FIPS 203 defines two input validations which are currently not done in ml-kem:
- The modulus check for
encapsulate (section 7.2)
- The hash check for
decapsulate (section 7.3)
I haven't checked the key loading functions from section 7.1 yet.
Is there a specific technical reason or API design reason why these checks are omitted? The spec mentions that these checks can be acquired through other means, but according to NIST 800-227 these mostly boil down to trusted sources.
If there is no technical/other reason for omitting these checks I would be happy to contribute them/
FIPS 203 defines two input validations which are currently not done in
ml-kem:encapsulate(section 7.2)decapsulate(section 7.3)I haven't checked the key loading functions from section 7.1 yet.
Is there a specific technical reason or API design reason why these checks are omitted? The spec mentions that these checks can be acquired through other means, but according to NIST 800-227 these mostly boil down to trusted sources.
If there is no technical/other reason for omitting these checks I would be happy to contribute them/