ML-KEM Test Vectors
Opened this issue · 13 comments
This a request to create a repo for ML-KEM test vectors.
A potential source is https://github.com/C2SP/CCTV/tree/main/ML-KEM pending how the CC0 license check works out.
It is likely that there could multiple sources.
I think we need to resolve the CC0 license, also I note that repo currently doesn't have any license quoted.
Given that unknown, do we have any content we can (pending approval) put in a repo yet?
Still looking into it. I sent a note to Douglas and Sophie (who sent the vectors).
Her vectors are expected to be added in Wycheproof but was unable to find a link.
Did we get clear answer on whether the test vectors need to be Apache 2 or CC0?
Apparently Mozilla recommends that test cases be licensed CC0:
Trivial bits of Mozilla Code, such as test cases or snippets of code used in documentation, should be put in the public domain in order to facilitate re-use.
@planetf1, Sophie Schmieg is at conference activities this week, so if we have a clear question to her about licensing we can put it to her this week.
In open-quantum-safe/liboqs#1740, there's a discussion about using these test vectors in CI, which seems to be concluding (very appropriately) that these test vectors can simply be used in CI.
My understanding in this issue was that there was a desire to start assembling a collection of test vectors within pq-code-package itself -- and this is where the licensing becomes more problematic since we're effectively redistributing the test vectors (and maybe changing etc).
I wasn't able to talk to Sophie about this during the conference activities, so we'll need to reach out to her by email.
There's a draft for the test vectors here C2SP/wycheproof#110.
Is it sufficient to simply refer to (docs/readme) and use (in tests) this repo, rather than maintaining a derived version here? (this comment was also made in OQS). Or perhaps the pq-cp repo is just scripts that facilitate pulling down consistent versions of a variety of test vector courses (rather than managing the test vectors themselves)?
On original point - Looking at license, it seems to all be Apache 2.0 now.
This serves as an alternative proposal for accessing test vectors for ML-KEM and future ML-DSA.
The proposal is to create a test harness that interfaces to NIST's demo test server which creates test vectors for various algorithms. This would allow various checks for compliance with the appropriate standards.
The harness connects to the NIST server, registers the algorithm and capabilities to test. The test server in response generates test vectors which are delivered to the unit under test. Test results to the corresponding session are returned to the server which the server gives an assessment.
We have the option of storing the test vectors and reuse them for static (KAT-like) tests.
Please give feedback on the idea.
Where would such a harness be stored? In its own repo?
This would require some input from the LF because it would need credentials for connecting to NIST.
I will reach out the Ry and Naomi in parallel concerning credentials needed.
Is there any update regarding this topic?
If not, then I think I'll try to test against the static testvectors in https://github.com/usnistgov/ACVP-Server/tree/master/gen-val/json-files/ML-KEM-encapDecap-FIPS203. We can get that integrated into the https://github.com/pq-code-package/mlkem-c-aarch64 project first, and see from there how we can generalize for all remaining projects. Any thoughts?
I'm not aware of anything, other than the fact that liboqs are looking at the final ML-KEM & testing against the latest testvectors ML-DSA & ML-KEM: integrate final standards
Thanks for the pointer. We can borrow it from there.