bwesterb
commented
3 months ago What's the difference? I intend to match the standard branch of the crystal's team until NIST releases the final version of FIPS 204.
Closed UladzimirTrehubenka closed 3 months ago
bwesterb
commented
3 months ago What's the difference? I intend to match the standard branch of the crystal's team until NIST releases the final version of FIPS 204.
UladzimirTrehubenka
commented
3 months ago What's the difference?
I don't know, see more details in the OQS issue.
bwesterb
commented
3 months ago Right, the new test vectors include changes that are expected to be included in the final standard, but aren't published in the ipd (initial public draft) yet. We'll wait for the final standard or a new draft before changing this.
UladzimirTrehubenka
commented
3 months ago Fix: sign/mldsa/mldsa{ver}/internal/dilithium.go replace PolyDeriveUniformBall(&ch, sig.c[:32]) // SeedSize with PolyDeriveUniformBall(&ch, sig.c[:64]) // CTildeSize
bwesterb
commented
2 months ago I updated the ML-DSA PR to FIPS 204. There are no test vectors yet (the ACVP test vectors only test the internal functions), so we'll wait merging until we have crosschecked this implementation with another.
Observed that bas/ml-dsa branch has implementation which OK against NIST KAT from Apr 15, 2024. However there is fresh NIST KAT from May 23, 2024 (KAT history). So need to fix ML-DSA implementation.