Improving Software Quality in Cryptography Standardization Projects

2022 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) Pub Date : 2022-06-01 DOI:10.1109/eurospw55150.2022.00010

Matthias J. Kannwischer, P. Schwabe, D. Stebila, Thom Wiggers

{"title":"Improving Software Quality in Cryptography Standardization Projects","authors":"Matthias J. Kannwischer, P. Schwabe, D. Stebila, Thom Wiggers","doi":"10.1109/eurospw55150.2022.00010","DOIUrl":null,"url":null,"abstract":"The NIST post-quantum cryptography (PQC) standardization project is probably the largest and most ambitious cryptography standardization effort to date, and as such it makes an excellent case study of cryptography standardization projects. It is expected that with the end of round 3 in early 2022, NIST will announce the first set of primitives to advance to standardization, so it seems like a good time to look back and see what lessons can be learned from this effort. In this paper, we take a look at one specific aspect of the NIST PQC project: software implementations. We observe that many implementations included as a mandatory part of the submission packages were of poor quality and ignored decades-old standard techniques from software engineering to guarantee a certain baseline quality level. As a consequence, it was not possible to readily use those implementations in experiments for post-quantum protocol migration and software optimization efforts without first spending a significant amount of time to clean up the submitted reference implementations. We do not mean to criticize cryptographers who submitted proposals, including software implementations, to NIST PQC: after all, it cannot reasonably be expected from every cryptographer to also have expertise in software engineering. Instead, we suggest how standardization bodies like NIST can improve the software-submission process in future efforts to avoid such issues with submitted software. More specifically, we present PQClean, an extensive (continuous-integration) testing framework for PQC software, which now also contains “clean” implementations of the NIST round 3 candidate schemes. We argue that the availability of such a framework-either in an online continuous-integration setup, or just as an offline testing system-long before the submission deadline would have resulted in much better implementations included in NIST PQC submissions and overall would have saved the community and probably also NIST a lot of time and effort.","PeriodicalId":275840,"journal":{"name":"2022 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)","volume":"130 4","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/eurospw55150.2022.00010","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 10

Abstract

The NIST post-quantum cryptography (PQC) standardization project is probably the largest and most ambitious cryptography standardization effort to date, and as such it makes an excellent case study of cryptography standardization projects. It is expected that with the end of round 3 in early 2022, NIST will announce the first set of primitives to advance to standardization, so it seems like a good time to look back and see what lessons can be learned from this effort. In this paper, we take a look at one specific aspect of the NIST PQC project: software implementations. We observe that many implementations included as a mandatory part of the submission packages were of poor quality and ignored decades-old standard techniques from software engineering to guarantee a certain baseline quality level. As a consequence, it was not possible to readily use those implementations in experiments for post-quantum protocol migration and software optimization efforts without first spending a significant amount of time to clean up the submitted reference implementations. We do not mean to criticize cryptographers who submitted proposals, including software implementations, to NIST PQC: after all, it cannot reasonably be expected from every cryptographer to also have expertise in software engineering. Instead, we suggest how standardization bodies like NIST can improve the software-submission process in future efforts to avoid such issues with submitted software. More specifically, we present PQClean, an extensive (continuous-integration) testing framework for PQC software, which now also contains “clean” implementations of the NIST round 3 candidate schemes. We argue that the availability of such a framework-either in an online continuous-integration setup, or just as an offline testing system-long before the submission deadline would have resulted in much better implementations included in NIST PQC submissions and overall would have saved the community and probably also NIST a lot of time and effort.

查看原文本刊更多论文

提高加密标准化项目中的软件质量

NIST后量子密码学(PQC)标准化项目可能是迄今为止最大和最雄心勃勃的密码学标准化工作，因此它是密码学标准化项目的一个极好的案例研究。预计在2022年初第三轮结束时，NIST将宣布推进标准化的第一组原语，因此现在似乎是回顾并看看可以从这一努力中学到什么教训的好时机。在本文中，我们将介绍NIST PQC项目的一个特定方面:软件实现。我们观察到，许多作为提交包的强制部分的实现质量很差，并且忽略了软件工程中几十年的标准技术，以保证一定的基线质量水平。因此，如果不首先花费大量时间清理提交的参考实现，就不可能在实验中轻松地使用这些实现进行后量子协议迁移和软件优化工作。我们并不是要批评那些向NIST PQC提交建议(包括软件实现)的密码学家:毕竟，不能合理地期望每个密码学家也具有软件工程方面的专业知识。相反，我们建议像NIST这样的标准化机构如何在未来的努力中改进软件提交过程，以避免提交的软件出现此类问题。更具体地说，我们提出了PQClean，一个用于PQC软件的广泛(持续集成)测试框架，它现在也包含了NIST第三轮候选方案的“干净”实现。我们认为，在提交截止日期之前很久，这样一个框架的可用性——无论是在在线持续集成设置中，还是作为离线测试系统——将导致NIST PQC提交中包含更好的实现，并且总体上将节省社区，也可能节省NIST大量的时间和精力。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2022 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)

自引率

0.00%

发文量