Failures on ACVP Vectors for ML-DSA-65 and ML-DSA-87

[Dhruva21]

I have built liboqs-python wrapper module which internally uses liboqs library. I was able to try sample python scripts present in examples directory.

I wrote some sample script to test the ACVP vectors (signature verification) present in liboqs source code: https://github.com/open-quantum-safe/liboqs/tree/main/tests/ACVP_Vectors/ML-DSA-sigVer-FIPS204. I see there are three failures for ML-DSA-65 and three failures for ML-DSA-87 as shown below. . --> Pass x --> Fail

  tgId:  1
     alg:  ML-DSA-44
             tcId: 1 .
             tcId: 2 .
             tcId: 3 .
             tcId: 4 .
             tcId: 5 .
             tcId: 6 .
             tcId: 7 .
             tcId: 8 .
             tcId: 9 .
             tcId: 10 .
             tcId: 11 .
             tcId: 12 .
             tcId: 13 .
             tcId: 14 .
             tcId: 15 .

     tgId:  2
     alg:  ML-DSA-65
             tcId: 16 .
             tcId: 17 .
             tcId: 18 .
             tcId: 19 .
             tcId: 20               Expected:  True                 Generated:  False x
             tcId: 21               Expected:  True                 Generated:  False x
             tcId: 22 .
             tcId: 23 .
             tcId: 24 .
             tcId: 25               Expected:  True                 Generated:  False x
             tcId: 26 .
             tcId: 27 .
             tcId: 28 .
             tcId: 29 .
             tcId: 30 .

     tgId:  3
     alg:  ML-DSA-87
             tcId: 31               Expected:  True                 Generated:  False x
             tcId: 32 .
             tcId: 33 .
             tcId: 34 .
             tcId: 35 .
             tcId: 36 .
             tcId: 37 .
             tcId: 38 .
             tcId: 39 .
             tcId: 40 .
             tcId: 41 .
             tcId: 42               Expected:  True                 Generated:  False x
             tcId: 43               Expected:  True                 Generated:  False x
             tcId: 44 .
             tcId: 45 .

Is there anything that needs to be updated from my side or there is some issue with test vectors I'm currently using?

[bhess]

Hi @Dhruva21, liboqs doesn't yet implement ML-DSA (final standard). See https://github.com/open-quantum-safe/liboqs/pull/1919 which tracks the integration.

[wangweij]

Appendix D.3: in the final version of ML-DSA, all of the bits of 𝑐 ̃ are used in the generation of 𝑐 (Algorithm 29),...

[Dhruva21]

Hi @bhess , thank you.

If my understanding is correct, https://github.com/open-quantum-safe/liboqs/pull/1919 --> this change is for tracking the integration of final implementation of ML-DSA (final standard) correct? Once all TODO's are done the code will be merged?

Reason for the above question is, I checked out to this branch bhe-fips204-final, still I see few ACVP vectors in ML-DSA-44, ML-DSA-65 and ML-DSA-87 are failing..

And can I know where can I find the vectors online or how to generate those?

Thanks,

[bhess]

If my understanding is correct, open-quantum-safe/liboqs#1919 --> this change is for tracking the integration of final implementation of ML-DSA (final standard) correct? Once all TODO's are done the code will be merged?

Correct.

Reason for the above question is, I checked out to this branch bhe-fips204-final, still I see few ACVP vectors in ML-DSA-44, ML-DSA-65 and ML-DSA-87 are failing..

Yes, this is expected and related to the first two Todos in https://github.com/open-quantum-safe/liboqs/pull/1919

And can I know where can I find the vectors online or how to generate those?

They are available here: https://github.com/usnistgov/ACVP-Server/tree/master/gen-val/json-files

[Dhruva21]

Hi @bhess ,

Is the liboqs source code has changes related to fips204 spec? I see the first two todo's are merged..,

Thanks,