-
Notifications
You must be signed in to change notification settings - Fork 756
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
ML-DSA: focus the API on saving private keys as seeds.
There are two ways to save an ML-DSA or ML-KEM private key: NIST specifies a partial serialization of the contents of the keys and this takes up several kilobytes. But one can also save the seed that the key was generated from and simply regenerate the private key as needed. * The seed is approximately two orders of magnitude smaller. * It is fast to expand a private key from a seed. * The NIST format requires validating several aspects of the partially expanded private key. Because of this, seeds seem clearly better and having two different serializations in the API is a bit weird when currently neither of them are used anywhere. Thus this change emphasizes using seeds to save private keys and moves the marshalling function for the NIST format into the internal API. ML-KEM already follows this pattern, although saving the seed is still optional there because ephemeral keys are a major use case for ML-KEM. Change-Id: I439224e745ad8747d26f57288f1d503593e0e52c Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/70407 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: David Benjamin <davidben@google.com>
- Loading branch information
Adam Langley
authored and
Boringssl LUCI CQ
committed
Aug 21, 2024
1 parent
526a3c4
commit 0ee584b
Showing
6 changed files
with
39 additions
and
39 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters