FIPS 204 ML-DSA Guide

Introduction

This guide explains how to use Kyber Club's FIPS 204 ML-DSA tools to generate quantum-safe keypairs, sign data, and verify signatures. We'll follow a scenario with Alice and Bob to illustrate the process. ML-DSA, based on the Module Learning With Errors (MLWE) problem, provides robust digital signatures to ensure data authenticity and integrity in a quantum future.

Use Scenario: Alice and Bob

Alice wants to sign a document to prove its authenticity to Bob, ensuring it remains verifiable even against quantum computer attacks. She uses Kyber Club's ML-DSA tools to generate a keypair and shares the public key with Bob. Alice signs the document, and Bob verifies the signature using her public key, confirming the document's integrity and origin.

Step-by-Step Guide

Follow these steps to use our ML-DSA tools effectively:

1. Generate a Keypair (Alice)

   Visit the keypair generation tool. This creates keypairs for ML-DSA-44, ML-DSA-65, and ML-DSA-87, each offering different security levels. We recommend ML-DSA-65 for a balance of security (Level 3) and performance, suitable for most applications.

   Action: Download each keypair or copy them to a secure location. For example, click 'Download' next to ML-DSA-65 to save 'ML-DSA-65-public.txt' and 'ML-DSA-65-private.txt'. Alternatively, use the 'Download All as ZIP' button to get all keypairs in one file.

   Important: Store both public and private keys securely. The private key must remain confidential and stored offline, as it cannot be regenerated. Without it, you cannot sign data, and existing signatures cannot be recreated.

2. Share the Public Key (Alice)

   Send the public key (e.g., 'ML-DSA-65-public.txt') to Bob via a trusted channel, such as secure email or messaging. Never share the private key.

   Tip: Confirm with Bob that he received the correct public key to ensure successful verification.

3. Sign Data (Alice)

   Alice visits the signing tool. She pastes her private key (e.g., from 'ML-DSA-65-private.txt') into the text box or uploads the private key file. Then, she enters the data to sign - either by pasting text (up to 1KB) or uploading a file (up to 5MB, such as a document or image).

   Action: Click 'Generate ML-DSA Signature'. The tool detects the ML-DSA variant (e.g., 65) from the private key and produces a signature. Alice can copy the signature or download it as a file (e.g., 'ml-dsa-65-signature.txt' for pasted data or 'document.pdf.ML-DSA-65.sig.txt' for files).

   Tip: Keep the original data unchanged, as it's needed for verification.

4. Send Data and Signature (Alice)

   Alice sends the original data and the signature to Bob. These can be sent via any channel, as the signature ensures authenticity and integrity.

5. Verify Signature (Bob)

   Bob visits the verification tool. He pastes Alice's public key (e.g., from 'ML-DSA-65-public.txt') or uploads the public key file. Then, he provides the original data (by pasting text up to 1KB or uploading a file up to 6MB) and the signature (by pasting or uploading the signature file, up to 10KB).

   Action: Click 'Validate ML-DSA Signature'. The tool verifies the signature and displays whether it is valid, confirming the data's authenticity and integrity (e.g., 'The signature for document.pdf ... is valid').

   Important: If the signature is invalid, check that the data, signature, and public key match exactly.

Safekeeping Your Keys

Your private key is critical for signing and cannot be regenerated. If lost, you cannot create new signatures, and existing signatures cannot be recreated. Follow these best practices:

• Store private keys offline, such as on a secure USB drive or encrypted storage device.
• Back up keys in multiple secure locations to prevent loss from hardware failure.
• Never share your private key, even with trusted parties.
• Use strong passwords and encryption for any device or file containing your keys.

Public keys can be shared freely but should be sent via a trusted channel to avoid tampering.

Additional Tips

• Choose the Right Variant: ML-DSA-65 is recommended for most users, offering strong security (Level 3) with good performance. Use ML-DSA-44 for lower resource needs or ML-DSA-87 for highly sensitive data requiring Level 5 security.
• Verify Inputs: Ensure private and public keys, data, and signatures are correct to avoid signing or verification failures.
• Data Size Limits: The signing tool accepts pasted text up to 1KB or files up to 5MB. The verification tool accepts text up to 1KB or files up to 6MB, with signatures up to 10KB.
• Security Assurance: Data and keys are processed in memory and not stored. See our Privacy Policy for details.
• Combine with Encryption: For confidential data, pair ML-DSA signatures with ML-KEM encapsulation using our FIPS 203 tools.

Need Help?

If you encounter errors, have questions, or wish to suggest improvements, please visit our contact page. We're here to help you secure your data with quantum-safe signatures.