Closed planetf1 closed 4 hours ago
planetf1
commented
2 months ago Contacted Peter Schwabe you mentioned the last fix needed for ML-KEM was going into the standard branch. -> https://github.com/pq-crystals/kyber/commit/3c874cddd5fdaf4a7bd13f7e2e4d98a2a1eb8dc4
We now need to start identifying the work needed to get the implementation onboarded.
planetf1
commented
2 months ago Task List (will keep this updated)
planetf1
commented
2 months ago I propose we discuss this more on the TSC call. Meanwhile any feedback appreciated, and I can get started on looking at the first code version
@cryptojedi @jschanck @mkannwischer @dstebila
planetf1
commented
2 months ago Summary of dialog with Peter
planetf1
commented
1 month ago Reviewing licenses in the files:
_/* Based on the public domain implementation in crypto_hash/keccakc512/simple/ from
* http://bench.cr.yp.to/supercop.html by Ronny Van Keer and the public domain "TweetFips202"
* implementation from https://twitter.com/tweetfips202 by Gilles Van Assche, Daniel J. Bernstein,
* and Peter Schwabe */_// Created by Bassham, Lawrence E (Fed) on 8/29/17.
// Copyright © 2017 Bassham, Lawrence E (Fed). All rights reserved.// Created by Bassham, Lawrence E (Fed) on 8/29/17.
// Copyright © 2017 Bassham, Lawrence E (Fed). All rights reserved.fips202 is marked as CC0-1.0 in https://github.com/pq-code-package/mlkem-c-aarch64/blob/main/fips202/fips202.c
planetf1
commented
1 month ago rng implemention in aarch64 -> https://github.com/pq-code-package/mlkem-c-aarch64/blob/580c136b692ff8f4b68b823e1a90c89db17448a1/test/nistrng/rng.c#L4
planetf1
commented
1 month ago The nistkat files are published by NIST here
These have a header:
/*
NIST-developed software is provided by NIST as a public service. You may use, copy, and distribute copies of the software in any medium, provided that you keep intact this entire notice. You may improve, modify, and create derivative works of the software or any portion of the software, and you may copy and distribute such modifications or works. Modified works should carry a notice stating that you changed the software and should note the date and nature of any such change. Please explicitly acknowledge the National Institute of Standards and Technology as the source of the software.
NIST-developed software is expressly provided "AS IS." NIST MAKES NO WARRANTY OF ANY KIND, EXPRESS, IMPLIED, IN FACT, OR ARISING BY OPERATION OF LAW, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND DATA ACCURACY. NIST NEITHER REPRESENTS NOR WARRANTS THAT THE OPERATION OF THE SOFTWARE WILL BE UNINTERRUPTED OR ERROR-FREE, OR THAT ANY DEFECTS WILL BE CORRECTED. NIST DOES NOT WARRANT OR MAKE ANY REPRESENTATIONS REGARDING THE USE OF THE SOFTWARE OR THE RESULTS THEREOF, INCLUDING BUT NOT LIMITED TO THE CORRECTNESS, ACCURACY, RELIABILITY, OR USEFULNESS OF THE SOFTWARE.
You are solely responsible for determining the appropriateness of using and distributing the software and you assume all risks associated with its use, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and the unavailability or interruption of operation. This software is not intended to be used in any situation where a failure could cause risk of injury or damage to property. The software developed by NIST employees is not subject to copyright protection within the United States.
*/
We have a few pending PRs for the generic implementation, and meantime the pqclean package has moved forward.
I propose to start looking at consolidating this - from the pqclean content, code owners, and pending PRs so that we can onboard an initial generic implementation & also consolidate APIs and assurance descriptions along with the other implementations in pqcp
| Clarification edit: PQCrystals is primary source