Skip to content

lowram: Per-row t0/t1 computation in keygen #1030

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
mkannwischer wants to merge 3 commits into
base: main
Choose a base branch
from
Open

lowram: Per-row t0/t1 computation in keygen #1030

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
b18e4f5
lowram: Stream matrix A element-by-element to reduce memory
mkannwischer Apr 5, 2026
fec57f2
Lowram: Share buffers with non-overlapping lifetimes in keygen
mkannwischer Apr 2, 2026
c9509d5
lowram: Per-row t0/t1 computation in keygen
mkannwischer Apr 8, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion BIBLIOGRAPHY.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,8 @@ source code and documentation.
- [mldsa/src/fips202/fips202x4.c](mldsa/src/fips202/fips202x4.c)
- [mldsa/src/poly.c](mldsa/src/poly.c)
- [mldsa/src/poly_kl.c](mldsa/src/poly_kl.c)
- [mldsa/src/polyvec.c](mldsa/src/polyvec.c)
- [mldsa/src/polyvec_lazy.c](mldsa/src/polyvec_lazy.c)
- [mldsa/src/polyvec_lazy.h](mldsa/src/polyvec_lazy.h)
- [mldsa/src/rounding.h](mldsa/src/rounding.h)
- [mldsa/src/sign.c](mldsa/src/sign.c)
- [mldsa/src/sign.h](mldsa/src/sign.h)
Expand Down
1 change: 1 addition & 0 deletions examples/bring_your_own_fips202/mldsa_native/src/polyvec_lazy.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
../../../../mldsa/src/polyvec_lazy.c
1 change: 1 addition & 0 deletions examples/bring_your_own_fips202_static/mldsa_native/src/polyvec_lazy.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
../../../../mldsa/src/polyvec_lazy.c
1 change: 1 addition & 0 deletions examples/custom_backend/mldsa_native/src/polyvec_lazy.c
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
../../../../mldsa/src/polyvec_lazy.c
19 changes: 11 additions & 8 deletions integration/liboqs/ML-DSA-44_META.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,8 +35,9 @@ implementations:
mldsa/src/cbmc.h mldsa/src/common.h mldsa/src/ct.c mldsa/src/ct.h mldsa/src/debug.c
mldsa/src/debug.h mldsa/src/packing.c mldsa/src/packing.h mldsa/src/params.h mldsa/src/poly.c
mldsa/src/poly.h mldsa/src/poly_kl.c mldsa/src/poly_kl.h mldsa/src/polyvec.c mldsa/src/polyvec.h
mldsa/src/polyvec_lazy.h mldsa/src/randombytes.h mldsa/src/reduce.h mldsa/src/rounding.h
mldsa/src/sign.c mldsa/src/sign.h mldsa/src/symmetric.h mldsa/src/sys.h mldsa/src/zetas.inc
mldsa/src/polyvec_lazy.c mldsa/src/polyvec_lazy.h mldsa/src/randombytes.h mldsa/src/reduce.h
mldsa/src/rounding.h mldsa/src/sign.c mldsa/src/sign.h mldsa/src/symmetric.h mldsa/src/sys.h
mldsa/src/zetas.inc
- name: x86_64
version: FIPS204
folder_name: .
Expand All @@ -51,9 +52,10 @@ implementations:
mldsa/src/cbmc.h mldsa/src/common.h mldsa/src/ct.c mldsa/src/ct.h mldsa/src/debug.c
mldsa/src/debug.h mldsa/src/native/api.h mldsa/src/native/meta.h mldsa/src/packing.c
mldsa/src/packing.h mldsa/src/params.h mldsa/src/poly.c mldsa/src/poly.h mldsa/src/poly_kl.c
mldsa/src/poly_kl.h mldsa/src/polyvec.c mldsa/src/polyvec.h mldsa/src/polyvec_lazy.h
mldsa/src/randombytes.h mldsa/src/reduce.h mldsa/src/rounding.h mldsa/src/sign.c
mldsa/src/sign.h mldsa/src/symmetric.h mldsa/src/sys.h mldsa/src/zetas.inc mldsa/src/native/x86_64
mldsa/src/poly_kl.h mldsa/src/polyvec.c mldsa/src/polyvec.h mldsa/src/polyvec_lazy.c
mldsa/src/polyvec_lazy.h mldsa/src/randombytes.h mldsa/src/reduce.h mldsa/src/rounding.h
mldsa/src/sign.c mldsa/src/sign.h mldsa/src/symmetric.h mldsa/src/sys.h mldsa/src/zetas.inc
mldsa/src/native/x86_64
supported_platforms:
- architecture: x86_64
operating_systems:
Expand All @@ -77,9 +79,10 @@ implementations:
mldsa/src/cbmc.h mldsa/src/common.h mldsa/src/ct.c mldsa/src/ct.h mldsa/src/debug.c
mldsa/src/debug.h mldsa/src/native/api.h mldsa/src/native/meta.h mldsa/src/packing.c
mldsa/src/packing.h mldsa/src/params.h mldsa/src/poly.c mldsa/src/poly.h mldsa/src/poly_kl.c
mldsa/src/poly_kl.h mldsa/src/polyvec.c mldsa/src/polyvec.h mldsa/src/polyvec_lazy.h
mldsa/src/randombytes.h mldsa/src/reduce.h mldsa/src/rounding.h mldsa/src/sign.c
mldsa/src/sign.h mldsa/src/symmetric.h mldsa/src/sys.h mldsa/src/zetas.inc mldsa/src/native/aarch64
mldsa/src/poly_kl.h mldsa/src/polyvec.c mldsa/src/polyvec.h mldsa/src/polyvec_lazy.c
mldsa/src/polyvec_lazy.h mldsa/src/randombytes.h mldsa/src/reduce.h mldsa/src/rounding.h
mldsa/src/sign.c mldsa/src/sign.h mldsa/src/symmetric.h mldsa/src/sys.h mldsa/src/zetas.inc
mldsa/src/native/aarch64
supported_platforms:
- architecture: arm_8
operating_systems:
Expand Down
19 changes: 11 additions & 8 deletions integration/liboqs/ML-DSA-65_META.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,8 +35,9 @@ implementations:
mldsa/src/cbmc.h mldsa/src/common.h mldsa/src/ct.c mldsa/src/ct.h mldsa/src/debug.c
mldsa/src/debug.h mldsa/src/packing.c mldsa/src/packing.h mldsa/src/params.h mldsa/src/poly.c
mldsa/src/poly.h mldsa/src/poly_kl.c mldsa/src/poly_kl.h mldsa/src/polyvec.c mldsa/src/polyvec.h
mldsa/src/polyvec_lazy.h mldsa/src/randombytes.h mldsa/src/reduce.h mldsa/src/rounding.h
mldsa/src/sign.c mldsa/src/sign.h mldsa/src/symmetric.h mldsa/src/sys.h mldsa/src/zetas.inc
mldsa/src/polyvec_lazy.c mldsa/src/polyvec_lazy.h mldsa/src/randombytes.h mldsa/src/reduce.h
mldsa/src/rounding.h mldsa/src/sign.c mldsa/src/sign.h mldsa/src/symmetric.h mldsa/src/sys.h
mldsa/src/zetas.inc
- name: x86_64
version: FIPS204
folder_name: .
Expand All @@ -51,9 +52,10 @@ implementations:
mldsa/src/cbmc.h mldsa/src/common.h mldsa/src/ct.c mldsa/src/ct.h mldsa/src/debug.c
mldsa/src/debug.h mldsa/src/native/api.h mldsa/src/native/meta.h mldsa/src/packing.c
mldsa/src/packing.h mldsa/src/params.h mldsa/src/poly.c mldsa/src/poly.h mldsa/src/poly_kl.c
mldsa/src/poly_kl.h mldsa/src/polyvec.c mldsa/src/polyvec.h mldsa/src/polyvec_lazy.h
mldsa/src/randombytes.h mldsa/src/reduce.h mldsa/src/rounding.h mldsa/src/sign.c
mldsa/src/sign.h mldsa/src/symmetric.h mldsa/src/sys.h mldsa/src/zetas.inc mldsa/src/native/x86_64
mldsa/src/poly_kl.h mldsa/src/polyvec.c mldsa/src/polyvec.h mldsa/src/polyvec_lazy.c
mldsa/src/polyvec_lazy.h mldsa/src/randombytes.h mldsa/src/reduce.h mldsa/src/rounding.h
mldsa/src/sign.c mldsa/src/sign.h mldsa/src/symmetric.h mldsa/src/sys.h mldsa/src/zetas.inc
mldsa/src/native/x86_64
supported_platforms:
- architecture: x86_64
operating_systems:
Expand All @@ -77,9 +79,10 @@ implementations:
mldsa/src/cbmc.h mldsa/src/common.h mldsa/src/ct.c mldsa/src/ct.h mldsa/src/debug.c
mldsa/src/debug.h mldsa/src/native/api.h mldsa/src/native/meta.h mldsa/src/packing.c
mldsa/src/packing.h mldsa/src/params.h mldsa/src/poly.c mldsa/src/poly.h mldsa/src/poly_kl.c
mldsa/src/poly_kl.h mldsa/src/polyvec.c mldsa/src/polyvec.h mldsa/src/polyvec_lazy.h
mldsa/src/randombytes.h mldsa/src/reduce.h mldsa/src/rounding.h mldsa/src/sign.c
mldsa/src/sign.h mldsa/src/symmetric.h mldsa/src/sys.h mldsa/src/zetas.inc mldsa/src/native/aarch64
mldsa/src/poly_kl.h mldsa/src/polyvec.c mldsa/src/polyvec.h mldsa/src/polyvec_lazy.c
mldsa/src/polyvec_lazy.h mldsa/src/randombytes.h mldsa/src/reduce.h mldsa/src/rounding.h
mldsa/src/sign.c mldsa/src/sign.h mldsa/src/symmetric.h mldsa/src/sys.h mldsa/src/zetas.inc
mldsa/src/native/aarch64
supported_platforms:
- architecture: arm_8
operating_systems:
Expand Down
19 changes: 11 additions & 8 deletions integration/liboqs/ML-DSA-87_META.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,8 +35,9 @@ implementations:
mldsa/src/cbmc.h mldsa/src/common.h mldsa/src/ct.c mldsa/src/ct.h mldsa/src/debug.c
mldsa/src/debug.h mldsa/src/packing.c mldsa/src/packing.h mldsa/src/params.h mldsa/src/poly.c
mldsa/src/poly.h mldsa/src/poly_kl.c mldsa/src/poly_kl.h mldsa/src/polyvec.c mldsa/src/polyvec.h
mldsa/src/polyvec_lazy.h mldsa/src/randombytes.h mldsa/src/reduce.h mldsa/src/rounding.h
mldsa/src/sign.c mldsa/src/sign.h mldsa/src/symmetric.h mldsa/src/sys.h mldsa/src/zetas.inc
mldsa/src/polyvec_lazy.c mldsa/src/polyvec_lazy.h mldsa/src/randombytes.h mldsa/src/reduce.h
mldsa/src/rounding.h mldsa/src/sign.c mldsa/src/sign.h mldsa/src/symmetric.h mldsa/src/sys.h
mldsa/src/zetas.inc
- name: x86_64
version: FIPS204
folder_name: .
Expand All @@ -51,9 +52,10 @@ implementations:
mldsa/src/cbmc.h mldsa/src/common.h mldsa/src/ct.c mldsa/src/ct.h mldsa/src/debug.c
mldsa/src/debug.h mldsa/src/native/api.h mldsa/src/native/meta.h mldsa/src/packing.c
mldsa/src/packing.h mldsa/src/params.h mldsa/src/poly.c mldsa/src/poly.h mldsa/src/poly_kl.c
mldsa/src/poly_kl.h mldsa/src/polyvec.c mldsa/src/polyvec.h mldsa/src/polyvec_lazy.h
mldsa/src/randombytes.h mldsa/src/reduce.h mldsa/src/rounding.h mldsa/src/sign.c
mldsa/src/sign.h mldsa/src/symmetric.h mldsa/src/sys.h mldsa/src/zetas.inc mldsa/src/native/x86_64
mldsa/src/poly_kl.h mldsa/src/polyvec.c mldsa/src/polyvec.h mldsa/src/polyvec_lazy.c
mldsa/src/polyvec_lazy.h mldsa/src/randombytes.h mldsa/src/reduce.h mldsa/src/rounding.h
mldsa/src/sign.c mldsa/src/sign.h mldsa/src/symmetric.h mldsa/src/sys.h mldsa/src/zetas.inc
mldsa/src/native/x86_64
supported_platforms:
- architecture: x86_64
operating_systems:
Expand All @@ -77,9 +79,10 @@ implementations:
mldsa/src/cbmc.h mldsa/src/common.h mldsa/src/ct.c mldsa/src/ct.h mldsa/src/debug.c
mldsa/src/debug.h mldsa/src/native/api.h mldsa/src/native/meta.h mldsa/src/packing.c
mldsa/src/packing.h mldsa/src/params.h mldsa/src/poly.c mldsa/src/poly.h mldsa/src/poly_kl.c
mldsa/src/poly_kl.h mldsa/src/polyvec.c mldsa/src/polyvec.h mldsa/src/polyvec_lazy.h
mldsa/src/randombytes.h mldsa/src/reduce.h mldsa/src/rounding.h mldsa/src/sign.c
mldsa/src/sign.h mldsa/src/symmetric.h mldsa/src/sys.h mldsa/src/zetas.inc mldsa/src/native/aarch64
mldsa/src/poly_kl.h mldsa/src/polyvec.c mldsa/src/polyvec.h mldsa/src/polyvec_lazy.c
mldsa/src/polyvec_lazy.h mldsa/src/randombytes.h mldsa/src/reduce.h mldsa/src/rounding.h
mldsa/src/sign.c mldsa/src/sign.h mldsa/src/symmetric.h mldsa/src/sys.h mldsa/src/zetas.inc
mldsa/src/native/aarch64
supported_platforms:
- architecture: arm_8
operating_systems:
Expand Down
3 changes: 2 additions & 1 deletion integration/opentitan/add_polyvec_lazy.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,11 @@ diff --git a/third_party/mldsa_native/BUILD.mldsa_native.bazel b/third_party/mld
index 8a63d09..1c576c2 100644
--- a/third_party/mldsa_native/BUILD.mldsa_native.bazel
+++ b/third_party/mldsa_native/BUILD.mldsa_native.bazel
@@ -26,6 +26,7 @@ cc_library(
@@ -26,6 +26,8 @@ cc_library(
"mldsa/src/poly_kl.h",
"mldsa/src/polyvec.c",
"mldsa/src/polyvec.h",
+ "mldsa/src/polyvec_lazy.c",
+ "mldsa/src/polyvec_lazy.h",
"mldsa/src/reduce.h",
"mldsa/src/rounding.h",
Expand Down
22 changes: 12 additions & 10 deletions integration/opentitan/reduce_alloc.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
# Copyright (c) The mldsa-native project authors
# SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
diff --git a/sw/device/lib/crypto/include/mldsa.h b/sw/device/lib/crypto/include/mldsa.h
index be11f20..26351ee 100644
--- a/sw/device/lib/crypto/include/mldsa.h
+++ b/sw/device/lib/crypto/include/mldsa.h
@@ -41,16 +41,16 @@ enum {
Expand All @@ -10,20 +9,23 @@ index be11f20..26351ee 100644
// Work buffer sizes in 32-bit words
- kOtcryptoMldsa44WorkBufferKeypairWords = 32992 / sizeof(uint32_t),
- kOtcryptoMldsa44WorkBufferSignWords = 32448 / sizeof(uint32_t),
+ kOtcryptoMldsa44WorkBufferKeypairWords = 28960 / sizeof(uint32_t),
+ kOtcryptoMldsa44WorkBufferSignWords = 20256 / sizeof(uint32_t),
kOtcryptoMldsa44WorkBufferVerifyWords = 22464 / sizeof(uint32_t),
- kOtcryptoMldsa44WorkBufferVerifyWords = 22464 / sizeof(uint32_t),
+ kOtcryptoMldsa44WorkBufferKeypairWords = 12576 / sizeof(uint32_t),
+ kOtcryptoMldsa44WorkBufferSignWords = 18208 / sizeof(uint32_t),
+ kOtcryptoMldsa44WorkBufferVerifyWords = 20416 / sizeof(uint32_t),

- kOtcryptoMldsa65WorkBufferKeypairWords = 46304 / sizeof(uint32_t),
- kOtcryptoMldsa65WorkBufferSignWords = 44768 / sizeof(uint32_t),
+ kOtcryptoMldsa65WorkBufferKeypairWords = 40224 / sizeof(uint32_t),
+ kOtcryptoMldsa65WorkBufferSignWords = 26432 / sizeof(uint32_t),
kOtcryptoMldsa65WorkBufferVerifyWords = 30720 / sizeof(uint32_t),
- kOtcryptoMldsa65WorkBufferVerifyWords = 30720 / sizeof(uint32_t),
+ kOtcryptoMldsa65WorkBufferKeypairWords = 15648 / sizeof(uint32_t),
+ kOtcryptoMldsa65WorkBufferSignWords = 23360 / sizeof(uint32_t),
+ kOtcryptoMldsa65WorkBufferVerifyWords = 27648 / sizeof(uint32_t),

- kOtcryptoMldsa87WorkBufferKeypairWords = 62688 / sizeof(uint32_t),
- kOtcryptoMldsa87WorkBufferSignWords = 59104 / sizeof(uint32_t),
+ kOtcryptoMldsa87WorkBufferKeypairWords = 54560 / sizeof(uint32_t),
+ kOtcryptoMldsa87WorkBufferSignWords = 34624 / sizeof(uint32_t),
kOtcryptoMldsa87WorkBufferVerifyWords = 41216 / sizeof(uint32_t),
- kOtcryptoMldsa87WorkBufferVerifyWords = 41216 / sizeof(uint32_t),
+ kOtcryptoMldsa87WorkBufferKeypairWords = 19744 / sizeof(uint32_t),
+ kOtcryptoMldsa87WorkBufferSignWords = 29504 / sizeof(uint32_t),
+ kOtcryptoMldsa87WorkBufferVerifyWords = 36096 / sizeof(uint32_t),
};

30 changes: 20 additions & 10 deletions mldsa/mldsa_native.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,7 @@
#include "src/poly.c"
#include "src/poly_kl.c"
#include "src/polyvec.c"
#include "src/polyvec_lazy.c"
#include "src/sign.c"

#if !defined(MLD_CONFIG_FIPS202_CUSTOM_HEADER)
Expand Down Expand Up @@ -256,11 +257,13 @@
#undef mld_memset
/* mldsa/src/packing.h */
#undef MLD_PACKING_H
#undef mld_pack_pk
#undef mld_pack_pk_t1
#undef mld_pack_sig_c
#undef mld_pack_sig_h_poly
#undef mld_pack_sig_z
#undef mld_pack_sk
#undef mld_pack_sk_rho_key_tr_s2
#undef mld_pack_sk_s1
#undef mld_pack_sk_t0
#undef mld_unpack_pk
#undef mld_unpack_sig
#undef mld_unpack_sk
Expand Down Expand Up @@ -310,22 +313,15 @@
#undef mld_polyz_unpack
/* mldsa/src/polyvec.h */
#undef MLD_POLYVEC_H
#undef mld_polymat
#undef mld_polymat_get_row
#undef mld_polyvec_matrix_expand
#undef mld_polyvec_matrix_pointwise_montgomery
#undef mld_polyveck
#undef mld_polyveck_add
#undef mld_polyveck_caddq
#undef mld_polyveck_chknorm
#undef mld_polyveck_decompose
#undef mld_polyveck_invntt_tomont
#undef mld_polyveck_ntt
#undef mld_polyveck_pack_eta
#undef mld_polyveck_pack_t0
#undef mld_polyveck_pack_w1
#undef mld_polyveck_pointwise_poly_montgomery
#undef mld_polyveck_power2round
#undef mld_polyveck_reduce
#undef mld_polyveck_shiftl
#undef mld_polyveck_sub
Expand All @@ -336,12 +332,26 @@
#undef mld_polyvecl_chknorm
#undef mld_polyvecl_ntt
#undef mld_polyvecl_pack_eta
#undef mld_polyvecl_pointwise_acc_montgomery
#undef mld_polyvecl_uniform_gamma1
#undef mld_polyvecl_unpack_eta
#undef mld_polyvecl_unpack_z
/* mldsa/src/polyvec_lazy.h */
#undef MLD_POLYVEC_LAZY_H
#undef mld_poly_permute_bitrev_to_custom_optional
#undef mld_polymat
#undef mld_polymat_eager
#undef mld_polymat_get_poly_lazy
#undef mld_polymat_get_row_eager
#undef mld_polymat_lazy
#undef mld_polyvec_matrix_expand
#undef mld_polyvec_matrix_expand_eager
#undef mld_polyvec_matrix_expand_lazy
#undef mld_polyvec_matrix_pointwise_montgomery
#undef mld_polyvec_matrix_pointwise_montgomery_eager
#undef mld_polyvec_matrix_pointwise_montgomery_lazy
#undef mld_polyvecl_pointwise_acc_montgomery
#undef mld_polyvecl_pointwise_acc_montgomery_eager
#undef mld_polyvecl_pointwise_acc_montgomery_lazy
#undef mld_sk_s1hat
#undef mld_sk_s1hat_eager
#undef mld_sk_s1hat_get_poly
Expand Down
42 changes: 21 additions & 21 deletions mldsa/mldsa_native.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -912,37 +912,37 @@ int MLD_API_NAMESPACE(pk_from_sk)(
*/
/* check-magic: off */
#if defined(MLD_API_LEGACY_CONFIG) || !defined(MLD_CONFIG_REDUCE_RAM)
#define MLD_TOTAL_ALLOC_44_KEYPAIR_NO_PCT 41216
#define MLD_TOTAL_ALLOC_44_KEYPAIR_NO_PCT 26880
#define MLD_TOTAL_ALLOC_44_KEYPAIR_PCT 52544
#define MLD_TOTAL_ALLOC_44_PK_FROM_SK 45248
#define MLD_TOTAL_ALLOC_44_PK_FROM_SK 27232
#define MLD_TOTAL_ALLOC_44_SIGN 48800
#define MLD_TOTAL_ALLOC_44_VERIFY 38816
#define MLD_TOTAL_ALLOC_65_KEYPAIR_NO_PCT 65792
#define MLD_TOTAL_ALLOC_65_KEYPAIR_NO_PCT 44288
#define MLD_TOTAL_ALLOC_65_KEYPAIR_PCT 79712
#define MLD_TOTAL_ALLOC_65_PK_FROM_SK 71872
#define MLD_TOTAL_ALLOC_65_PK_FROM_SK 44640
#define MLD_TOTAL_ALLOC_65_SIGN 74432
#define MLD_TOTAL_ALLOC_65_VERIFY 62432
#define MLD_TOTAL_ALLOC_87_KEYPAIR_NO_PCT 104704
#define MLD_TOTAL_ALLOC_87_KEYPAIR_NO_PCT 75008
#define MLD_TOTAL_ALLOC_87_KEYPAIR_PCT 122624
#define MLD_TOTAL_ALLOC_87_PK_FROM_SK 112832
#define MLD_TOTAL_ALLOC_87_PK_FROM_SK 75360
#define MLD_TOTAL_ALLOC_87_SIGN 115392
#define MLD_TOTAL_ALLOC_87_VERIFY 99552
#else /* MLD_API_LEGACY_CONFIG || !MLD_CONFIG_REDUCE_RAM */
#define MLD_TOTAL_ALLOC_44_KEYPAIR_NO_PCT 28960
#define MLD_TOTAL_ALLOC_44_KEYPAIR_PCT 28960
#define MLD_TOTAL_ALLOC_44_PK_FROM_SK 32992
#define MLD_TOTAL_ALLOC_44_SIGN 20256
#define MLD_TOTAL_ALLOC_44_VERIFY 22464
#define MLD_TOTAL_ALLOC_65_KEYPAIR_NO_PCT 40224
#define MLD_TOTAL_ALLOC_65_KEYPAIR_PCT 40224
#define MLD_TOTAL_ALLOC_65_PK_FROM_SK 46304
#define MLD_TOTAL_ALLOC_65_SIGN 26432
#define MLD_TOTAL_ALLOC_65_VERIFY 30720
#define MLD_TOTAL_ALLOC_87_KEYPAIR_NO_PCT 54560
#define MLD_TOTAL_ALLOC_87_KEYPAIR_PCT 54560
#define MLD_TOTAL_ALLOC_87_PK_FROM_SK 62688
#define MLD_TOTAL_ALLOC_87_SIGN 34624
#define MLD_TOTAL_ALLOC_87_VERIFY 41216
#define MLD_TOTAL_ALLOC_44_KEYPAIR_NO_PCT 12576
#define MLD_TOTAL_ALLOC_44_KEYPAIR_PCT 24160
#define MLD_TOTAL_ALLOC_44_PK_FROM_SK 12928
#define MLD_TOTAL_ALLOC_44_SIGN 18208
#define MLD_TOTAL_ALLOC_44_VERIFY 20416
#define MLD_TOTAL_ALLOC_65_KEYPAIR_NO_PCT 15648
#define MLD_TOTAL_ALLOC_65_KEYPAIR_PCT 32928
#define MLD_TOTAL_ALLOC_65_PK_FROM_SK 16000
#define MLD_TOTAL_ALLOC_65_SIGN 23360
#define MLD_TOTAL_ALLOC_65_VERIFY 27648
#define MLD_TOTAL_ALLOC_87_KEYPAIR_NO_PCT 19744
#define MLD_TOTAL_ALLOC_87_KEYPAIR_PCT 43328
#define MLD_TOTAL_ALLOC_87_PK_FROM_SK 20096
#define MLD_TOTAL_ALLOC_87_SIGN 29504
#define MLD_TOTAL_ALLOC_87_VERIFY 36096
#endif /* !(MLD_API_LEGACY_CONFIG || !MLD_CONFIG_REDUCE_RAM) */
/* check-magic: on */

Expand Down
29 changes: 19 additions & 10 deletions mldsa/mldsa_native_asm.S
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -261,11 +261,13 @@
#undef mld_memset
/* mldsa/src/packing.h */
#undef MLD_PACKING_H
#undef mld_pack_pk
#undef mld_pack_pk_t1
#undef mld_pack_sig_c
#undef mld_pack_sig_h_poly
#undef mld_pack_sig_z
#undef mld_pack_sk
#undef mld_pack_sk_rho_key_tr_s2
#undef mld_pack_sk_s1
#undef mld_pack_sk_t0
#undef mld_unpack_pk
#undef mld_unpack_sig
#undef mld_unpack_sk
Expand Down Expand Up @@ -315,22 +317,15 @@
#undef mld_polyz_unpack
/* mldsa/src/polyvec.h */
#undef MLD_POLYVEC_H
#undef mld_polymat
#undef mld_polymat_get_row
#undef mld_polyvec_matrix_expand
#undef mld_polyvec_matrix_pointwise_montgomery
#undef mld_polyveck
#undef mld_polyveck_add
#undef mld_polyveck_caddq
#undef mld_polyveck_chknorm
#undef mld_polyveck_decompose
#undef mld_polyveck_invntt_tomont
#undef mld_polyveck_ntt
#undef mld_polyveck_pack_eta
#undef mld_polyveck_pack_t0
#undef mld_polyveck_pack_w1
#undef mld_polyveck_pointwise_poly_montgomery
#undef mld_polyveck_power2round
#undef mld_polyveck_reduce
#undef mld_polyveck_shiftl
#undef mld_polyveck_sub
Expand All @@ -341,12 +336,26 @@
#undef mld_polyvecl_chknorm
#undef mld_polyvecl_ntt
#undef mld_polyvecl_pack_eta
#undef mld_polyvecl_pointwise_acc_montgomery
#undef mld_polyvecl_uniform_gamma1
#undef mld_polyvecl_unpack_eta
#undef mld_polyvecl_unpack_z
/* mldsa/src/polyvec_lazy.h */
#undef MLD_POLYVEC_LAZY_H
#undef mld_poly_permute_bitrev_to_custom_optional
#undef mld_polymat
#undef mld_polymat_eager
#undef mld_polymat_get_poly_lazy
#undef mld_polymat_get_row_eager
#undef mld_polymat_lazy
#undef mld_polyvec_matrix_expand
#undef mld_polyvec_matrix_expand_eager
#undef mld_polyvec_matrix_expand_lazy
#undef mld_polyvec_matrix_pointwise_montgomery
#undef mld_polyvec_matrix_pointwise_montgomery_eager
#undef mld_polyvec_matrix_pointwise_montgomery_lazy
#undef mld_polyvecl_pointwise_acc_montgomery
#undef mld_polyvecl_pointwise_acc_montgomery_eager
#undef mld_polyvecl_pointwise_acc_montgomery_lazy
#undef mld_sk_s1hat
#undef mld_sk_s1hat_eager
#undef mld_sk_s1hat_get_poly
Expand Down
Loading
Loading