ML-DSA Parameter Set Monomorphization with Macros #732
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
karthikbhargavan
approved these changes
Jan 8, 2025
|
This PR does a bit more cleanup than just the const generic monomorphization.
|
|
You're right, there's more here than the monomorphization. Thanks for noting down the style changes! |
Eurydice can't handle associated types right now. So this changes it such that the Operations trait is implemented on top of a wrapper struct for the coefficients again. This requires the implementations of the trait to point into the struct again. But this is more self contained than propagating the generic type for the trait. I couldn't measure an impact on performance or stack size with this change
Co-authored-by: Jonas Schneider-Bensch <[email protected]>
Co-authored-by: Jonas Schneider-Bensch <[email protected]>
ML-DSA: Work around Eurydice limitations
franziskuskiefer
approved these changes
Jan 9, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The motivation for this PR is to mostly get rid of allocations below the level of
ml_dsa_generic. To this end,constgenerics are replaced by a macro-based manual monomorphization to the different parameter sets. In doing this, I've attempted to simplify parameter set specific constants, as well as platform instantiation and multiplexing.Essentially
ml_dsa_generic,constants, the instantiations inml_dsa_generic::instantiation::{portable, neon, avx2}andml_dsa_generic::multiplexingnow have (macro-generated) submodules for each parameter set which should be guarded by their respective feature flag. They contain:constants::ml_dsa_44/65/87: Parameter set specific constants go here. Theconstantsmodule also definesconst fns for deriving everything but the basic constants in the parameter set specific submodules.ml_dsa_generic::ml_dsa_44/65/87: A version of theml_dsa_generic::genericmodule where the parameter specific constants fromconstantsare pulled in and derived constants are derived using theconst fns fromconstants. The module also defines type aliasesMLDSA{44/65/87}SigningKey, MLDSA{44/65/87}VerificationKey, etc. This is achieved by theml_dsa_parameter_setsproc macro.instantiations::{portable, neon, avx2}::ml_dsa_44/65/87: The platform specific instantiations of the versions fromml_dsa_generic. In the case ofavx2that includes the application of thetarget_platform` cfg.multiplexing::ml_dsa_44/65/87`: Runtime multiplexing, reverting to a portable version if platform-specific version was not compiled in.I've verified that F* extraction still works and laxes. C extraction pending further updates.