Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Switch ML-DSA to use AWS-LC SHA3 #2001

Merged
merged 12 commits into from
Dec 10, 2024
Merged

Switch ML-DSA to use AWS-LC SHA3 #2001

Show file tree
Hide file tree
Changes from 7 commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
33dee33
added internal APIs for ml-dsa
jakemas Nov 18, 2024
54ca109
CR fixes
jakemas Nov 19, 2024
1bbbb24
documentation update
jakemas Nov 19, 2024
c4a0fdb
switch internal sha3 for fipsmodule
jakemas Nov 19, 2024
4f1bc91
Merge branch 'main' into xof-switch
jakemas Nov 22, 2024
69e15e7
rebase edits
jakemas Nov 22, 2024
9d34feb
Merge branch 'main' into xof-switch
jakemas Nov 26, 2024
f4cc0fe
CR fixes
jakemas Dec 4, 2024
0fa3d6f
Merge branch 'xof-switch' of github.com:jakemas/aws-lc into xof-switch
jakemas Dec 4, 2024
b934dd0
remove stream init functions
jakemas Dec 5, 2024
acb7b42
CR fixes
jakemas Dec 6, 2024
35ae687
Merge branch 'main' into xof-switch
jakemas Dec 7, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 0 additions & 1 deletion crypto/dilithium/ml_dsa.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@

// These includes are required to compile ML-DSA. These can be moved to bcm.c
// when ML-DSA is added to the fipsmodule directory.
#include "./pqcrystals_dilithium_ref_common/fips202.c"
#include "./pqcrystals_dilithium_ref_common/ntt.c"
#include "./pqcrystals_dilithium_ref_common/packing.c"
#include "./pqcrystals_dilithium_ref_common/params.c"
Expand Down
3 changes: 2 additions & 1 deletion crypto/dilithium/pqcrystals_dilithium_ref_common/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ The code was refactored in [this PR](https://github.com/aws/aws-lc/pull/1910) by
that initialize a given structure with values corresponding to a parameter set. This structure is then passed to every function that requires it as a function argument. In addition, the following changes were made to the source code in `pqcrystals_dilithium_ref_common` directory:

- `randombytes.{h|c}` are deleted because we are using the randomness generation functions provided by AWS-LC.
- `fips202.{h|c}` are deleted as all SHA3/SHAKE functionality is provided instead by AWS-LC fipsmodule/sha rather than the reference implementation.
geedo0 marked this conversation as resolved.
Show resolved Hide resolved
- `sign.c`: calls to `randombytes` function is replaced with calls to `RAND_bytes` and the appropriate header file is included (`openssl/rand.h`).
- `ntt.c`, `poly.c`, `reduce.c`, `reduce.h`: have been modified with a code refactor. The function `fqmul` has been added to bring mode code consistency with Kyber/ML-KEM. See https://github.com/aws/aws-lc/pull/1748 for more details on this change.
- `reduce.c`: a small fix to documentation has been made on the bounds of `reduce32`.
Expand All @@ -18,4 +19,4 @@ that initialize a given structure with values corresponding to a parameter set.

**Testing**

The KATs were obtained from https://github.com/post-quantum-cryptography/KAT. We select the KATs for the signing mode `hedged`, which derives the signing private random seed (rho) pseudorandomly from the signer's private key, the message to be signed, and a 256-bit string `rnd` which is generated at random. The `pure` variant of these KATs were used, as they provide test vector inputs for "pure" i.e., non-pre-hashed messages. The KAT files have been modified to insert linebreaks between each test vector set.
The KATs were obtained from https://github.com/post-quantum-cryptography/KAT. We select the KATs for the signing mode `hedged`, which derives the signing private random seed (rho) pseudorandomly from the signer's private key, the message to be signed, and a 256-bit string `rnd` which is generated at random. The `pure` variant of these KATs were used, as they provide test vector inputs for "pure" i.e., non-pre-hashed messages. The KAT files have been modified to insert linebreaks between each test vector set.
Loading
Loading