New code likely to be submitted for the upcoming Linux 6.19 kernel would introduce ML-DSA/Dilithium post-quantum cryptography to be initially used for dealing with kernel module signing.
Red Hat engineer David Howells yesterday queued up the initial ML-DSA/Dilithium work into a linux-fs.git Git branch ahead of the Linux 6.19 merge window opening in early December. The code within the linux-fs.git “keys-pqc” branch include a big patch adding 5k+ lines of code for ML-DSA/Dilithium verify support for this post-quantum cryptography algorithm. Howells explained with that patch:
“Port the signature verification code from Stephan Mueller’s Leancrypto implementation of ML-DSA/Dilithium to the kernel. The keypair generation and signature generation is not included and nor is composite signature support to reduce code footprint size.
Apologies to Stephan, but I’ve stripped out a bunch of macros to do return checking and suchlike and removed a bunch of “lc_” prefixes from the code.
Composite signature support is mostly removed and none of the arch-specific code from Leancrypto has been included for the moment, so this is pure C.
The interface to this code is through the crypto_sig API as the PKCS#7 code wants to use that rather than calling it directly. As such, I’ve placed it in crypto/ rather than lib/crypto/. Only the verification hooks are implemented; the signing hooks return an error.”
That was followed by ML-DSA support for PKCS7 and x509. And then the final patch enabling ML-DSA module signing:
“modsign: Enable ML-DSA module signing
Allow ML-DSA module signing to be enabled.”
ML-DSA is believed to be secure against quantum computers and was standardized last year as FIPS 204.
We’ll see in the coming weeks if this “keys-pqc” branch gets submitted as part of the Linux 6.19 merge window.
