We’re pleased to announce the v1.0.0-alpha release of mldsa-native, a new C90 library that allows developers to support the ML-DSA / FIPS 204 post-quantum cryptography standard with minimal performance and maintenance cost.
mldsa-native is designed with production deployments in mind:
- Minimal Dependencies: Written in portable C90 with minimal and configurable dependencies on the standard library, making it easy to integrate into diverse environments.
- Maintainability and Safety: Memory safety, type safety, and absence of various classes of timing leakage are automatically checked on every change using a combination of static model checking (CBMC) and dynamic instrumentation (valgrind). This reduces review and maintenance burden and accelerates safe code delivery.
- Architecture Support: Native backends are added under a unified interface, minimizing duplicated code and reasoning. mldsa-native comes with backends for AArch64 and x86-64.
- Governance: mldsa-native is supported by the Linux Foundation and Post-Quantum Cryptography Alliance.
This is a production-ready alpha release. External APIs are expected but not guaranteed to be stable. Feedback welcome! If you have any questions, please reach out to us or open an issue on https://github.com/pq-code-package/mldsa-native.
Getting involved
We welcome contributions and feedback from the community. Feel free to reach out on Discord or open an issue in the repository. For more details, see the README.
Contributed By: Hanno Becker (AWS), Matthias J. Kannwischer (Chelpis), and Jake Massimo (AWS)
Hanno Becker received a PhD in mathematics from the University of Bonn in 2015 and has since been working on various projects related to security, cryptography, and formal methods engineering. Hanno has a particular interest in high-performance + high-assurance post-quantum cryptography: He is the original author of the SLOTHY super-optimizer, co-maintainer of the Post-Quantum Cryptography libraries mlkem-native and mldsa-native, and member of the Technical Steering Committee of the Post-Quantum Cryptography Project (PQCP) under the Post-Quantum Cryptography Alliance (PQCA).
Matthias Kannwischer is based in Taipei, Taiwan, and represents the Taiwanese post-quantum cryptography startup, Chelpis Quantum Tech. He has made significant contributions to the PQ Code Package project and the mlkem-native implementations of ML-KEM, alongside Hanno Becker. Within the cryptographic implementations community, Matthias is widely recognized for his past work as a co-creator of the PQClean project and as the driving force behind PQM4—an influential library for post-quantum implementations on ARM Cortex-M4 devices.