Module aux_functions 

Implements auxiliary functions for ML-DSA as defined in Section 7 of FIPS 204.

Functions

byte_decode

Algorithm 6 ByteDecode_d(𝐵) Decodes a byte array into an array of 𝑑-bit integers for 1 ≤ 𝑑 ≤ 12. Input: byte array 𝐵 ∈ 𝔹32𝑑 . Output: integer array 𝐹 ∈ ℤ256 , where 𝑚 = 2𝑑 if 𝑑 < 12 and 𝑚 = 𝑞 if 𝑑 = 12. Note: this is exposed publicly only for testing purposes and there is no good reason to use it in production code.

byte_encode

Algorithm 5 ByteEncode_d(𝐹) Encodes an array of 𝑑-bit integers into a byte array for 1 ≤ 𝑑 ≤ 12. Input: integer array 𝐹 ∈ ℤ_M^256, where 𝑚 = 2^𝑑 if 𝑑 < 12, and 𝑚 = 𝑞 if 𝑑 = 12. Output: byte array 𝐵 ∈ 𝔹32𝑑. Note: this is exposed publicly only for testing purposes and there is no good reason to use it in production code.

sample_ntt

Algorithm 7 SampleNTT(𝐵) Takes a 32-byte seed and two indices as input and outputs a pseudorandom element of 𝑇𝑞. Input: byte array 𝐵 ∈ 𝔹34 . ▷ a 32-byte seed along with two indices Output: array 𝑎_hat ∈ ℤ256 ▷ the coefficients of the NTT of a polynomial Note: this is exposed publicly only for testing purposes and there is no good reason to use it in production code.

sample_poly_cbd

Algorithm 8 SamplePolyCBD (𝐵)𝜂 Takes a seed as input and outputs a pseudorandom sample from the distribution D𝜂(𝑅𝑞). Input: byte array 𝐵 ∈ 𝔹64𝜂. Output: array 𝑓 ∈ ℤ256 ▷ the coefficients of the sampled polynomial Note: this is exposed publicly only for testing purposes and there is no good reason to use it in production code.