FIPS 203 IPD update: ML-KEM-IPD-768 and ML-KEM-IPD-1024 #1724
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #1724 +/- ##
==========================================
+ Coverage 78.26% 78.28% +0.01%
==========================================
Files 580 580
Lines 96418 96521 +103
Branches 13830 13838 +8
==========================================
+ Hits 75465 75562 +97
- Misses 20340 20345 +5
- Partials 613 614 +1 ☔ View full report in Codecov by Sentry. |
dkostic
approved these changes
Jul 29, 2024
torben-hansen
approved these changes
Jul 30, 2024
skmcgrail
added a commit
that referenced
this pull request
Aug 1, 2024
## What's Changed * Added options to x509 tool by @ecdeye in #1696 * Add support to detect Neoverse V2 cores by @andrewhop in #1706 * Move OCSP functions for Ruby out of internal.h by @samuel40791765 in #1704 * Add aes-256-xts to EVP_get_cipherbyname by @torben-hansen in #1707 * Match using CMAKE_SYSTEM_PROCESSOR_LOWER by @justsmth in #1709 * Update MySQL to 9.0.0 by @skmcgrail in #1685 * [EC] Unify scalar multiplication for P-256/384/521 by @dkostic in #1693 * Adds const qualifier to ciphertext parameter in EVP_PKEY_decapsulate by @maddeleine in #1713 * Upstream merge 2024 06 24 by @nebeid in #1661 * NIST SP 800-108r1-upd1: KDF Counter Implementation by @skmcgrail in #1644 * Upstream merge 2024 07 09 by @nebeid in #1694 * Design for support of HMAC precomputed keys by @fabrice102 in #1574 * Fix for select point from table in ec_nistp scalar_mul by @dkostic in #1719 * X509toolcomparison by @ecdeye in #1714 * AWS-LC s2n-bignum update 2024-07-22 by @dkostic in #1718 * Add OpenVPN to CI by @smittals2 in #1705 * Lower required Go version, add CI test for specific version by @andrewhop in #1717 * ec2-test-framework enhancements and graviton 4 testing by @samuel40791765 in #1715 * sha + chacha: Move AArch64/X86-64 dispatching to C. by @justsmth in #1625 * Show number of pruned ec2 instances in dashboard by @samuel40791765 in #1728 * rsa and md5 tools by @ecdeye in #1722 * FIPS 203 IPD update: ML-KEM-IPD-768 and ML-KEM-IPD-1024 by @jakemas in #1724 * bump mysql CI to 9.0.1 by @samuel40791765 in #1727 * Support utility OCSP request functions by @samuel40791765 in #1708 * add support for OCSP_SINGLERESP functions by @samuel40791765 in #1703
This was referenced Aug 1, 2024
lilpoozie2005
approved these changes
Sep 11, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issues:
AWS-LC is tracking the standardization of FIPS 203: Module-Lattice-Based Key-Encapsulation Mechanism Standard. This PR brings our implementation of ML-KEM up to the specification described in FIPS 203.
Most recent changes in this area:
a1f73bc
56f3569
4b07805
Description of changes:
NIST have made the following public statements regarding the planned changes to FIPS 203:
As such, this PR includes the following:
crypto/ml_kem/ml_kem_768_ipd.candcrypto/ml_kem/ml_kem_1024_ipd.c.pq_custom_randombytesand updates with information regarding the de-randomized API.Call-outs:
Divergence from the reference implementation: I have checked upstream (https://github.com/pq-crystals/kyber/tree/standard) for any additional changes to the IPD reference implementation, and see two more recent commits since the previous import. These are:
I have not included these fixes into this PR, as AWS-LC independently addressed these issues in PR 4b07805.
Testing:
The new KEM algorithms have been added to the
built_in_kemslist, and as such, are included within the completePerKEMTestsuite. This includes testing of the de-randomized APIs added in #1578.By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.