wycheproof icon indicating copy to clipboard operation
wycheproof copied to clipboard

Published 20 hours ago verified publisher icon C2SP

Missing documentation describing relationship between tests

Open davidben opened this issue 6 years ago • 5 comments

There are a number of (partially?) redundant test sets, such as the different RSA, ECDH, and ECDSA files. Having some kind of README or documentation at the front of various files would be useful to know which to use.

davidben avatar Jul 02 '18 22:07 davidben

I wrote a quick tool to compare the combined and split up files. The RSA and ECDSA split up ones do seem to be larger, as one would expect. I'm guessing, e.g., some edge cases were only tested at certain hashes or key sizes and now you do them everywhere. However there is a large discrepancy between the tests in both direction. Sampling a few, it looks like the RSA and ECDSA tests ended up using different random seeds between split up and combined. Is that correct?

ECDH is odd as ecdh_test.json tests brainpool*t1 curves, but there aren't separated files for them. After correcting for that, the test counts and most of the tests match. There are 10 "public key of order 3" that have slightly different value, but I gather those too are just a difference in random seed.

davidben avatar Jul 11 '18 00:07 davidben

@bleichen

thaidn avatar Jul 11 '18 14:07 thaidn

The general plan is to split large files into more files based on curves or key size and leave odd cases in the unparametrisized file. ecdsa_test.java, ecdh_test.java are just too large right now and will be reduced. The current state is a bit unfortunate, since they were published in the middle of this transition.

Documentation in general is quite bad. It is still unclear what to use: I.e. the minimum requirement would be to have support for equations and references and be simple to use. Markup on github is unfortunately lacking almost every useful feature. It actually seems to be worse than Microsoft word from 30 years ago.

bleichen avatar Jul 13 '18 10:07 bleichen

A question that came up for us: is ecdsa_test.json a concatention of all of the other ecdsa_*_test.json files, or does it contain it's own things?

alex avatar Jul 17 '18 13:07 alex

The role of ecdsa_test.json is not decided yet and a bit unclear.

ecdsa_test.json had to be divided into multiple files because it became too large, so that a number of tool did no longer display the content of the file. Additionally, if a library only implements some curves then it is easier to have separate files for each curve.

ecdsa_test.json will become smaller, cover less test vectors already contained in the other files and probably focus a bit on edge-case combinations.

On Tue, Jul 17, 2018 at 3:15 PM, Alex Gaynor [email protected] wrote:

A question that came up for us: is ecdsa_test.json a concatention of all of the other ecdsa_*_test.json files, or does it contain it's own things?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/google/wycheproof/issues/58#issuecomment-405577561, or mute the thread https://github.com/notifications/unsubscribe-auth/AYx_3lWMiupeXkO39isqmzreaPxxqoiyks5uHeN2gaJpZM4VACF9 .

bleichen avatar Jul 17 '18 14:07 bleichen