Skip to content

PKCS#11 mechanism for External ML-DSA M𝜇 Calculation/Generation #49

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 0 commits into from
Closed

PKCS#11 mechanism for External ML-DSA M𝜇 Calculation/Generation #49

wants to merge 0 commits into from
+0 −0

Conversation

@Hamish77
Copy link
Contributor

@Hamish77 Hamish77 commented Oct 22, 2025

#19

  • PKCS#11 mechanism with hash value 𝜇 for calculating an ML-DSA signature, also to generate a Mu.
  • First draft for discussion still needs changes

@Hamish77 Hamish77 requested review from rjrelyea and simo5 October 22, 2025 20:25
@Hamish77
Copy link
Contributor Author

Hamish77 commented Oct 22, 2025

Decision to split the PR into two Signature of External Mu and generate Mu need to create branch for both.
gen mu params need public key handle rather than value or the hash of public key?

@simo5
Copy link
Contributor

simo5 commented Oct 22, 2025

I think we should have a the public key to generate mu, but I think others are open to just passing the bare public key value or even directly the public key hash. It is unclear to me why that is desirable, this is the public key corresponding to the private key that is going to eventually sign the generated mu value, so I would think the public key would easily be loaded once on the generator side and reused over and over to generate MUs to then pass to the other module for signing.

@bubbva bubbva added this to the 3.2 milestone Oct 23, 2025
@bubbva bubbva moved this from No Status to In Progress in PKCS#11 Prototype Project Board Oct 23, 2025
@Hamish77 Hamish77 marked this pull request as ready for review November 3, 2025 20:24
@Hamish77 Hamish77 modified the milestones: 3.2, 3.3 Nov 3, 2025
@Hamish77 Hamish77 linked an issue Nov 3, 2025 that may be closed by this pull request
PKCS#11 mechanism with hash value 𝜇 for calculating an ML-DSA signature #19
Open
@Hamish77 Hamish77 changed the title #19 PKCS#11 mechanism with hash value 𝜇 for calculating an ML-DSA signature first draft #19 PKCS#11 mechanism for External ML-DSA M𝜇 Calculation/Generation Nov 3, 2025
@simo5 simo5 changed the title #19 PKCS#11 mechanism for External ML-DSA M𝜇 Calculation/Generation PKCS#11 mechanism for External ML-DSA M𝜇 Calculation/Generation Nov 5, 2025
@vdukhovni
Copy link

vdukhovni commented Nov 19, 2025

Is leaving HashML-DSA-style external-μ out of the specification a deliberate choice?
I'd have expected to also see an optional DER encoding of the hash OID that if provided implies 1 rather than 0 for the first byte of $M'$ and then gets prepended to the message prehash octets.

@Hamish77 Hamish77 closed this Nov 27, 2025
@github-project-automation github-project-automation bot moved this from In Progress to Done in PKCS#11 Prototype Project Board Nov 27, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@simo5 simo5 Awaiting requested review from simo5

@rjrelyea rjrelyea Awaiting requested review from rjrelyea

Assignees

No one assigned

Labels

None yet

Projects

PKCS#11 Prototype Project Board
Status: Done

Milestone

3.3

Development

Successfully merging this pull request may close these issues.

PKCS#11 mechanism with hash value 𝜇 for calculating an ML-DSA signature

4 participants

@Hamish77 @simo5 @vdukhovni @bubbva