Skip to content

K-PKE #61

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jnsiemer merged 6 commits into from
Oct 7, 2025
Merged

K-PKE #61

jnsiemer merged 6 commits into from
Oct 7, 2025

Conversation

@jnsiemer
Copy link
Member

@jnsiemer jnsiemer commented Aug 21, 2025

Description

This PR implements...

  • K-PKE, the PKE below ML-KEM in a naive way without compression / decompression techniques nor NTT, i.e. not according to the specification in FIPS 203
  • benchmarks for K-PKE

Testing

  • I added basic working examples (possibly in doc-comment)

Checklist:

  • I have performed a self-review of my own code
    • The code provides good readability and maintainability s.t. it fulfills best practices like talking code, modularity, ...
      • The chosen implementation is not more complex than it has to be
    • My code should work as intended and no side effects occur (e.g. memory leaks)
    • The doc comments fit our style guide

Performance results on my laptop

K-PKE cycle 512         time:   [490.95 µs 491.86 µs 492.86 µs]

K-PKE gen 512           time:   [208.65 µs 208.93 µs 209.23 µs]

K-PKE enc 512           time:   [241.94 µs 242.25 µs 242.63 µs]

K-PKE dec 512           time:   [43.996 µs 44.099 µs 44.189 µs]

K-PKE cycle 768         time:   [770.62 µs 771.46 µs 772.51 µs]

K-PKE gen 768           time:   [351.74 µs 352.17 µs 352.75 µs]

K-PKE enc 768           time:   [364.52 µs 365.25 µs 365.99 µs]

K-PKE dec 768           time:   [55.010 µs 55.263 µs 55.557 µs]

K-PKE cycle 1024        time:   [1.1052 ms 1.1073 ms 1.1096 ms]

K-PKE gen 1024          time:   [531.46 µs 532.08 µs 532.75 µs]

K-PKE enc 1024          time:   [509.15 µs 509.76 µs 510.45 µs]

K-PKE dec 1024          time:   [65.892 µs 65.950 µs 66.010 µs]

@jnsiemer jnsiemer self-assigned this Aug 21, 2025
@jnsiemer jnsiemer added the enhancement📈 New feature or request label Aug 21, 2025
Marvin-Beckmann
Marvin-Beckmann approved these changes Sep 26, 2025
View reviewed changes
Copy link
Member

@Marvin-Beckmann Marvin-Beckmann left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good, just a few comments that could be added in my opinion

src/construction/pk_encryption/k_pke.rs
Comment on lines 126 to 127
// 5 𝐀[𝑖,𝑗] ← SampleNTT(𝜌‖𝑗‖𝑖)
let mat_a = MatPolynomialRingZq::sample_uniform(self.k, self.k, &self.q);
Copy link
Member

@Marvin-Beckmann Marvin-Beckmann Sep 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sampling in NTT transform and plain coefficients is not necessarily the same. For uniform it is the same - maybe add a small comment or sth

Copy link
Member

@Marvin-Beckmann Marvin-Beckmann Sep 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should however add a comment, that we leave out the NTT here for simplicitly, because in formal algorithm 14 for K-PKE, the Matrix A is in NTT transform, so, maybe we should add a specific comment that A is not in NTT-form, as this might otherwise be quite confusing, similarly s and e

src/construction/pk_encryption/k_pke.rs
///
/// This implementation is not supposed to be an implementation of the FIPS 203 standard, but
/// is supposed to showcase the prototyping capabilities of `qfall` and does not cover compression algorithms
/// as specified in the FIPS 203 document or might deviate for the choice of matrix multiplication algorithms.
Copy link
Member

@Marvin-Beckmann Marvin-Beckmann Sep 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you could link the document in the same fashion we have done it so far for papers

@jnsiemer jnsiemer merged commit 8d5fe60 into dev Oct 7, 2025
2 checks passed
@jnsiemer jnsiemer deleted the k_pke branch October 7, 2025 09:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Marvin-Beckmann Marvin-Beckmann Marvin-Beckmann approved these changes

@LPorzenheim LPorzenheim Awaiting requested review from LPorzenheim

@Marcel583 Marcel583 Awaiting requested review from Marcel583

@3pmile 3pmile Awaiting requested review from 3pmile

Assignees

@jnsiemer jnsiemer

Labels

enhancement📈 New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jnsiemer @Marvin-Beckmann