MLDSA PCR flow #645

calebofearth · 2024-11-19T19:47:32Z

mojtaba-bisheh · 2025-01-03T21:37:47Z

In Caliptra 1.x, we have a hardware flow that computes hashed_pcr = SHA384(pcr0 || pcr1 || ...), which is then used as a message to be signed by ECC. For pcr signing, a dedicated KV slot (slot 7) is provided for the 384-bit key.

The proposal for dual signature in Caliptra 2.0 is as follows:

Update the hashed_pcr flow to use SHA512, resulting in hashed_pcr = SHA512(pcr0 || pcr1 || ...).
Use the same results for both ECC and MLDSA.

The 384-bit portion of hashed_pcr will be signed by ECC.
The entire 512-bit of hashed_pcr will be signed by MLDSA.

Assign another KV slot (SLOT 8) dedicated to MLDSA to ensure domain separation between ECC and MLDSA.

calebofearth added the 2.0 feature request label Nov 19, 2024

calebofearth assigned mojtaba-bisheh Nov 19, 2024

bharatpillilli added the Approved label Nov 19, 2024

mojtaba-bisheh mentioned this issue Nov 27, 2024

Extend Fuse/FE to 512-bits, Update HMAC384 to HMAC512 to meet PQC ML-DSA-87 requirement #581

Closed

mojtaba-bisheh linked a pull request Jan 3, 2025 that will close this issue

mldsa pcr signing #670

Merged

calebofearth closed this as completed in #670 Jan 6, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

MLDSA PCR flow #645

MLDSA PCR flow #645

calebofearth commented Nov 19, 2024

mojtaba-bisheh commented Jan 3, 2025 •

edited

Loading

MLDSA PCR flow #645

MLDSA PCR flow #645

Comments

calebofearth commented Nov 19, 2024

mojtaba-bisheh commented Jan 3, 2025 • edited Loading

mojtaba-bisheh commented Jan 3, 2025 •

edited

Loading