Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

updated to Pure MLDSA mode with 512-bit input msg #56

Merged
merged 5 commits into from
Dec 13, 2024
Merged

updated to Pure MLDSA mode with 512-bit input msg #56

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
3518038
updated to Pure MLDSA mode with 512-bit input msg
Dec 12, 2024
763ab87
MICROSOFT AUTOMATED PIPELINE: Stamp 'mojtaba-pureMLDSA' with updated …
mojtaba-bisheh Dec 12, 2024
25a9706
Merge branch 'main' into mojtaba-pureMLDSA
Dec 12, 2024
605f83b
main merged
Dec 12, 2024
007f658
MICROSOFT AUTOMATED PIPELINE: Stamp 'mojtaba-pureMLDSA' with updated …
mojtaba-bisheh Dec 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflow_metadata/pr_hash
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
a62d2ed013912136edb279a0e805b752fcee6aa58f2d4bf094bd42badde9f48c51cc0b27c58c00db7a6458e1dbfcdcfa
41b06b124b04e583d0f040b825a4f769f1db7b6d2a1caf2820f12d656c293ba4572c81c43d3e77aa92679b7fe74cd3a1
2 changes: 1 addition & 1 deletion .github/workflow_metadata/pr_timestamp
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
1734034065
1734046579
9 changes: 4 additions & 5 deletions src/mldsa_top/rtl/mldsa_ctrl.sv
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -834,11 +834,10 @@ always_comb mldsa_privkey_lock = '0;
end
end
end

//concatenate OID and MSG to make msg prime
logic [MSG_NUM_DWORDS-1+4 : 0][DATA_WIDTH-1:0] msg_p_reg;

always_comb msg_p_reg = {24'h0, msg_reg, PREHASH_OID, 8'h00, 8'h01};

//pure-MLDSA assuming 512-bit input msg and empty ctx
logic [MSG_NUM_DWORDS-1+1 : 0][DATA_WIDTH-1:0] msg_p_reg;
always_comb msg_p_reg = {16'h0, msg_reg, 8'h00, 8'h00};

always_comb rho_reg = verifying_process ? publickey_reg.enc.rho : privatekey_reg.enc.rho;

Expand Down
4 changes: 2 additions & 2 deletions src/mldsa_top/rtl/mldsa_seq_prim.sv
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -197,7 +197,7 @@ module mldsa_seq_prim
MLDSA_SIGN_RND_S+ 2 : data_o_rom <= '{opcode:MLDSA_UOP_LFSR, imm:'h0000, length:'d00, operand1:MLDSA_NOP, operand2:MLDSA_NOP, operand3:MLDSA_NOP};
//μ ←H(tr||M,512)
MLDSA_SIGN_S : data_o_rom <= '{opcode:MLDSA_UOP_LD_SHAKE256, imm:'h0000, length:'d64, operand1:MLDSA_TR_ID, operand2:MLDSA_NOP, operand3:MLDSA_NOP};
MLDSA_SIGN_S+ 1 : data_o_rom <= '{opcode:MLDSA_UOP_SHAKE256, imm:'h0000, length:'d77, operand1:MLDSA_MSG_ID, operand2:MLDSA_NOP, operand3:MLDSA_DEST_MU_REG_ID};
MLDSA_SIGN_S+ 1 : data_o_rom <= '{opcode:MLDSA_UOP_SHAKE256, imm:'h0000, length:'d66, operand1:MLDSA_MSG_ID, operand2:MLDSA_NOP, operand3:MLDSA_DEST_MU_REG_ID};
//ρ′=Keccak(K||rnd|| μ)
MLDSA_SIGN_S+ 2 : data_o_rom <= '{opcode:MLDSA_UOP_LD_SHAKE256, imm:'h0000, length:'d32, operand1:MLDSA_K_ID, operand2:MLDSA_NOP, operand3:MLDSA_NOP};
MLDSA_SIGN_S+ 3 : data_o_rom <= '{opcode:MLDSA_UOP_LD_SHAKE256, imm:'h0000, length:'d32, operand1:MLDSA_SIGN_RND_ID, operand2:MLDSA_NOP, operand3:MLDSA_NOP};
Expand Down Expand Up @@ -339,7 +339,7 @@ module mldsa_seq_prim
MLDSA_VERIFY_H_TR : data_o_rom <= '{opcode:MLDSA_UOP_SHAKE256, imm:'h0000, length:PUBKEY_NUM_BYTES, operand1:MLDSA_PK_REG_ID, operand2:MLDSA_NOP, operand3:MLDSA_DEST_TR_REG_ID};
//μ ←H(tr||M,512)
MLDSA_VERIFY_H_MU : data_o_rom <= '{opcode:MLDSA_UOP_LD_SHAKE256, imm:'h0000, length:'d64, operand1:MLDSA_TR_ID, operand2:MLDSA_NOP, operand3:MLDSA_NOP};
MLDSA_VERIFY_H_MU+ 1 : data_o_rom <= '{opcode:MLDSA_UOP_SHAKE256, imm:'h0000, length:'d77, operand1:MLDSA_MSG_ID, operand2:MLDSA_NOP, operand3:MLDSA_DEST_MU_REG_ID};
MLDSA_VERIFY_H_MU+ 1 : data_o_rom <= '{opcode:MLDSA_UOP_SHAKE256, imm:'h0000, length:'d66, operand1:MLDSA_MSG_ID, operand2:MLDSA_NOP, operand3:MLDSA_DEST_MU_REG_ID};
//c ←SampleInBall(c˜1)
MLDSA_VERIFY_MAKE_C : data_o_rom <= '{opcode:MLDSA_UOP_SIB, imm:'h0000, length:'d64, operand1:MLDSA_SIG_C_REG_ID, operand2:MLDSA_NOP, operand3:MLDSA_NOP};
//cˆ ←NTT(c)
Expand Down
4 changes: 2 additions & 2 deletions src/mldsa_top/uvmf/Dilithium_ref/dilithium/ref/test/signing_output.hex
View file
Open in desktop

Large diffs are not rendered by default.

46 changes: 34 additions & 12 deletions src/mldsa_top/uvmf/Dilithium_ref/dilithium/ref/test/test_dilithium.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,19 @@
#define MLEN 65536
#define M_PRIME 1

#ifndef PREHASH
#define PREHASH 0
#endif

#define PHM_SIZE 64 // 512 bits = 64 bytes
#define OID_SIZE 11 // Size of OID (in bytes)
#define M_SIZE (2 + OID_SIZE + PHM_SIZE) // Size of final message M'

#if PREHASH == 1
#define OID_SIZE 11 // Size of OID (in bytes)
#define M_SIZE (2 + OID_SIZE + PHM_SIZE) // Size of final message M'
#else
#define M_SIZE (2 + PHM_SIZE) // Size of final message M'
#endif

// Function prototypes
uint8_t hexCharToInt(char c);
uint8_t hexStringToByte(const char* str);
Expand All @@ -29,16 +39,28 @@ void create_message_prime(uint8_t *PHM, uint8_t *M_prime);
const uint8_t rnd[32] = {0};

void create_message_prime(uint8_t *PHM, uint8_t *M_prime) {
// Step 1: Initialize M_prime with required sizes
M_prime[0] = 0x01;
M_prime[1] = 0x00;

// Step 2: Add OID (0x0609608648016503040203)
uint8_t OID[OID_SIZE] = {0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03};
memcpy(M_prime + 2, OID, OID_SIZE);

// Step 3: Add 512-bit (64-byte) PHM
memcpy(M_prime + 2 + OID_SIZE, PHM, PHM_SIZE);
#if PREHASH == 1
// pre-hash MLDSA
// Step 1: Initialize M_prime with required sizes
M_prime[0] = 0x01;
M_prime[1] = 0x00;

// Step 2: Add OID (0x0609608648016503040203)
uint8_t OID[OID_SIZE] = {0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03};
memcpy(M_prime + 2, OID, OID_SIZE);

// Step 3: Add 512-bit (64-byte) PHM
memcpy(M_prime + 2 + OID_SIZE, PHM, PHM_SIZE);

#else
// pure MLDSA
// Step 1: Initialize M_prime with required sizes
M_prime[0] = 0x00;
M_prime[1] = 0x00;

// Step 2: Add 512-bit (64-byte) PHM
memcpy(M_prime + 2, PHM, PHM_SIZE);
#endif
}


Expand Down
Binary file modified src/mldsa_top/uvmf/Dilithium_ref/dilithium/ref/test/test_dilithium5
View file
Open in desktop
Binary file not shown.
Binary file modified src/mldsa_top/uvmf/Dilithium_ref/dilithium/ref/test/test_dilithium5_debug
View file
Open in desktop
Binary file not shown.
2 changes: 1 addition & 1 deletion src/mldsa_top/uvmf/Dilithium_ref/dilithium/ref/test/verif_input.hex
View file
Open in desktop

Large diffs are not rendered by default.