add: ML-DSA, ML-KEM #12
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
We are currently testing an harmonisation of the test vectors, in which all tests regardless of primitive have a common set of values such as an ID and test type. This new method takes the test vector directly to create a new TestInfo instance, instead of having to unpack its values into the new() method.
New test vectors use the pb2 extension, so those files should be ignored. We also remvoe the old Kyber and Dilithium executables, as they are no longer built. Same goes for main, which was the AES executable.
This commit introduces several changes. First, the Dilithium and Kyber primitives are replaced by ML-DSA and ML-KEM: - The reference implementations were updated. - The test vectors were updated. - The 90s variants were removed. Second, the wrappers usage is being simplified. As with AES and SHA, the corresponding command now takes the name of the wrapper as input. But now we have adopted an approach similar to the harness mode: the wrapper now defines functions that are recognized by crypto-condor, like CC_MLKEM_512_encaps(), which removes the need to specify a parameter set, and thus one wrapper can be used to test all parameter sets at once. The wrapper language is now implied by the file extension. And we removed the run_wrapper() functions, so now it is the responsability of the CLI function to determine the language and call the corresponding function to test the wrapper. Both primitives support the output mode, testing the encapsulation for ML-KEM and the signing for ML-DSA. They both continue supporting the harness mode. The protocols were also updated, mainly for ML-DSA, which is now based on the "internal" Dilithium functions, which deal with the signature separate from the message (so not the signed message). The test vectors were updated. This includes the source files, generated with the KAT program from NIST, but also the generated protobufs which have been harmonised into TestMldsa/VectorsMldsa and TestMlkem/VectorsMlkem. The difference is that definition of these vectors have the newly introduced common set of values (ID, type, etc.) and should encompass *any* future vectors. The goal is to avoid having two or more different types, like NIST and Wycheproof vectors, which in turn simplifies the test functions. As such, the vectors are loaded by a simple function that now relies on a JSON file, which associates protobufs to a parameter (in this case to a parameter set). The method guides aren't updated yet, they have been simply copied over from Dilithium and Kyber.
Git was mixing the docs/source version and the resources/guides version, so a separate commit it is.
JulioLoayzaM
force-pushed
the
feat/fips
branch
from
b7146a5 to
a77fdb8
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Add the ML-DSA and ML-KEM primitives. These will replace the current Dilithium and Kyber primitives.