Home

Awesome

FourQlib v3.1 (C Edition)

FourQlib implements essential elliptic curve and cryptographic functions based on FourQ, a high-security, high-performance elliptic curve that targets the 128-bit security level [1]. At the high level, FourQlib consists of a set of implementations targeting different platforms with different levels of portability and performance. The cryptographic and elliptic curve API is common to all the implementations.

The library was developed by Microsoft Research and is available under the MIT License.

Contents

Version 3.1 includes the following implementations:

The elliptic curve and crypto API can be found in FourQ_api.h, which is available per implementation.

The FourQ-Magma folder includes easy-to-read scripts written in Magma.

Complementary cryptographic functions

Random values are generated with /dev/urandom in the case of Linux, and with the function BCryptGenRandom() in the case of Windows. Check the random folder for details.

The library includes an implementation of SHA-512 which is used by default by SchnorrQ signatures (see sha512).

Users can provide their own PRNG and hash implementations by replacing the functions in the random and sha512folders, and applying the corresponding changes to the settings in FourQ.h (in a given implementation). Refer to [2] for the security requirements for the cryptographic hash function.

What's new

In version 3.0

In version 3.1

Main features

Quick start

Building the library and executing the tests on Linux

One can quickly test a given implementation by executing from the corresponding folder and using a supported architecture:

$ make ARCH=[x64/x86/ARM/ARM64] 

GNU GCC is used by default. After compilation, run fp_tests, ecc_tests or crypto_tests.

Below are the architectures supported by each implementation:

For example, to compile the optimized x64 implementation using assembly with GNU GCC, using the efficient endomorphisms on a machine with AVX2 support (e.g, Intel's Haswell or Skylake), execute:

$ cd FourQ_64bit_and_portable
$ make ARCH=x64

Additional compilation options are available. Refer to the README files in a given implementation folder for complete details.

NOTE: the above instructions apply to all the "processor-class" implementations. For instructions on how to compile on an ARM Cortex-M (ARMv7-M) microcontroller, refer to the README files in FourQ_ARM_side_channel or FourQ_ARM.

Building the library and executing the tests on Windows

FourQ_32bit and FourQ_64bit_and_portable include Visual Studio solutions for compilation on Windows. Refer to the corresponding README files for instructions.

License

FourQlib is licensed under the MIT License; see License for details.

Files stm32f4_wrapper.c and stm32f4_wrapper.h in the FourQ_ARM and FourQ_ARM_side_channel folders are by Joost Rijneveld and are released under the CC0 1.0 Universal license.

Files in the folder FourQ_ARM_side_channel/libopencm3 and FourQ_ARM/libopencm3 are from the libopencm3 project and are under the GNU LGPL v3.0 license.

The SHA-512 implementation is by D.J. Bernstein and is released to the public domain.

References

[1] Craig Costello and Patrick Longa, "FourQ: four-dimensional decompositions on a Q-curve over the Mersenne prime". Advances in Cryptology - ASIACRYPT 2015, 2015. The extended version is available here.

[2] Craig Costello and Patrick Longa. "SchnorrQ: Schnorr signatures on FourQ". MSR Technical Report, 2016. Available here.

[3] Watson Ladd, Patrick Longa and Richard Barnes, "Curve4Q". Internet-Draft, draft-ladd-cfrg-4q-01, 2017. Available here.

[4] Patrick Longa, "FourQNEON: faster elliptic curve scalar multiplications on ARM processors". Selected Areas in Cryptography (SAC 2016), 2016. Preprint available here.

[5] Zhe Liu, Patrick Longa, Geovandro Pereira, Oscar Reparaz and Hwajeong Seo, "FourQ on embedded devices with strong countermeasures against side-channel attacks". Preprint available here.

Contributing

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.