Skip to content

Commit

Permalink
Merge pull request #1531 from usnistgov/livebe01-PQC-patch-1
Browse files Browse the repository at this point in the history
Updates PQC algo specs to indicate that it is the internal algorithm interfaces which are tested
  • Loading branch information
livebe01 authored Aug 20, 2024
2 parents 2f786fa + 00ea001 commit 968ebca
Show file tree
Hide file tree
Showing 3 changed files with 9 additions and 9 deletions.
6 changes: 3 additions & 3 deletions src/ml-dsa/sections/04-testtypes.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,11 @@

The ACVP server performs a set of tests on the specified ML-DSA algorithm in order to assess the correctness and robustness of the implementation. A typical ACVP validation session *SHALL* require multiple tests to be performed for every supported permutation of ML-DSA capabilities. This section describes the design of the tests used to validate implementations of the ML-DSA algorithms.

* ML-DSA / keyGen / * "AFT" - Algorithm Functional Test. The IUT is *REQUIRED* for each test case provided, to generate a key pair from a provided seed. The key pair is communicated to the ACVP server and validated.
* ML-DSA / keyGen / * "AFT" - Algorithm Functional Test. The IUT is *REQUIRED* for each test case provided, to generate a key pair from a provided seed. The key pair is communicated to the ACVP server and validated. This tests the implementation of Algorithm 6 ML-DSA.KeyGen_internal() from <<FIPS204>> Section 6.1.
* ML-DSA / sigGen / * "AFT" - Algorithm Functional Test. This testing mode expects the IUT to generate valid signatures based on the ACVP provided message. The signature is then compared to the known result by the ACVP server given the IUT's communicated parameter set, public key, and signature.
* ML-DSA / sigGen / * "AFT" - Algorithm Functional Test. This testing mode expects the IUT to generate valid signatures based on the ACVP provided message. The signature is then compared to the known result by the ACVP server given the IUT's communicated parameter set, public key, and signature. This tests the implementation of Algorithm 7 ML-DSA.Sign_internal() from <<FIPS204>> Section 6.2.
* ML-DSA / sigVer / * "AFT" - Algorithm Functional Test. The ACVP server generates a series of signatures to communicate to the IUT. The IUT is *REQUIRED* to determine the validity of the signature given the parameter set, key, and message.
* ML-DSA / sigVer / * "AFT" - Algorithm Functional Test. The ACVP server generates a series of signatures to communicate to the IUT. The IUT is *REQUIRED* to determine the validity of the signature given the parameter set, key, and message. This tests the implementation of Algorithm 8 ML-DSA.Verify_internal() from <<FIPS204>> Section 6.3.
[[test_coverage]]
=== Test Coverage
Expand Down
6 changes: 3 additions & 3 deletions src/ml-kem/sections/04-testtypes.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,11 @@

The ACVP server performs a set of tests on the specified ML-KEM algorithm in order to assess the correctness and robustness of the implementation. A typical ACVP validation session *SHALL* require multiple tests to be performed for every supported permutation of ML-KEM capabilities. This section describes the design of the tests used to validate implementations of the ML-KEM algorithms.

* ML-KEM / keyGen / * "AFT" - Algorithm Functional Test. The IUT is *REQUIRED* for each test case provided, to generate a key pair from a provided seed. The key pair is communicated to the ACVP server and validated.
* ML-KEM / keyGen / * "AFT" - Algorithm Functional Test. The IUT is *REQUIRED* for each test case provided, to generate a key pair from a provided seed. The key pair is communicated to the ACVP server and validated. This tests the implementation of Algorithm 16 ML-KEM.KeyGen_internal() from <<FIPS203>> Section 6.1.
* ML-KEM / encapDecap / * "AFT" - Algorithm Functional Test. The server will generate a random `m` and encapsulation key `ek`. The IUT *SHALL* generate the corresponding shared secret `k` and ciphertext `c`.
* ML-KEM / encapDecap / * "AFT" - Algorithm Functional Test. The server will generate a random `m` and encapsulation key `ek`. The IUT *SHALL* generate the corresponding shared secret `k` and ciphertext `c`. This tests the implementation of Algorithm 17 ML-KEM.Encaps_internal() from <<FIPS203>> Section 6.2.
* ML-KEM /encapDecap / * "VAL" - Validation Test. The server will generate a decapsulation key `dk` and a potentially valid or invalid ciphertext `c`. The IUT *SHALL* generate the corresponding shared secret `k` whether the `k` is provided from the valid decapsulation route or from the implicit rejection present in <<FIPS203>> Algorithm 17.
* ML-KEM /encapDecap / * "VAL" - Validation Test. The server will generate a decapsulation key `dk` and a potentially valid or invalid ciphertext `c`. The IUT *SHALL* generate the corresponding shared secret `k` whether the `k` is provided from the valid decapsulation route or from the implicit rejection present in <<FIPS203>> Algorithm 17. This tests the implementation of Algorithm 18 ML-KEM.Decaps_internal() from <<FIPS203>> Section 6.3.
[[test_coverage]]
=== Test Coverage
Expand Down
6 changes: 3 additions & 3 deletions src/slh-dsa/sections/04-testtypes.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,11 @@

The ACVP server performs a set of tests on the specified SLH-DSA algorithm in order to assess the correctness and robustness of the implementation. A typical ACVP validation session *SHALL* require multiple tests to be performed for every supported permutation of SLH-DSA capabilities. This section describes the design of the tests used to validate implementations of the SLH-DSA algorithms.

* SLH-DSA / keyGen / * "AFT" - Algorithm Functional Test. The IUT is *REQUIRED* for each test case provided, to generate a key pair from provided seed and key values, i.e., SK.seed, SK.prf, and PK.seed. The key pair is communicated to the ACVP server and validated.
* SLH-DSA / keyGen / * "AFT" - Algorithm Functional Test. The IUT is *REQUIRED* for each test case provided, to generate a key pair from provided seed and key values, i.e., SK.seed, SK.prf, and PK.seed. The key pair is communicated to the ACVP server and validated. This tests the implementation of Algorithm 18 slh_keygen_internal() from <<FIPS205>> Section 9.1.
* SLH-DSA / sigGen / * "AFT" - Algorithm Functional Test. This testing mode *REQUIRES* the IUT to generate a valid signature for each test case given the ACVP-provided private key, message and a selected parameter set. The signature is then compared to the known result by the ACVP server.
* SLH-DSA / sigGen / * "AFT" - Algorithm Functional Test. This testing mode *REQUIRES* the IUT to generate a valid signature for each test case given the ACVP-provided private key, message and a selected parameter set. The signature is then compared to the known result by the ACVP server. This tests the implementation of Algorithm 19 slh_sign_internal() from <<FIPS205>> Section 9.2.
* SLH-DSA / sigVer / * "AFT" - Algorithm Functional Test. The ACVP server generates a series of signatures to communicate to the IUT. The IUT is *REQUIRED* to determine the validity of the signature given the parameter set, key, and message.
* SLH-DSA / sigVer / * "AFT" - Algorithm Functional Test. The ACVP server generates a series of signatures to communicate to the IUT. The IUT is *REQUIRED* to determine the validity of the signature given the parameter set, key, and message. This tests the implementation of Algorithm 20 slh_verify_internal() from <<FIPS205>> Section 9.3.
[[test_coverage]]
=== Test Coverage
Expand Down

0 comments on commit 968ebca

Please sign in to comment.