-
Notifications
You must be signed in to change notification settings - Fork 101
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support deterministic key generation #447
Comments
Is your goal to do deterministic key generation? Or do you want to ensure that oqs-provider is using a particular RNG? |
I can imagine both needs, but mine is the former (deterministic key gen). I would like to achieve it in a thread-safe, localized way that doesn't have a chance of bleeding into other operations. |
We don't yet have a thread-safe way of deterministic key gen or encapsulation in liboqs, and thus can't do it in oqs-provider either. There's an issue tracking that functionality; there was someone working on it, but I think that work has stalled over the summer. |
Looks like stalled last year. I could maybe pick it up if I get some time from my company, but I'd need some direction. |
Hi @knightcode, we do have somebody actively working on it. As Douglas wrote, development has slowed down recently due to the developer's other commitments, but the feature is on the horizon. |
@SWilson4 would it be sensible then to assign this issue to this person so everyone immediately sees this issue as being worked on? |
Good call---I tried just now, but the developer (@Eddy-M-K) isn't actually part of any of our GitHub teams, so I don't believe I can assign him issues. I assigned the liboqs issue to myself as I'm overseeing the work. I don't actually know the required steps/effort to lift the future deterministic keygen functionality from liboqs into the provider, but for now I've assigned this one to myself as well to reflect that it is at least in the pipeline pending ongoing work. I also took the liberty of renaming this issue to reflect the discussion after the initial question. |
Well, that depends a bit on the API that |
Second thought: Would this have to be part of |
A draft PR exposing ML-KEM's derandomized API is now up in |
Good with me. But I'm not seeing any replies to my questions there. Vacation time or bad questions? FWIW, I'll be "on the road" myself again next week and probably not responding then. If we ought to best talk in person, please suggest time and place the week of Aug 19, @SWilson4 . |
Final exams and vacation time for the Waterloo undergrad student who contributed the PR and a lack of coordination on my part. I'll get back to you over there shortly! |
Is it possible to pass an EVP_RAND instance to be used in the key generation calls? Could it potentially be possible?
The text was updated successfully, but these errors were encountered: