add links and clean up markdown

Signed-off-by: Zhao Peiduo <[email protected]>
codespree · Oct 18, 2024 · 6651dbd · 6651dbd
1 parent 11ef43f
commit 6651dbd
Showing 1 changed file with 46 additions and 20 deletions.
diff --git a/additional_info_keysize.md b/additional_info_keysize.md
@@ -1,7 +1,9 @@
 
 # ML-DSA Key Length Summary
 
-| DSA | Traditional Algorithm  | Npk | Nsk | sig_len |
+Links to lengths in the project: [pk](src/dsa/common/config/pk_len.rs), [sk](src/dsa/common/config/sk_len.rs), [sig](src/dsa/common/config/sig_len.rs)
+
+| DSA | Traditional Algorithm  | Npk | Nsk | Nsig |
 | --- | -------------------- | --- | --- | ------- |
 | ML-DSA44 | <N.A> | 1312 | 2560 | 2420 |
 | ML-DSA44 | Rsa2048PssSha256 | 1596 | <N.A> | 2690 |
@@ -22,9 +24,9 @@
 
 ## ASCII Version
 ```
-+-----------+----------------------------+------+-------+----------+
-|   DSA     | Traditional Algorithm       | Npk  |  Nsk  | sig_len |
-+-----------+----------------------------+------+-------+---------+
++-----------+-----------------------------+------+-------+---------+
+|   DSA     | Traditional Algorithm       | Npk  |  Nsk  | Nsig    |
++-----------+-----------------------------+------+-------+---------+
 | ML-DSA44  | <N.A>                       | 1312 | 2560  | 2420    |
 | ML-DSA44  | Rsa2048PssSha256            | 1596 | <N.A> | 2690    |
 | ML-DSA44  | Rsa2048Pkcs15Sha256         | 1596 | <N.A> | 2690    |
@@ -46,7 +48,10 @@
 
 # ML-KEM Key Length Summary
 
-| KEM        | Traditional Composite    |   Npk | Nsk   |   ss_len |   ct_len |
+Links to lengths in the project: [pk](src/kem/common/config/pk_len.rs), [sk](src/kem/common/config/sk_len.rs), [ss](src/kem/common/config/ss_len.rs), [ct](src/kem/common/config/ct_len.rs)
+
+
+| KEM        | Traditional Composite    |   Npk | Nsk   |    Nss   |    Nct   |
 |------------|--------------------------|-------|-------|----------|----------|
 | ML-KEM512  | P256                     |   877 | 1782  |       32 |      843 |
 | ML-KEM512  | BrainpoolP256r1          |   877 | 1782  |       32 |      843 |
@@ -73,7 +78,7 @@
 ## ASCII Version
 ```
 +-----------+-----------------------+------+--------+--------+--------+
-| KEM       | Traditional Composite | Npk  | Nsk    | ss_len | ct_len |
+| KEM       | Traditional Composite | Npk  |   Nsk  |   Nss  |   Nct  |
 +-----------+-----------------------+------+--------+--------+--------+
 | ML-KEM512 | P256                  |  877 |  1782  |   32   |   843  |
 | ML-KEM512 | BrainpoolP256r1       |  877 |  1782  |   32   |   843  |
@@ -99,7 +104,10 @@
 
 ### Notes on Overhead Computation
 
-The full derivation of the aforementioned lengths can be found in the `common::config` folder of the DSA folder. As a general guideline, below are some overhead computations:
+The following computations illustrate the overhead of common structures in ASN.1:
+- **Overhead of a OCTET STRING** = Tag + Length.  
+    - Short-form length (<=127 bytes) => 1 + 1 = 2  
+    - Long-form length (> 127 bytes) => 1 + 3 = 4  
 
 - **Overhead of a BIT STRING** = Tag + Length + Unused Bits.  
     - Short-form length (<=127 bytes) => 1 + 1 + 1 = 3  
@@ -109,7 +117,7 @@ The full derivation of the aforementioned lengths can be found in the `common::c
     - Short-form length (<=127 bytes) => 1 + 1 = 2  
     - Long-form length (> 127 bytes) => 1 + 3 = 4  
 
-### PublicKey
+### PublicKey ([DSA](src/dsa/common/config/pk_len.rs), [KEM](src/kem/common/config/pk_len.rs))
 
 ```plaintext
 SEQUENCE {
@@ -122,7 +130,7 @@ Overhead of a SEQUENCE SIZE (2) OF BIT STRING (one short-form, one long form) =
 
 Overhead of a SEQUENCE SIZE (2) OF BIT STRING (two long form) = 5 + 5 + 4 = 14 
 
-### SecretKey
+### SecretKey ([DSA](src/dsa/common/config/sk_len.rs), [KEM](src/kem/common/config/sk_len.rs))
 
 ```plaintext
 SEQUENCE {
@@ -131,7 +139,7 @@ SEQUENCE {
 }
 ```
 
-### OneAsymmetricKey
+#### OneAsymmetricKey
 
 ```plaintext
 SEQUENCE {
@@ -141,25 +149,25 @@ SEQUENCE {
 }
 ```
 
-Overhead of an OneAsymmetricKey (OAK) without a public key for a long private key:  
+#### Overhead of an OneAsymmetricKey (OAK) without a public key for a long private key:  
 
-- (outer sequence overhead => 1(tag) + 3(length in long form)) = 4  
+- (outer sequence overhead => 1(tag) + 3(long-form length)) = 4  
 - (private key => 1(tag) + 3(long-form length)) = 4  
-- (privateKeyAlgorithm => 1(tag) + <oid_bytes> + 2 (inner sequence, short_form length)) = 3 + <oid_bytes>  
+- (privateKeyAlgorithm => 1(tag) + <oid_bytes> + 2 (inner sequence, short-form length)) = 3 + <oid_bytes>  
 
 Total = 11 + <oid_bytes>
 
 For ML-KEM: `<oid_bytes> = 13`, so the overhead = 13 + 11 = 24
 
-### Overhead of an OneAsymmetricKey (OAK) without a public key for a short private key:
+#### Overhead of an OneAsymmetricKey (OAK) without a public key for a short private key:
 
-- (outer sequence overhead => 1(tag) + 3(length in long form)) = 4  
-- (private key => 1(tag) + 1(short-form length)) = 4  
-- (privateKeyAlgorithm => 1(tag) + <oid_bytes> + 2 (inner sequence, short_form length)) = 3 + <oid_bytes>  
+- (outer sequence overhead => 1(tag) + 3(long-form length)) = 4  
+- (private key => 1(tag) + 1(short-form length)) = 2  
+- (privateKeyAlgorithm => 1(tag) + <oid_bytes> + 2 (inner sequence, short-form length)) = 3 + <oid_bytes>  
 
 Total = 9 + <oid_bytes>
 
-### Calculation Results for varied `<oid_bytes>` in DSA Composites:
+#### Calculation Results for varied `<oid_bytes>` in DSA Composites:
 
 | Traditional Algorithm | Oid | Number of Bytes | Overhead |
 | --------------------- | --- | --------------- | -------- |
@@ -170,6 +178,24 @@ Total = 9 + <oid_bytes>
 | EcdsaP256SHA512 | 1.2.840.10045.4.3.4 | 10 | 9 + 10 = 19 |
 | EcdsaP384SHA512 | 1.2.840.10045.4.3.4 | 10 | 9 + 10 = 19 |
 
-### DSA vs KEM Secret Key Overhead Comparison
+#### DSA vs KEM Secret Key Overhead Comparison
+
+For the secret key of composite KEMs, they also store the public key of the tranditional algorithm, causing additional overheads. On the other hand, composite DSAs do not store traditional public keys so that their secret key overhead is solely due to the wrapping structures (Algorithm Identifier and SEQUENCE). 
+
+### CipherText Length ([KEM](src/kem/common/config/ct_len.rs))
+```plaintext
+SEQUENCE {
+    pq_ct   OCTET STRING,  
+    trad_ct OCTET STRING,
+}
+```
+As demonstrated in the [notes on overhead computation](#notes-on-overhead-computation) section, the overhead is either 10 or 12 for cipher text depending on the length of the keys: pq_tag (1) + pq_len(3, KEM is always long-form) + trad_tag (1) + trad_length(1 or 3) + Sequence(4).
 
-For the secret key of composite KEMs, they also store the public key of the tranditional algorithm, causing additional overheads. On the other hand, composite DSAs do not store traditional public keys so that their secret key overhead is solely due to the wrapping structures (Algorithm Identifier and SEQUENCE). 
+### Singature Length ([DSA](src/dsa/common/config/sig_len.rs))
+```plaintext
+SEQUENCE {
+    pq_sig BIT STRING,  
+    trad_sig BIT STRING,
+}
+```
+Similar structure to public key overhead computation: The value is either 12 or 14.