Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Endianness issues with BIKE #1101

Closed
bhess opened this issue Oct 5, 2021 · 8 comments
Closed

Endianness issues with BIKE #1101

bhess opened this issue Oct 5, 2021 · 8 comments

Comments

@bhess
Copy link
Member

bhess commented Oct 5, 2021

When building liboqs on s390x (#1100), everything builds and tests pass, except the KAT for FrodoKEM-SHAKE and BIKE. The most plausible cause to me are endianness issues (s390x is a big-endian architecture).
I open the issue here because Frodo and BIKE are direct contributions to liboqs.

See the build log:
https://app.travis-ci.com/github/bhess/liboqs/jobs/541322083

Frodo seems to already have macros defined to support big-endian and the -AES versions pass the tests.
Looking at the code, I think the way a_cols is accessed here could be problematic:

liboqs/src/kem/frodokem/external/frodo_macrify_shake_portable.c

Line 42 in 36d8a49

sum[k] += (uint16_t) ((uint32_t) sp * (uint32_t) a_cols[(t+j)*PARAMS_N + k]);

BIKE seems to be explicit about it that the code only supports little-endian:
https://github.com/awslabs/bike-kem/blob/master/cmake/arch.cmake
It could therefore be best to just disable it in big-endian builds for now.
@baentsch
Copy link
Member

baentsch commented Oct 5, 2021

It could therefore be best to just disable it in big-endian builds for now.

Explicitly tagging @dkostic for an opinion on this.

@bhess bhess mentioned this issue Oct 12, 2021
Merged
2 tasks
@bhess
Copy link
Member Author

bhess commented Oct 12, 2021

For Frodo it is indeed just the way a_cols is accessed, as described above. PR #1103 includes a small fix for Frodo. KAT pass after the fix.

@dstebila dstebila changed the title Endianness issues with FrodoKEM-SHAKE and BIKE Endianness issues with BIKE Oct 12, 2021
@dkostic
Copy link
Contributor

dkostic commented Oct 21, 2021

Hello, I'm very sorry for the long delay (I was on a personal leave for a few weeks). Yes, disabling BIKE in big-endian builds for now is completely fine.

@dstebila
Copy link
Member

Thanks Dusan. @bhess my understanding is that #1103 disabled CI testing for BIKE on S390x but still built the algorithm as part of liboqs. Would it be appropriate to disable it in the build itself?

@bhess
Copy link
Member Author

bhess commented Oct 21, 2021

@bhess my understanding is that #1103 disabled CI testing for BIKE on S390x but still built the algorithm as part of liboqs. Would it be appropriate to disable it in the build itself?

I think the -DOQS_ENABLE_KEM_BIKE=OFF switch used in the CI build also disables building it as part of liboqs. Thinking about it, for a more permanent solution it's perhaps better to disable it in alg_support.cmake for s390x builds.

@dstebila
Copy link
Member

@bhess my understanding is that #1103 disabled CI testing for BIKE on S390x but still built the algorithm as part of liboqs. Would it be appropriate to disable it in the build itself?

I think the -DOQS_ENABLE_KEM_BIKE=OFF switch used in the CI build also disables building it as part of liboqs. Thinking about it, for a more permanent solution it's perhaps better to disable it in alg_support.cmake for s390x builds.

Yes that's what I was thinking as well.

@bhess
Copy link
Member Author

bhess commented Oct 21, 2021

Ok I can do a PR for this.

@bhess bhess mentioned this issue Oct 21, 2021
Merged
2 tasks
@dstebila
Copy link
Member

Resolved by #1115.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@bhess @dstebila @dkostic @baentsch