Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Import ML-KEM from mlkem-native/PQ code package #2041

Merged
merged 5 commits into from
Feb 4, 2025
Merged

Import ML-KEM from mlkem-native/PQ code package #2041

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
62e11c4
Integrate ML-KEM from mlkem-native [full tests]
bhess Dec 9, 2024
f34855b
Commit after rebase [full tests] [extended tests]
bhess Jan 29, 2025
956e002
correct patch name for docs
bhess Jan 29, 2025
e8c8dd1
pull update [run tests] [extended tests]
bhess Jan 30, 2025
d455381
Pull v1.0.0-alpha.2 [full tests] [extended tests]
bhess Jan 31, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
31 changes: 28 additions & 3 deletions .CMake/alg_support.cmake
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ function(filter_algs alglist)
string(REPLACE "_aesni" "" _var_base ${_var})
string(REPLACE "_avx2" "" _var_base ${_var_base})
string(REPLACE "_avx" "" _var_base ${_var_base})
string(REPLACE "_x86_64" "" _var_base ${_var_base})
string(REPLACE "_aarch64" "" _var_base ${_var_base})
foreach (_alg ${ARGV0})
if(${_var}_AVAILABLE)
Expand Down Expand Up @@ -334,7 +335,15 @@ endif()

if(CMAKE_SYSTEM_NAME MATCHES "Linux|Darwin")
if(OQS_DIST_X86_64_BUILD OR (OQS_USE_AVX2_INSTRUCTIONS AND OQS_USE_BMI2_INSTRUCTIONS AND OQS_USE_POPCNT_INSTRUCTIONS))
cmake_dependent_option(OQS_ENABLE_KEM_ml_kem_512_avx2 "" ON "OQS_ENABLE_KEM_ml_kem_512" OFF)
cmake_dependent_option(OQS_ENABLE_KEM_ml_kem_512_x86_64 "" ON "OQS_ENABLE_KEM_ml_kem_512" OFF)
SWilson4 marked this conversation as resolved.
Show resolved Hide resolved
endif()
endif()

if(CMAKE_SYSTEM_NAME MATCHES "Linux|Darwin")
if((OQS_DIST_ARM64_V8_BUILD OR (OQS_USE_ARM_NEON_INSTRUCTIONS AND OQS_USE_ARM_NEON_INSTRUCTIONS)))

cmake_dependent_option(OQS_ENABLE_KEM_ml_kem_512_aarch64 "" ON "OQS_ENABLE_KEM_ml_kem_512" OFF)

endif()
endif()

Expand All @@ -346,7 +355,15 @@ endif()

if(CMAKE_SYSTEM_NAME MATCHES "Linux|Darwin")
if(OQS_DIST_X86_64_BUILD OR (OQS_USE_AVX2_INSTRUCTIONS AND OQS_USE_BMI2_INSTRUCTIONS AND OQS_USE_POPCNT_INSTRUCTIONS))
cmake_dependent_option(OQS_ENABLE_KEM_ml_kem_768_avx2 "" ON "OQS_ENABLE_KEM_ml_kem_768" OFF)
cmake_dependent_option(OQS_ENABLE_KEM_ml_kem_768_x86_64 "" ON "OQS_ENABLE_KEM_ml_kem_768" OFF)
endif()
endif()

if(CMAKE_SYSTEM_NAME MATCHES "Linux|Darwin")
if((OQS_DIST_ARM64_V8_BUILD OR (OQS_USE_ARM_NEON_INSTRUCTIONS AND OQS_USE_ARM_NEON_INSTRUCTIONS)))

cmake_dependent_option(OQS_ENABLE_KEM_ml_kem_768_aarch64 "" ON "OQS_ENABLE_KEM_ml_kem_768" OFF)

endif()
endif()

Expand All @@ -358,7 +375,15 @@ endif()

if(CMAKE_SYSTEM_NAME MATCHES "Linux|Darwin")
if(OQS_DIST_X86_64_BUILD OR (OQS_USE_AVX2_INSTRUCTIONS AND OQS_USE_BMI2_INSTRUCTIONS AND OQS_USE_POPCNT_INSTRUCTIONS))
cmake_dependent_option(OQS_ENABLE_KEM_ml_kem_1024_avx2 "" ON "OQS_ENABLE_KEM_ml_kem_1024" OFF)
cmake_dependent_option(OQS_ENABLE_KEM_ml_kem_1024_x86_64 "" ON "OQS_ENABLE_KEM_ml_kem_1024" OFF)
endif()
endif()

if(CMAKE_SYSTEM_NAME MATCHES "Linux|Darwin")
if((OQS_DIST_ARM64_V8_BUILD OR (OQS_USE_ARM_NEON_INSTRUCTIONS AND OQS_USE_ARM_NEON_INSTRUCTIONS)))

cmake_dependent_option(OQS_ENABLE_KEM_ml_kem_1024_aarch64 "" ON "OQS_ENABLE_KEM_ml_kem_1024" OFF)

endif()
endif()

Expand Down
2 changes: 1 addition & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -199,7 +199,7 @@ liboqs includes some third party libraries or modules that are licensed differen
- `src/kem/kyber/pqcrystals-*`: public domain (CC0) or Apache License v2.0
- `src/kem/kyber/pqclean_*`: public domain (CC0), and public domain (CC0) or Apache License v2.0, and public domain (CC0) or MIT, and MIT
- `src/kem/kyber/libjade_*` public domain (CC0) or Apache License v2.
- `src/kem/ml_kem/pqcrystals-*`: public domain (CC0) or Apache License v2.0
- `src/kem/ml_kem/mlkem-native_*`: Apache License v2.0
- `src/sig/dilithium/pqcrystals-*`: public domain (CC0) or Apache License v2.0
- `src/sig/dilithium/pqclean_*`: public domain (CC0), and public domain (CC0) or Apache License v2.0, and public domain (CC0) or MIT, and MIT
- src/sig/falcon/pqclean_\*\_aarch64 : Apache License v2.0
Expand Down
13 changes: 8 additions & 5 deletions docs/algorithms/kem/ml_kem.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,9 @@
- **Authors' website**: https://pq-crystals.org/kyber/ and https://csrc.nist.gov/pubs/fips/203
- **Specification version**: ML-KEM.
- **Primary Source**<a name="primary-source"></a>:
- **Source**: https://github.com/pq-crystals/kyber/commit/10b478fc3cc4ff6215eb0b6a11bd758bf0929cbd with copy_from_upstream patches
- **Source**: https://github.com/pq-code-package/mlkem-native/commit/3f1b9fc214a3c3f18e88b144f68814ea7ae88625 with copy_from_upstream patches
- **Implementation license (SPDX-Identifier)**: CC0-1.0 or Apache-2.0
- **Optimized Implementation sources**: https://github.com/pq-crystals/kyber/commit/10b478fc3cc4ff6215eb0b6a11bd758bf0929cbd with copy_from_upstream patches
- **Optimized Implementation sources**: https://github.com/pq-code-package/mlkem-native/commit/3f1b9fc214a3c3f18e88b144f68814ea7ae88625 with copy_from_upstream patches
- **cupqc-cuda**:<a name="cupqc-cuda"></a>
- **Source**: https://github.com/praveksharma/cupqc-mlkem/commit/b026f4e5475cd9c20c2082c7d9bad80e5b0ba89e
- **Implementation license (SPDX-Identifier)**: Apache-2.0
Expand All @@ -28,7 +28,8 @@
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| [Primary Source](#primary-source) | ref | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2,POPCNT | True | True | False |
| [Primary Source](#primary-source) | x86\_64 | x86\_64 | Linux,Darwin | AVX2,BMI2,POPCNT | True | True | False |
| [Primary Source](#primary-source) | aarch64 | ARM64\_V8 | Linux,Darwin | None | True | False | False |
| [cupqc-cuda](#cupqc-cuda) | cuda | CUDA | Linux,Darwin | None | False | False | False |

Are implementations chosen based on runtime CPU feature detection? **Yes**.
Expand All @@ -40,7 +41,8 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | ref | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2,POPCNT | True | True | False |
| [Primary Source](#primary-source) | x86\_64 | x86\_64 | Linux,Darwin | AVX2,BMI2,POPCNT | True | True | False |
| [Primary Source](#primary-source) | aarch64 | ARM64\_V8 | Linux,Darwin | None | True | False | False |
| [cupqc-cuda](#cupqc-cuda) | cuda | CUDA | Linux,Darwin | None | False | False | False |

Are implementations chosen based on runtime CPU feature detection? **Yes**.
Expand All @@ -50,7 +52,8 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | ref | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2,POPCNT | True | True | False |
| [Primary Source](#primary-source) | x86\_64 | x86\_64 | Linux,Darwin | AVX2,BMI2,POPCNT | True | True | False |
| [Primary Source](#primary-source) | aarch64 | ARM64\_V8 | Linux,Darwin | None | True | False | False |
| [cupqc-cuda](#cupqc-cuda) | cuda | CUDA | Linux,Darwin | None | False | False | False |

Are implementations chosen based on runtime CPU feature detection? **Yes**.
Expand Down
44 changes: 40 additions & 4 deletions docs/algorithms/kem/ml_kem.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ website: https://pq-crystals.org/kyber/ and https://csrc.nist.gov/pubs/fips/203
nist-round: FIPS203
spec-version: ML-KEM
primary-upstream:
source: https://github.com/pq-crystals/kyber/commit/10b478fc3cc4ff6215eb0b6a11bd758bf0929cbd
source: https://github.com/pq-code-package/mlkem-native/commit/3f1b9fc214a3c3f18e88b144f68814ea7ae88625
with copy_from_upstream patches
spdx-license-identifier: CC0-1.0 or Apache-2.0
optimized-upstreams:
Expand All @@ -43,7 +43,7 @@ parameter-sets:
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream: primary-upstream
upstream-id: avx2
upstream-id: x86_64
supported-platforms:
- architecture: x86_64
operating_systems:
Expand All @@ -58,6 +58,18 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream: primary-upstream
upstream-id: aarch64
supported-platforms:
- architecture: ARM64_V8
operating_systems:
- Linux
- Darwin
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: false
dstebila marked this conversation as resolved.
Show resolved Hide resolved
large-stack-usage: false
- upstream: cupqc-cuda
upstream-id: cuda
supported-platforms:
Expand Down Expand Up @@ -86,7 +98,7 @@ parameter-sets:
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream: primary-upstream
upstream-id: avx2
upstream-id: x86_64
supported-platforms:
- architecture: x86_64
operating_systems:
Expand All @@ -101,6 +113,18 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream: primary-upstream
upstream-id: aarch64
supported-platforms:
- architecture: ARM64_V8
operating_systems:
- Linux
- Darwin
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: false
- upstream: cupqc-cuda
upstream-id: cuda
supported-platforms:
Expand Down Expand Up @@ -129,7 +153,7 @@ parameter-sets:
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream: primary-upstream
upstream-id: avx2
upstream-id: x86_64
supported-platforms:
- architecture: x86_64
operating_systems:
Expand All @@ -144,6 +168,18 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream: primary-upstream
upstream-id: aarch64
supported-platforms:
- architecture: ARM64_V8
operating_systems:
- Linux
- Darwin
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: false
- upstream: cupqc-cuda
upstream-id: cuda
supported-platforms:
Expand Down
95 changes: 88 additions & 7 deletions docs/cbom.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,23 +2,23 @@
"$schema": "https://raw.githubusercontent.com/CycloneDX/specification/1.6/schema/bom-1.6.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.6",
"serialNumber": "urn:uuid:de1355bb-9681-4a7e-8aa9-0ccc414ebe3b",
"serialNumber": "urn:uuid:11c99519-c4e5-4517-8016-4932140dd322",
"version": 1,
"metadata": {
"timestamp": "2024-11-05T12:25:53.012740+00:00",
"timestamp": "2025-01-22T14:42:21.903424+00:00",
"component": {
"type": "library",
"bom-ref": "pkg:github/open-quantum-safe/liboqs@69a80f8a66988521d51e94d716cff8c936c07b8d",
"bom-ref": "pkg:github/open-quantum-safe/liboqs@af4928dddde853579f8a16a488cf3e142f177979",
"name": "liboqs",
"version": "69a80f8a66988521d51e94d716cff8c936c07b8d"
"version": "af4928dddde853579f8a16a488cf3e142f177979"
}
},
"components": [
{
"type": "library",
"bom-ref": "pkg:github/open-quantum-safe/liboqs@69a80f8a66988521d51e94d716cff8c936c07b8d",
"bom-ref": "pkg:github/open-quantum-safe/liboqs@af4928dddde853579f8a16a488cf3e142f177979",
"name": "liboqs",
"version": "69a80f8a66988521d51e94d716cff8c936c07b8d"
"version": "af4928dddde853579f8a16a488cf3e142f177979"
},
{
"type": "cryptographic-asset",
Expand Down Expand Up @@ -1080,6 +1080,26 @@
}
}
},
{
"type": "cryptographic-asset",
"bom-ref": "alg:ML-KEM-512:armv8-a",
"name": "ML-KEM",
"cryptoProperties": {
"assetType": "algorithm",
"algorithmProperties": {
"parameterSetIdentifier": "ML-KEM-512",
"primitive": "kem",
"executionEnvironment": "software-plain-ram",
"cryptoFunctions": [
"keygen",
"encapsulate",
"decapsulate"
],
"nistQuantumSecurityLevel": 1,
"implementationPlatform": "armv8-a"
}
}
},
{
"type": "cryptographic-asset",
"bom-ref": "alg:ML-KEM-768:generic",
Expand Down Expand Up @@ -1120,6 +1140,26 @@
}
}
},
{
"type": "cryptographic-asset",
"bom-ref": "alg:ML-KEM-768:armv8-a",
"name": "ML-KEM",
"cryptoProperties": {
"assetType": "algorithm",
"algorithmProperties": {
"parameterSetIdentifier": "ML-KEM-768",
"primitive": "kem",
"executionEnvironment": "software-plain-ram",
"cryptoFunctions": [
"keygen",
"encapsulate",
"decapsulate"
],
"nistQuantumSecurityLevel": 3,
"implementationPlatform": "armv8-a"
}
}
},
{
"type": "cryptographic-asset",
"bom-ref": "alg:ML-KEM-1024:generic",
Expand Down Expand Up @@ -1160,6 +1200,26 @@
}
}
},
{
"type": "cryptographic-asset",
"bom-ref": "alg:ML-KEM-1024:armv8-a",
"name": "ML-KEM",
"cryptoProperties": {
"assetType": "algorithm",
"algorithmProperties": {
"parameterSetIdentifier": "ML-KEM-1024",
"primitive": "kem",
"executionEnvironment": "software-plain-ram",
"cryptoFunctions": [
"keygen",
"encapsulate",
"decapsulate"
],
"nistQuantumSecurityLevel": 5,
"implementationPlatform": "armv8-a"
}
}
},
{
"type": "cryptographic-asset",
"bom-ref": "alg:sntrup761:generic",
Expand Down Expand Up @@ -3127,7 +3187,7 @@
],
"dependencies": [
{
"ref": "pkg:github/open-quantum-safe/liboqs@69a80f8a66988521d51e94d716cff8c936c07b8d",
"ref": "pkg:github/open-quantum-safe/liboqs@af4928dddde853579f8a16a488cf3e142f177979",
"provides": [
"alg:BIKE-L1:x86_64",
"alg:BIKE-L3:x86_64",
Expand Down Expand Up @@ -3182,10 +3242,13 @@
"alg:Kyber1024:armv8-a",
"alg:ML-KEM-512:generic",
"alg:ML-KEM-512:x86_64",
"alg:ML-KEM-512:armv8-a",
"alg:ML-KEM-768:generic",
"alg:ML-KEM-768:x86_64",
"alg:ML-KEM-768:armv8-a",
"alg:ML-KEM-1024:generic",
"alg:ML-KEM-1024:x86_64",
"alg:ML-KEM-1024:armv8-a",
"alg:sntrup761:generic",
"alg:sntrup761:x86_64",
"alg:cross-rsdp-128-balanced:generic",
Expand Down Expand Up @@ -3611,6 +3674,12 @@
"alg:sha3"
]
},
{
"ref": "alg:ML-KEM-512:armv8-a",
"dependsOn": [
"alg:sha3"
]
},
{
"ref": "alg:ML-KEM-768:generic",
"dependsOn": [
Expand All @@ -3623,6 +3692,12 @@
"alg:sha3"
]
},
{
"ref": "alg:ML-KEM-768:armv8-a",
"dependsOn": [
"alg:sha3"
]
},
{
"ref": "alg:ML-KEM-1024:generic",
"dependsOn": [
Expand All @@ -3635,6 +3710,12 @@
"alg:sha3"
]
},
{
"ref": "alg:ML-KEM-1024:armv8-a",
"dependsOn": [
"alg:sha3"
]
},
{
"ref": "alg:sntrup761:generic",
"dependsOn": [
Expand Down
Loading
Loading