Patch ICICLE ML-KEM for deterministic encapsulation (#2258)

* patch ICICLE ML-KEM to include enc_derand, but they are not tested

Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>

* copy_from_upstream.py added deterministic encapsulation info to NTRU docs

Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>

---------

Signed-off-by: Ganyu (Bruce) Xu <g66xu@uwaterloo.ca>

docs/algorithms/kem/ntru.md

@@ -14,14 +14,14 @@
 
 ## Parameter set summary
 
-|   Parameter set    | Parameter set alias   | Security model   |   Claimed NIST Level |   Public key size (bytes) |   Secret key size (bytes) |   Ciphertext size (bytes) |   Shared secret size (bytes) | Keypair seed size (bytes)   |
+|   Parameter set    | Parameter set alias   | Security model   |   Claimed NIST Level |   Public key size (bytes) |   Secret key size (bytes) |   Ciphertext size (bytes) |   Shared secret size (bytes) | Keypair seed size (bytes)   | Encapsulation seed size (bytes)   |
-|:------------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:|:----------------------------|
+|:------------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:|:----------------------------|:----------------------------------|
-| NTRU-HPS-2048-509  | NA                    | IND-CCA2         |                    1 |                       699 |                       935 |                       699 |                           32 | NA                          |
+| NTRU-HPS-2048-509  | NA                    | IND-CCA2         |                    1 |                       699 |                       935 |                       699 |                           32 | NA                          | NA                                |
-| NTRU-HPS-2048-677  | NA                    | IND-CCA2         |                    3 |                       930 |                      1234 |                       930 |                           32 | NA                          |
+| NTRU-HPS-2048-677  | NA                    | IND-CCA2         |                    3 |                       930 |                      1234 |                       930 |                           32 | NA                          | NA                                |
-| NTRU-HPS-4096-821  | NA                    | IND-CCA2         |                    5 |                      1230 |                      1590 |                      1230 |                           32 | NA                          |
+| NTRU-HPS-4096-821  | NA                    | IND-CCA2         |                    5 |                      1230 |                      1590 |                      1230 |                           32 | NA                          | NA                                |
-| NTRU-HPS-4096-1229 | NA                    | IND-CCA2         |                    5 |                      1842 |                      2366 |                      1842 |                           32 | NA                          |
+| NTRU-HPS-4096-1229 | NA                    | IND-CCA2         |                    5 |                      1842 |                      2366 |                      1842 |                           32 | NA                          | NA                                |
-|   NTRU-HRSS-701    | NA                    | IND-CCA2         |                    3 |                      1138 |                      1450 |                      1138 |                           32 | NA                          |
+|   NTRU-HRSS-701    | NA                    | IND-CCA2         |                    3 |                      1138 |                      1450 |                      1138 |                           32 | NA                          | NA                                |
-|   NTRU-HRSS-1373   | NA                    | IND-CCA2         |                    5 |                      2401 |                      2983 |                      2401 |                           32 | NA                          |
+|   NTRU-HRSS-1373   | NA                    | IND-CCA2         |                    5 |                      2401 |                      2983 |                      2401 |                           32 | NA                          | NA                                |
 
 ## NTRU-HPS-2048-509 implementation characteristics
 

scripts/copy_from_upstream/copy_from_upstream.yml

@@ -54,7 +54,7 @@ upstreams:
     git_commit: 8f215fd845928abfc2bb7d5ca15db76b839bee5c
     kem_meta_path: '{pretty_name_full}_META.yml'
     kem_scheme_path: '.'
-    patches: []
+    patches: [icicle-mlkem-enc-derand.patch]
   -
     name: pqcrystals-dilithium
     git_url: https://github.com/pq-crystals/dilithium.git

scripts/copy_from_upstream/patches/icicle-mlkem-enc-derand.patch

@@ -0,0 +1,102 @@
+diff --git a/ML-KEM-1024_META.yml b/ML-KEM-1024_META.yml
+index 5ad054f..49aa71a 100644
+--- a/ML-KEM-1024_META.yml
++++ b/ML-KEM-1024_META.yml
+@@ -25,10 +25,11 @@ implementations:
+     version: FIPS203
+     signature_keypair: icicle_ml_kem_1024_keypair
+     signature_enc: icicle_ml_kem_1024_enc
++    signature_enc_derand: icicle_ml_kem_1024_enc_derand
+     signature_dec: icicle_ml_kem_1024_dec
+     sources: ./ml-kem-1024/icicle_ml-kem.cpp
+     supported_platforms:
+       - architecture: CUDA
+         operating_systems:
+           - Linux
+-          - Darwin
+\ No newline at end of file
++          - Darwin
+diff --git a/ML-KEM-512_META.yml b/ML-KEM-512_META.yml
+index c14cf33..c93caa1 100644
+--- a/ML-KEM-512_META.yml
++++ b/ML-KEM-512_META.yml
+@@ -25,10 +25,11 @@ implementations:
+     version: FIPS203
+     signature_keypair: icicle_ml_kem_512_keypair
+     signature_enc: icicle_ml_kem_512_enc
++    signature_enc_derand: icicle_ml_kem_512_enc_derand
+     signature_dec: icicle_ml_kem_512_dec
+     sources: ./ml-kem-512/icicle_ml-kem.cpp
+     supported_platforms:
+       - architecture: CUDA
+         operating_systems:
+           - Linux
+-          - Darwin
+\ No newline at end of file
++          - Darwin
+diff --git a/ML-KEM-768_META.yml b/ML-KEM-768_META.yml
+index a1b88a8..1d580a8 100644
+--- a/ML-KEM-768_META.yml
++++ b/ML-KEM-768_META.yml
+@@ -25,10 +25,11 @@ implementations:
+     version: FIPS203
+     signature_keypair: icicle_ml_kem_768_keypair
+     signature_enc: icicle_ml_kem_768_enc
++    signature_enc_derand: icicle_ml_kem_768_enc_derand
+     signature_dec: icicle_ml_kem_768_dec
+     sources: ./ml-kem-768/icicle_ml-kem.cpp
+     supported_platforms:
+       - architecture: CUDA
+         operating_systems:
+           - Linux
+-          - Darwin
+\ No newline at end of file
++          - Darwin
+diff --git a/icicle_cuda/ml-kem-1024/icicle_ml-kem.cpp b/icicle_cuda/ml-kem-1024/icicle_ml-kem.cpp
+index 33b38cb..793afb6 100644
+--- a/icicle_cuda/ml-kem-1024/icicle_ml-kem.cpp
++++ b/icicle_cuda/ml-kem-1024/icicle_ml-kem.cpp
+@@ -25,6 +25,11 @@ OQS_STATUS icicle_ml_kem_1024_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk) {
+     return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
+ }
+ 
++OQS_STATUS icicle_ml_kem_1024_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins) {
++    icicle::pqc::ml_kem::MlKemConfig config;
++    return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
++}
++
+ OQS_STATUS icicle_ml_kem_1024_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk) {
+     icicle::pqc::ml_kem::MlKemConfig config;
+     return icicle::pqc::ml_kem::decapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)sk, (std::byte*)ct, config, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
+diff --git a/icicle_cuda/ml-kem-512/icicle_ml-kem.cpp b/icicle_cuda/ml-kem-512/icicle_ml-kem.cpp
+index 89c4211..f73c539 100644
+--- a/icicle_cuda/ml-kem-512/icicle_ml-kem.cpp
++++ b/icicle_cuda/ml-kem-512/icicle_ml-kem.cpp
+@@ -25,6 +25,11 @@ OQS_STATUS icicle_ml_kem_512_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk) {
+     return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber512Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
+ }
+ 
++OQS_STATUS icicle_ml_kem_512_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins) {
++    icicle::pqc::ml_kem::MlKemConfig config;
++    return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber512Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
++}
++
+ OQS_STATUS icicle_ml_kem_512_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk) {
+     icicle::pqc::ml_kem::MlKemConfig config;
+     return icicle::pqc::ml_kem::decapsulate<icicle::pqc::ml_kem::Kyber512Params>((std::byte*)sk, (std::byte*)ct, config, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
+diff --git a/icicle_cuda/ml-kem-768/icicle_ml-kem.cpp b/icicle_cuda/ml-kem-768/icicle_ml-kem.cpp
+index 33b38cb..793afb6 100644
+--- a/icicle_cuda/ml-kem-768/icicle_ml-kem.cpp
++++ b/icicle_cuda/ml-kem-768/icicle_ml-kem.cpp
+@@ -25,6 +25,11 @@ OQS_STATUS icicle_ml_kem_1024_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk) {
+     return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
+ }
+ 
++OQS_STATUS icicle_ml_kem_1024_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins) {
++    icicle::pqc::ml_kem::MlKemConfig config;
++    return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
++}
++
+ OQS_STATUS icicle_ml_kem_1024_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk) {
+     icicle::pqc::ml_kem::MlKemConfig config;
+     return icicle::pqc::ml_kem::decapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)sk, (std::byte*)ct, config, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;

src/kem/ml_kem/icicle_ml-kem-1024_icicle_cuda/icicle_ml-kem.cpp

@@ -25,6 +25,11 @@ OQS_STATUS icicle_ml_kem_1024_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk) {
     return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
 }
 
+OQS_STATUS icicle_ml_kem_1024_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins) {
+    icicle::pqc::ml_kem::MlKemConfig config;
+    return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
+}
+
 OQS_STATUS icicle_ml_kem_1024_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk) {
     icicle::pqc::ml_kem::MlKemConfig config;
     return icicle::pqc::ml_kem::decapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)sk, (std::byte*)ct, config, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;

src/kem/ml_kem/icicle_ml-kem-512_icicle_cuda/icicle_ml-kem.cpp

@@ -25,6 +25,11 @@ OQS_STATUS icicle_ml_kem_512_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk) {
     return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber512Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
 }
 
+OQS_STATUS icicle_ml_kem_512_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins) {
+    icicle::pqc::ml_kem::MlKemConfig config;
+    return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber512Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
+}
+
 OQS_STATUS icicle_ml_kem_512_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk) {
     icicle::pqc::ml_kem::MlKemConfig config;
     return icicle::pqc::ml_kem::decapsulate<icicle::pqc::ml_kem::Kyber512Params>((std::byte*)sk, (std::byte*)ct, config, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;

src/kem/ml_kem/icicle_ml-kem-768_icicle_cuda/icicle_ml-kem.cpp

@@ -25,6 +25,11 @@ OQS_STATUS icicle_ml_kem_1024_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk) {
     return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
 }
 
+OQS_STATUS icicle_ml_kem_1024_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins) {
+    icicle::pqc::ml_kem::MlKemConfig config;
+    return icicle::pqc::ml_kem::encapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)coins, (std::byte*)pk, config, (std::byte*)ct, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;
+}
+
 OQS_STATUS icicle_ml_kem_1024_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk) {
     icicle::pqc::ml_kem::MlKemConfig config;
     return icicle::pqc::ml_kem::decapsulate<icicle::pqc::ml_kem::Kyber1024Params>((std::byte*)sk, (std::byte*)ct, config, (std::byte*)ss) == icicle::eIcicleError::SUCCESS ? OQS_SUCCESS : OQS_ERROR;

src/kem/ml_kem/kem_ml_kem_1024.c

@@ -68,6 +68,7 @@ extern int cupqc_ml_kem_1024_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *
 #if defined(OQS_ENABLE_KEM_ml_kem_1024_icicle_cuda)
 extern int icicle_ml_kem_1024_keypair(uint8_t *pk, uint8_t *sk);
 extern int icicle_ml_kem_1024_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
+extern int icicle_ml_kem_1024_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *seed);
 extern int icicle_ml_kem_1024_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 #endif
 #endif /* OQS_USE_ICICLE */
@@ -157,6 +158,8 @@ OQS_API OQS_STATUS OQS_KEM_ml_kem_1024_encaps_derand(uint8_t *ciphertext, uint8_
 #endif /* OQS_DIST_BUILD */
 #elif defined(OQS_ENABLE_KEM_ml_kem_1024_cuda)
 	return (OQS_STATUS) PQCLEAN_MLKEM1024_CUDA_crypto_kem_enc_derand(ciphertext, shared_secret, public_key, seed);
+#elif defined(OQS_ENABLE_KEM_ml_kem_1024_icicle_cuda)
+	return (OQS_STATUS) icicle_ml_kem_1024_enc_derand(ciphertext, shared_secret, public_key, seed);
 #else
 	return (OQS_STATUS) PQCP_MLKEM_NATIVE_MLKEM1024_C_enc_derand(ciphertext, shared_secret, public_key, seed);
 #endif

src/kem/ml_kem/kem_ml_kem_512.c

@@ -68,6 +68,7 @@ extern int cupqc_ml_kem_512_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *s
 #if defined(OQS_ENABLE_KEM_ml_kem_512_icicle_cuda)
 extern int icicle_ml_kem_512_keypair(uint8_t *pk, uint8_t *sk);
 extern int icicle_ml_kem_512_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
+extern int icicle_ml_kem_512_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *seed);
 extern int icicle_ml_kem_512_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 #endif
 #endif /* OQS_USE_ICICLE */
@@ -157,6 +158,8 @@ OQS_API OQS_STATUS OQS_KEM_ml_kem_512_encaps_derand(uint8_t *ciphertext, uint8_t
 #endif /* OQS_DIST_BUILD */
 #elif defined(OQS_ENABLE_KEM_ml_kem_512_cuda)
 	return (OQS_STATUS) PQCLEAN_MLKEM512_CUDA_crypto_kem_enc_derand(ciphertext, shared_secret, public_key, seed);
+#elif defined(OQS_ENABLE_KEM_ml_kem_512_icicle_cuda)
+	return (OQS_STATUS) icicle_ml_kem_512_enc_derand(ciphertext, shared_secret, public_key, seed);
 #else
 	return (OQS_STATUS) PQCP_MLKEM_NATIVE_MLKEM512_C_enc_derand(ciphertext, shared_secret, public_key, seed);
 #endif

src/kem/ml_kem/kem_ml_kem_768.c

@@ -68,6 +68,7 @@ extern int cupqc_ml_kem_768_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *s
 #if defined(OQS_ENABLE_KEM_ml_kem_768_icicle_cuda)
 extern int icicle_ml_kem_768_keypair(uint8_t *pk, uint8_t *sk);
 extern int icicle_ml_kem_768_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
+extern int icicle_ml_kem_768_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *seed);
 extern int icicle_ml_kem_768_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 #endif
 #endif /* OQS_USE_ICICLE */
@@ -157,6 +158,8 @@ OQS_API OQS_STATUS OQS_KEM_ml_kem_768_encaps_derand(uint8_t *ciphertext, uint8_t
 #endif /* OQS_DIST_BUILD */
 #elif defined(OQS_ENABLE_KEM_ml_kem_768_cuda)
 	return (OQS_STATUS) PQCLEAN_MLKEM768_CUDA_crypto_kem_enc_derand(ciphertext, shared_secret, public_key, seed);
+#elif defined(OQS_ENABLE_KEM_ml_kem_768_icicle_cuda)
+	return (OQS_STATUS) icicle_ml_kem_768_enc_derand(ciphertext, shared_secret, public_key, seed);
 #else
 	return (OQS_STATUS) PQCP_MLKEM_NATIVE_MLKEM768_C_enc_derand(ciphertext, shared_secret, public_key, seed);
 #endif