Expand description
Functionality for the ML-DSA-44 security parameter set. This includes specific sizes for the public key, secret key, and signature along with a number of internal constants. The ML-DSA-44 parameter set is claimed to be in security strength category 2.
1) The basic usage is for an originator to start with the ml_dsa_44::try_keygen
function below to
generate both ml_dsa_44::PublicKey
and ml_dsa_44::PrivateKey
structs. The resulting
ml_dsa_44::PrivateKey
struct implements the traits::Signer
trait which supplies a variety of
functions to sign byte-array messages, such as traits::Signer::try_sign()
.
2) Both of the PrivateKey
and PublicKey
structs implement the traits::SerDes
trait
The originator utilizes the traits::SerDes::into_bytes()
functions to serialize the structs
into byte-arrays for storage and/or transmission, similar to the message. Upon retrieval and/or receipt,
the remote party utilizes the traits::SerDes::try_from_bytes()
functions to deserialize the
byte-arrays into structs.
3) Finally, the remote party uses the traits::Verifier::verify()
function implemented on the
ml_dsa_44::PublicKey
struct to verify the message with the Signature
byte array.
See the top-level crate documentation for example code that implements the above flow.
Structs§
- Empty struct to enable
KeyGen
trait objects across security parameter sets.
Implements thecrate::traits::KeyGen
trait.
Constants§
- Public key length in bytes.
- Signature length in bytes.
- Private (secret) key length in bytes.
Functions§
- Generates a public and private key pair specific to this security parameter set. This function utilizes the OS default random number generator. This function operates in constant-time relative to secret data (which specifically excludes the OS random number generator internals, the
rho
value stored in the public key, and the hash-derivedrho_prime
value that is rejection-sampled/expanded into the internals_1
ands_2
values). - Generates a public and private key pair specific to this security parameter set. This function utilizes the provided random number generator. This function operates in constant-time relative to secret data (which specifically excludes the provided random number generator internals, the
rho
value stored in the public key, and the hash-derivedrho_prime
value that is rejection-sampled/expanded into the internals_1
ands_2
values).
Type Aliases§
- Expanded private key, specific to the target security parameter set, that contains
precomputed elements which increase (repeated) signature performance. Implements only thecrate::traits::Signer
trait. Derived from thePrivateKey
. - Expanded public key, specific to the target security parameter set, that contains
precomputed elements which increase (repeated) verification performance. Implements only thecrate::traits::Verifier
traits. Derived from thePublicKey
. - Correctly sized private key specific to the target security parameter set.
Implements thecrate::traits::Signer
andcrate::traits::SerDes
traits. - Correctly sized public key specific to the target security parameter set.
Implements thecrate::traits::Verifier
andcrate::traits::SerDes
traits.