dilithium
dilithium copied to clipboard
pq-crystals
Fixed documentation of poly_uniform (used during ExpandA) to SHAKE128 from SHAKE256.
now is _r->coeffs[2*i+0] &= 0xFFFFF;_ maybe _r->coeffs[2*i+1] &= 0xFFFFF;_ not sure, pls check, thx!
Can you please explain the special reduction Reduce32 used in Dilithium and the reason for using it
https://www.nist.gov/news-events/news/2022/07/nist-announces-first-four-quantum-resistant-cryptographic-algorithms
https://www.nist.gov/news-events/news/2022/07/nist-announces-first-four-quantum-resistant-cryptographic-algorithms
On the ARM processor using a 32 bit operating system, the long long type in rng.h, rng.c and PQCgenKAT_sign.c causes a segmentation fault when calling randombytes(seedbuf, SEEDBYTES) for generating the...
Correct the minor problems referenced in #55 and #56. Closes #55 Closes #56
The documentation for `reduce32` states that the output is in the range [-6283009, 6283007]. The range is actually [-6283009, 6283008], as evaluating `reduce32` at 2^{31} - 2^{22} - 1 will...
There are three unnecessary masks in the `polyt0_unpack` and `polyz_unpack` functions. These all occur when the last coefficient of a block of coefficients is being unpacked. There is no overflow...