Last active
June 25, 2024 18:03
-
-
Save itzmeanjan/c8f5bc9640d0f0bdd2437dfe364d7710 to your computer and use it in GitHub Desktop.
Git Patch to Generate Known Answer Tests ( KATs ) from ML-KEM "Official" Reference Implementation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff --git a/ref/hex_print.h b/ref/hex_print.h | |
new file mode 100644 | |
index 0000000..be80ffc | |
--- /dev/null | |
+++ b/ref/hex_print.h | |
@@ -0,0 +1,11 @@ | |
+#include <stdint.h> | |
+#include <stdio.h> | |
+ | |
+inline void | |
+to_hex(const uint8_t* const bytes, const size_t blen) | |
+{ | |
+ for (size_t i = 0; i < blen; i++) { | |
+ printf("%.2x", bytes[i]); | |
+ } | |
+ printf("\n"); | |
+} | |
diff --git a/ref/kem.c b/ref/kem.c | |
index 63abc10..f899621 100644 | |
--- a/ref/kem.c | |
+++ b/ref/kem.c | |
@@ -7,6 +7,7 @@ | |
#include "verify.h" | |
#include "symmetric.h" | |
#include "randombytes.h" | |
+#include "hex_print.h" | |
/************************************************* | |
* Name: crypto_kem_keypair_derand | |
* | |
@@ -52,7 +53,19 @@ int crypto_kem_keypair(uint8_t *pk, | |
{ | |
uint8_t coins[2*KYBER_SYMBYTES]; | |
randombytes(coins, 2*KYBER_SYMBYTES); | |
+ | |
+ printf("d = "); | |
+ to_hex(coins, KYBER_SYMBYTES); | |
+ printf("z = "); | |
+ to_hex(coins + KYBER_SYMBYTES, KYBER_SYMBYTES); | |
+ | |
crypto_kem_keypair_derand(pk, sk, coins); | |
+ | |
+ printf("pk = "); | |
+ to_hex(pk, KYBER_PUBLICKEYBYTES); | |
+ printf("sk = "); | |
+ to_hex(sk, KYBER_SECRETKEYBYTES); | |
+ | |
return 0; | |
} | |
@@ -116,7 +129,18 @@ int crypto_kem_enc(uint8_t *ct, | |
{ | |
uint8_t coins[KYBER_SYMBYTES]; | |
randombytes(coins, KYBER_SYMBYTES); | |
+ | |
+ printf("m = "); | |
+ to_hex(coins, KYBER_SYMBYTES); | |
+ | |
crypto_kem_enc_derand(ct, ss, pk, coins); | |
+ | |
+ printf("ct = "); | |
+ to_hex(ct, KYBER_CIPHERTEXTBYTES); | |
+ printf("ss = "); | |
+ to_hex(ss, KYBER_SSBYTES); | |
+ printf("\n"); | |
+ | |
return 0; | |
} | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Steps for Generating Known Answer Tests for ML-KEM-{512, 768, 1024}
ML-KEM was previously known as Kyber (https://pq-crystals.org/kyber/index.shtml) and it's being standardized by NIST. Currently we've a draft standard from NIST for FIPS 203 @ https://doi.org/10.6028/NIST.FIPS.203.ipd.
Note
These KATs are used to test functional correctness & compatibility of ML-KEM implementation https://github.com/itzmeanjan/ml-kem.
git clone https://github.com/pq-crystals/kyber.git git checkout d1321ce5ac0b53f583eb47a040dc3625ee8e7e37 # `standard` branch
Warning
Don't forget to setup environment following ML-KEM official implementation documents ( see the README.md in ML-KEM repository ).
cd kyber git apply ml_kem_kat_generation.patch
ML-KEM-{512, 768, 1024}
( see content of fileml_kem_{512, 768, 1024}.kat
)