Skip to content

[DRAFT] mldsa-native integration #2284

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

[DRAFT] mldsa-native integration #2284

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
0928ec3
mldsa-native integration [full tests] [extended tests]
mkannwischer Sep 24, 2025
db1a390
ML-DSA: Remove outdated patches and constant-time exceptions [full t…
mkannwischer Sep 25, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
28 changes: 23 additions & 5 deletions .CMake/alg_support.cmake
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -636,20 +636,38 @@ endif()


if(CMAKE_SYSTEM_NAME MATCHES "Darwin|Linux")
if(OQS_DIST_X86_64_BUILD OR (OQS_USE_AVX2_INSTRUCTIONS AND OQS_USE_POPCNT_INSTRUCTIONS))
cmake_dependent_option(OQS_ENABLE_SIG_ml_dsa_44_avx2 "" ON "OQS_ENABLE_SIG_ml_dsa_44" OFF)
if(OQS_DIST_X86_64_BUILD OR (OQS_USE_AVX2_INSTRUCTIONS AND OQS_USE_BMI2_INSTRUCTIONS AND OQS_USE_POPCNT_INSTRUCTIONS))
cmake_dependent_option(OQS_ENABLE_SIG_ml_dsa_44_x86_64 "" ON "OQS_ENABLE_SIG_ml_dsa_44" OFF)
endif()
endif()

if(CMAKE_SYSTEM_NAME MATCHES "Linux|Darwin")
if(OQS_DIST_ARM64_V8_BUILD OR (OQS_USE_ARM_NEON_INSTRUCTIONS AND OQS_USE_ARM_NEON_INSTRUCTIONS))
cmake_dependent_option(OQS_ENABLE_SIG_ml_dsa_44_aarch64 "" ON "OQS_ENABLE_SIG_ml_dsa_44" OFF)
endif()
endif()

if(CMAKE_SYSTEM_NAME MATCHES "Darwin|Linux")
if(OQS_DIST_X86_64_BUILD OR (OQS_USE_AVX2_INSTRUCTIONS AND OQS_USE_POPCNT_INSTRUCTIONS))
cmake_dependent_option(OQS_ENABLE_SIG_ml_dsa_65_avx2 "" ON "OQS_ENABLE_SIG_ml_dsa_65" OFF)
if(OQS_DIST_X86_64_BUILD OR (OQS_USE_AVX2_INSTRUCTIONS AND OQS_USE_BMI2_INSTRUCTIONS AND OQS_USE_POPCNT_INSTRUCTIONS))
cmake_dependent_option(OQS_ENABLE_SIG_ml_dsa_65_x86_64 "" ON "OQS_ENABLE_SIG_ml_dsa_65" OFF)
endif()
endif()

if(CMAKE_SYSTEM_NAME MATCHES "Linux|Darwin")
if(OQS_DIST_ARM64_V8_BUILD OR (OQS_USE_ARM_NEON_INSTRUCTIONS AND OQS_USE_ARM_NEON_INSTRUCTIONS))
cmake_dependent_option(OQS_ENABLE_SIG_ml_dsa_65_aarch64 "" ON "OQS_ENABLE_SIG_ml_dsa_65" OFF)
endif()
endif()

if(CMAKE_SYSTEM_NAME MATCHES "Darwin|Linux")
if(OQS_DIST_X86_64_BUILD OR (OQS_USE_AVX2_INSTRUCTIONS AND OQS_USE_POPCNT_INSTRUCTIONS))
cmake_dependent_option(OQS_ENABLE_SIG_ml_dsa_87_avx2 "" ON "OQS_ENABLE_SIG_ml_dsa_87" OFF)
cmake_dependent_option(OQS_ENABLE_SIG_ml_dsa_87_x86_64 "" ON "OQS_ENABLE_SIG_ml_dsa_87" OFF)
endif()
endif()

if(CMAKE_SYSTEM_NAME MATCHES "Linux|Darwin")
if(OQS_DIST_ARM64_V8_BUILD OR (OQS_USE_ARM_NEON_INSTRUCTIONS AND OQS_USE_ARM_NEON_INSTRUCTIONS))
cmake_dependent_option(OQS_ENABLE_SIG_ml_dsa_87_aarch64 "" ON "OQS_ENABLE_SIG_ml_dsa_87" OFF)
endif()
endif()

Expand Down
13 changes: 8 additions & 5 deletions docs/algorithms/sig/ml_dsa.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,8 @@
- **Authors' website**: https://pq-crystals.org/dilithium/ and https://csrc.nist.gov/pubs/fips/204/final
- **Specification version**: ML-DSA.
- **Primary Source**<a name="primary-source"></a>:
- **Source**: https://github.com/pq-crystals/dilithium/commit/444cdcc84eb36b66fe27b3a2529ee48f6d8150c2 with copy_from_upstream patches
- **Implementation license (SPDX-Identifier)**: CC0-1.0 or Apache-2.0
- **Source**: https://github.com/pq-code-package/mldsa-native/commit/7cd8aba68be2b35fc34bbf738a097f269be60b31
- **Implementation license (SPDX-Identifier)**: MIT or Apache-2.0 or ISC


## Parameter set summary
Expand All @@ -24,7 +24,8 @@
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| [Primary Source](#primary-source) | ref | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Darwin,Linux | AVX2,POPCNT | True | True | False |
| [Primary Source](#primary-source) | x86\_64 | x86\_64 | Darwin,Linux | AVX2,BMI2,POPCNT | True | True | False |
| [Primary Source](#primary-source) | aarch64 | ARM64\_V8 | Linux,Darwin | None | True | False | False |

Are implementations chosen based on runtime CPU feature detection? **Yes**.

Expand All @@ -35,7 +36,8 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | ref | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Darwin,Linux | AVX2,POPCNT | True | True | False |
| [Primary Source](#primary-source) | x86\_64 | x86\_64 | Darwin,Linux | AVX2,BMI2,POPCNT | True | True | False |
| [Primary Source](#primary-source) | aarch64 | ARM64\_V8 | Linux,Darwin | None | True | False | False |

Are implementations chosen based on runtime CPU feature detection? **Yes**.

Expand All @@ -44,7 +46,8 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| [Primary Source](#primary-source) | ref | All | All | None | True | True | False |
| [Primary Source](#primary-source) | avx2 | x86\_64 | Darwin,Linux | AVX2,POPCNT | True | True | False |
| [Primary Source](#primary-source) | x86\_64 | x86\_64 | Darwin,Linux | AVX2,POPCNT | True | True | False |
| [Primary Source](#primary-source) | aarch64 | ARM64\_V8 | Linux,Darwin | None | True | False | False |

Are implementations chosen based on runtime CPU feature detection? **Yes**.

Expand Down
49 changes: 43 additions & 6 deletions docs/algorithms/sig/ml_dsa.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,8 @@ website: https://pq-crystals.org/dilithium/ and https://csrc.nist.gov/pubs/fips/
nist-round: FIPS204
spec-version: ML-DSA
primary-upstream:
source: https://github.com/pq-crystals/dilithium/commit/444cdcc84eb36b66fe27b3a2529ee48f6d8150c2
with copy_from_upstream patches
spdx-license-identifier: CC0-1.0 or Apache-2.0
source: https://github.com/pq-code-package/mldsa-native/commit/7cd8aba68be2b35fc34bbf738a097f269be60b31
spdx-license-identifier: MIT or Apache-2.0 or ISC
parameter-sets:
- name: ML-DSA-44
claimed-nist-level: 2
Expand All @@ -36,20 +35,33 @@ parameter-sets:
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream: primary-upstream
upstream-id: avx2
upstream-id: x86_64
supported-platforms:
- architecture: x86_64
operating_systems:
- Darwin
- Linux
required_flags:
- avx2
- bmi2
- popcnt
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream: primary-upstream
upstream-id: aarch64
supported-platforms:
- architecture: ARM64_V8
operating_systems:
- Linux
- Darwin
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: false
- name: ML-DSA-65
claimed-nist-level: 3
claimed-security: SUF-CMA
Expand All @@ -67,20 +79,33 @@ parameter-sets:
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream: primary-upstream
upstream-id: avx2
upstream-id: x86_64
supported-platforms:
- architecture: x86_64
operating_systems:
- Darwin
- Linux
required_flags:
- avx2
- bmi2
- popcnt
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream: primary-upstream
upstream-id: aarch64
supported-platforms:
- architecture: ARM64_V8
operating_systems:
- Linux
- Darwin
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: false
- name: ML-DSA-87
claimed-nist-level: 5
claimed-security: SUF-CMA
Expand All @@ -98,7 +123,7 @@ parameter-sets:
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream: primary-upstream
upstream-id: avx2
upstream-id: x86_64
supported-platforms:
- architecture: x86_64
operating_systems:
Expand All @@ -112,3 +137,15 @@ parameter-sets:
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: true
large-stack-usage: false
- upstream: primary-upstream
upstream-id: aarch64
supported-platforms:
- architecture: ARM64_V8
operating_systems:
- Linux
- Darwin
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
no-secret-dependent-branching-checked-by-valgrind: false
large-stack-usage: false
95 changes: 88 additions & 7 deletions docs/cbom.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,23 +2,23 @@
"$schema": "https://raw.githubusercontent.com/CycloneDX/specification/1.6/schema/bom-1.6.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.6",
"serialNumber": "urn:uuid:e3f0e064-0a7b-49da-8f9c-20969271ed8f",
"serialNumber": "urn:uuid:96e5dd1c-c97c-4290-82e0-77879e474f25",
"version": 1,
"metadata": {
"timestamp": "2025-09-11T19:12:41.723813+00:00",
"timestamp": "2025-09-25T05:06:11.659435+00:00",
"component": {
"type": "library",
"bom-ref": "pkg:github/open-quantum-safe/liboqs@c25f169f5ad77d5b96984357a396f98c223b7a98",
"bom-ref": "pkg:github/open-quantum-safe/liboqs@f684a57e2d787d1fc41edfe69f5bbce551568701",
"name": "liboqs",
"version": "c25f169f5ad77d5b96984357a396f98c223b7a98"
"version": "f684a57e2d787d1fc41edfe69f5bbce551568701"
}
},
"components": [
{
"type": "library",
"bom-ref": "pkg:github/open-quantum-safe/liboqs@c25f169f5ad77d5b96984357a396f98c223b7a98",
"bom-ref": "pkg:github/open-quantum-safe/liboqs@f684a57e2d787d1fc41edfe69f5bbce551568701",
"name": "liboqs",
"version": "c25f169f5ad77d5b96984357a396f98c223b7a98"
"version": "f684a57e2d787d1fc41edfe69f5bbce551568701"
},
{
"type": "cryptographic-asset",
Expand Down Expand Up @@ -2700,6 +2700,26 @@
}
}
},
{
"type": "cryptographic-asset",
"bom-ref": "alg:ML-DSA-44:armv8-a",
"name": "ML-DSA",
"cryptoProperties": {
"assetType": "algorithm",
"algorithmProperties": {
"parameterSetIdentifier": "ML-DSA-44",
"primitive": "signature",
"executionEnvironment": "software-plain-ram",
"cryptoFunctions": [
"keygen",
"sign",
"verify"
],
"nistQuantumSecurityLevel": 2,
"implementationPlatform": "armv8-a"
}
}
},
{
"type": "cryptographic-asset",
"bom-ref": "alg:ML-DSA-65:generic",
Expand Down Expand Up @@ -2740,6 +2760,26 @@
}
}
},
{
"type": "cryptographic-asset",
"bom-ref": "alg:ML-DSA-65:armv8-a",
"name": "ML-DSA",
"cryptoProperties": {
"assetType": "algorithm",
"algorithmProperties": {
"parameterSetIdentifier": "ML-DSA-65",
"primitive": "signature",
"executionEnvironment": "software-plain-ram",
"cryptoFunctions": [
"keygen",
"sign",
"verify"
],
"nistQuantumSecurityLevel": 3,
"implementationPlatform": "armv8-a"
}
}
},
{
"type": "cryptographic-asset",
"bom-ref": "alg:ML-DSA-87:generic",
Expand Down Expand Up @@ -2780,6 +2820,26 @@
}
}
},
{
"type": "cryptographic-asset",
"bom-ref": "alg:ML-DSA-87:armv8-a",
"name": "ML-DSA",
"cryptoProperties": {
"assetType": "algorithm",
"algorithmProperties": {
"parameterSetIdentifier": "ML-DSA-87",
"primitive": "signature",
"executionEnvironment": "software-plain-ram",
"cryptoFunctions": [
"keygen",
"sign",
"verify"
],
"nistQuantumSecurityLevel": 5,
"implementationPlatform": "armv8-a"
}
}
},
{
"type": "cryptographic-asset",
"bom-ref": "alg:SLH_DSA_PURE_SHA2_128S:generic",
Expand Down Expand Up @@ -7847,7 +7907,7 @@
],
"dependencies": [
{
"ref": "pkg:github/open-quantum-safe/liboqs@c25f169f5ad77d5b96984357a396f98c223b7a98",
"ref": "pkg:github/open-quantum-safe/liboqs@f684a57e2d787d1fc41edfe69f5bbce551568701",
"provides": [
"alg:BIKE-L1:x86_64",
"alg:BIKE-L3:x86_64",
Expand Down Expand Up @@ -7983,10 +8043,13 @@
"alg:MAYO-5:armv8-a",
"alg:ML-DSA-44:generic",
"alg:ML-DSA-44:x86_64",
"alg:ML-DSA-44:armv8-a",
"alg:ML-DSA-65:generic",
"alg:ML-DSA-65:x86_64",
"alg:ML-DSA-65:armv8-a",
"alg:ML-DSA-87:generic",
"alg:ML-DSA-87:x86_64",
"alg:ML-DSA-87:armv8-a",
"alg:SLH_DSA_PURE_SHA2_128S:generic",
"alg:SLH_DSA_PURE_SHA2_128F:generic",
"alg:SLH_DSA_PURE_SHA2_192S:generic",
Expand Down Expand Up @@ -9063,6 +9126,12 @@
"alg:sha3"
]
},
{
"ref": "alg:ML-DSA-44:armv8-a",
"dependsOn": [
"alg:sha3"
]
},
{
"ref": "alg:ML-DSA-65:generic",
"dependsOn": [
Expand All @@ -9075,6 +9144,12 @@
"alg:sha3"
]
},
{
"ref": "alg:ML-DSA-65:armv8-a",
"dependsOn": [
"alg:sha3"
]
},
{
"ref": "alg:ML-DSA-87:generic",
"dependsOn": [
Expand All @@ -9087,6 +9162,12 @@
"alg:sha3"
]
},
{
"ref": "alg:ML-DSA-87:armv8-a",
"dependsOn": [
"alg:sha3"
]
},
{
"ref": "alg:SNOVA_24_5_4:generic",
"dependsOn": [
Expand Down
14 changes: 7 additions & 7 deletions scripts/copy_from_upstream/copy_from_upstream.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,13 +56,13 @@ upstreams:
kem_scheme_path: '.'
patches: [icicle-mlkem-enc-derand.patch]
-
name: pqcrystals-dilithium-standard
git_url: https://github.com/pq-crystals/dilithium.git
git_branch: master
git_commit: 444cdcc84eb36b66fe27b3a2529ee48f6d8150c2
sig_meta_path: '{pretty_name_full}_META.yml'
name: mldsa-native
git_url: https://github.com/pq-code-package/mldsa-native.git
git_branch: liboqs-integration
git_commit: 7cd8aba68be2b35fc34bbf738a097f269be60b31
sig_meta_path: 'integration/liboqs/{pretty_name_full}_META.yml'
sig_scheme_path: '.'
patches: [pqcrystals-ml_dsa.patch, pqcrystals-ml_dsa-SUF-CMA.patch]
preserve_folder_structure: True
-
name: pqmayo
git_url: https://github.com/PQCMayo/MAYO-C.git
Expand Down Expand Up @@ -216,7 +216,7 @@ sigs:
-
name: ml_dsa
default_implementation: ref
upstream_location: pqcrystals-dilithium-standard
upstream_location: mldsa-native
schemes:
-
scheme: "44"
Expand Down
Loading
Loading