BIBLIOGRAPHY.md

Bibliography

This file lists the citations made throughout the mldsa-native source code and documentation.

ACVP

• Automated Cryptographic Validation Protocol (ACVP) Server
• Author(s):
  • National Institute of Standards and Technology
• URL: https://github.com/usnistgov/ACVP-Server
• Referenced from:
  • README.md

FIPS140_3_IG

• Implementation Guidance for FIPS 140-3 and the Cryptographic Module Validation Program
• Author(s):
  • National Institute of Standards and Technology
• URL: https://csrc.nist.gov/projects/cryptographic-module-validation-program/fips-140-3-ig-announcements
• Referenced from:
  • examples/basic_deterministic/mldsa_native/mldsa_native_config.h
  • examples/basic_lowram/mldsa_native/mldsa_native_config.h
  • examples/bring_your_own_fips202/mldsa_native/mldsa_native_config.h
  • examples/bring_your_own_fips202_static/mldsa_native/mldsa_native_config.h
  • examples/custom_backend/mldsa_native/mldsa_native_config.h
  • examples/monolithic_build/mldsa_native/mldsa_native_config.h
  • examples/monolithic_build_multilevel/mldsa_native/mldsa_native_config.h
  • examples/monolithic_build_multilevel_native/mldsa_native/mldsa_native_config.h
  • examples/monolithic_build_native/mldsa_native/mldsa_native_config.h
  • examples/multilevel_build/mldsa_native/mldsa_native_config.h
  • examples/multilevel_build_native/mldsa_native/mldsa_native_config.h
  • integration/liboqs/config_aarch64.h
  • integration/liboqs/config_c.h
  • integration/liboqs/config_x86_64.h
  • mldsa/mldsa_native_config.h
  • mldsa/src/sign.c
  • proofs/cbmc/mldsa_native_config_cbmc.h
  • test/configs/break_pct_config.h
  • test/configs/custom_heap_alloc_config.h
  • test/configs/custom_memcpy_config.h
  • test/configs/custom_memset_config.h
  • test/configs/custom_native_capability_config_0.h
  • test/configs/custom_native_capability_config_1.h
  • test/configs/custom_native_capability_config_CPUID_AVX2.h
  • test/configs/custom_native_capability_config_ID_AA64PFR1_EL1.h
  • test/configs/custom_randombytes_config.h
  • test/configs/custom_stdlib_config.h
  • test/configs/custom_zeroize_config.h
  • test/configs/low_signing_bound_config.h
  • test/configs/no_asm_config.h
  • test/configs/serial_fips202_config.h
  • test/configs/test_alloc_config.h

FIPS202

• FIPS202 SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions
• Author(s):
  • National Institute of Standards and Technology
• URL: https://csrc.nist.gov/pubs/fips/202/final
• Referenced from:
  • FIPS202.md
  • README.md

FIPS204

• FIPS 204 Module-Lattice-Based Digital Signature Standard
• Author(s):
  • National Institute of Standards and Technology
• URL: https://csrc.nist.gov/pubs/fips/204/final
• Referenced from:
  • README.md
  • examples/basic_deterministic/mldsa_native/mldsa_native_config.h
  • examples/basic_lowram/mldsa_native/mldsa_native_config.h
  • examples/bring_your_own_fips202/mldsa_native/mldsa_native_config.h
  • examples/bring_your_own_fips202_static/mldsa_native/mldsa_native_config.h
  • examples/custom_backend/mldsa_native/mldsa_native_config.h
  • examples/monolithic_build/mldsa_native/mldsa_native_config.h
  • examples/monolithic_build_multilevel/mldsa_native/mldsa_native_config.h
  • examples/monolithic_build_multilevel_native/mldsa_native/mldsa_native_config.h
  • examples/monolithic_build_native/mldsa_native/mldsa_native_config.h
  • examples/multilevel_build/mldsa_native/mldsa_native_config.h
  • examples/multilevel_build_native/mldsa_native/mldsa_native_config.h
  • mldsa/mldsa_native.h
  • mldsa/mldsa_native_config.h
  • mldsa/src/ct.h
  • mldsa/src/fips202/fips202.c
  • mldsa/src/fips202/fips202x4.c
  • mldsa/src/poly.c
  • mldsa/src/poly_kl.c
  • mldsa/src/polyvec_lazy.c
  • mldsa/src/rounding.h
  • mldsa/src/sign.c
  • mldsa/src/sign.h
  • proofs/cbmc/mldsa_native_config_cbmc.h
  • test/configs/break_pct_config.h
  • test/configs/custom_heap_alloc_config.h
  • test/configs/custom_memcpy_config.h
  • test/configs/custom_memset_config.h
  • test/configs/custom_native_capability_config_0.h
  • test/configs/custom_native_capability_config_1.h
  • test/configs/custom_native_capability_config_CPUID_AVX2.h
  • test/configs/custom_native_capability_config_ID_AA64PFR1_EL1.h
  • test/configs/custom_randombytes_config.h
  • test/configs/custom_stdlib_config.h
  • test/configs/custom_zeroize_config.h
  • test/configs/low_signing_bound_config.h
  • test/configs/no_asm_config.h
  • test/configs/serial_fips202_config.h
  • test/configs/test_alloc_config.h

HYBRID

• Hybrid scalar/vector implementations of Keccak and SPHINCS+ on AArch64
• Author(s):
  • Hanno Becker
  • Matthias J. Kannwischer
• URL: https://eprint.iacr.org/2022/1243
• Referenced from:
  • dev/fips202/aarch64/auto.h
  • dev/fips202/aarch64/src/keccak_f1600_x1_v84a_aarch64_asm.S
  • dev/fips202/aarch64/src/keccak_f1600_x2_v84a_aarch64_asm.S
  • mldsa/src/fips202/native/aarch64/auto.h
  • mldsa/src/fips202/native/aarch64/src/keccak_f1600_x1_v84a_aarch64_asm.S
  • mldsa/src/fips202/native/aarch64/src/keccak_f1600_x2_v84a_aarch64_asm.S
  • proofs/hol_light/README.md
  • proofs/hol_light/aarch64/mldsa/keccak_f1600_x1_v84a_aarch64_asm.S
  • proofs/hol_light/aarch64/mldsa/keccak_f1600_x2_v84a_aarch64_asm.S

KyberSlash

• KyberSlash: Exploiting secret-dependent division timings in Kyber implementations
• Author(s):
  • Daniel J. Bernstein
  • Karthikeyan Bhargavan
  • Shivam Bhasin
  • Anupam Chattopadhyay
  • Tee Kiah Chia
  • Matthias J. Kannwischer
  • Franziskus Kiefer
  • Thales Paiva
  • Prasanna Ravi
  • Goutam Tamvada
• URL: https://kyberslash.cr.yp.to/papers.html
• Referenced from:
  • nix/valgrind/README.md

NIST_FAQ

• Post-Quantum Cryptography FAQs
• Author(s):
  • National Institute of Standards and Technology
• URL: https://csrc.nist.gov/Projects/post-quantum-cryptography/faqs#Rdc7
• Referenced from:
  • README.md

NIST_FIPS204_SEC6

• FIPS 204 Section 6 Guidance
• Author(s):
  • National Institute of Standards and Technology
• URL: https://csrc.nist.gov/csrc/media/Projects/post-quantum-cryptography/documents/faq/fips204-sec6-03192025.pdf
• Referenced from:
  • README.md

NeonNTT

• Neon NTT: Faster Dilithium, Kyber, and Saber on Cortex-A72 and Apple M1
• Author(s):
  • Hanno Becker
  • Vincent Hwang
  • Matthias J. Kannwischer
  • Bo-Yin Yang
  • Shang-Yi Yang
• URL: https://eprint.iacr.org/2021/986
• Referenced from:
  • dev/aarch64_clean/src/intt_aarch64_asm.S
  • dev/aarch64_clean/src/ntt_aarch64_asm.S
  • dev/aarch64_opt/README.md
  • dev/aarch64_opt/src/intt_aarch64_asm.S
  • dev/aarch64_opt/src/ntt_aarch64_asm.S
  • mldsa/src/native/aarch64/src/intt_aarch64_asm.S
  • mldsa/src/native/aarch64/src/ntt_aarch64_asm.S
  • proofs/hol_light/aarch64/mldsa/intt_aarch64_asm.S
  • proofs/hol_light/aarch64/mldsa/ntt_aarch64_asm.S

REF

• CRYSTALS-Dilithium reference implementation
• Author(s):
  • Shi Bai
  • Léo Ducas
  • Eike Kiltz
  • Tancrède Lepoint
  • Vadim Lyubashevsky
  • Peter Schwabe
  • Gregor Seiler
  • Damien Stehlé
• URL: https://github.com/pq-crystals/dilithium/tree/master/ref
• Referenced from:
  • README.md
  • mldsa/src/poly.c
  • mldsa/src/poly_kl.c

REF_AVX2

• CRYSTALS-Dilithium optimized AVX2 implementation
• Author(s):
  • Shi Bai
  • Léo Ducas
  • Eike Kiltz
  • Tancrède Lepoint
  • Vadim Lyubashevsky
  • Peter Schwabe
  • Gregor Seiler
  • Damien Stehlé
• URL: https://github.com/pq-crystals/dilithium/tree/master/avx2
• Referenced from:
  • dev/x86_64/src/intt_avx2_asm.S
  • dev/x86_64/src/ntt_avx2_asm.S
  • dev/x86_64/src/nttunpack_avx2_asm.S
  • dev/x86_64/src/pointwise_acc_l4_avx2_asm.S
  • dev/x86_64/src/pointwise_acc_l5_avx2_asm.S
  • dev/x86_64/src/pointwise_acc_l7_avx2_asm.S
  • dev/x86_64/src/pointwise_avx2_asm.S
  • dev/x86_64/src/poly_caddq_avx2_asm.S
  • dev/x86_64/src/poly_chknorm_avx2.c
  • dev/x86_64/src/poly_decompose_32_avx2.c
  • dev/x86_64/src/poly_decompose_88_avx2.c
  • dev/x86_64/src/poly_use_hint_32_avx2.c
  • dev/x86_64/src/poly_use_hint_88_avx2.c
  • dev/x86_64/src/polyz_unpack_17_avx2.c
  • dev/x86_64/src/polyz_unpack_19_avx2.c
  • dev/x86_64/src/rej_uniform_avx2.c
  • dev/x86_64/src/rej_uniform_eta2_avx2.c
  • dev/x86_64/src/rej_uniform_eta4_avx2.c
  • mldsa/src/native/x86_64/src/intt_avx2_asm.S
  • mldsa/src/native/x86_64/src/ntt_avx2_asm.S
  • mldsa/src/native/x86_64/src/nttunpack_avx2_asm.S
  • mldsa/src/native/x86_64/src/pointwise_acc_l4_avx2_asm.S
  • mldsa/src/native/x86_64/src/pointwise_acc_l5_avx2_asm.S
  • mldsa/src/native/x86_64/src/pointwise_acc_l7_avx2_asm.S
  • mldsa/src/native/x86_64/src/pointwise_avx2_asm.S
  • mldsa/src/native/x86_64/src/poly_caddq_avx2_asm.S
  • mldsa/src/native/x86_64/src/poly_chknorm_avx2.c
  • mldsa/src/native/x86_64/src/poly_decompose_32_avx2.c
  • mldsa/src/native/x86_64/src/poly_decompose_88_avx2.c
  • mldsa/src/native/x86_64/src/poly_use_hint_32_avx2.c
  • mldsa/src/native/x86_64/src/poly_use_hint_88_avx2.c
  • mldsa/src/native/x86_64/src/polyz_unpack_17_avx2.c
  • mldsa/src/native/x86_64/src/polyz_unpack_19_avx2.c
  • mldsa/src/native/x86_64/src/rej_uniform_avx2.c
  • mldsa/src/native/x86_64/src/rej_uniform_eta2_avx2.c
  • mldsa/src/native/x86_64/src/rej_uniform_eta4_avx2.c
  • proofs/hol_light/x86_64/mldsa/intt_avx2_asm.S
  • proofs/hol_light/x86_64/mldsa/ntt_avx2_asm.S
  • proofs/hol_light/x86_64/mldsa/nttunpack_avx2_asm.S
  • proofs/hol_light/x86_64/mldsa/pointwise_acc_l4_avx2_asm.S
  • proofs/hol_light/x86_64/mldsa/pointwise_acc_l5_avx2_asm.S
  • proofs/hol_light/x86_64/mldsa/pointwise_acc_l7_avx2_asm.S
  • proofs/hol_light/x86_64/mldsa/pointwise_avx2_asm.S

Round3_Spec

• CRYSTALS-Dilithium Algorithm Specifications and Supporting Documentation (Version 3.1)
• Author(s):
  • Shi Bai
  • Léo Ducas
  • Eike Kiltz
  • Tancrède Lepoint
  • Vadim Lyubashevsky
  • Peter Schwabe
  • Gregor Seiler
  • Damien Stehlé
• URL: https://pq-crystals.org/dilithium/data/dilithium-specification-round3-20210208.pdf
• Referenced from:
  • mldsa/src/sign.c

SLOTHY_Paper

• Fast and Clean: Auditable high-performance assembly via constraint solving
• Author(s):
  • Amin Abdulrahman
  • Hanno Becker
  • Matthias J. Kannwischer
  • Fabien Klein
• URL: https://eprint.iacr.org/2022/1303
• Referenced from:
  • dev/aarch64_clean/src/intt_aarch64_asm.S
  • dev/aarch64_clean/src/ntt_aarch64_asm.S
  • dev/aarch64_opt/README.md
  • dev/aarch64_opt/src/intt_aarch64_asm.S
  • dev/aarch64_opt/src/ntt_aarch64_asm.S
  • mldsa/src/native/aarch64/src/intt_aarch64_asm.S
  • mldsa/src/native/aarch64/src/ntt_aarch64_asm.S
  • proofs/hol_light/aarch64/mldsa/intt_aarch64_asm.S
  • proofs/hol_light/aarch64/mldsa/ntt_aarch64_asm.S

libmceliece

• libmceliece implementation of Classic McEliece
• Author(s):
  • Daniel J. Bernstein
  • Tung Chou
• URL: https://lib.mceliece.org/
• Referenced from:
  • mldsa/src/ct.h

m1cycles

• Cycle counting on Apple M1
• Author(s):
  • Dougall Johnson
• URL: https://gist.github.com/dougallj/5bafb113492047c865c0c8cfbc930155#file-m1_robsize-c-L390
• Referenced from:
  • test/hal/hal.c

mlkem_native_soundness

• mlkem-native SOUNDNESS document
• Author(s):
  • pq-code-package
• URL: https://github.com/pq-code-package/mlkem-native/blob/main/SOUNDNESS.md
• Referenced from:
  • SOUNDNESS.md

mupq

• Common files for pqm4, pqm3, pqriscv
• Author(s):
  • Matthias J. Kannwischer
  • Richard Petri
  • Joost Rijneveld
  • Peter Schwabe
  • Ko Stoffelen
• URL: https://github.com/mupq/mupq
• Referenced from:
  • mldsa/src/fips202/fips202.c
  • mldsa/src/fips202/keccakf1600.c

optblocker

• PQC forum post on opt-blockers using volatile globals
• Author(s):
  • Daniel J. Bernstein
• URL: https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/hqbtIGFKIpU/m/H14H0wOlBgAJ
• Referenced from:
  • mldsa/src/ct.h

s2n_bignum_soundness

• s2n-bignum soundness documentation
• Author(s):
  • Amazon Web Services
• URL: https://github.com/awslabs/s2n-bignum/blob/main/doc/s2n_bignum_soundness.md
• Referenced from:
  • SOUNDNESS.md

supercop

• SUPERCOP benchmarking framework
• Author(s):
  • Daniel J. Bernstein
• URL: http://bench.cr.yp.to/supercop.html
• Referenced from:
  • mldsa/src/fips202/fips202.c
  • mldsa/src/fips202/keccakf1600.c

surf

• SURF: Simple Unpredictable Random Function
• Author(s):
  • Daniel J. Bernstein
• URL: https://cr.yp.to/papers.html#surf
• Referenced from:
  • test/notrandombytes/notrandombytes.c
  • test/notrandombytes/notrandombytes.h

tiny_sha3

• tiny_sha3
• Author(s):
  • Markku-Juhani O. Saarinen
• URL: https://github.com/mjosaarinen/tiny_sha3
• Referenced from:
  • FIPS202.md
  • README.md
  • examples/bring_your_own_fips202/README.md
  • examples/bring_your_own_fips202_static/README.md
  • examples/bring_your_own_fips202_static/custom_fips202/README.md
  • examples/custom_backend/README.md

tweetfips

• 'tweetfips202' FIPS202 implementation
• Author(s):
  • Gilles Van Assche
  • Daniel J. Bernstein
  • Peter Schwabe
• URL: https://keccak.team/2015/tweetfips202.html
• Referenced from:
  • mldsa/src/fips202/fips202.c
  • mldsa/src/fips202/keccakf1600.c

wycheproof

• Project Wycheproof
• Author(s):
  • Community Cryptography Specification Project
• URL: https://github.com/C2SP/wycheproof
• Referenced from:
  • README.md