Reproducing ML-KEM accumulated tests

[rben-dev]

Hi,

First of all, thanks for these very useful ressources.
Regarding ML-KEM accumulated test vectors, would it be possible to have the code producing these? Also, do we agree that they concern the finalized FIP-203 standard (and not the ipd draft)?

Indeed, I fail reproducing them. I would gladly put the blame on my implementation, however my results fit the hash for 10,000 iteration provided in the go reference implementation of Kyber768 where I removed the dk hash update since it is not considered there. I wonder what I might be missing for reproducing those (also, I reproduce the textual output of the reference implementation test vector of Kyber768, at least for 10,000 iterations).

PS: same issues hold at least for ML-KEM-512 accumulated hashes, but I guess the root cause would be the same.

Thanks in advance,
Regards,

[rben-dev]

Hi again,

I actually stumbled upon PR #13 after opening the current issue. I have commented this PR to confirm that for the 10k and 1M accumulated tests for the three versions of ML-KEM, I have the same results.

I leave this issue opened for now until the PR is merged for people wondering why the vectors do not match the last version of the FIPS-203 standard.

Regards,