Added EAs for LMS & XMSS Key Generation

robertmclemons · robertmclemons · commit 744f0f9e67df · 2025-09-22T11:36:24.000-04:00
diff --git a/input/gpcp.xml b/input/gpcp.xml
@@ -1576,7 +1576,74 @@
 						determine correctness, the evaluator shall submit the key pairs to the public 
 						key validation (PKV) function of the TOE and shall confirm that the results
 						correspond as expected for the modified and unmodified values.<h:p/>
-						
+		
+		
+						<h:br/><h:b>LMS Key Generation</h:b><h:p/>
+						<h:table border="1">
+							<h:tr class="header" bgcolor="#cccccc">
+								<h:td valign="top">Identifier</h:td>
+								<h:td valign="top">Cryptographic Key Generation Algorithm</h:td>
+								<h:td valign="top">Cryptographic Algorithm Parameters</h:td>
+								<h:td valign="top">List of Standards</h:td>
+							</h:tr>
+							<h:tr>
+								<h:td valign="top">LMS</h:td>
+								<h:td valign="top">LMS Key Generation</h:td>
+								<h:td valign="top">Private key size = [<h:b>selection:</h:b>  
+									192 bits with [<h:b>selection:</h:b> SHA-256/192, SHAKE256/192],
+									256 bits with [<h:b>selection:</h:b> SHA-256, SHAKE256]]; 
+									Winternitz parameter = [<h:b>selection:</h:b> 1, 2, 4, 8]; 
+									Tree height = [<h:b>selection:</h:b> 5, 10, 15, 20, 25]
+								</h:td>
+								<h:td valign="top">RFC 8554 [LMS]<h:p/>NIST SP 800-208 [parameters]</h:td>
+							</h:tr>
+						</h:table><h:p/>						
+						To test the TOE’s ability to generate asymmetric cryptographic keys using LMS, the
+						evaluator shall perform the LMS Key Generation Test using the following input parameters:
+						<h:ul>
+						<h:li>Hash algorithm [SHA-256/192, SHAKE256/192, SHA-256, SHAKE256]</h:li>
+						<h:li>Winternitz [1, 2, 4, 8]</h:li>
+						<h:li>Tree height [5, 10, 15, 20, 25]</h:li></h:ul><h:p/>
+						<h:br/><h:i><h:b>LMS Key Generation Test</h:b></h:i><h:br/>
+						For each supported combination of the hash algorithm, Winternitz parameter, and tree height the
+						evaluator shall generate one public key for each of the test cases. The number of test cases
+						depends on the tree height:
+						<h:b><h:div style="text-align: center;">
+							<ctr ctr-type="Table" pre="Table " id="lms-test-cases">: Number of LMS Test Cases</ctr>
+							</h:div>
+						</h:b>
+							
+						<h:table border="1" style="width:50%">
+							<h:tr class="header" bgcolor="#cccccc">
+								<h:td valign="top">Height</h:td>
+								<h:td valign="top">Number of test cases</h:td>
+							</h:tr>
+							<h:tr>
+								<h:td valign="top">5</h:td>
+								<h:td valign="top">5</h:td>
+							</h:tr>
+							<h:tr>
+								<h:td valign="top">10</h:td>
+								<h:td valign="top">4</h:td>
+							</h:tr>
+							<h:tr>
+								<h:td valign="top">15</h:td>
+								<h:td valign="top">3</h:td>
+							</h:tr>
+							<h:tr>
+								<h:td valign="top">20</h:td>
+								<h:td valign="top">2</h:td>
+							</h:tr>
+							<h:tr>
+								<h:td valign="top">25</h:td>
+								<h:td valign="top">1</h:td>
+							</h:tr>
+						</h:table><h:p/>						
+						The evaluator shall verify the correctness of the TSF’s implementation by
+						comparing the public key generated by the TSF with that generated by a known
+						good implementation using the same input parameters.<h:p/>
+
+
 						<h:br/><h:b>ML-KEM Key Generation</h:b><h:p/>
 						<h:table border="1">
 							<h:tr class="header" bgcolor="#cccccc">
@@ -1629,7 +1696,74 @@
 							under test to generate 25 key pairs using 25 different randomly generated 32-byte 
 							seed values. To determine correctness, the evaluator shall compare the resulting
 							key pairs with those generated using a known-good implementation using the same 
-							inputs.<h:p/>							
+							inputs.<h:p/>	
+
+						<h:br/><h:b>XMSS Key Generation</h:b><h:p/>
+						<h:table border="1">
+							<h:tr class="header" bgcolor="#cccccc">
+								<h:td valign="top">Identifier</h:td>
+								<h:td valign="top">Cryptographic Key Generation Algorithm</h:td>
+								<h:td valign="top">Cryptographic Algorithm Parameters</h:td>
+								<h:td valign="top">List of Standards</h:td>
+							</h:tr>
+							<h:tr>
+								<h:td valign="top">XMSS</h:td>
+								<h:td valign="top">XMSS</h:td>
+								<h:td valign="top">Private key size = [<h:b>selection:</h:b> 192 bits
+									with [<h:b>selection:</h:b> SHA-256/192, SHAKE256/192], 256 bits 
+									with [<h:b>selection:</h:b> SHA-256, SHAKE256]], tree height = 
+									[<h:b>selection:</h:b> 10, 16, 20]</h:td>
+								<h:td valign="top">RFC 8391 [XMSS]<h:p/>
+									NIST SP 800-208 [parameters]</h:td>
+							</h:tr>
+						</h:table><h:p/>
+						To test the TOE’s ability to generate asymmetric cryptographic keys using 
+						XMSS, the evaluator shall perform the XMSS Key 
+						Generation Test using the following input parameters:<h:ul>
+						<h:li>Hash algorithm [SHA-256/192, SHAKE256/192, SHA-256, SHAKE256]</h:li>
+						<h:li>Tree height [10, 16, 20] (XMSS only)</h:li></h:ul><h:p/>
+
+						<h:b><h:div style="text-align: center;">
+							<ctr ctr-type="Table" pre="Table " id="xmss-akg-test-cases">: Number of Test Cases for XMSS<h:sup>MT</h:sup></ctr>
+						</h:div></h:b>
+						<h:table border="1" style="width:50%">
+							<h:tr class="header" bgcolor="#cccccc">
+								<h:td valign="top">Height</h:td>
+								<h:td valign="top">Number of test cases</h:td>
+							</h:tr>
+							<h:tr>
+								<h:td valign="top">10</h:td>
+								<h:td valign="top">5</h:td>
+							</h:tr>
+							<h:tr>
+								<h:td valign="top">16</h:td>
+								<h:td valign="top">4</h:td>
+							</h:tr>
+							<h:tr>
+								<h:td valign="top">20</h:td>
+								<h:td valign="top">3</h:td>
+							</h:tr>
+							<h:tr>
+								<h:td valign="top">40</h:td>
+								<h:td valign="top">2</h:td>
+							</h:tr>
+							<h:tr>
+								<h:td valign="top">60</h:td>
+								<h:td valign="top">1</h:td>
+							</h:tr>
+						</h:table><h:p/>						
+
+						<h:br/><h:i><h:b>XMSS Key Generation Test</h:b></h:i><h:br/>
+						For each supported combination of hash algorithm and tree height, the evaluator 
+						shall generate one public key for each test case. The number of test cases
+						depends on the tree height as specified in <xref to="xmss-test-cases"/>.<h:p/>
+
+						The evaluator shall verify the correctness of the TSF’s implementation by comparing 
+						values generated by the TSF with those generated by a known good implementation using 
+						the same input parameters.<h:p/>
+						
+						Note: The number of test cases is limited due to the extreme amount of time it can
+						take to generate XMSS trees.<h:p/>
 					</Tests>				
 				</aactivity>
 			</f-element>
