Module fips204::ml_dsa_87

source ·
Expand description

Functionality for the ML-DSA-87 security parameter set. This includes specific sizes for the public key, secret key, and signature along with a number of internal constants. The ML-DSA-87 parameter set is claimed to be in security strength category 5.

1) The basic usage is for an originator to start with the ml_dsa_44::try_keygen_vt function below to generate both ml_dsa_44::PublicKey and ml_dsa_44::PrivateKey structs. The resulting ml_dsa_44::PrivateKey struct implements the traits::Signer trait which supplies a variety of functions to sign byte-array messages, such as traits::Signer::try_sign_ct().

2) Both of the PrivateKey and PublicKey structs implement the traits::SerDes trait The originator utilizes the traits::SerDes::into_bytes() functions to serialize the structs into byte-arrays for storage and/or transmission, similar to the message. Upon retrieval and/or receipt, the remote party utilizes the traits::SerDes::try_from_bytes() functions to deserialize the byte-arrays into structs.

3) Finally, the remote party uses the traits::Verifier::try_verify_vt() function implemented on the ml_dsa_44::PublicKey struct to verify the message with the Signature byte array.

See the top-level crate documentation for example code that implements the above flow.

Structs§

Constants§

  • PK_LEN
    Public key length in bytes.
  • SIG_LEN
    Signature length in bytes.
  • SK_LEN
    Private (secret) key length in bytes.

Functions§

  • try_keygen_vt
    Generates a public and private key pair specific to this security parameter set.
    This function utilizes the OS default random number generator, and makes no (constant) timing assurances.
  • try_keygen_with_rng_vt
    Generates a public and private key pair specific to this security parameter set.
    This function utilizes a supplied random number generator, and makes no (constant) timing assurances.

Type Aliases§