Project

General

Profile

Bimodal Lattice Signature Scheme (BLISS) » History » Version 45

Version 44 (Andreas Steffen, 25.03.2015 11:15) → Version 45/58 (Andreas Steffen, 26.04.2015 21:28)

h1. Bimodal Lattice Signature Scheme (BLISS)

{{>toc}}

BLISS is a post-quantum signature scheme based on the CRYPTO 2013 paper "Lattice Signatures and Bimodal Gaussians":https://eprint.iacr.org/2013/383 by Léo Ducas, Alain Durmus, Tancrède Lepoint, and Vadim Lyubashevsky. Starting with the strongSwan [[5.2.2]] release we offer BLISS as an IKEv2 public key authentication method. We also added full BLISS key and certificate generation support to the strongSwan [[IpsecPki|pki]] tool. With strongSwan [[5.3.0]] we are upgrading to the improved BLISS-B signature algorithm described in "Accelerating Bliss: the Geometry of Ternary Polynomials":https://eprint.iacr.org/2014/874.pdf by Léo Ducas. This HOWTO is based on the new BLISS-B default scheme. It is possible though to revert to the old BLISS behaviour by setting
<pre>
libstrongswan {
plugins {
bliss {
use_bliss_b = no
}
}
}
</pre>
in strongswan.conf, although we don't see any advantage whatever for doing this.

This seamless integration into the strongSwan framework was made possible by the new libstrongswan "bliss plugin":https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/show/src/libstrongswan/plugins/bliss completely written in the C programming language without the use of any external libraries and which implements the libstrongswan "public_key_t":https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libstrongswan/credentials/keys/public_key.h and "private_key_t":https://wiki.strongswan.org/projects/strongswan/repository/revisions/master/entry/src/libstrongswan/credentials/keys/private_key.h interfaces.

h2. Building strongSwan with BLISS Support

If you want to play around with BLISS keys and signatures using the strongSwan [[IpsecPki|pki]] tool please follow the quick software installation HOWTO:
<pre>
wget http://download.strongswan.org/strongswan-5.3.0dr1.tar.bz2
tar xjf strongswan-5.3.0dr1.tar.bz2
cd strongswan-5.3.0dr1
./configure --prefix=/usr --sysconfdir=/etc --disable-gmp --enable-bliss
make
sudo make install
</pre>

h2. BLISS Private Key Generation

strongSwan currently supports the BLISS-B-I, BLISS-B-III, and BLISS-B_IV schemes with a cryptographic strength of 128 bits, 160 bits and 192 bits, respectively. Using the [[IpsecPki|pki]] tool a private BLISS-B-I key can be generated as follows:
<pre>
pki --gen --type bliss --size 1 --debug 2 > cakey1.der

mgf1 based on sha1 is seeded with 20 octets
mgf1 generated 240 octets
mgf1 based on sha1 is seeded with 20 octets
mgf1 generated 240 octets
l2 norm of s1||s2: 771, Nk(S): 44024

secret key generation succeeded after 1 trial
</pre>
With the command
<pre>
pki --print --type bliss-priv --in cakey1.der

private key with:
pubkey: BLISS 128 bits strength
keyid: 66:5d:b6:ae:85:b6:32:1b:9a:7e:2c:ed:c7:6a:4d:68:f0:3a:ec:77
subjkey: 50:c5:a5:b0:21:e2:a8:13:12:ba:7c:87:f3:3f:ab:90:ad:2c:4d:c2
</pre>
information on the BLISS private key is displayed.

Let's now generate a BLISS-B-IV key with 192 bit cryptographic strength in base64-encoded PEM format
<pre>
pki --gen --type bliss --size 4 --outform pem > cakey4.pem
secret key generation succeeded after 1 trial
</pre>
The PEM key format is printable
<pre>
cat cakey4.pem

-----BEGIN BLISS PRIVATE KEY-----
MIIFGgYLKwYBBAGCoCoFAggDggOBAFPFQxsmKwFTjeebvilsNgguxG6vs6EWIyWi
RUkzxZ3BZVy2Oya/9jkMO4O5W/TM5C5vKf0ADlu4fVzU2drT9YA6LzeJIhlWmHu0
ISD9s3Q6pf5NxpvKKFiqjA8ePHFk2iIJQ+DbA9VCtYzM0BOz11+blrl4zOeHp2Am
lmkQwW1OTYejkOBEdGFFuwpVbLXL0XTj4KPZB9icIU48VVh2fS/fOjSRyVhruzVO
6QQtHeCE6p0HLQCpYsw4i93KaYyoS9tDK5Ia/TGWcpp9Sih4k60iJAEusftoijJl
hq41uiUgVd7vpeaWBoMurUODR4aYMiNF2eCGuPTC+76hpZ4h91TmZ7ASuoATl57E
XN3wY61OuLW+CiTlHZsfddmTRyWbtp5t0Ckk2RaoEsCvU/22csb3Z4CkASoJawVB
i6VeQPtTr9cfUDb4mhSOv7LRZmjkkqyl5FduVOw3BePVZGqHZLrLdZ1AAbAtoel9
FYZ/EBEbQpGVEEWwm98tsFeIp2JWUCA9bOdzlOsoJ6mmgz9fKXDQBsv+DeOSkXNo
yKJ0EnXh6J5iPG6gtvoRVwGLfL0Yqcl7nkB5UUGWdQC2PNKZEAW2zVg5Wx4ALtgI
qKhqyH5S29X4LoCqut6TuU8PYjKMlr9G8pK5kfXx3/A1/iD15m5esYBRmkddMRsK
w3XdASNeHOeVfFU6FgKe+hYQhCTBgZGN3CFRtRhWbV7NES2DRkxiIgFWYrfRgLt/
pobwJcL4VqwQQiSD83isZaHNRKJ+WttYKpQmTQk/ycYpD1DJ98Kw1LeyfTXxvtv8
prSQekPNXHeyN8fXDgZmpLIBdOyutO5uelVV/ovsLGtmSQehXXvLj9IoETxtsnYj
XpQU86hCaOl8ZLaASUhrqqBe0nQYB5Utr7P7YaxrfYYoiCEZZrLR9oIWNHYMiev2
FCkQie3mrOb9K5AJo3DnfyumrNjOxq2a8N9WHRaDGrKT+l3gVJysxebExLNJsOHU
89DZcnA3ulxmxoMdH/KzGMd9bjCIf0xNltRhULrBoShlhBElqK8znFHWhGmdbWhe
0C3kKzApp5MebesGOdUT/U/ylUKPyINd90cqQESjHe+WibikN4WCcihiBRzvexQG
klrkgqhAxL9ZX4SFWtzLsiSIpmWJUaY72vwo2TuA5un+Xq3yi7YtBggaRjg86Yiv
tDsRFpMAA4HBAByACgOQOAOCBz0AD+AT+QCQB+OgPx/wAOP+QQAeeAR+AAAFwACO
CAAByOgAQOBz+AAPyNwCRwAD+h+QCPxyATx+QPxyACATweCRzwAACQAPyCQOOeQA
OOOgPyCQAieCQARigBxwB9geMPxwCRiDxgVwEEAAOAB+eP+CMCR+OCgCMRwPwB+A
RwAhwQBzhyRzyBx+QQCACEAfyOPwP/ifiDwSAhwCDyCCAQSAfhwMAeQBwSAACAAD
+CCeOUACeCASAAOBwQAAYAf/oEc8A8fkgAAfgEEHkEADfgn4AAAjk8gcAEEADgDo
ccEg/fj8EkAcfkAEEgAo4EADnEIcnnjgEgAnkcEnggEcbgDhAAcdAcEAAAgA8AEk
8rgAjkdAAAHgAgdckAEIADBfgAA4HgYgD8EjgDkAcAEgEHn/8AA8gHgA8cEEcAAk
fgggAf84AAAgBEj8jlD8AEcoADjgc/gDkgAk/gAdAg8A78ADAEgYgg8gEbngkc8/
ggAnkjhcHggAkEgj8Ak=
-----END BLISS PRIVATE KEY-----
</pre>
At last let's generate a BLISS-B-III key with a cryptographic strength of 160 bits with the highest debug level enabled:
<pre>
pki --gen --type bliss --size 3 --debug 4 > cakey3.der

mgf1 based on sha1 is seeded with 20 octets
mgf1 generated 380 octets
mgf1 based on sha1 is seeded with 20 octets
mgf1 generated 420 octets
l2 norm of s1||s2: 1397, Nk(S): 134554

S1[374] is zero - s1 is not invertible

mgf1 based on sha1 is seeded with 20 octets
mgf1 generated 400 octets
mgf1 based on sha1 is seeded with 20 octets
mgf1 generated 400 octets
l2 norm of s1||s2: 1397, Nk(S): 150444

secret key generation succeeded after 2 trials

i f g a F G A
0 0 -1 11349 7348 7670 2988
1 1 0 7974 3185 4952 11025
2 0 -2 8985 2527 9470 4541
3 1 -2 7381 10610 11589 2467
4 0 0 24 6142 3407 1095
5 0 0 660 5787 7097 4552
6 -2 0 7663 996 8919 120
7 0 0 11446 2979 5879 5439
8 0 0 10761 9288 6406 11689
9 1 2 10655 5145 9566 11720
10 -1 -2 2239 12023 2977 497
11 1 -2 8056 9625 769 1665
12 -1 0 12073 10413 8267 7745
13 0 0 10423 7043 8384 659
14 -1 0 2927 4462 1895 3870
15 0 -2 8350 10004 5363 2321
16 0 0 8719 8405 9805 4329
17 0 0 126 16 11765 9184
18 1 0 11077 7415 10462 12186
19 0 0 10321 10888 9001 9002
20 0 0 11406 12197 2320 2112
21 -1 0 2382 8071 11316 6203
22 0 0 11952 2522 7713 2532
23 -1 0 3121 3838 1919 6145
24 0 2 3530 7422 3780 6905
25 -1 0 1229 3845 2506 2337
26 -1 2 1278 246 10767 6488
27 0 0 1031 8302 2463 11225
28 0 -2 6091 11836 4336 2866
29 0 0 9763 11818 1023 5477
30 1 0 3533 11202 11192 815
31 -2 0 2485 9375 1396 1096
32 0 2 7774 9256 11751 4761
33 1 -2 5705 105 8018 5109
34 1 -2 1310 1037 11693 6138
35 0 2 3963 11119 7278 9888
36 -1 0 2664 716 7917 2946
37 0 -2 2310 7971 11642 12218
38 0 0 9219 11411 7807 8627
39 0 0 5358 9175 10240 7187
40 0 0 9739 11874 10139 11850
41 1 2 8814 10927 12043 325
42 0 0 7933 11743 3920 9761
43 -2 0 251 6664 6850 4969
44 0 0 3754 5561 1275 4389
45 0 0 4863 4628 11852 5770
46 0 0 9053 8612 8420 4162
47 0 -2 7268 6093 2250 12126
48 -1 0 3867 7439 10172 11395
49 0 0 1877 8716 2985 4663
50 0 2 4520 140 3538 6872
51 -1 -2 12012 7676 9229 8965
52 1 0 11243 1199 5329 3192
53 0 0 3816 4823 4210 2768
54 0 0 11185 7269 11376 10485
55 0 -2 368 6947 8326 6955
56 0 0 12276 11097 9506 5786
57 0 0 1482 7994 2714 10832
58 0 0 8790 4355 2509 5980
59 0 0 2592 5059 10875 12262
60 1 2 741 7578 6721 5847
61 -1 0 5401 2769 1664 5597
62 -1 -2 3498 3562 8160 1127
63 0 4 9783 9751 4934 153
64 1 2 562 10232 3792 2585
65 0 2 5623 3669 816 8702
66 0 0 6817 2897 3255 595
67 0 2 4920 4356 5602 2309
68 1 2 1443 8246 1837 9328
69 -1 2 8830 8527 10087 11388
70 1 2 8318 386 8777 10115
71 0 0 4835 3976 8200 6604
72 0 0 12193 2774 9810 4345
73 0 -2 5217 4530 5891 2120
74 0 -2 2158 1444 8147 8082
75 0 0 6172 6249 9683 3797
76 0 -2 3351 2755 4435 10774
77 0 0 1795 5593 7010 2249
78 0 0 6378 6529 2449 3586
79 1 0 3282 8543 8791 6877
80 0 0 5941 2515 3404 2122
81 0 0 9619 226 4829 402
82 0 0 3819 1636 3669 5343
83 0 0 10054 10341 5815 9832
84 -1 -2 5846 1459 6451 1689
85 0 0 7204 2539 4867 2209
86 0 0 5750 2023 198 8863
87 -1 2 6261 5977 12147 331
88 0 0 3021 2021 2604 1412
89 0 2 7572 3901 5291 12199
90 1 -2 3971 10971 5040 6150
91 -1 0 3481 7683 7127 5588
92 0 0 3473 10868 6948 11869
93 0 2 6995 549 8855 4202
94 0 0 7016 7421 1258 1782
95 1 2 12142 5614 12132 5085
96 1 0 297 11408 10263 5819
97 1 -2 4317 569 1661 4560
98 0 2 11899 8600 5015 2094
99 1 0 5837 554 9502 5474
100 -1 -2 3375 3281 8625 7400
101 1 0 6925 720 9235 10339
102 0 -2 11463 11460 3152 8935
103 -1 -2 996 3541 9592 4202
104 0 -2 2977 4667 4746 6684
105 0 2 3324 10226 9780 6935
106 -1 2 12127 10743 12252 3426
107 0 -2 9795 10231 6839 4720
108 0 -2 2889 3500 3258 10106
109 -1 4 8087 6380 5416 6311
110 1 -2 10557 3805 1796 5365
111 1 2 5909 10540 3107 6083
112 0 0 10442 3605 1555 2523
113 0 2 4226 1933 5029 6252
114 -1 2 5275 89 7465 3812
115 -1 0 6815 10334 200 11126
116 1 2 8730 6104 4971 2153
117 -1 -2 11235 12105 8587 688
118 0 -2 1258 4392 665 3646
119 0 0 2480 3460 8326 2652
120 1 0 1216 12123 2535 651
121 0 2 857 2091 562 1352
122 0 -2 3169 4464 2919 6236
123 1 0 10107 2680 1350 8667
124 0 -4 10308 2108 9352 704
125 1 2 878 11994 2136 3492
126 0 -2 3800 8913 4121 2070
127 -1 0 2443 12112 7839 164
128 0 -2 11654 9227 7360 9710
129 0 2 11660 11240 10772 2157
130 1 0 11564 268 12057 4768
131 0 2 8890 10527 10742 1333
132 -1 -2 9912 11312 4630 8146
133 -1 0 11456 6000 2141 4365
134 2 0 7960 7033 8674 7036
135 -1 0 8533 2433 6170 11842
136 1 -2 1397 9385 6566 9096
137 0 0 3543 10922 5370 59
138 0 2 691 8292 8171 7134
139 0 0 2713 3104 9141 2707
140 0 -4 1268 2361 6871 513
141 1 2 11076 6984 2153 815
142 0 0 11657 3591 7098 2661
143 1 2 2834 4083 3018 1617
144 0 0 8185 6619 366 9415
145 -1 -2 1494 11839 6863 449
146 0 -2 1832 10258 7230 3046
147 0 0 10931 383 4893 12013
148 0 -4 8238 6439 4367 1371
149 0 2 8006 2974 11322 260
150 0 0 3541 8377 6324 2901
151 0 -2 687 330 6124 7243
152 0 -2 5192 10152 4457 10671
153 0 0 8674 3299 1218 317
154 -1 -2 1498 19 1224 1358
155 1 0 472 2029 5208 12231
156 1 2 11731 6425 7592 7694
157 0 2 2261 2600 10784 4466
158 0 -2 1898 10580 1586 6744
159 0 -2 2031 4303 4379 9674
160 0 2 8153 5295 3898 8827
161 0 2 2277 6730 11103 7512
162 0 0 7728 5951 8617 5449
163 -1 0 3329 9973 2756 3798
164 0 4 4018 4540 262 7747
165 2 -2 10665 6550 101 8895
166 0 -2 312 5809 4027 6453
167 0 0 3681 11662 4601 3795
168 0 0 500 5083 3045 10237
169 -1 -2 8154 3232 10955 7992
170 0 0 11548 6348 5285 12164
171 1 0 6451 22 780 3387
172 1 0 5800 5147 11929 9887
173 1 -2 8134 11119 9744 1000
174 0 0 5101 7573 9100 415
175 1 0 9541 6816 2627 7553
176 1 -2 10032 6407 7662 3751
177 -1 2 8100 1861 3525 10574
178 0 -2 10999 5885 8924 7590
179 -1 0 11795 11656 5412 11931
180 0 0 1342 2873 8302 5833
181 0 0 8856 10345 7649 3593
182 0 0 7741 1590 4966 10870
183 0 -2 3478 2035 10096 11
184 1 0 8425 2564 3099 9055
185 1 0 4004 5338 6973 11648
186 0 0 4081 397 5788 3141
187 1 -2 6047 6044 3975 7664
188 0 2 975 9088 8057 9530
189 -1 -2 3775 8502 1657 2826
190 0 0 72 5348 10522 5788
191 -1 2 9402 7182 10043 10824
192 -2 -2 8696 2259 176 642
193 1 0 3219 10202 91 8120
194 0 0 7399 8460 5181 3038
195 1 0 10700 3012 2362 4856
196 1 0 4992 11439 10921 551
197 0 0 5563 1953 8425 923
198 0 -2 6322 5002 10435 5611
199 -1 2 5331 3700 5755 6993
200 0 2 5020 6081 4634 8539
201 0 -2 1731 4572 2581 9642
202 0 2 11300 11624 8550 8765
203 0 0 2415 4285 437 5756
204 0 0 1692 2723 3419 8567
205 -1 2 11041 8154 463 1789
206 0 0 229 879 660 9941
207 0 0 10044 8647 6406 10013
208 0 -2 5036 10770 3797 9730
209 0 2 128 719 6480 5034
210 -1 0 1769 10401 2634 1730
211 -1 0 7590 6692 10502 6910
212 0 0 9672 8222 8598 1131
213 1 0 3125 9161 4272 2293
214 1 0 6486 6086 10033 4450
215 0 2 4166 11350 4036 10531
216 1 0 10082 11068 11523 7992
217 0 2 7985 9711 4620 1352
218 0 -2 4946 35 768 6342
219 2 0 9774 8732 5103 7354
220 -1 0 3980 4302 175 11772
221 -1 0 3136 10258 9525 3299
222 1 0 10184 11483 7139 6837
223 0 2 7193 5495 9627 3249
224 0 2 4553 10654 1257 8703
225 0 2 7386 1794 2317 7187
226 -1 2 307 11685 515 5106
227 -2 -2 7122 9559 7718 11755
228 -1 2 3466 4578 320 9143
229 0 0 5051 11084 5008 1495
230 0 2 10973 1782 6396 707
231 1 0 1035 6457 5457 9829
232 1 2 4754 1143 5864 6112
233 0 2 5311 9348 7515 8484
234 0 2 3745 10143 2071 5422
235 0 0 225 10115 234 5223
236 0 -4 12167 3220 10760 156
237 0 0 5150 9392 6587 1703
238 0 0 11547 8431 3214 9415
239 0 0 10851 7709 8050 7538
240 -1 -2 874 4765 4964 424
241 1 -2 10600 1689 176 6010
242 1 0 5997 7556 2161 3323
243 0 0 11136 1266 1123 4767
244 1 2 8554 2615 8070 708
245 0 0 5773 555 5168 7272
246 1 0 9508 9446 7790 235
247 -1 0 3106 4221 6747 8893
248 0 -2 241 6515 5228 7759
249 0 0 1974 11662 7592 5613
250 -1 -2 3428 1764 10330 11640
251 1 0 4655 1942 1732 6215
252 0 0 11761 3245 3177 463
253 0 2 2542 10529 10352 4798
254 0 0 12279 9976 8184 1686
255 0 2 3742 10902 6628 4000
256 -1 0 6807 3116 6784 5492
257 1 0 901 3092 5803 7605
258 -1 2 5324 1193 11349 9919
259 0 0 2529 2195 55 4199
260 0 2 864 12240 10142 1047
261 0 -2 1873 5812 8077 11544
262 0 2 6561 6540 574 2394
263 0 0 11716 386 2798 10004
264 -1 -2 9511 6119 7103 8637
265 0 0 2030 2719 3742 11400
266 0 0 3930 7307 6651 307
267 1 0 9365 12108 10182 10128
268 0 0 3050 9623 605 10173
269 -1 -2 2608 3226 7810 7644
270 1 2 1443 10911 8826 9411
271 1 2 5348 5689 732 8915
272 -1 0 10309 9547 3782 4821
273 -1 0 7011 2137 329 5860
274 1 0 425 151 3881 1572
275 -1 -2 9483 3656 9352 8742
276 -1 2 467 11338 1738 10323
277 1 0 9537 2935 11057 4262
278 -1 2 2982 4478 9997 4813
279 0 0 7618 2654 704 6455
280 1 -2 6020 6996 514 3587
281 0 0 247 2408 9281 7266
282 0 0 9312 8448 1433 150
283 -1 2 8888 579 2432 2254
284 0 -2 680 8265 7767 2316
285 0 0 11315 3768 4554 8944
286 -1 0 5306 2299 8412 4745
287 1 0 7061 9470 10690 5659
288 1 -2 12278 9451 2537 6516
289 -1 -2 6029 4153 8159 650
290 0 0 83 5244 380 3384
291 1 0 444 3466 8086 832
292 0 2 625 11105 9360 7133
293 -1 2 10950 1635 7226 3056
294 0 0 601 153 7982 9289
295 0 0 4177 5547 8758 3163
296 0 -2 8037 12168 6842 3295
297 0 2 9675 2582 5677 8555
298 0 -4 11275 5739 12176 6910
299 0 0 8556 449 9059 11926
300 1 -2 7028 8263 4462 1403
301 1 0 9851 9816 10642 3504
302 -1 0 3040 12216 8553 2913
303 -1 4 2910 3848 11681 12110
304 1 0 1841 10354 4153 1376
305 -1 0 12210 4975 2286 5252
306 0 0 8918 9177 1954 260
307 -2 0 6909 6209 8913 5854
308 -1 -2 6292 703 6706 11879
309 1 2 11570 11111 6320 5315
310 0 0 5052 592 4939 12069
311 -1 0 10922 12185 9127 2630
312 0 2 7576 10464 9782 2944
313 -1 0 3680 366 4320 8876
314 1 -2 1219 3469 6931 5376
315 1 0 3550 10768 4531 1823
316 -2 -2 1658 7879 11165 95
317 0 0 2694 1931 5154 4973
318 0 0 1040 460 8549 3732
319 -1 0 8606 6308 8514 5351
320 0 -2 8549 1116 10216 4590
321 0 2 3357 8573 9508 1479
322 1 -2 6401 9086 5806 731
323 0 4 8810 541 1047 10610
324 0 0 12091 1342 9191 11664
325 -1 -2 3353 7216 6908 4422
326 1 -2 6423 5847 1781 4290
327 -1 0 2085 6979 3705 10865
328 0 0 4054 9659 7199 5282
329 0 0 4131 7411 9499 318
330 0 0 4228 5354 10302 4744
331 0 0 2544 11482 10185 2500
332 -1 0 83 4027 11600 778
333 0 2 10980 846 4210 11190
334 -1 0 9362 3868 220 7803
335 -1 0 11475 1085 1224 2878
336 -1 0 5423 164 3901 9840
337 0 2 4383 2284 10899 9200
338 0 0 3723 899 11100 10702
339 1 0 7305 7082 5684 11561
340 1 0 2908 11634 2989 2078
341 0 -2 10159 3082 8672 8767
342 1 2 4147 6030 3925 7103
343 0 2 6503 8183 7428 7283
344 0 -4 1540 5385 3648 7333
345 1 0 6989 2881 10619 8603
346 0 0 2902 12009 698 5352
347 0 -2 7777 8639 1878 8255
348 0 -2 7904 2306 2389 10217
349 0 0 3969 2527 9120 558
350 0 0 228 8105 1127 10594
351 0 0 7932 1438 2928 6326
352 0 2 7927 11962 2097 5518
353 0 0 11544 2417 5795 10400
354 0 0 10459 8131 11956 4921
355 0 0 312 11086 5587 7238
356 0 0 1452 11546 4140 441
357 0 -2 7851 5803 9477 584
358 0 -2 11293 10761 10615 6033
359 1 -2 2858 11927 9839 5031
360 -1 4 359 6204 6880 4866
361 -1 0 6279 3716 1209 1677
362 -1 2 1054 5481 3774 3606
363 0 0 4712 8559 7160 6192
364 1 0 6108 11892 260 5014
365 -2 0 7497 2298 580 11947
366 0 -2 763 7812 2847 3167
367 0 0 11981 4945 8923 6657
368 0 0 8100 6595 12018 5346
369 0 -2 5488 1311 11385 5183
370 0 2 1659 5948 912 6562
371 -1 0 8633 6154 9146 9371
372 1 0 590 1897 5342 1577
373 0 0 4566 6636 4267 10810
374 0 -2 8598 3136 1723 8798
375 0 0 2460 1107 10645 10256
376 0 2 11497 3068 5174 2397
377 0 0 2749 4923 7543 2680
378 1 4 2843 7308 7749 107
379 -1 0 9178 8015 8361 10628
380 0 0 8418 1085 7030 1309
381 0 0 6413 6687 6321 9605
382 0 0 7704 9813 2529 12015
383 1 0 4353 11345 5846 7362
384 -2 0 483 493 7176 887
385 0 -2 1964 12124 630 11168
386 0 -2 11626 7968 10413 10000
387 -1 -2 7600 2425 6332 3104
388 0 0 1875 10712 9870 4381
389 -1 2 5301 9244 9938 7693
390 -1 0 8347 1651 4708 10498
391 -1 0 6480 3664 7631 8055
392 1 0 11001 4962 3013 1707
393 -1 0 9167 5049 12060 7976
394 0 0 3871 10432 8889 9207
395 0 2 1900 1335 3063 7210
396 0 0 3446 5082 11819 11075
397 -1 0 9621 12019 8735 5657
398 0 2 10282 5977 5889 6091
399 0 -2 6899 10659 10654 7201
400 0 -2 8828 11918 530 10532
401 0 0 5889 5235 1426 1505
402 0 2 10499 11288 6888 11079
403 0 -2 6758 11300 3460 9527
404 0 2 10492 4626 9496 103
405 1 0 4071 5214 9330 5418
406 0 4 4344 5575 3054 6479
407 0 -2 3367 988 6366 11176
408 -1 0 7382 6520 1529 9724
409 0 0 7638 6486 4438 2460
410 0 -2 1148 9873 8821 1975
411 0 0 6283 5276 11948 5257
412 0 2 2366 6232 10434 9810
413 1 0 3431 2686 4540 2454
414 1 0 4532 5476 11629 4946
415 0 0 5428 8846 483 4258
416 0 4 2795 1320 8114 5350
417 0 2 2510 12017 2768 5050
418 0 -2 2406 2440 2740 6750
419 0 2 10282 1086 809 10400
420 0 0 8477 8393 3405 10159
421 -1 0 7203 5025 387 6339
422 0 0 1510 42 3061 5047
423 1 0 8899 1346 3963 3518
424 0 0 7690 4485 2532 6815
425 0 -2 2210 11591 2890 4503
426 0 0 2367 8826 8001 12127
427 1 2 10596 8314 7863 12185
428 -1 -2 6039 10099 5011 6333
429 -1 -2 7353 8641 6623 965
430 0 0 3054 6816 5283 7438
431 -1 0 9421 5919 7903 11491
432 0 0 5202 11236 11135 6875
433 1 0 10469 3625 5140 11409
434 -1 0 6457 3420 1289 3087
435 0 0 4981 7584 3667 8992
436 0 0 2486 9323 5488 6760
437 0 -2 10800 9052 10347 4450
438 1 0 1546 5976 6208 10283
439 -1 0 10050 8648 5275 3907
440 1 4 10633 8816 8122 7347
441 -1 0 8730 5232 12281 4754
442 1 2 4288 4871 6784 12192
443 1 0 9297 9950 4775 2378
444 1 2 1069 209 11331 995
445 0 0 7851 6881 6175 5523
446 0 0 5388 6671 4672 1421
447 0 -2 10231 5133 2309 5799
448 -1 0 153 9835 5074 5216
449 0 0 11934 2437 7339 11818
450 -1 0 8801 8789 48 11348
451 0 2 6042 987 8243 10106
452 -2 0 10333 2589 4798 6818
453 -1 0 6545 9349 9453 2743
454 -1 -2 4195 9643 9110 11013
455 0 -2 6640 357 11133 9945
456 -1 0 11534 6683 11405 44
457 0 0 7142 5256 9490 10584
458 0 0 7200 2149 3622 9014
459 0 0 7165 7039 10762 7156
460 1 2 8215 7133 10600 1285
461 2 -2 11301 10333 7383 769
462 -1 0 5004 10864 3139 1300
463 1 0 11040 3075 10760 11733
464 0 -2 6614 8230 3156 2279
465 0 0 3877 7182 10115 11440
466 -1 0 2357 2232 4764 2711
467 1 -2 3295 2363 2758 2045
468 0 0 8589 865 2917 2518
469 0 2 2772 2928 3650 6641
470 0 0 5177 2183 7996 8414
471 1 -2 6874 9197 8865 8729
472 -2 0 7827 11526 10909 1548
473 0 -2 11766 8236 6451 5159
474 0 2 10634 8707 6140 7148
475 -1 0 613 1770 4832 8487
476 1 2 4973 1080 10080 8202
477 0 0 11955 4174 873 1699
478 -1 -2 10831 993 6778 8348
479 1 0 5558 5835 7067 4186
480 0 -2 2702 3993 6392 6043
481 -1 0 12069 1685 1987 4574
482 -1 -2 10029 9050 6174 10299
483 -1 0 9883 8157 10233 1321
484 1 2 4512 7252 6080 699
485 0 0 5562 756 5195 11922
486 0 0 3388 2386 11462 7782
487 0 0 8847 11806 10279 2981
488 2 0 4206 9692 7466 3513
489 1 2 10165 11806 9176 10260
490 0 0 1657 11469 12267 30
491 0 0 10457 11636 606 319
492 1 0 2806 9200 7521 1752
493 0 0 1874 5675 11192 6546
494 0 2 874 5094 11842 7809
495 -1 0 760 12102 5115 10093
496 -1 0 1626 4185 9898 2052
497 -1 2 11878 8847 8718 11044
498 -1 0 952 2338 1103 11254
499 1 -2 2558 10638 3234 3355
500 -1 0 8556 11033 5603 1199
501 0 0 5848 7063 11603 6796
502 0 2 7859 2289 1071 7667
503 0 0 7909 7745 9517 9120
504 0 0 7307 3801 992 4019
505 0 2 4268 2937 3718 1290
506 0 0 7878 10639 121 12207
507 0 -2 9470 8437 10821 3280
508 -1 0 8213 9197 7737 8475
509 -1 -2 10700 6041 8143 5205
510 -1 0 344 5879 1943 2793
511 1 0 10325 7270 3760 2198
</pre>
Shown are the 512 small coefficients of the private keys *f* = *s1* and *g* = 2 * *s2* + 1 as well as their Number Theoretic Transforms (NTT) *F* and *G*, respectively. The BLISS public key *A* is computed as the component-wise inverse of *F* * *G* and the reverse NTT gives *a* = 1/(*f* * *g*) mod q with the 14 bit modulus q = 12289. Sometime it happens that *F* * *G* is not invertible, so that the following debug message is output
<pre>
S1[374] is zero - s1 is not invertible
</pre>
and another trial run is started.

h2. BLISS Root CA Certificate Generation

A self-signed BLISS CA certificate can be generated with the following command
<pre>
pki --self --type bliss --in cakey4.pem --ca --dn "C=CH, O=strongSwan Project, CN=strongSwan BLISS Root CA" --lifetime 3653 --debug 2 --outform pem > cacert4.pem

file content is not binary ASN.1
-----BEGIN BLISS PRIVATE KEY-----
-----END BLISS PRIVATE KEY-----

L0 - BLISSPrivateKey:
L1 - keyType:
'BLISS-B_IV'
L1 - public:
L1 - secret1:
L1 - secret2:
L0 - subjectPublicKeyInfo:
L1 - algorithm:
L2 - algorithmIdentifier:
L3 - algorithm:
'blissPublicKey'
L3 - parameters:
L4 - blissKeyType:
'BLISS-B_IV'
L1 - subjectPublicKey:

mgf1 based on sha256 is seeded with 32 octets
y1 = -991..766 (sigma2 = 76597, mean = -22.8)
y2 = -1036..956 (sigma2 = 84979, mean = 4.5)
norm2(s1*c') + norm2(s2*c') = 55310 (69576 max), accepted
scalar(z1,s1*c) + scalar(z2,s2*c) = -66103, rejected

mgf1 generated 10464 octets
mgf1 based on sha256 is seeded with 32 octets
y1 = -732..848 (sigma2 = 71245, mean = 2.6)
y2 = -799..651 (sigma2 = 70586, mean = 20.7)
norm2(s1*c') + norm2(s2*c') = 57406 (69576 max), accepted
scalar(z1,s1*c) + scalar(z2,s2*c) = -35398, accepted

z1 = -734..853, z2d = -3..3

efficiency of Huffman coder is 3.4180 bits/tuple (1750 bits)
generated BLISS signature (6709 bits encoded in 839 bytes)
signature generation needed 2 rounds

mgf1 generated 10464 octets
</pre>
With a debug level of 2 you get quite a lot of debug information. Starting from the top, the automatic conversion from PEM to DER format is shown, followed by the ASN.1 encoding of the BLISS private key from which the BLISS public key is extracted. Then in order to generate the BLISS certificate signature, two vectors *y1* and *y2* with 512 random numbers tightly following a Gaussian probability distribution using rejection sampling are generated. This process often requires several rounds and a lot of random bits are used. The BLISS signature finally consists of the random vectors *z1* and *z2* as well as the sparse challenge vector *c*.

A BLISS certificate can be displayed at any time with
<pre>
pki --print --debug 2 --in cacert4.pem

L0 - x509:
L1 - tbsCertificate:
L2 - DEFAULT v1:
L3 - version:
X.509v3
L2 - serialNumber:
L2 - signature:
L3 - algorithmIdentifier:
L4 - algorithm:
'BLISS-with-SHA512'
L2 - issuer:
'C=CH, O=strongSwan Project, CN=strongSwan BLISS Root CA'
L2 - validity:
L3 - notBefore:
L4 - utcTime:
'Mar [ Incomplete diff, document too large... ]