code refactor to add fqmul #1748
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #1748 +/- ##
=======================================
Coverage 78.43% 78.44%
=======================================
Files 580 580
Lines 96756 96756
Branches 13877 13865 -12
=======================================
+ Hits 75888 75896 +8
+ Misses 20249 20243 -6
+ Partials 619 617 -2 ☔ View full report in Codecov by Sentry. |
andrewhop
approved these changes
Aug 7, 2024
dkostic
approved these changes
Aug 7, 2024
skmcgrail
pushed a commit
that referenced
this pull request
Oct 7, 2024
### Issues: Resolves #CryptoAlg-2722 ### Description of changes: This PR updates the implementation of Dilithium (v3.1) with subsequent changes made in the official upstream repository (https://github.com/pq-crystals/dilithium). As there are significant algorithmic changes between pre-FIPS 204 Dilithium (v3.1) and FIPS 204 IPD/Final we note that the integration of this code will cause Dilithium v3.1 signatures to fail. Consumers of AWS-LC were made aware of the unstable nature of the Dilithium implementation and API during the integration into the library (see https://github.com/aws/aws-lc/blob/8a1ee93969d8df64c4c51b2d6ddffb26a54adea9/crypto/dilithium/README.md). As part of our due diligence we have verified that there are no existing deployments contingent on the stability of Dilithium. As such, we will continue to support the most up to date version of the algorithm from the authors upstream. ### Call-outs: Among the changes are modifications made per the FIPS 204 ML-DSA standard: - changes to signature and key sizes - addition of signing context "ctx" added to signature - removal of AES-based modes - new KATs - we maintain the `fqmul` refactor added in #1748 - small changes to documentation (e.g. reduce.c#L27, poly.c#L24, polyvec.c#L164) ### Testing: As the signature size and private key size of ML-DSA has changed since v3.1, so too must the tests `EVPExtraTest.d2i_PrivateKey` for testing the parsing of ML-DSA private keys, as well as the certificates used for `X509Test.TestDilithium3`. I have updated the private key `kExampleDilithium3KeyDER` and test certificate `kDilithium3Cert` to reflect changes to the signature/key lengths, but will need to manually reproduce test-case certificates `kDilithium3CertNull`, `kDilithium3CertParam`. By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issues:
Resolves #P123931043
This PR addresses the multiplication and Montgomery reduction functionality within Dilithium. This refactor makes it simpler to re-implement the multiplication on targets where non-constant time behaviour is known, and has consistency with the code organisation of Kyber.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.