Expand description
§Post-Quantum Cryptography Presets
Pre-configured NTT contexts for NIST post-quantum standards. One import, one line of code — instant access to ML-DSA and custom lattice schemes.
use vaea_ntt::pq::{PqScheme, PqNtt};
// ML-DSA-65 (NIST Level 3 digital signatures)
let ntt = PqNtt::new(PqScheme::MlDsa65);
let mut poly = vec![0u32; ntt.n()];
poly[0] = 42;
ntt.forward(&mut poly);
ntt.inverse(&mut poly);
assert_eq!(poly[0], 42);§Why this matters
Other NTT libraries are single-scheme:
mlkem-native→ ML-KEM only (q=3329, int16, incomplete NTT)pqcrystals-dilithium→ ML-DSA only- SEAL/OpenFHE → FHE only, no ARM NEON
VaeaNTT covers ML-DSA + custom lattice + FHE with a single engine, NEON-optimized.
§Supported schemes
| Scheme | Standard | q | N | Notes |
|---|---|---|---|---|
| ML-DSA-44 | NIST Standard | 8380417 | 256 | Full negacyclic NTT |
| ML-DSA-65 | NIST Standard | 8380417 | 256 | Full negacyclic NTT |
| ML-DSA-87 | NIST Standard | 8380417 | 256 | Full negacyclic NTT |
§ML-KEM Note
ML-KEM uses q=3329 with N=256, but its NTT is an incomplete NTT (size-128 NTT over coefficient pairs), not a standard size-256 negacyclic NTT. This is because q−1 = 3328 = 2⁸×13 only has a 256th root of unity, not a 512th. A dedicated ML-KEM module with incomplete NTT support is planned.
Structs§
- PqNtt
- A ready-to-use NTT engine configured for a specific post-quantum scheme.
Enums§
- PqScheme
- NIST post-quantum cryptographic scheme.