,133,958","4,520,748",, 283 | TUOV,III,3,186640,184,"608,604","1,914,056",, 284 | TUOV,Is,1,65552,80,"272,394","570,194",, 285 | TUOV,Ip,1,42608,112,"220,792","491,120",, 286 | UOV,V-pkc,5,"446,992",260,"591,812","2,032,992",, 287 | UOV,V-classic,5,"2,869,440",260,"591,812","470,886",, 288 | UOV,III-pkc,3,"189,232",200,"299,316","917,402",, 289 | UOV,III-classic,3,"1,225,440",200,"299,316","241,588",, 290 | UOV,Is-pkc,1,"66,576",96,"109,314","276,520",, 291 | UOV,Is-classic,1,"412,160",96,"109,314","58,274",, 292 | UOV,Ip-pkc,1,"43,576",128,"105,324","224,006",, 293 | UOV,Ip-classic,1,"278,432",128,"105,324","90,336",, 294 | VOX,256,5,"82,400",300,"12,110,394","1,585,504",6.71,0.88 295 | VOX,192,3,"30,351",184,"2,709,851","713,968",1.50,0.40 296 | VOX,128,1,"9,104",102,"664,265","168,567",0.37,0.09 297 | Wave,1644,5,"13,632,308","1,644","7,397,000,000","813,300,000",, 298 | Wave,1249,3,"7,867,598","1,249","3,507,000,000","464,100,000",, 299 | Wave,822,1,"3,677,390",822,"1,161,000,000","205,800,000",, 300 | Xifrat1-Sign.I,I,3,288,96,,,20,60.00 -------------------------------------------------------------------------------- /round-1/data/schemes.csv: -------------------------------------------------------------------------------- 1 | Scheme,NIST status,Website,Category,Broken,Warning,Info,Assumption 2 | 3WISE,On-ramp,https://csrc.nist.gov/csrc/media/Projects/pqc-dig-sig/documents/round-1/spec-files/3wise-spec-web.pdf,Multivariate,Broken,,,cubic degree 3 | AIMer,On-ramp,https://www.aimer-signature.org/,Symmetric,,Original AIM cipher was insecure,,Zero-knowledge proof of knowledge 4 | ALTEQ,On-ramp,https://pqcalteq.github.io/,Other,,,1/q chance at generating weak keys,alternating trilinear form equivalence problem 5 | Ascon-Sign,On-ramp,https://csrc.nist.gov/csrc/media/Projects/pqc-dig-sig/documents/round-1/spec-files/Ascon-sign-spec-web.pdf,Symmetric,,,,SPHINCS+ with Ascon 6 | Biscuit,On-ramp,https://www.biscuit-pqc.org/,Multivariate,,smaller security margin,,multivariate: solving generic structured algebraic equations 7 | CROSS,On-ramp,https://cross-crypto.com/,Code-based,,,,Restricted syndrome decoding 8 | ML-DSA (Dilithium),FIPS draft,https://pq-crystals.org/dilithium,Lattices,,,,MLWE/MSIS 9 | DME-Sign,On-ramp,https://csrc.nist.gov/csrc/media/Projects/pqc-dig-sig/documents/round-1/spec-files/DME_SIGN-spec-web.pdf,Multivariate,2^96 signature forgery,,,deterministic trapdoor permutation 10 | EagleSign,On-ramp,https://csrc.nist.gov/csrc/media/Projects/pqc-dig-sig/documents/round-1/spec-files/EagleSign-spec-web.pdf,Lattices,signature leaks secret key,,,MNTRU/MLWE 11 | EdDSA,Classic cryptography,https://ed25519.cr.yp.to/,Pre-Quantum,classical,,,Elliptic Curves 12 | EHTv3 / EHTv4,On-ramp,https://csrc.nist.gov/csrc/media/Projects/pqc-dig-sig/documents/round-1/spec-files/EHTv3v4-spec-web.pdf,Lattices,EHTv3 is broken,,,Lattices? 13 | eMLE-Sig 2.0,On-ramp,https://csrc.nist.gov/csrc/media/Projects/pqc-dig-sig/documents/round-1/spec-files/eMLE-spec-web.pdf,Other,secret key recovery,,,Embedded Multilayer Equations 14 | Enhanced pqsigRM,On-ramp,https://csrc.nist.gov/csrc/media/Projects/pqc-dig-sig/documents/round-1/spec-files/Enhanced-pqsigRM-spec-web.pdf,Code-based,signatures leak secret information,,,Reed Muller codes 15 | FAEST,On-ramp,https://faest.info,Symmetric,,,,symmetric / zero-knowledge VOLE-in-the-Head 16 | Falcon,To be standardized,https://falcon-sign.info,Lattices,,,,NTRU-SIS 17 | FuLeeca,On-ramp,https://www.ce.cit.tum.de/lnt/forschung/professur-fuer-coding-and-cryptography/fuleeca/,Code-based,Private key recovery,,,Code-based Lee Metric 18 | HAETAE,On-ramp,https://kpqc.cryptolab.co.kr/haetae,Lattices,,,Original version has bit-flipping signature forgery,MLWE/MSIS 19 | HAWK,On-ramp,https://hawk-sign.info,Lattices,,,,Lattice Isomorphism Problem 20 | HPPC,On-ramp,https://csrc.nist.gov/csrc/media/Projects/pqc-dig-sig/documents/round-1/spec-files/hppc-spec-web.pdf,Multivariate,2^64 collision / universal forgery attack,,,HFE 21 | HuFu,On-ramp,http://123.56.244.4/,Lattices,,,Original version had bit-flipping signature forgery,LWE/SIS 22 | KAZ-Sign,On-ramp,https://csrc.nist.gov/csrc/media/Projects/pqc-dig-sig/documents/round-1/spec-files/kaz-sign-spec-web.pdf,Other,universal signature forgery,,,Second-order Discrete Logarithm Problem 23 | LESS,On-ramp,https://less-project.com,Code-based,,,Original specification lacks verification of well-formed matrices,Linear Equivalence Problem 24 | MAYO,On-ramp,https://pqmayo.org,Multivariate,,,,Multivariate quadratic 25 | MEDS,On-ramp,https://www.meds-pqc.org/,Code-based,,,original reference implementation has an implementation flaw,Matrix Code Equivalence 26 | MIRA,On-ramp,https://pqc-mira.org/,MPC-in-the-Head,,,,MinRank 27 | MiRitH,On-ramp,https://github.com/Crypto-TII/mirith_nist_submission/,MPC-in-the-Head,,,,MinRank 28 | MQOM,On-ramp,https://csrc.nist.gov/csrc/media/Projects/pqc-dig-sig/documents/round-1/spec-files/MQOM-spec-web.pdf,MPC-in-the-Head,,,,Multivariate Quadratic 29 | PERK,On-ramp,https://pqc-perk.org/,MPC-in-the-Head,,,,Permuted Kernel 30 | PREON,On-ramp,https://csrc.nist.gov/csrc/media/Projects/pqc-dig-sig/documents/round-1/spec-files/Preon-spec-web.pdf,Other,,,,zk-SNARK 31 | PROV,On-ramp,https://prov-sign.github.io/,Multivariate,,,PROV v1.0 leaks the private key. Use v1.1,Multivariate 32 | QR-UOV,On-ramp,http://info.isl.ntt.co.jp/crypt/qruov/index.html,Multivariate,,,,Multivariate 33 | Raccoon,On-ramp,https://raccoonfamily.org/,Lattices,,,,MLWE/MSIS 34 | RSA,Classic cryptography,https://web.archive.org/web/20230127011251/http://people.csail.mit.edu/rivest/Rsapaper.pdf,Pre-Quantum,classical,,,Factoring 35 | RYDE,On-ramp,https://pqc-ryde.org/,MPC-in-the-Head,,,,Rank Syndrome Decoding 36 | SDitH,On-ramp,https://sdith.org/,MPC-in-the-Head,,,few bits security loss in original parameters,Syndrome Decoding 37 | SNOVA,On-ramp,http://snova.pqclab.org/,Multivariate,,,,Non-commutative ring UOV 38 | SPHINCS-alpha,On-ramp,https://csrc.nist.gov/csrc/media/Projects/pqc-dig-sig/documents/round-1/spec-files/sphincs-alpha-spec-web.pdf,Symmetric,,,,hash-based 39 | SLH-DSA (SPHINCS+),FIPS draft,https://sphincs.org/,Symmetric,,,,Hash-based 40 | SQIsign,On-ramp,https://sqisign.org/,Isogenies,,,,Isogenies 41 | Squirrels,On-ramp,https://www.squirrels-pqc.org/,Lattices,,,,SIS 42 | TUOV,On-ramp,https://www.tuovsig.org/,Multivariate,,,,UOV 43 | UOV,On-ramp,https://www.uovsig.org/,Multivariate,,,,Multivariate 44 | VOX,On-ramp,http://vox-sign.com/,Multivariate,,,,Multivariate 45 | Wave,On-ramp,https://wave-sign.org/,Code-based,,,,Coding theory 46 | Xifrat1-Sign.I,On-ramp,https://csrc.nist.gov/csrc/media/Projects/pqc-dig-sig/documents/round-1/spec-files/xifrat1-sign-i-spec.pdf,Other,secret key recovery,,,randomized abelian quasigroups 47 | -------------------------------------------------------------------------------- /round-1/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | Post-Quantum signatures zoo (NIST round 1) 8 | 9 | 10 | 11 | 12 | 13 |
14 |
19 | 24 |
PQ Signatures zoo
25 |
26 | 27 |
34 |
35 | 51 |
52 |
53 | 65 |
66 |
67 |
68 | 69 |
70 |
71 |
72 |

Post-Quantum signatures zoo

73 |

NIST round 1

74 |
75 |
76 | 77 |
78 |
79 |
80 |

81 | A list of post-quantum algorithms and their characteristics. 82 |

83 |

84 | In the below, we give an overview of the post-quantum algorithms 85 | that have been submitted to the NIST post-quantum signatures 86 | on-ramp. 87 |

88 |

89 | We have copied the properties of the schemes out of the individual 90 | scheme submission documents, so be aware of potential errors. 91 |

92 |
93 |
94 |
95 | 98 |
99 |
100 |
101 |
102 | We welcome any and all suggestions and improvements on 103 | this page's GitHub repository. 106 |
107 |
108 | 109 |
110 |
111 | 112 |

Schemes

113 |
114 |
115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 |
SchemeStatusCategoryAssumption
126 |
127 |
128 | 129 |
130 |
131 | Click on the table headers to sort. 132 |
133 |
Filter categories
134 |
135 |
136 |
137 | 138 |
139 |
140 | 141 |

Parameters

142 |
143 |
144 |
145 |
146 |
147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 |
SchemeParametersetNIST levelPk bytesSig bytespk+sig
160 |
161 | 162 |
163 |
164 |
165 | Click on the table headers to sort. 166 |
167 | 168 |
169 |
Filter Security Levels
170 |
171 |
172 | 173 |
174 |
Filter on sizes
175 |
176 |
Public key size
177 |
178 | 182 |
183 |
184 | 192 |
193 |
194 | 195 |
196 |
Signature size
197 |
198 | 202 |
203 |
204 | 212 |
213 |
214 |
215 |
Pk+Sig size
216 |
217 | 221 |
222 |
223 | 231 |
232 |
233 |
234 |
235 |
Sync performance filters
236 |
240 |
241 | 247 | 250 |
251 | Apply performance filters 252 |
253 |
254 |
255 |
Filter schemes
256 | Select none 257 | all 258 |
259 |
260 |
261 |
262 |
263 | 264 |
265 |
266 | 267 |

Performance metrics

268 |
269 |
270 |
271 |
272 | Performance characteristics have been directly taken from the 273 | submission documents! 274 |
275 |

276 | Note that many submissions do not have optimized implementations, 277 | and that the measurements were collected under an enormous 278 | variation of measurement setups. Some implementation are also not 279 | timing-invariant with regards to secrets ("constant-time"), and 280 | fixing this may also come with performance penalties. 281 | 282 | Take the performance metrics with a significant grain of salt. 283 | 284 |

285 |

286 | Some metrics have been extrapolated from reported times in 287 | milliseconds. These have been converted 288 | assuming a 2.5 GHz cpu; independent of the benchmarking 290 | platform 292 | reported. Converted metrics are 293 | marked as such. 294 |

295 |
296 |
297 | 298 |
299 | 300 | 301 | 302 | 303 | 304 | 305 | 306 | 307 | 308 | 309 | 310 |
SchemeParametersetNIST levelSign (cycles)Verify (cycles)
311 |
312 | 313 |
314 |
315 |
316 | Click on the table headers to sort. 317 |
318 | 319 |
320 |
Filter Security Levels
321 |
322 |
323 |
324 |
Filter on runtime
325 |
326 |
Signing cycles
327 |
328 | 332 |
333 |
334 | 342 |
343 |
344 |
345 |
Verification cycles
346 |
347 | 351 |
352 |
353 | 361 |
362 |
363 |
364 |
365 |
Sync size filters
366 |
370 |
371 | 377 | 380 |
381 | Apply size filters 382 |
383 |
384 |
385 |
Filter parameters
386 | Select none 387 | all 388 |
389 |
390 |
391 |
392 |
393 | 394 | 416 |
417 | 418 | 419 | 420 | 421 | 422 | 423 | 424 | 425 | 426 | 427 | -------------------------------------------------------------------------------- /round-1/js/vendor/what-input.js: -------------------------------------------------------------------------------- 1 | /** 2 | * what-input - A global utility for tracking the current input method (mouse, keyboard or touch). 3 | * @version v5.2.10 4 | * @link https://github.com/ten1seven/what-input 5 | * @license MIT 6 | */ 7 | (function webpackUniversalModuleDefinition(root, factory) { 8 | if(typeof exports === 'object' && typeof module === 'object') 9 | module.exports = factory(); 10 | else if(typeof define === 'function' && define.amd) 11 | define("whatInput", [], factory); 12 | else if(typeof exports === 'object') 13 | exports["whatInput"] = factory(); 14 | else 15 | root["whatInput"] = factory(); 16 | })(this, function() { 17 | return /******/ (function(modules) { // webpackBootstrap 18 | /******/ // The module cache 19 | /******/ var installedModules = {}; 20 | 21 | /******/ // The require function 22 | /******/ function __webpack_require__(moduleId) { 23 | 24 | /******/ // Check if module is in cache 25 | /******/ if(installedModules[moduleId]) 26 | /******/ return installedModules[moduleId].exports; 27 | 28 | /******/ // Create a new module (and put it into the cache) 29 | /******/ var module = installedModules[moduleId] = { 30 | /******/ exports: {}, 31 | /******/ id: moduleId, 32 | /******/ loaded: false 33 | /******/ }; 34 | 35 | /******/ // Execute the module function 36 | /******/ modules[moduleId].call(module.exports, module, module.exports, __webpack_require__); 37 | 38 | /******/ // Flag the module as loaded 39 | /******/ module.loaded = true; 40 | 41 | /******/ // Return the exports of the module 42 | /******/ return module.exports; 43 | /******/ } 44 | 45 | 46 | /******/ // expose the modules object (__webpack_modules__) 47 | /******/ __webpack_require__.m = modules; 48 | 49 | /******/ // expose the module cache 50 | /******/ __webpack_require__.c = installedModules; 51 | 52 | /******/ // __webpack_public_path__ 53 | /******/ __webpack_require__.p = ""; 54 | 55 | /******/ // Load entry module and return exports 56 | /******/ return __webpack_require__(0); 57 | /******/ }) 58 | /************************************************************************/ 59 | /******/ ([ 60 | /* 0 */ 61 | /***/ (function(module, exports) { 62 | 63 | 'use strict'; 64 | 65 | module.exports = function () { 66 | /* 67 | * bail out if there is no document or window 68 | * (i.e. in a node/non-DOM environment) 69 | * 70 | * Return a stubbed API instead 71 | */ 72 | if (typeof document === 'undefined' || typeof window === 'undefined') { 73 | return { 74 | // always return "initial" because no interaction will ever be detected 75 | ask: function ask() { 76 | return 'initial'; 77 | }, 78 | 79 | // always return null 80 | element: function element() { 81 | return null; 82 | }, 83 | 84 | // no-op 85 | ignoreKeys: function ignoreKeys() {}, 86 | 87 | // no-op 88 | specificKeys: function specificKeys() {}, 89 | 90 | // no-op 91 | registerOnChange: function registerOnChange() {}, 92 | 93 | // no-op 94 | unRegisterOnChange: function unRegisterOnChange() {} 95 | }; 96 | } 97 | 98 | /* 99 | * variables 100 | */ 101 | 102 | // cache document.documentElement 103 | var docElem = document.documentElement; 104 | 105 | // currently focused dom element 106 | var currentElement = null; 107 | 108 | // last used input type 109 | var currentInput = 'initial'; 110 | 111 | // last used input intent 112 | var currentIntent = currentInput; 113 | 114 | // UNIX timestamp of current event 115 | var currentTimestamp = Date.now(); 116 | 117 | // check for a `data-whatpersist` attribute on either the `html` or `body` elements, defaults to `true` 118 | var shouldPersist = 'false'; 119 | 120 | // form input types 121 | var formInputs = ['button', 'input', 'select', 'textarea']; 122 | 123 | // empty array for holding callback functions 124 | var functionList = []; 125 | 126 | // list of modifier keys commonly used with the mouse and 127 | // can be safely ignored to prevent false keyboard detection 128 | var ignoreMap = [16, // shift 129 | 17, // control 130 | 18, // alt 131 | 91, // Windows key / left Apple cmd 132 | 93 // Windows menu / right Apple cmd 133 | ]; 134 | 135 | var specificMap = []; 136 | 137 | // mapping of events to input types 138 | var inputMap = { 139 | keydown: 'keyboard', 140 | keyup: 'keyboard', 141 | mousedown: 'mouse', 142 | mousemove: 'mouse', 143 | MSPointerDown: 'pointer', 144 | MSPointerMove: 'pointer', 145 | pointerdown: 'pointer', 146 | pointermove: 'pointer', 147 | touchstart: 'touch', 148 | touchend: 'touch' 149 | 150 | // boolean: true if the page is being scrolled 151 | };var isScrolling = false; 152 | 153 | // store current mouse position 154 | var mousePos = { 155 | x: null, 156 | y: null 157 | 158 | // map of IE 10 pointer events 159 | };var pointerMap = { 160 | 2: 'touch', 161 | 3: 'touch', // treat pen like touch 162 | 4: 'mouse' 163 | 164 | // check support for passive event listeners 165 | };var supportsPassive = false; 166 | 167 | try { 168 | var opts = Object.defineProperty({}, 'passive', { 169 | get: function get() { 170 | supportsPassive = true; 171 | } 172 | }); 173 | 174 | window.addEventListener('test', null, opts); 175 | } catch (e) {} 176 | // fail silently 177 | 178 | 179 | /* 180 | * set up 181 | */ 182 | 183 | var setUp = function setUp() { 184 | // add correct mouse wheel event mapping to `inputMap` 185 | inputMap[detectWheel()] = 'mouse'; 186 | 187 | addListeners(); 188 | }; 189 | 190 | /* 191 | * events 192 | */ 193 | 194 | var addListeners = function addListeners() { 195 | // `pointermove`, `MSPointerMove`, `mousemove` and mouse wheel event binding 196 | // can only demonstrate potential, but not actual, interaction 197 | // and are treated separately 198 | var options = supportsPassive ? { passive: true } : false; 199 | 200 | document.addEventListener('DOMContentLoaded', setPersist); 201 | 202 | // pointer events (mouse, pen, touch) 203 | if (window.PointerEvent) { 204 | window.addEventListener('pointerdown', setInput); 205 | window.addEventListener('pointermove', setIntent); 206 | } else if (window.MSPointerEvent) { 207 | window.addEventListener('MSPointerDown', setInput); 208 | window.addEventListener('MSPointerMove', setIntent); 209 | } else { 210 | // mouse events 211 | window.addEventListener('mousedown', setInput); 212 | window.addEventListener('mousemove', setIntent); 213 | 214 | // touch events 215 | if ('ontouchstart' in window) { 216 | window.addEventListener('touchstart', setInput, options); 217 | window.addEventListener('touchend', setInput); 218 | } 219 | } 220 | 221 | // mouse wheel 222 | window.addEventListener(detectWheel(), setIntent, options); 223 | 224 | // keyboard events 225 | window.addEventListener('keydown', setInput); 226 | window.addEventListener('keyup', setInput); 227 | 228 | // focus events 229 | window.addEventListener('focusin', setElement); 230 | window.addEventListener('focusout', clearElement); 231 | }; 232 | 233 | // checks if input persistence should happen and 234 | // get saved state from session storage if true (defaults to `false`) 235 | var setPersist = function setPersist() { 236 | shouldPersist = !(docElem.getAttribute('data-whatpersist') || document.body.getAttribute('data-whatpersist') === 'false'); 237 | 238 | if (shouldPersist) { 239 | // check for session variables and use if available 240 | try { 241 | if (window.sessionStorage.getItem('what-input')) { 242 | currentInput = window.sessionStorage.getItem('what-input'); 243 | } 244 | 245 | if (window.sessionStorage.getItem('what-intent')) { 246 | currentIntent = window.sessionStorage.getItem('what-intent'); 247 | } 248 | } catch (e) { 249 | // fail silently 250 | } 251 | } 252 | 253 | // always run these so at least `initial` state is set 254 | doUpdate('input'); 255 | doUpdate('intent'); 256 | }; 257 | 258 | // checks conditions before updating new input 259 | var setInput = function setInput(event) { 260 | var eventKey = event.which; 261 | var value = inputMap[event.type]; 262 | 263 | if (value === 'pointer') { 264 | value = pointerType(event); 265 | } 266 | 267 | var ignoreMatch = !specificMap.length && ignoreMap.indexOf(eventKey) === -1; 268 | 269 | var specificMatch = specificMap.length && specificMap.indexOf(eventKey) !== -1; 270 | 271 | var shouldUpdate = value === 'keyboard' && eventKey && (ignoreMatch || specificMatch) || value === 'mouse' || value === 'touch'; 272 | 273 | // prevent touch detection from being overridden by event execution order 274 | if (validateTouch(value)) { 275 | shouldUpdate = false; 276 | } 277 | 278 | if (shouldUpdate && currentInput !== value) { 279 | currentInput = value; 280 | 281 | persistInput('input', currentInput); 282 | doUpdate('input'); 283 | } 284 | 285 | if (shouldUpdate && currentIntent !== value) { 286 | // preserve intent for keyboard interaction with form fields 287 | var activeElem = document.activeElement; 288 | var notFormInput = activeElem && activeElem.nodeName && (formInputs.indexOf(activeElem.nodeName.toLowerCase()) === -1 || activeElem.nodeName.toLowerCase() === 'button' && !checkClosest(activeElem, 'form')); 289 | 290 | if (notFormInput) { 291 | currentIntent = value; 292 | 293 | persistInput('intent', currentIntent); 294 | doUpdate('intent'); 295 | } 296 | } 297 | }; 298 | 299 | // updates the doc and `inputTypes` array with new input 300 | var doUpdate = function doUpdate(which) { 301 | docElem.setAttribute('data-what' + which, which === 'input' ? currentInput : currentIntent); 302 | 303 | fireFunctions(which); 304 | }; 305 | 306 | // updates input intent for `mousemove` and `pointermove` 307 | var setIntent = function setIntent(event) { 308 | var value = inputMap[event.type]; 309 | 310 | if (value === 'pointer') { 311 | value = pointerType(event); 312 | } 313 | 314 | // test to see if `mousemove` happened relative to the screen to detect scrolling versus mousemove 315 | detectScrolling(event); 316 | 317 | // only execute if scrolling isn't happening 318 | if ((!isScrolling && !validateTouch(value) || isScrolling && event.type === 'wheel' || event.type === 'mousewheel' || event.type === 'DOMMouseScroll') && currentIntent !== value) { 319 | currentIntent = value; 320 | 321 | persistInput('intent', currentIntent); 322 | doUpdate('intent'); 323 | } 324 | }; 325 | 326 | var setElement = function setElement(event) { 327 | if (!event.target.nodeName) { 328 | // If nodeName is undefined, clear the element 329 | // This can happen if click inside an element. 330 | clearElement(); 331 | return; 332 | } 333 | 334 | currentElement = event.target.nodeName.toLowerCase(); 335 | docElem.setAttribute('data-whatelement', currentElement); 336 | 337 | if (event.target.classList && event.target.classList.length) { 338 | docElem.setAttribute('data-whatclasses', event.target.classList.toString().replace(' ', ',')); 339 | } 340 | }; 341 | 342 | var clearElement = function clearElement() { 343 | currentElement = null; 344 | 345 | docElem.removeAttribute('data-whatelement'); 346 | docElem.removeAttribute('data-whatclasses'); 347 | }; 348 | 349 | var persistInput = function persistInput(which, value) { 350 | if (shouldPersist) { 351 | try { 352 | window.sessionStorage.setItem('what-' + which, value); 353 | } catch (e) { 354 | // fail silently 355 | } 356 | } 357 | }; 358 | 359 | /* 360 | * utilities 361 | */ 362 | 363 | var pointerType = function pointerType(event) { 364 | if (typeof event.pointerType === 'number') { 365 | return pointerMap[event.pointerType]; 366 | } else { 367 | // treat pen like touch 368 | return event.pointerType === 'pen' ? 'touch' : event.pointerType; 369 | } 370 | }; 371 | 372 | // prevent touch detection from being overridden by event execution order 373 | var validateTouch = function validateTouch(value) { 374 | var timestamp = Date.now(); 375 | 376 | var touchIsValid = value === 'mouse' && currentInput === 'touch' && timestamp - currentTimestamp < 200; 377 | 378 | currentTimestamp = timestamp; 379 | 380 | return touchIsValid; 381 | }; 382 | 383 | // detect version of mouse wheel event to use 384 | // via https://developer.mozilla.org/en-US/docs/Web/API/Element/wheel_event 385 | var detectWheel = function detectWheel() { 386 | var wheelType = null; 387 | 388 | // Modern browsers support "wheel" 389 | if ('onwheel' in document.createElement('div')) { 390 | wheelType = 'wheel'; 391 | } else { 392 | // Webkit and IE support at least "mousewheel" 393 | // or assume that remaining browsers are older Firefox 394 | wheelType = document.onmousewheel !== undefined ? 'mousewheel' : 'DOMMouseScroll'; 395 | } 396 | 397 | return wheelType; 398 | }; 399 | 400 | // runs callback functions 401 | var fireFunctions = function fireFunctions(type) { 402 | for (var i = 0, len = functionList.length; i < len; i++) { 403 | if (functionList[i].type === type) { 404 | functionList[i].fn.call(undefined, type === 'input' ? currentInput : currentIntent); 405 | } 406 | } 407 | }; 408 | 409 | // finds matching element in an object 410 | var objPos = function objPos(match) { 411 | for (var i = 0, len = functionList.length; i < len; i++) { 412 | if (functionList[i].fn === match) { 413 | return i; 414 | } 415 | } 416 | }; 417 | 418 | var detectScrolling = function detectScrolling(event) { 419 | if (mousePos.x !== event.screenX || mousePos.y !== event.screenY) { 420 | isScrolling = false; 421 | 422 | mousePos.x = event.screenX; 423 | mousePos.y = event.screenY; 424 | } else { 425 | isScrolling = true; 426 | } 427 | }; 428 | 429 | // manual version of `closest()` 430 | var checkClosest = function checkClosest(elem, tag) { 431 | var ElementPrototype = window.Element.prototype; 432 | 433 | if (!ElementPrototype.matches) { 434 | ElementPrototype.matches = ElementPrototype.msMatchesSelector || ElementPrototype.webkitMatchesSelector; 435 | } 436 | 437 | if (!ElementPrototype.closest) { 438 | do { 439 | if (elem.matches(tag)) { 440 | return elem; 441 | } 442 | 443 | elem = elem.parentElement || elem.parentNode; 444 | } while (elem !== null && elem.nodeType === 1); 445 | 446 | return null; 447 | } else { 448 | return elem.closest(tag); 449 | } 450 | }; 451 | 452 | /* 453 | * init 454 | */ 455 | 456 | // don't start script unless browser cuts the mustard 457 | // (also passes if polyfills are used) 458 | if ('addEventListener' in window && Array.prototype.indexOf) { 459 | setUp(); 460 | } 461 | 462 | /* 463 | * api 464 | */ 465 | 466 | return { 467 | // returns string: the current input type 468 | // opt: 'intent'|'input' 469 | // 'input' (default): returns the same value as the `data-whatinput` attribute 470 | // 'intent': includes `data-whatintent` value if it's different than `data-whatinput` 471 | ask: function ask(opt) { 472 | return opt === 'intent' ? currentIntent : currentInput; 473 | }, 474 | 475 | // returns string: the currently focused element or null 476 | element: function element() { 477 | return currentElement; 478 | }, 479 | 480 | // overwrites ignored keys with provided array 481 | ignoreKeys: function ignoreKeys(arr) { 482 | ignoreMap = arr; 483 | }, 484 | 485 | // overwrites specific char keys to update on 486 | specificKeys: function specificKeys(arr) { 487 | specificMap = arr; 488 | }, 489 | 490 | // attach functions to input and intent "events" 491 | // funct: function to fire on change 492 | // eventType: 'input'|'intent' 493 | registerOnChange: function registerOnChange(fn, eventType) { 494 | functionList.push({ 495 | fn: fn, 496 | type: eventType || 'input' 497 | }); 498 | }, 499 | 500 | unRegisterOnChange: function unRegisterOnChange(fn) { 501 | var position = objPos(fn); 502 | 503 | if (position || position === 0) { 504 | functionList.splice(position, 1); 505 | } 506 | }, 507 | 508 | clearStorage: function clearStorage() { 509 | window.sessionStorage.clear(); 510 | } 511 | }; 512 | }(); 513 | 514 | /***/ }) 515 | /******/ ]) 516 | }); 517 | ; -------------------------------------------------------------------------------- /round-1/js/wide.js: -------------------------------------------------------------------------------- 1 | $(document).foundation(); 2 | 3 | const CPUSPEED = 2_500_000_000; 4 | 5 | const schemes = await d3.csv("data/schemes.csv", (d) => { 6 | return { 7 | Scheme: d.Scheme, 8 | Status: d["NIST status"], 9 | Website: d.Website, 10 | Category: d.Category, 11 | Broken: d.Broken === "" ? false : d.Broken, 12 | Info: d.Info === "" ? false : d.Info, 13 | Warning: d.Warning === "" ? false : d.Warning, 14 | Classical: d.Broken === "classical", 15 | Assumption: d.Assumption, 16 | }; 17 | }); 18 | const properties = await d3.csv("data/parametersets.csv", (d) => { 19 | let signcycles; 20 | let verifycycles; 21 | let extrapolated; 22 | if (parseInt(d["signing (cycles)"].replace(/,/g, "")) > 0) { 23 | extrapolated = false; 24 | signcycles = parseInt(d["signing (cycles)"].replace(/,/g, "")); 25 | verifycycles = parseInt(d["verification (cycles)"].replace(/,/g, "")); 26 | } else { 27 | extrapolated = true; 28 | signcycles = 29 | (CPUSPEED * parseFloat(d["signing (ms)"].replace(/,/g, ""))) / 1000; 30 | verifycycles = 31 | (CPUSPEED * parseFloat(d["verification (ms)"].replace(/,/g, ""))) / 1000; 32 | } 33 | 34 | const scheme = schemes.find((s) => s.Scheme == d.Scheme); 35 | 36 | const broken = scheme.Broken; 37 | const warning = scheme.Warning; 38 | const info = scheme.Info; 39 | const classical = scheme.Classical; 40 | 41 | const level = 42 | d["Security level"] === "Pre-Quantum" 43 | ? "Pre-Quantum" 44 | : +d["Security level"]; 45 | 46 | return { 47 | Scheme: d.Scheme, 48 | Parameterset: d.Parameterset, 49 | Category: scheme.Category, 50 | Level: level, 51 | Pk: +d["pk size"].replace(/,/g, ""), 52 | Sig: +d["sig size"].replace(/,/g, ""), 53 | PkPlusSig: 54 | parseFloat(d["pk size"].replace(/,/g, "")) + 55 | parseInt(d["sig size"].replace(/,/g, "")), 56 | SigningCycles: signcycles, 57 | VerificationCycles: verifycycles, 58 | SigningTime: parseFloat(d["signing (ms)"].replace(/,/g, "")), 59 | VerificationTime: parseFloat(d["verification (ms)"].replace(/,/g, "")), 60 | Extrapolated: extrapolated, 61 | Broken: broken, 62 | Info: info, 63 | Warning: warning, 64 | Classical: classical, 65 | SchemeObj: scheme, 66 | }; 67 | }); 68 | 69 | const categories = new Set(schemes.map((s) => s.Category)); 70 | 71 | const propsTable = d3.select("#properties-table"); 72 | 73 | function cleanId(name) { 74 | return name.replace(/[^a-zA-Z0-9]/g, "_"); 75 | } 76 | 77 | let schemeSortingDirection = 1; 78 | let nowSortingScheme = "Scheme"; 79 | let propertiesSortingDirection = 1; 80 | let nowSortingProperties = "Scheme"; 81 | let performanceSortingDirection = 1; 82 | let nowSortingPerformance = "Scheme"; 83 | 84 | function sortAndFilterProperties() { 85 | let selectedPropsSchemes = schemes.map((d) => d.Scheme); 86 | selectedPropsSchemes = d3 87 | .selectAll("#props-schemes-filter input:checked") 88 | .data(); 89 | 90 | const minPk = parseInt(d3.select("#props-min-pk").property("value")); 91 | const maxPk = parseInt(d3.select("#props-max-pk").property("value")); 92 | const minSig = parseInt(d3.select("#props-min-sig").property("value")); 93 | const maxSig = parseInt(d3.select("#props-max-sig").property("value")); 94 | const minPkPlusSig = parseInt( 95 | parseInt(d3.select("#props-min-pkplussig").property("value")) 96 | ); 97 | const maxPkPlusSig = parseInt( 98 | parseInt(d3.select("#props-max-pkplussig").property("value")) 99 | ); 100 | 101 | const minSignCycles = parseInt(d3.select("#perf-min-sign").property("value")); 102 | const maxSignCycles = parseInt(d3.select("#perf-max-sign").property("value")); 103 | const minVerifyCycles = parseInt( 104 | d3.select("#perf-min-verify").property("value") 105 | ); 106 | const maxVerifyCycles = parseInt( 107 | d3.select("#perf-max-verify").property("value") 108 | ); 109 | 110 | const applyCycles = true; 111 | 112 | const selectedPropsLevels = d3 113 | .selectAll("#props-levels-filter input:checked") 114 | .data(); 115 | return properties 116 | .filter( 117 | (p) => 118 | selectedPropsSchemes.includes(p.Scheme) && 119 | selectedPropsLevels.includes(p.Level) && 120 | p.Pk >= minPk && 121 | maxPk >= p.Pk && 122 | p.Sig >= minSig && 123 | maxSig >= p.Sig && 124 | p.PkPlusSig >= minPkPlusSig && 125 | maxPkPlusSig >= p.PkPlusSig && 126 | (!applyCycles || 127 | (p.SigningCycles >= minSignCycles && 128 | p.SigningCycles <= maxSignCycles && 129 | p.VerificationCycles >= minVerifyCycles && 130 | p.VerificationCycles <= maxVerifyCycles)) 131 | ) 132 | .sort( 133 | (a, b) => 134 | propertiesSortingDirection * 135 | d3.ascending(a[nowSortingProperties], b[nowSortingProperties]) 136 | ); 137 | } 138 | 139 | function reenableCategoryForScheme(event, scheme) { 140 | if (!event.target.checked) { 141 | return; 142 | } 143 | schemes.forEach((s) => { 144 | console.log(s, scheme); 145 | if (s.Scheme === scheme) { 146 | d3.select("#switch-" + cleanId(s.Category)).property("checked", true); 147 | return; 148 | } 149 | }); 150 | } 151 | 152 | function updateTable(event) { 153 | console.log("updating tables"); 154 | const selectedCategories = d3.selectAll(".category > input:checked").data(); 155 | console.log(selectedCategories); 156 | 157 | d3.select("#properties-table") 158 | .select("tbody") 159 | .selectAll("tr") 160 | .data(sortAndFilterProperties(), (d) => d.Scheme + d.Parameterset) 161 | .join((enter) => 162 | enter.append((d) => { 163 | const row = d3.create("tr"); 164 | const scheme = schemes.find((s) => s.Scheme === d.Scheme); 165 | 166 | const cell = row 167 | .append("td") 168 | .append("span") 169 | .attr("style", "text-decoration: underline dashed") 170 | .property("title", scheme.Assumption) 171 | .text(d.Scheme); 172 | if (d.Broken) { 173 | cell 174 | .append("span") 175 | .property("title", "This submission has security vulnerabilities: " + d.Broken) 176 | .text(" 🧨"); 177 | } else if (d.Warning) { 178 | cell 179 | .append("span") 180 | .property("title", "This submission has security vulnerabilities: " + d.Warning) 181 | .text(" ⚠️"); 182 | }else if (d.Info) { 183 | cell 184 | .append("span") 185 | .property("title", "This submission has security vulnerabilities: " + d.Info) 186 | .text(" ℹ️"); 187 | } 188 | row.append("td").text(scheme.Category); 189 | row.append("td").text(d.Parameterset); 190 | if (d.Classical) { 191 | row.append("td").text("Pre-Q"); 192 | } else { 193 | row.append("td").text(d.Level); 194 | } 195 | row 196 | .append("td") 197 | .text(d.Pk.toLocaleString()) 198 | .attr("style", "text-align: right"); 199 | row 200 | .append("td") 201 | .text(d.Sig.toLocaleString()) 202 | .attr("style", "text-align: right"); 203 | row 204 | .append("td") 205 | .text(d.PkPlusSig.toLocaleString()) 206 | .attr("style", "text-align: right"); 207 | let extrapolated_text_sign; 208 | let extrapolated_text_verify; 209 | if (d.Extrapolated) { 210 | extrapolated_text_sign = 211 | "Reported as " + d.SigningTime.toLocaleString() + " ms."; 212 | extrapolated_text_verify = 213 | "Reported as " + d.VerificationTime.toLocaleString() + " ms."; 214 | } 215 | row 216 | .append("td") 217 | .text(d.SigningCycles.toLocaleString()) 218 | .classed("extrapolated", d.Extrapolated) 219 | .property("title", extrapolated_text_sign) 220 | .attr("style", "text-align: right"); 221 | row 222 | .append("td") 223 | .text(d.VerificationCycles.toLocaleString()) 224 | .classed("extrapolated", d.Extrapolated) 225 | .property("title", extrapolated_text_verify) 226 | .attr("style", "text-align: right"); 227 | return row.node(); 228 | }) 229 | ); 230 | 231 | updatePlot(); 232 | } 233 | 234 | function switchSchemesForCategory(event, category) { 235 | const enabledCategory = event.target.checked; 236 | schemes.forEach((scheme) => { 237 | console.log(scheme, event,category); 238 | if (scheme.Category === category) { 239 | d3.select("#props-switch-" + cleanId(scheme.Scheme)).property("checked", enabledCategory); 240 | d3.select("#perf-switch-" + cleanId(scheme.Scheme)).property("checked", enabledCategory); 241 | } 242 | }); 243 | } 244 | 245 | d3.select("#categories") 246 | .selectAll("div") 247 | .classed("grid-x", true) 248 | .data([...categories].sort(d3.ascending)) 249 | .enter() 250 | .append((d) => { 251 | const cat = d3.create("div").classed("grid-x", true); 252 | 253 | const toggle = cat 254 | .append("div") 255 | .classed("cell small-3", true) 256 | .classed("switch tiny", true) 257 | .classed("category", true); 258 | toggle 259 | .append("input") 260 | .attr("type", "checkbox") 261 | .attr("id", "switch-" + cleanId(d)) 262 | .classed("switch-input categories-filter", true) 263 | .property("checked", true) 264 | .datum(d) 265 | .on("click", function(event) { 266 | switchSchemesForCategory(event, d); 267 | updateTable(event); 268 | }); 269 | toggle 270 | .append("label") 271 | .classed("switch-paddle", true) 272 | .attr("for", "switch-" + cleanId(d)) 273 | .append((e) => 274 | d3 275 | .create("span") 276 | .classed("show-for-sr", true) 277 | .text("Show/hide " + d) 278 | .node() 279 | ); 280 | cat.append("span").classed("cell auto", true).text(d); 281 | 282 | return cat.node(); 283 | }); 284 | 285 | d3.select("#props-schemes-filter") 286 | .selectAll("div") 287 | .classed("grid-x", true) 288 | .data(schemes.map((s) => s.Scheme).sort(d3.ascending)) 289 | .enter() 290 | .append((d) => { 291 | const cat = d3.create("div").classed("grid-x", true); 292 | 293 | const toggle = cat 294 | .append("div") 295 | .classed("cell small-3", true) 296 | .classed("switch tiny", true); 297 | toggle 298 | .append("input") 299 | .attr("type", "checkbox") 300 | .classed("scheme-filter", true) 301 | .attr("id", "props-switch-" + cleanId(d)) 302 | .classed("switch-input", true) 303 | .property("checked", "checked") 304 | .datum(d) 305 | .on("click", (e) => { 306 | reenableCategoryForScheme(e, d); 307 | updateTable(e); 308 | }); 309 | toggle 310 | .append("label") 311 | .classed("switch-paddle", true) 312 | .attr("for", "props-switch-" + cleanId(d)) 313 | .append((e) => 314 | d3 315 | .create("span") 316 | .classed("show-for-sr", true) 317 | .text("Show/hide " + d) 318 | .node() 319 | ); 320 | cat.append("span").classed("cell auto", true).text(d); 321 | 322 | return cat.node(); 323 | }); 324 | 325 | d3.select("#props-levels-filter") 326 | .selectAll("div") 327 | .classed("grid-x", true) 328 | .data(["Pre-Quantum", 1, 2, 3, 4, 5]) 329 | .enter() 330 | .append((d) => { 331 | const cat = d3.create("div").classed("grid-x", true); 332 | 333 | const toggle = cat 334 | .append("div") 335 | .classed("cell small-3", true) 336 | .classed("switch tiny", true); 337 | toggle 338 | .append("input") 339 | .attr("type", "checkbox") 340 | .classed("nistlevel-filter", true) 341 | .attr("id", "props-switch-level-" + d) 342 | .classed("switch-input", true) 343 | .property("checked", "checked") 344 | .datum(d) 345 | .on("click", (e) => { 346 | updateTable(e); 347 | }); 348 | toggle 349 | .append("label") 350 | .classed("switch-paddle", true) 351 | .attr("for", "props-switch-level-" + d) 352 | .append((e) => 353 | d3 354 | .create("span") 355 | .classed("show-for-sr", true) 356 | .text("Show/hide NIST level " + d) 357 | .node() 358 | ); 359 | cat 360 | .append("span") 361 | .classed("cell auto", true) 362 | .text(d == "Pre-Quantum" ? "Pre-Quantum" : "Level " + d); 363 | 364 | return cat.node(); 365 | }); 366 | 367 | d3.select("#props-min-pk") 368 | .property( 369 | "value", 370 | d3.min(properties, (d) => d.Pk) 371 | ) 372 | .on("change", updateTable); 373 | d3.select("#props-max-pk") 374 | .property( 375 | "value", 376 | d3.max(properties, (d) => d.Pk) 377 | ) 378 | .on("change", updateTable); 379 | d3.select("#props-min-sig") 380 | .property( 381 | "value", 382 | d3.min(properties, (d) => d.Sig) 383 | ) 384 | .on("change", updateTable); 385 | d3.select("#props-max-sig") 386 | .property( 387 | "value", 388 | d3.max(properties, (d) => d.Sig) 389 | ) 390 | .on("change", updateTable); 391 | d3.select("#props-min-pkplussig") 392 | .property( 393 | "value", 394 | d3.min(properties, (d) => d.PkPlusSig) 395 | ) 396 | .on("change", updateTable); 397 | d3.select("#props-max-pkplussig") 398 | .property( 399 | "value", 400 | d3.max(properties, (d) => d.PkPlusSig) 401 | ) 402 | .on("change", updateTable); 403 | 404 | d3.select("#perf-min-sign") 405 | .property( 406 | "value", 407 | d3.min(properties, (d) => d.SigningCycles) 408 | ) 409 | .on("change", updateTable); 410 | d3.select("#perf-max-sign") 411 | .property( 412 | "value", 413 | d3.max(properties, (d) => d.SigningCycles) 414 | ) 415 | .on("change", updateTable); 416 | d3.select("#perf-min-verify") 417 | .property( 418 | "value", 419 | d3.min(properties, (d) => d.VerificationCycles) 420 | ) 421 | .on("change", updateTable); 422 | d3.select("#perf-max-verify") 423 | .property( 424 | "value", 425 | d3.max(properties, (d) => d.VerificationCycles) 426 | ) 427 | .on("change", updateTable); 428 | 429 | d3.select("#perf-schemes-filter") 430 | .selectAll("div") 431 | .classed("grid-x", true) 432 | .data(schemes.map((s) => s.Scheme).sort(d3.ascending)) 433 | .enter() 434 | .append((d) => { 435 | const cat = d3.create("div").classed("grid-x", true); 436 | 437 | const toggle = cat 438 | .append("div") 439 | .classed("cell small-3", true) 440 | .classed("switch tiny", true); 441 | toggle 442 | .append("input") 443 | .attr("type", "checkbox") 444 | .classed("scheme-filter", true) 445 | .attr("id", "perf-switch-" + cleanId(d)) 446 | .classed("switch-input", true) 447 | .property("checked", "checked") 448 | .datum(d) 449 | .on("click", (e) => { 450 | d3.select("#props-switch-" + cleanId(d)).property( 451 | "checked", 452 | e.target.checked 453 | ); 454 | reenableCategoryForScheme(e, d); 455 | updateTable(e); 456 | }); 457 | toggle 458 | .append("label") 459 | .classed("switch-paddle", true) 460 | .attr("for", "perf-switch-" + cleanId(d)) 461 | .append((e) => 462 | d3 463 | .create("span") 464 | .classed("show-for-sr", true) 465 | .text("Show/hide " + d) 466 | .node() 467 | ); 468 | cat.append("span").classed("cell auto", true).text(d); 469 | 470 | return cat.node(); 471 | }); 472 | 473 | d3.selectAll(".select-all-params").on("click", (e) => { 474 | d3.selectAll(".scheme-filter").property("checked", true); 475 | d3.selectAll(".categories-filter").property("checked", true); 476 | updateTable(e); 477 | }); 478 | d3.selectAll(".select-none-params").on("click", (e) => { 479 | d3.selectAll(".scheme-filter").property("checked", false); 480 | updateTable(e); 481 | }); 482 | 483 | updateTable(); 484 | 485 | function handleSortingSchemes(what) { 486 | return (e) => { 487 | if (nowSortingScheme === what) { 488 | schemeSortingDirection *= -1; 489 | } else { 490 | schemeSortingDirection = 1; 491 | nowSortingScheme = what; 492 | } 493 | updateTable(e); 494 | }; 495 | } 496 | 497 | function handleSortingProperties(what) { 498 | return (e) => { 499 | if (nowSortingProperties === what) { 500 | propertiesSortingDirection *= -1; 501 | } else { 502 | propertiesSortingDirection = 1; 503 | nowSortingProperties = what; 504 | } 505 | updateTable(e); 506 | }; 507 | } 508 | 509 | function handleSortingPerformance(what) { 510 | return (e) => { 511 | if (nowSortingPerformance === what) { 512 | performanceSortingDirection *= -1; 513 | } else { 514 | performanceSortingDirection = 1; 515 | nowSortingPerformance = what; 516 | } 517 | updateTable(e); 518 | }; 519 | } 520 | 521 | d3.select("#header-schemes-scheme").on("click", handleSortingSchemes("Scheme")); 522 | d3.select("#header-schemes-status").on("click", handleSortingSchemes("Status")); 523 | d3.select("#header-schemes-category").on( 524 | "click", 525 | handleSortingSchemes("Category") 526 | ); 527 | d3.select("#header-schemes-assumption").on( 528 | "click", 529 | handleSortingSchemes("Assumption") 530 | ); 531 | 532 | d3.select("#header-properties-scheme").on( 533 | "click", 534 | handleSortingProperties("Scheme") 535 | ); 536 | d3.select("#header-properties-category").on( 537 | "click", 538 | handleSortingProperties("Category") 539 | ); 540 | d3.select("#header-properties-parameterset").on( 541 | "click", 542 | handleSortingProperties("Parameterset") 543 | ); 544 | d3.select("#header-properties-level").on( 545 | "click", 546 | handleSortingProperties("Level") 547 | ); 548 | d3.select("#header-properties-pk").on("click", handleSortingProperties("Pk")); 549 | d3.select("#header-properties-sig").on("click", handleSortingProperties("Sig")); 550 | d3.select("#header-properties-pksig").on( 551 | "click", 552 | handleSortingProperties("PkPlusSig") 553 | ); 554 | 555 | 556 | d3.select("#header-properties-sign").on( 557 | "click", 558 | handleSortingProperties("SigningCycles") 559 | ); 560 | d3.select("#header-properties-verify").on( 561 | "click", 562 | handleSortingProperties("VerificationCycles") 563 | ); 564 | 565 | // function getKeySizeChart() { 566 | // // Declare the chart dimensions and margins. 567 | // const width = 600; 568 | // const height = 200; 569 | // const margin = { top: 20, right: 0, bottom: 30, left: 50 }; 570 | 571 | // console.log(properties) 572 | 573 | // function zoom(svg) { 574 | // const extent = [ 575 | // [margin.left, margin.top], 576 | // [width - margin.right, height - margin.top], 577 | // ]; 578 | 579 | // svg.call( 580 | // d3 581 | // .zoom() 582 | // .scaleExtent([1, 8]) 583 | // .translateExtent(extent) 584 | // .extent(extent) 585 | // .on("zoom", zoomed) 586 | // ); 587 | 588 | // function zoomed(event) { 589 | // x.range( 590 | // [margin.left, width - margin.right].map((d) => 591 | // event.transform.applyX(d) 592 | // ) 593 | // ); 594 | // svg.selectAll(".bars rect").attr("x", d => d.Scheme + " " + d.Parameterset).attr("width", x.bandwidth()); 595 | // svg.selectAll(".x-axis").call(xAxis); 596 | // } 597 | // } 598 | 599 | // const x = d3 600 | // .scaleBand(properties.map((d) => d.Scheme + " " + d.Parameterset)) 601 | // .range([margin.left, width - margin.right]) 602 | // .padding(0.1); 603 | 604 | // const y = d3 605 | // .scaleLinear() 606 | // .domain([1, d3.max(properties, (d) => d.Pk)]) 607 | // .nice() 608 | // .range([height - margin.bottom, margin.top]); 609 | 610 | // const xAxis = (g) => 611 | // g 612 | // .attr("transform", `translate(0, ${height - margin.bottom})`) 613 | // .call(d3.axisBottom(x).tickSizeOuter(0)); 614 | 615 | // const yAxis = (g) => 616 | // g 617 | // .attr("transform", `translate(${margin.left},0)`) 618 | // .call(d3.axisLeft(y)) 619 | // .call((g) => g.select(".domain").remove()); 620 | 621 | // const svg = d3 622 | // .create("svg") 623 | // .attr("viewBox", [0, 0, width, height]); 624 | // svg 625 | // .append("g") 626 | // .attr("class", "bars") 627 | // .attr("fill", "steelblue") 628 | // .selectAll("rect") 629 | // .data(properties) 630 | // .join("rect") 631 | // .attr("x", (d) => x(d.Scheme + " " + d.Parameterset)) 632 | // .attr("y", (d) => y(d.Pk)) 633 | // .attr("height", (d) => y(1) - y(d.Pk)) 634 | // .attr("width", x.bandwidth()); 635 | 636 | // svg.call(zoom); 637 | 638 | // svg.append("g").attr("class", "x-axis").call(xAxis); 639 | 640 | // svg.append("g").attr("class", "y-axis").call(yAxis); 641 | 642 | // return svg.node(); 643 | // } 644 | 645 | // const plot = Plot.plot({ 646 | // x: { label: "Key size (bytes)", type: "log" }, 647 | // y: { padding: 3}, 648 | // marginLeft: 150, 649 | // width: 1000, 650 | // height: 9000, 651 | // color: true, 652 | // marks: [ 653 | // Plot.barX(properties, { 654 | // y: (d) => d.Scheme + " " + d.Parameterset, 655 | // x1: 1, 656 | // x2: (d) => { 657 | // console.log(d.Scheme, d.Pk); 658 | // return d.Pk; 659 | // }, 660 | // tip: true, 661 | // width: 1, 662 | // dy: -2, 663 | // }), 664 | // Plot.barX(properties, { 665 | // y: (d) => d.Scheme + " " + d.Parameterset, 666 | // x1: 1, 667 | // x2: (d) => { 668 | // console.log(d.Scheme, d.Sig); 669 | // return d.Sig; 670 | // }, 671 | // tip: true, 672 | // dy: 2, 673 | // fill: "red", 674 | // label: "Signature", 675 | // }), 676 | // ], 677 | // }); 678 | 679 | function dotColor(d) { 680 | if (d.Classical) { 681 | return "blue"; 682 | } 683 | if (d.Broken || d.Warning) { 684 | return "red"; 685 | } 686 | if (d.SchemeObj.Status === "FIPS draft" || d.SchemeObj.Scheme == "Falcon") { 687 | return "magenta"; 688 | } 689 | return "black"; 690 | } 691 | 692 | function dotSymbol(d) { 693 | console.log(d) 694 | if (d.SchemeObj.Status === "FIPS draft" || d.SchemeObj.Scheme == "Falcon") { 695 | return "star"; 696 | } 697 | if (d.Classical) { 698 | return "circle"; 699 | } 700 | if (d.Broken) { 701 | return "times"; 702 | } 703 | return "plus"; 704 | } 705 | 706 | function dotTitle(d) { 707 | let str = 708 | d.Scheme + 709 | " " + 710 | d.Parameterset + 711 | "\npk: " + 712 | d.Pk.toLocaleString() + 713 | " B" + 714 | "\nsig: " + 715 | d.Sig.toLocaleString() + 716 | " B"; 717 | if (d.Broken) { 718 | str += "\n ⚠️ " + d.Broken + "!"; 719 | } 720 | return str; 721 | } 722 | 723 | function updatePlot() { 724 | const data = sortAndFilterProperties(properties); 725 | const plot = Plot.plot({ 726 | x: { type: "log", label: "Public key size (bytes)" }, 727 | y: { type: "log", label: "Signature size (bytes)" }, 728 | width: "1000", 729 | grid: true, 730 | marks: [ 731 | Plot.dot(data, { 732 | x: "Pk", 733 | y: "Sig", 734 | tip: true, 735 | title: dotTitle, 736 | stroke: dotColor, 737 | symbol: dotSymbol, 738 | fill: dotColor, 739 | legend: (d) => d.Category, 740 | }), 741 | Plot.crosshair(data, { x: "Pk", y: "Sig" }), 742 | ], 743 | }); 744 | 745 | document.querySelector("#keySizeChart").replaceChildren(plot); 746 | } 747 | -------------------------------------------------------------------------------- /round-1/wide.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | Post-Quantum signatures zoo (NIST round 1) 8 | 9 | 10 | 11 | 12 | 13 |
14 |
19 | 24 |
PQ Signatures zoo Round 1 (widescreen)
25 |
26 | 27 |
34 |
35 | 45 |
46 |
47 | 59 |
60 |
61 |
62 | 63 |
64 |
65 |
66 |

Post-Quantum signatures zoo

67 |

NIST round 1

68 |
69 |
70 | 71 |
72 |
73 |
74 |

75 | A list of post-quantum algorithms and their characteristics. 76 |

77 |

78 | In the below, we give an overview of the post-quantum algorithms 79 | that have been submitted to the NIST post-quantum signatures 80 | on-ramp. 81 |

82 |

83 | We have copied the properties of the schemes out of the individual 84 | scheme submission documents, so be aware of potential errors. 85 |

86 |
87 |
88 |
89 | 92 |
93 |
94 |
95 |
96 | We welcome any and all suggestions and improvements on 97 | this page's GitHub repository. 100 |
101 |
102 | 103 | 123 | 124 |
125 |
126 | 127 |

Parameters

128 |
129 |
130 |
131 |
132 |
133 |
134 |
135 | Performance characteristics have been directly taken from the 136 | submission documents! 137 |
138 |

139 | Note that many submissions do not have optimized implementations, 140 | and that the measurements were collected under an enormous 141 | variation of measurement setups. Some implementation are also not 142 | timing-invariant with regards to secrets ("constant-time"), and 143 | fixing this may also come with performance penalties. 144 | 145 | Take the performance metrics with a significant grain of salt. 146 | 147 |

148 |

149 | Some metrics have been extrapolated from reported times in 150 | milliseconds. These have been converted 151 | assuming a 2.5 GHz cpu; independent of the benchmarking 153 | platform 155 | reported. Converted metrics are 156 | marked as such. 157 |

158 |
159 |
160 |
161 |
162 | Click on the table headers to sort. 163 | Filters can be configured below the table. 164 |
165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 |
SchemeCategoryParametersetNIST levelPk bytesSig bytespk+sigSign (cycles)Verify (cycles)
181 |
182 | 183 |
184 | 185 |
186 |
187 |
Filter Security Levels
188 |
189 |
190 | 191 |
192 |
Filter categories
193 |
194 |
195 |
196 |
197 |
198 |
199 |
200 |
Filter on sizes
201 |
202 |
Public key size
203 |
204 | 208 |
209 |
210 | 218 |
219 |
220 | 221 |
222 |
Signature size
223 |
224 | 228 |
229 |
230 | 238 |
239 |
240 |
241 |
Pk+Sig size
242 |
243 | 247 |
248 |
249 | 257 |
258 |
259 |
260 |
261 |
Filter on runtime
262 |
263 |
Signing cycles
264 |
265 | 269 |
270 |
271 | 279 |
280 |
281 |
282 |
Verification cycles
283 |
284 | 288 |
289 |
290 | 298 |
299 |
300 |
301 |
302 |
303 |
304 |
305 |
306 |
Filter schemes
307 | Select none 308 | all 309 |
310 |
311 |
312 |
313 |
314 | 315 | 337 |
338 | 339 | 340 | 341 | 342 | 343 | 344 | 345 | 346 | 347 | 348 | -------------------------------------------------------------------------------- /wide.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | Post-Quantum signatures zoo 8 | 9 | 10 | 11 | 12 | 13 |
14 |
19 | 24 |
PQ Signatures zoo (widescreen)
25 |
26 | 27 |
34 |
35 | 44 |
45 |
46 | 58 |
59 |
60 |
61 | 62 |
63 |
64 |
65 |

Post-Quantum signatures zoo

66 |

NIST Round 2

67 |
68 |
69 | 70 |
71 |
72 |
73 |

Now updated with all Round-2 specifications.

74 |

Please report any errors on GitHub!

75 |
76 |
77 |
78 |
79 |

80 | A list of post-quantum algorithms and their characteristics. 81 |

82 |

83 | In the below, we give an overview of the post-quantum algorithms 84 | that have been submitted to the NIST post-quantum signatures 85 | on-ramp and are still part of the second round. 86 |

87 |

88 | We have copied the properties of the schemes out of the individual 89 | scheme submission documents, so be aware of potential errors. 90 |

91 |
92 |
93 |
94 | 97 |
98 |
99 |
100 |
101 | We welcome any and all suggestions and improvements on 102 | this page's GitHub repository. 105 |
106 |
107 | 108 | 128 | 129 |
130 |
131 | 132 |

Parameters

133 |
134 |
135 |
136 |
137 |
138 |
139 |
140 | Performance characteristics have been directly taken from the 141 | submission documents! 142 |
143 |

144 | Note that many submissions do not have optimized implementations, 145 | and that the measurements were collected under an enormous 146 | variation of measurement setups. Some implementation are also not 147 | timing-invariant with regards to secrets ("constant-time"), and 148 | fixing this may also come with performance penalties. 149 | 150 | Take the performance metrics with a significant grain of salt. 151 | 152 |

153 |

154 | Some metrics have been extrapolated from reported times in 155 | milliseconds. These have been converted 156 | assuming a 2.5 GHz cpu; independent of the benchmarking 158 | platform 160 | reported. Converted metrics are 161 | marked as such. 162 |

163 |
164 |
165 |
166 |
167 | Click on the table headers to sort. 168 | Filters can be configured below the table. 169 |
170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 |
SchemeCategoryParametersetNIST levelPk bytesSig bytespk+sigSign (cycles)Verify (cycles)
186 |
187 | 188 |
189 | 190 |
191 |
192 |
Filter Security Levels
193 |
194 |
195 | 196 |
197 |
Filter categories
198 |
199 |
200 |
201 |
202 |
203 |
204 |
205 |
Filter on sizes
206 |
207 |
Public key size
208 |
209 | 213 |
214 |
215 | 223 |
224 |
225 | 226 |
227 |
Signature size
228 |
229 | 233 |
234 |
235 | 243 |
244 |
245 |
246 |
Pk+Sig size
247 |
248 | 252 |
253 |
254 | 262 |
263 |
264 |
265 |
266 |
Filter on runtime
267 |
268 |
Signing cycles
269 |
270 | 274 |
275 |
276 | 284 |
285 |
286 |
287 |
Verification cycles
288 |
289 | 293 |
294 |
295 | 303 |
304 |
305 |
306 |
307 |
308 |
309 |
310 |
311 |
Filter schemes
312 | Select none 313 | all 314 |
315 |
316 |
317 |
318 |
319 | 320 | 343 |
344 | 345 | 346 | 347 | 348 | 349 | 350 | 351 | 352 | 353 | 354 | --------------------------------------------------------------------------------