Comments (5)
decentralgabe
commented on September 27, 2024
1
Thanks @bwesterb I'll close this issue. I did not notice that you're in compliance with existing test vectors.
from circl.
decentralgabe
commented on September 27, 2024
To throw another wrench into the mix I've also tried verifying signatures generated from this java implementation which appears on the official Dilithium site.
The code this snippet outputs could not be verified by either this library or the JS one 😕 .
public void vectors() throws Exception {
DilithiumProvider pv = new DilithiumProvider();
KeyPairGenerator kpg = KeyPairGenerator.getInstance("Dilithium", pv);
kpg.initialize(DilithiumParameterSpec.LEVEL5);
KeyPair kp = kpg.generateKeyPair();
Signature signature = Signature.getInstance("Dilithium", pv);
signature.initSign(kp.getPrivate());
byte[] text = new byte[]{0,1,2,3,4,5};
signature.update(text);
byte[] sig = signature.sign();
// Check we can verify with the correct public key
signature.initVerify(kp.getPublic());
signature.update(text);
assertTrue(signature.verify(sig));
System.out.printf("Public Key: %s\n", bytesToHex(kp.getPublic().getEncoded()));
System.out.printf("Signature: %s", bytesToHex(sig));
}
public static String bytesToHex(byte[] bytes) {
StringBuilder hex = new StringBuilder();
for (byte b : bytes) {
hex.append(String.format("%02X", b));
}
return hex.toString();
}from circl.
bwesterb
commented on September 27, 2024
Here is a clue: the signature generated by javascript is 4602 bytes, whereas the one generated by CIRCL is 4595 bytes. The Dilithium spec lists the correct signature size to be 4595. We check test vectors against the reference implementation.
from circl.
bwesterb
commented on September 27, 2024
Looking at the source code of the JS package you are using:
long dilithiumjs_sign (
uint8_t *sig,
const uint8_t *m,
unsigned long mlen,
const uint8_t *sk
) {
size_t siglen;
int status = PQCLEAN_DILITHIUM5_CLEAN_crypto_sign_signature(
sig + sizeof(unsigned short),
&siglen,
m,
mlen,
sk
);
if (status == 0) {
*((unsigned short*) sig) = (unsigned short) siglen;
}
return status;
}
long dilithiumjs_verify (
const uint8_t *m,
unsigned long mlen,
const uint8_t *sig,
const uint8_t *pk
) {
size_t siglen = (size_t) *((unsigned short*) sig);
return PQCLEAN_DILITHIUM5_CLEAN_crypto_sign_verify(
sig + sizeof(unsigned short),
siglen,
m,
mlen,
pk
);
}I would not use that package.
from circl.
armfazh
commented on September 27, 2024
maybe this is something to raise to the back-end library to check whether that implementation is compliant with the latest test vectors.
from circl.
Related Issues (20)
- blindrsa: update test vectors to match RFC9474 HOT 1
- add disclaimer and warning to README about Kyber patent
- Unusual Behavior: Successful Signature Verification After Altering Private Key HOT 4
- Why were the patch versions for CVE-2023-1732 released so late? HOT 2
- does KyberSlash affect this verison of Kyber? HOT 3
- ML-DSA? HOT 2
- Implement MAYO
- cp-abe: plaintext exceeding a certain length will fail during decryption HOT 2
- kem: Scheme.DeriveKeyPair length check too strict HOT 6
- hpke: slice bounds out of range in shortKEM.UnmarshalBinaryPrivateKey HOT 3
- Align on `purego` build tag. HOT 1
- In ecc/bls12381, Pairing operations seems racy
- Unpacking Kyber keys from a FIPS 203 x509 key spec HOT 10
- Incorrect Documentation of Dilithium Private Key HOT 1
- Deserialization test failing for BLS12-381 HOT 1
- Typo in eddilithium3 package: References to "eddilithium4" HOT 1
- dilithium: Derive a public key from the private key
- Why own sha-3 implementation? HOT 6
- ML-DSA new NIST KAT HOT 5
- Odd behaviour Ristretto255 Element Marshalling/Unmarshalling HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from circl.