-
Notifications
You must be signed in to change notification settings - Fork 16
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'dev' into franziskus/mlkem-c
- Loading branch information
Showing
15 changed files
with
1,411 additions
and
651 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,27 +1,85 @@ | ||
use crate::{arithmetic::PolynomialRingElement, sample::sample_ring_element_uniform}; | ||
use crate::{ | ||
arithmetic::{add_to_ring_element, power2round, PolynomialRingElement}, | ||
ntt::{invert_ntt_montgomery, ntt, ntt_multiply_montgomery}, | ||
sample::{sample_error_ring_element_uniform, sample_ring_element_uniform}, | ||
}; | ||
|
||
pub(crate) fn power2round_vector<const ROWS_IN_A: usize>( | ||
t: [PolynomialRingElement; ROWS_IN_A], | ||
) -> ( | ||
[PolynomialRingElement; ROWS_IN_A], | ||
[PolynomialRingElement; ROWS_IN_A], | ||
) { | ||
let mut vector_t0 = [PolynomialRingElement::ZERO; ROWS_IN_A]; | ||
let mut vector_t1 = [PolynomialRingElement::ZERO; ROWS_IN_A]; | ||
|
||
for i in 0..ROWS_IN_A { | ||
for (j, coefficient) in t[i].coefficients.into_iter().enumerate() { | ||
let (c0, c1) = power2round(coefficient); | ||
|
||
vector_t0[i].coefficients[j] = c0; | ||
vector_t1[i].coefficients[j] = c1; | ||
} | ||
} | ||
|
||
(vector_t0, vector_t1) | ||
} | ||
|
||
#[inline(always)] | ||
pub(crate) fn sample_error_vector<const DIMENSION: usize, const ETA: usize>( | ||
mut seed: [u8; 66], | ||
domain_separator: &mut u16, | ||
) -> [PolynomialRingElement; DIMENSION] { | ||
let mut error = [PolynomialRingElement::ZERO; DIMENSION]; | ||
for i in 0..DIMENSION { | ||
seed[64] = *domain_separator as u8; | ||
seed[65] = (*domain_separator >> 8) as u8; | ||
*domain_separator += 1; | ||
|
||
error[i] = sample_error_ring_element_uniform::<ETA>(seed); | ||
} | ||
|
||
error | ||
} | ||
|
||
#[allow(non_snake_case)] | ||
#[inline(always)] | ||
pub(crate) fn expand_to_A<const ROWS_IN_A: usize, const COLUMNS_IN_A: usize>( | ||
mut seed: [u8; 34], | ||
transposed: bool, | ||
) -> [[PolynomialRingElement; COLUMNS_IN_A]; ROWS_IN_A] { | ||
let mut A = [[PolynomialRingElement::ZERO; COLUMNS_IN_A]; ROWS_IN_A]; | ||
|
||
for i in 0..ROWS_IN_A { | ||
for j in 0..COLUMNS_IN_A { | ||
seed[32] = i as u8; | ||
seed[33] = j as u8; | ||
|
||
let sampled = sample_ring_element_uniform(seed); | ||
seed[32] = j as u8; | ||
seed[33] = i as u8; | ||
|
||
if transposed { | ||
A[j][i] = sampled; | ||
} else { | ||
A[i][j] = sampled; | ||
} | ||
A[i][j] = sample_ring_element_uniform(seed); | ||
} | ||
} | ||
|
||
A | ||
} | ||
|
||
/// Compute InvertNTT(Â ◦ ŝ₁) + s₂ | ||
#[inline(always)] | ||
#[allow(non_snake_case)] | ||
pub(crate) fn compute_As1_plus_s2<const ROWS_IN_A: usize, const COLUMNS_IN_A: usize>( | ||
A: &[[PolynomialRingElement; COLUMNS_IN_A]; ROWS_IN_A], | ||
s1: &[PolynomialRingElement; COLUMNS_IN_A], | ||
s2: &[PolynomialRingElement; ROWS_IN_A], | ||
) -> [PolynomialRingElement; ROWS_IN_A] { | ||
let mut result = [PolynomialRingElement::ZERO; ROWS_IN_A]; | ||
|
||
for (i, row) in A.iter().enumerate() { | ||
for (j, ring_element) in row.iter().enumerate() { | ||
let product = ntt_multiply_montgomery(ring_element, &ntt(s1[j])); | ||
result[i] = add_to_ring_element(result[i], &product); | ||
} | ||
|
||
result[i] = invert_ntt_montgomery(result[i]); | ||
result[i] = add_to_ring_element(result[i], &s2[i]); | ||
} | ||
|
||
result | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
use crate::constants::*; | ||
|
||
// ML-DSA-44 parameters | ||
|
||
const ROWS_IN_A: usize = 4; | ||
const COLUMNS_IN_A: usize = 4; | ||
|
||
const ETA: usize = 2; | ||
const TWO_TIMES_ETA_BIT_SIZE: usize = 3; // ⌊log_2(2 * 2)⌋ + 1 | ||
|
||
const BYTES_FOR_ERROR_RING_ELEMENT: usize = | ||
(TWO_TIMES_ETA_BIT_SIZE * COEFFICIENTS_IN_RING_ELEMENT) / 8; | ||
|
||
const VERIFICATION_KEY_SIZE: usize = SEED_FOR_A_SIZE | ||
+ (COEFFICIENTS_IN_RING_ELEMENT | ||
* ROWS_IN_A | ||
* (FIELD_MODULUS_MINUS_ONE_BIT_LENGTH - BITS_IN_LOWER_PART_OF_T)) | ||
/ 8; | ||
|
||
const SIGNING_KEY_SIZE: usize = SEED_FOR_A_SIZE | ||
+ SEED_FOR_SIGNING_SIZE | ||
+ BYTES_FOR_VERIFICATION_KEY_HASH | ||
+ (ROWS_IN_A + COLUMNS_IN_A) * BYTES_FOR_ERROR_RING_ELEMENT | ||
+ ROWS_IN_A * BYTES_FOR_RING_ELEMENT_OF_T0S; | ||
|
||
pub struct MLDSA65KeyPair { | ||
pub signing_key: [u8; SIGNING_KEY_SIZE], | ||
pub verification_key: [u8; VERIFICATION_KEY_SIZE], | ||
} | ||
|
||
/// Generate an ML-DSA-65 Key Pair | ||
pub fn generate_key_pair(randomness: [u8; 32]) -> MLDSA65KeyPair { | ||
let (signing_key, verification_key) = crate::ml_dsa_generic::generate_key_pair::< | ||
ROWS_IN_A, | ||
COLUMNS_IN_A, | ||
ETA, | ||
BYTES_FOR_ERROR_RING_ELEMENT, | ||
SIGNING_KEY_SIZE, | ||
VERIFICATION_KEY_SIZE, | ||
>(randomness); | ||
|
||
MLDSA65KeyPair { | ||
signing_key, | ||
verification_key, | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
use crate::constants::*; | ||
|
||
// ML-DSA-65 parameters | ||
|
||
const ROWS_IN_A: usize = 8; | ||
const COLUMNS_IN_A: usize = 7; | ||
|
||
const ETA: usize = 2; | ||
const TWO_TIMES_ETA_BIT_SIZE: usize = 3; // ⌊log_2(2 * 2)⌋ + 1 | ||
|
||
const BYTES_FOR_ERROR_RING_ELEMENT: usize = | ||
(TWO_TIMES_ETA_BIT_SIZE * COEFFICIENTS_IN_RING_ELEMENT) / 8; | ||
|
||
const VERIFICATION_KEY_SIZE: usize = SEED_FOR_A_SIZE | ||
+ (COEFFICIENTS_IN_RING_ELEMENT | ||
* ROWS_IN_A | ||
* (FIELD_MODULUS_MINUS_ONE_BIT_LENGTH - BITS_IN_LOWER_PART_OF_T)) | ||
/ 8; | ||
|
||
const SIGNING_KEY_SIZE: usize = SEED_FOR_A_SIZE | ||
+ SEED_FOR_SIGNING_SIZE | ||
+ BYTES_FOR_VERIFICATION_KEY_HASH | ||
+ (ROWS_IN_A + COLUMNS_IN_A) * BYTES_FOR_ERROR_RING_ELEMENT | ||
+ ROWS_IN_A * BYTES_FOR_RING_ELEMENT_OF_T0S; | ||
|
||
pub struct MLDSA65KeyPair { | ||
pub signing_key: [u8; SIGNING_KEY_SIZE], | ||
pub verification_key: [u8; VERIFICATION_KEY_SIZE], | ||
} | ||
|
||
/// Generate an ML-DSA-65 Key Pair | ||
pub fn generate_key_pair(randomness: [u8; 32]) -> MLDSA65KeyPair { | ||
let (signing_key, verification_key) = crate::ml_dsa_generic::generate_key_pair::< | ||
ROWS_IN_A, | ||
COLUMNS_IN_A, | ||
ETA, | ||
BYTES_FOR_ERROR_RING_ELEMENT, | ||
SIGNING_KEY_SIZE, | ||
VERIFICATION_KEY_SIZE, | ||
>(randomness); | ||
|
||
MLDSA65KeyPair { | ||
signing_key, | ||
verification_key, | ||
} | ||
} |
Oops, something went wrong.