diff options
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/FORMAT.md | 64 | ||||
| -rw-r--r-- | docs/LIBS.md | 31 | ||||
| -rw-r--r-- | docs/card.png | bin | 0 -> 653 bytes | |||
| -rw-r--r-- | docs/leaky_msb.png | bin | 0 -> 135626 bytes | |||
| -rw-r--r-- | docs/nonleaky_msb.png | bin | 0 -> 187445 bytes |
5 files changed, 53 insertions, 42 deletions
diff --git a/docs/FORMAT.md b/docs/FORMAT.md index 16af130..5c29d58 100644 --- a/docs/FORMAT.md +++ b/docs/FORMAT.md @@ -1,14 +1,34 @@ # Format -ECTester mostly reads/outputs data in either human-readable format or using CSV. +ECTester mostly reads/outputs data in either human-readable format or using CSV, YAML or XML, depending on the data. ## Test runs By default test runs are output in a human readable format, however YAML and XML is also supported and can be selected -by using the `--format` option. Also, prefixing the output file name when using the `-o/--output` option allows to output +by using the `--format` option. Also, prefixing the output file name when using the `-o/--output` option allows to output the same test run in different formats to different files. For example: `--format yaml -o default_output.yaml -o xml:output_file.xml -o text:readable_text_file.txt ` +The YAML output of the test runs is used to generate the static pages of the tests at <https://crocs-muni.github.io/ECTester/>. + +## Notation +In the rest of this documentation the following notation is used + + - `p` - prime F_p + - `m` - binary field exponent F_2^m + - `e1` - largest exponent of the field polynomial + - `e2` - middle exponenet of the field polynomial, or `0000` if field poly is a trinomial + - `e3` - smallest exponent (except zero) of the field polynomial, or `0000` if field poly is a trinomial + - `a` - a parameter in short Weierstrass curve equation + - `b` - b parameter in short Weierstrass curve equation + - `gx` - x coordinate of the curve base-point g + - `gy` - y coordinate of the curve base-point g + - `n` - the base-point order + - `h` - the base-point cofactor + - `wx` - the x coordinate of the public key + - `wy` - the y coordinate of th public key + - `s` - the private key value + ## Curves Input files for the `-c/--curve` option should be in CSV, little-endian hexadecimal format. Output of the `-e/--export` option will also be in this format. @@ -31,56 +51,46 @@ Input files for the `-k/--key`, `-pub/--public` and `-priv/--private` options sh ### Private key `s` -### Notation - - `p` - prime F_p - - `m` - binary field exponent F_2^m - - `e1` - largest exponent of the field polynomial - - `e2` - middle exponenet of the field polynomial, or `0000` if field poly is a trinomial - - `e3` - smallest exponent (except zero) of the field polynomial, or `0000` if field poly is a trinomial - - `a` - a parameter in short Weierstrass curve equation - - `b` - b parameter in short Weierstrass curve equation - - `gx` - x coordinate of the curve base-point g - - `gy` - y coordinate of the curve base-point g - - `n` - the base-point order - - `h` - the base-point cofactor - - `wx` - the x coordinate of the public key - - `wy` - the y coordinate of th public key - - `s` - the private key value - ## Key generation output(CSV) Output of the `-g/--generate` option. For ECTesterReader this has the format: `index;genTime[milli];exportTime[milli];pubW;privS` where `pubW` is the public key used in ANSI X9.62 format, -`privS` is the private key, `genTime` is the time required to generate the keypair and `exportTime` is the time required to export it (send it to the reader). +`privS` is the private key, `genTime` is the time required to generate the keypair and `exportTime` is the time required to export it (recover it from the JavaCard API and send it to the reader). -For ECTesterStandalone: +For ECTesterStandalone this has the format: `index;time[nano];pubW;privS` +The string in the brackets denotes the measurement unit used, can be one of `milli`, `micro`, `nano` and also `instr` for ECTesterStandalone, if the measured duration is instructions. + ## KeyAgreement output(CSV) Output of the `-dh/--ecdh` option. For ECTesterReader this has the format: -`index;time[milli];pubW;privS;secret` where `pubW` is the public key used in ANSI X9.62 format, `privS` is the private key -and `secret` is the KeyAgreement result. +`index;time[milli];pubW;privS;secret[SHA1]` where `pubW` is the public key used in ANSI X9.62 format, `privS` is the private key +and `secret` is the KeyAgreement result. The value in brackets denotes what hash algorithm was used, can be `NONE`. + +For ECTesterStandalone this has the format: -For ECTesterStandalone this has the format: and the same meaning as for ECTesterReader. +`index;time[nano];pubW;privS;secret[SHA1]` and the same meaning as for ECTesterReader. -`index;time[nano];pubW;privS;secret` and the same meaning as for ECTesterReader. +The string in the brackets denotes the measurement unit used, can be one of `milli`, `micro`, `nano` and also `instr` for ECTesterStandalone, if the measured duration is instructions. ## Signature output(CSV) Output of the `-dsa/--ecdsa` option. For ECTesterReader this has the format: -`index;signTime[milli];verifyTime[milli];data;pubW;privS;signature;nonce;valid` where `pubW` is the public key used +`index;signTime[milli];verifyTime[milli];data;pubW;privS;signature[SHA1];nonce;valid` where `pubW` is the public key used in ANSI X9.62 format, `privS` is the private key, `signTime` and `verifyTime` are the durations of the sign and verify operations, `data` is the signed data (if available), `signature` is the produced signature, `nonce` is the `k` (nonce) value recovered from the signature -abd the private key (if possible), `valid` denotes the verification result. +abd the private key (if possible), `valid` denotes the verification result. The value in brackets after `signature` denotes what hash algorithm was used, can be `NONE`. For ECTesterStandalone this has the format: - `index;signTime[nano];verifyTime[nano];data;pubW;privS;signature;nonce;verified` and the same meaning as for ECTesterReader.
\ No newline at end of file + `index;signTime[nano];verifyTime[nano];data;pubW;privS;signature[SHA1];nonce;verified` and the same meaning as for ECTesterReader. + +The string in the brackets denotes the measurement unit used, can be one of `milli`, `micro`, `nano` and also `instr` for ECTesterStandalone, if the measured duration is instructions.
\ No newline at end of file diff --git a/docs/LIBS.md b/docs/LIBS.md index 0987656..9c90abf 100644 --- a/docs/LIBS.md +++ b/docs/LIBS.md @@ -1,16 +1,3 @@ -# Libraries with ECC support - -Popular libraries with at least some ECC support, that ECTester does not yet support: - - - [NSS](https://hg.mozilla.org/projects/nss) - - [LibreSSL](https://www.libressl.org/) - - [Nettle](http://www.lysator.liu.se/~nisse/nettle/) - - [BearSSL](https://bearssl.org/) - - [cryptlib](https://www.cryptlib.com/) - - [OpenSSL (FIPS mode)](https://www.openssl.org/docs/fipsnotes.html) - - [Microsoft .NET crypto](https://docs.microsoft.com/en-us/dotnet/standard/security/cryptography-model) - - [Linux kernel](https://kernel.org), test via [libkcapi](http://chronox.de/libkcapi.html) - # Supported libraries Libraries that ECTester can test. @@ -125,10 +112,24 @@ ninja - C - Only supports prime field curves. - Uses 4 bit sliding window. - - Uses projective coordinates. + - Uses projective coordinates. - [Intel Performance Primitives](https://software.intel.com/en-us/ipp-crypto-reference-2019) - C - Only supports prime field curves. - Uses 5-bit window NAF. - Uses Jacobian coordinates. - - <https://github.com/intel/ipp-crypto>
\ No newline at end of file + - <https://github.com/intel/ipp-crypto> + + +# Libraries with ECC support + +Popular libraries with at least some ECC support, that ECTester does not yet support: + + - [NSS](https://hg.mozilla.org/projects/nss) + - [LibreSSL](https://www.libressl.org/) + - [Nettle](http://www.lysator.liu.se/~nisse/nettle/) + - [BearSSL](https://bearssl.org/) + - [cryptlib](https://www.cryptlib.com/) + - [OpenSSL (FIPS mode)](https://www.openssl.org/docs/fipsnotes.html) + - [Microsoft .NET crypto](https://docs.microsoft.com/en-us/dotnet/standard/security/cryptography-model) + - [Linux kernel](https://kernel.org), test via [libkcapi](http://chronox.de/libkcapi.html)
\ No newline at end of file diff --git a/docs/card.png b/docs/card.png Binary files differnew file mode 100644 index 0000000..d8a67af --- /dev/null +++ b/docs/card.png diff --git a/docs/leaky_msb.png b/docs/leaky_msb.png Binary files differnew file mode 100644 index 0000000..38b5e5e --- /dev/null +++ b/docs/leaky_msb.png diff --git a/docs/nonleaky_msb.png b/docs/nonleaky_msb.png Binary files differnew file mode 100644 index 0000000..f722cf2 --- /dev/null +++ b/docs/nonleaky_msb.png |
