[PATCH 0/5] ML-KEM and X-Wing support

Linux cryptographic layer development
 help / color / mirror / Atom feed

From: Eric Biggers <ebiggers@kernel.org>
To: linux-crypto@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel <ardb@kernel.org>,
	"Jason A . Donenfeld" <Jason@zx2c4.com>,
	Herbert Xu <herbert@gondor.apana.org.au>,
	Ryan Appel <ryan.appel.333@gmail.com>,
	Chris Leech <cleech@redhat.com>,
	Eric Biggers <ebiggers@kernel.org>
Subject: [PATCH 0/5] ML-KEM and X-Wing support
Date: Mon, 25 May 2026 13:43:58 -0500	[thread overview]
Message-ID: <20260525184403.101818-1-ebiggers@kernel.org> (raw)

This series applies to v7.1-rc5.  It is a proof-of-concept that won't be
merged until there is an in-kernel user.  Multiple people have been
asking about this though, so I wanted to get ahead of the curve and
provide something that people can experiment with if needed.

This series adds support for "post-quantum" (i.e. quantum-resistant) key
encapsulation to the kernel's crypto library.  Specifically this
includes ML-KEM-768 and ML-KEM-1024, and the X-Wing hybrid KEM built on
top of it.  The ML-KEM functions are put in the CRYPTO_INTERNAL
namespace, as they will be used only as a component of hybrid KEMs.

It's likely this will eventually be useful for at least one of the
in-kernel users of classical key agreement schemes (currently NVMe
authentication, Bluetooth, and WireGuard).  However, the details of the
upgrade to "post-quantum" will be up to the protocol authors in each
case.  I suggest that X-Wing be chosen when possible.

Eric Biggers (5):
  lib/crypto: mlkem: Add ML-KEM-768 and ML-KEM-1024 support
  lib/crypto: mlkem: Add KUnit tests for ML-KEM
  lib/crypto: mlkem: Add FIPS 140-3 tests
  lib/crypto: xwing: Add support for X-Wing KEM
  lib/crypto: xwing: Add KUnit tests for X-Wing KEM

 Documentation/crypto/libcrypto-asymmetric.rst |   27 +
 Documentation/crypto/libcrypto-signature.rst  |   11 -
 Documentation/crypto/libcrypto.rst            |    2 +-
 include/crypto/mlkem.h                        |  159 +++
 include/crypto/xwing.h                        |   84 ++
 lib/crypto/.kunitconfig                       |    2 +
 lib/crypto/Kconfig                            |   17 +
 lib/crypto/Makefile                           |   10 +
 lib/crypto/fips-mlkem.h                       |  523 +++++++++
 lib/crypto/mlkem.c                            | 1036 +++++++++++++++++
 lib/crypto/tests/Kconfig                      |   18 +
 lib/crypto/tests/Makefile                     |    2 +
 lib/crypto/tests/mlkem-testvecs.h             |   19 +
 lib/crypto/tests/mlkem_kunit.c                |  520 +++++++++
 lib/crypto/tests/xwing-testvecs.h             |  138 +++
 lib/crypto/tests/xwing_kunit.c                |  129 ++
 lib/crypto/xwing.c                            |  237 ++++
 scripts/crypto/import-mlkem-testvecs.py       |  179 +++
 scripts/crypto/import-xwing-testvecs.py       |  111 ++
 19 files changed, 3212 insertions(+), 12 deletions(-)
 create mode 100644 Documentation/crypto/libcrypto-asymmetric.rst
 delete mode 100644 Documentation/crypto/libcrypto-signature.rst
 create mode 100644 include/crypto/mlkem.h
 create mode 100644 include/crypto/xwing.h
 create mode 100644 lib/crypto/fips-mlkem.h
 create mode 100644 lib/crypto/mlkem.c
 create mode 100644 lib/crypto/tests/mlkem-testvecs.h
 create mode 100644 lib/crypto/tests/mlkem_kunit.c
 create mode 100644 lib/crypto/tests/xwing-testvecs.h
 create mode 100644 lib/crypto/tests/xwing_kunit.c
 create mode 100644 lib/crypto/xwing.c
 create mode 100755 scripts/crypto/import-mlkem-testvecs.py
 create mode 100755 scripts/crypto/import-xwing-testvecs.py


base-commit: e7ae89a0c97ce2b68b0983cd01eda67cf373517d
-- 
2.54.0

next             reply	other threads:[~2026-05-25 18:46 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-05-25 18:43 Eric Biggers [this message]
2026-05-25 18:43 ` [PATCH 1/5] lib/crypto: mlkem: Add ML-KEM-768 and ML-KEM-1024 support Eric Biggers
2026-05-25 18:44 ` [PATCH 2/5] lib/crypto: mlkem: Add KUnit tests for ML-KEM Eric Biggers
2026-05-25 18:44 ` [PATCH 3/5] lib/crypto: mlkem: Add FIPS 140-3 tests Eric Biggers
2026-05-25 18:44 ` [PATCH 4/5] lib/crypto: xwing: Add support for X-Wing KEM Eric Biggers
2026-05-25 18:44 ` [PATCH 5/5] lib/crypto: xwing: Add KUnit tests " Eric Biggers

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260525184403.101818-1-ebiggers@kernel.org \
    --to=ebiggers@kernel.org \
    --cc=Jason@zx2c4.com \
    --cc=ardb@kernel.org \
    --cc=cleech@redhat.com \
    --cc=herbert@gondor.apana.org.au \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=ryan.appel.333@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox