NTRU Prime: Get random bytes in one shot and use corresponding KATs

Этот коммит содержится в:
John M. Schanck 2020-09-07 09:27:39 -04:00
родитель 7b93f968f1
Коммит 7c342d2039
18 изменённых файлов: 42 добавлений и 210 удалений

Просмотреть файл

@ -6,7 +6,7 @@ length-public-key: 897
length-secret-key: 1125
length-ciphertext: 1025
length-shared-secret: 32
nistkat-sha256: 6f8be58bb5d9785a0693fa8d34f5d89193757e1244e26f6182372c3e6de84fb2
nistkat-sha256: 1b24f14e46c7a2fe7d3b5b1d15f5d901311e1a94d64d35ee2e17a6deb7a75d61
principal-submitters:
- Daniel J. Bernstein
- Chitchanok Chuengsatiansup

Просмотреть файл

@ -107,25 +107,11 @@ static void Hash(unsigned char *out, const unsigned char *in, int inlen) {
/* ----- higher-level randomness */
static uint32 urandom32(void) {
unsigned char c[4];
uint32 out[4];
randombytes(c, 4);
out[0] = (uint32)c[0];
out[1] = ((uint32)c[1]) << 8;
out[2] = ((uint32)c[2]) << 16;
out[3] = ((uint32)c[3]) << 24;
return out[0] + out[1] + out[2] + out[3];
}
static void Short_random(small *out) {
uint32 L[p];
int i;
for (i = 0; i < p; ++i) {
L[i] = urandom32();
}
randombytes((unsigned char *) L, sizeof L);
crypto_decode_pxint32(L, (unsigned char *) L);
Short_fromlist(out, L);
}

Просмотреть файл

@ -107,25 +107,11 @@ static void Hash(unsigned char *out, const unsigned char *in, int inlen) {
/* ----- higher-level randomness */
static uint32 urandom32(void) {
unsigned char c[4];
uint32 out[4];
randombytes(c, 4);
out[0] = (uint32)c[0];
out[1] = ((uint32)c[1]) << 8;
out[2] = ((uint32)c[2]) << 16;
out[3] = ((uint32)c[3]) << 24;
return out[0] + out[1] + out[2] + out[3];
}
static void Short_random(small *out) {
uint32 L[p];
int i;
for (i = 0; i < p; ++i) {
L[i] = urandom32();
}
randombytes((unsigned char *) L, sizeof L);
crypto_decode_pxint32(L, (unsigned char *) L);
Short_fromlist(out, L);
}

Просмотреть файл

@ -6,7 +6,7 @@ length-public-key: 1039
length-secret-key: 1294
length-ciphertext: 1167
length-shared-secret: 32
nistkat-sha256: 212f68484864e927c674a656ea44ea0f47c048d0dd3518b102c98a9eacd16a72
nistkat-sha256: 06aa733e296035f1f171c4f48d1700571979cb0ccb27a4c0479c3ca32684797f
principal-submitters:
- Daniel J. Bernstein
- Chitchanok Chuengsatiansup

Просмотреть файл

@ -107,25 +107,11 @@ static void Hash(unsigned char *out, const unsigned char *in, int inlen) {
/* ----- higher-level randomness */
static uint32 urandom32(void) {
unsigned char c[4];
uint32 out[4];
randombytes(c, 4);
out[0] = (uint32)c[0];
out[1] = ((uint32)c[1]) << 8;
out[2] = ((uint32)c[2]) << 16;
out[3] = ((uint32)c[3]) << 24;
return out[0] + out[1] + out[2] + out[3];
}
static void Short_random(small *out) {
uint32 L[p];
int i;
for (i = 0; i < p; ++i) {
L[i] = urandom32();
}
randombytes((unsigned char *) L, sizeof L);
crypto_decode_pxint32(L, (unsigned char *) L);
Short_fromlist(out, L);
}

Просмотреть файл

@ -107,25 +107,11 @@ static void Hash(unsigned char *out, const unsigned char *in, int inlen) {
/* ----- higher-level randomness */
static uint32 urandom32(void) {
unsigned char c[4];
uint32 out[4];
randombytes(c, 4);
out[0] = (uint32)c[0];
out[1] = ((uint32)c[1]) << 8;
out[2] = ((uint32)c[2]) << 16;
out[3] = ((uint32)c[3]) << 24;
return out[0] + out[1] + out[2] + out[3];
}
static void Short_random(small *out) {
uint32 L[p];
int i;
for (i = 0; i < p; ++i) {
L[i] = urandom32();
}
randombytes((unsigned char *) L, sizeof L);
crypto_decode_pxint32(L, (unsigned char *) L);
Short_fromlist(out, L);
}

Просмотреть файл

@ -6,7 +6,7 @@ length-public-key: 1184
length-secret-key: 1463
length-ciphertext: 1312
length-shared-secret: 32
nistkat-sha256: cc8c8b8f3e31c07cce27c0e54c636884426593bf0f71c6e9215bde2ed3f516ef
nistkat-sha256: b5816d6156b856a42b9152322b23aca53db17c67c8b30ba660e1ff6d389d2608
principal-submitters:
- Daniel J. Bernstein
- Chitchanok Chuengsatiansup

Просмотреть файл

@ -107,25 +107,11 @@ static void Hash(unsigned char *out, const unsigned char *in, int inlen) {
/* ----- higher-level randomness */
static uint32 urandom32(void) {
unsigned char c[4];
uint32 out[4];
randombytes(c, 4);
out[0] = (uint32)c[0];
out[1] = ((uint32)c[1]) << 8;
out[2] = ((uint32)c[2]) << 16;
out[3] = ((uint32)c[3]) << 24;
return out[0] + out[1] + out[2] + out[3];
}
static void Short_random(small *out) {
uint32 L[p];
int i;
for (i = 0; i < p; ++i) {
L[i] = urandom32();
}
randombytes((unsigned char *) L, sizeof L);
crypto_decode_pxint32(L, (unsigned char *) L);
Short_fromlist(out, L);
}

Просмотреть файл

@ -107,25 +107,11 @@ static void Hash(unsigned char *out, const unsigned char *in, int inlen) {
/* ----- higher-level randomness */
static uint32 urandom32(void) {
unsigned char c[4];
uint32 out[4];
randombytes(c, 4);
out[0] = (uint32)c[0];
out[1] = ((uint32)c[1]) << 8;
out[2] = ((uint32)c[2]) << 16;
out[3] = ((uint32)c[3]) << 24;
return out[0] + out[1] + out[2] + out[3];
}
static void Short_random(small *out) {
uint32 L[p];
int i;
for (i = 0; i < p; ++i) {
L[i] = urandom32();
}
randombytes((unsigned char *) L, sizeof L);
crypto_decode_pxint32(L, (unsigned char *) L);
Short_fromlist(out, L);
}

Просмотреть файл

@ -6,7 +6,7 @@ length-public-key: 994
length-secret-key: 1518
length-ciphertext: 897
length-shared-secret: 32
nistkat-sha256: 91dae8987131825001061f9d194bbfde53b3d17f3962f6992a3ec5fa3cf141d7
nistkat-sha256: 0d8643f1c81a20f4de836542224c49f01a3d4498d612f98577d76710896ed7fc
principal-submitters:
- Daniel J. Bernstein
- Chitchanok Chuengsatiansup

Просмотреть файл

@ -73,25 +73,12 @@ static void Hash(unsigned char *out, const unsigned char *in, int inlen) {
/* ----- higher-level randomness */
static uint32 urandom32(void) {
unsigned char c[4];
uint32 out[4];
randombytes(c, 4);
out[0] = (uint32)c[0];
out[1] = ((uint32)c[1]) << 8;
out[2] = ((uint32)c[2]) << 16;
out[3] = ((uint32)c[3]) << 24;
return out[0] + out[1] + out[2] + out[3];
}
static void Short_random(small *out) {
uint32 L[ppadsort];
int i;
for (i = 0; i < ppadsort; ++i) {
L[i] = urandom32();
}
randombytes((unsigned char *) L, 4 * p);
crypto_decode_pxint32(L, (unsigned char *) L);
for (i = 0; i < w; ++i) {
L[i] = L[i] & (uint32) - 2;
}
@ -111,9 +98,8 @@ static void Small_random(small *out) {
uint32 L[p];
int i;
for (i = 0; i < p; ++i) {
L[i] = urandom32();
}
randombytes((unsigned char *) L, sizeof L);
crypto_decode_pxint32(L, (unsigned char *) L);
for (i = 0; i < p; ++i) {
out[i] = (small) ((((L[i] & 0x3fffffff) * 3) >> 30) - 1);
}

Просмотреть файл

@ -73,25 +73,12 @@ static void Hash(unsigned char *out, const unsigned char *in, int inlen) {
/* ----- higher-level randomness */
static uint32 urandom32(void) {
unsigned char c[4];
uint32 out[4];
randombytes(c, 4);
out[0] = (uint32)c[0];
out[1] = ((uint32)c[1]) << 8;
out[2] = ((uint32)c[2]) << 16;
out[3] = ((uint32)c[3]) << 24;
return out[0] + out[1] + out[2] + out[3];
}
static void Short_random(small *out) {
uint32 L[ppadsort];
int i;
for (i = 0; i < ppadsort; ++i) {
L[i] = urandom32();
}
randombytes((unsigned char *) L, 4 * p);
crypto_decode_pxint32(L, (unsigned char *) L);
for (i = 0; i < w; ++i) {
L[i] = L[i] & (uint32) - 2;
}
@ -111,9 +98,8 @@ static void Small_random(small *out) {
uint32 L[p];
int i;
for (i = 0; i < p; ++i) {
L[i] = urandom32();
}
randombytes((unsigned char *) L, sizeof L);
crypto_decode_pxint32(L, (unsigned char *) L);
for (i = 0; i < p; ++i) {
out[i] = (small) ((((L[i] & 0x3fffffff) * 3) >> 30) - 1);
}

Просмотреть файл

@ -6,7 +6,7 @@ length-public-key: 1158
length-secret-key: 1763
length-ciphertext: 1039
length-shared-secret: 32
nistkat-sha256: 2eba10673b9077530ba9c063d22f2534e415a6da42985c333c6baee133cc0ff1
nistkat-sha256: afc42c3a5b10f4ef69654250097ebda9b9564570f4086744b24a6daf2bd1f89a
principal-submitters:
- Daniel J. Bernstein
- Chitchanok Chuengsatiansup

Просмотреть файл

@ -73,25 +73,12 @@ static void Hash(unsigned char *out, const unsigned char *in, int inlen) {
/* ----- higher-level randomness */
static uint32 urandom32(void) {
unsigned char c[4];
uint32 out[4];
randombytes(c, 4);
out[0] = (uint32)c[0];
out[1] = ((uint32)c[1]) << 8;
out[2] = ((uint32)c[2]) << 16;
out[3] = ((uint32)c[3]) << 24;
return out[0] + out[1] + out[2] + out[3];
}
static void Short_random(small *out) {
uint32 L[ppadsort];
int i;
for (i = 0; i < ppadsort; ++i) {
L[i] = urandom32();
}
randombytes((unsigned char *) L, 4 * p);
crypto_decode_pxint32(L, (unsigned char *) L);
for (i = 0; i < w; ++i) {
L[i] = L[i] & (uint32) - 2;
}
@ -111,9 +98,8 @@ static void Small_random(small *out) {
uint32 L[p];
int i;
for (i = 0; i < p; ++i) {
L[i] = urandom32();
}
randombytes((unsigned char *) L, sizeof L);
crypto_decode_pxint32(L, (unsigned char *) L);
for (i = 0; i < p; ++i) {
out[i] = (small) ((((L[i] & 0x3fffffff) * 3) >> 30) - 1);
}

Просмотреть файл

@ -73,25 +73,12 @@ static void Hash(unsigned char *out, const unsigned char *in, int inlen) {
/* ----- higher-level randomness */
static uint32 urandom32(void) {
unsigned char c[4];
uint32 out[4];
randombytes(c, 4);
out[0] = (uint32)c[0];
out[1] = ((uint32)c[1]) << 8;
out[2] = ((uint32)c[2]) << 16;
out[3] = ((uint32)c[3]) << 24;
return out[0] + out[1] + out[2] + out[3];
}
static void Short_random(small *out) {
uint32 L[ppadsort];
int i;
for (i = 0; i < ppadsort; ++i) {
L[i] = urandom32();
}
randombytes((unsigned char *) L, 4 * p);
crypto_decode_pxint32(L, (unsigned char *) L);
for (i = 0; i < w; ++i) {
L[i] = L[i] & (uint32) - 2;
}
@ -111,9 +98,8 @@ static void Small_random(small *out) {
uint32 L[p];
int i;
for (i = 0; i < p; ++i) {
L[i] = urandom32();
}
randombytes((unsigned char *) L, sizeof L);
crypto_decode_pxint32(L, (unsigned char *) L);
for (i = 0; i < p; ++i) {
out[i] = (small) ((((L[i] & 0x3fffffff) * 3) >> 30) - 1);
}

Просмотреть файл

@ -6,7 +6,7 @@ length-public-key: 1322
length-secret-key: 1999
length-ciphertext: 1184
length-shared-secret: 32
nistkat-sha256: eb63dfbd70483c57c558f00db8211a723255c0c86e395ab4ce88148a623b2d27
nistkat-sha256: 8e58185a923122f15522eba1626f7f01f5bd5aa4503c1245df88f0e31a22d967
principal-submitters:
- Daniel J. Bernstein
- Chitchanok Chuengsatiansup

Просмотреть файл

@ -73,25 +73,12 @@ static void Hash(unsigned char *out, const unsigned char *in, int inlen) {
/* ----- higher-level randomness */
static uint32 urandom32(void) {
unsigned char c[4];
uint32 out[4];
randombytes(c, 4);
out[0] = (uint32)c[0];
out[1] = ((uint32)c[1]) << 8;
out[2] = ((uint32)c[2]) << 16;
out[3] = ((uint32)c[3]) << 24;
return out[0] + out[1] + out[2] + out[3];
}
static void Short_random(small *out) {
uint32 L[ppadsort];
int i;
for (i = 0; i < ppadsort; ++i) {
L[i] = urandom32();
}
randombytes((unsigned char *) L, 4 * p);
crypto_decode_pxint32(L, (unsigned char *) L);
for (i = 0; i < w; ++i) {
L[i] = L[i] & (uint32) - 2;
}
@ -111,9 +98,8 @@ static void Small_random(small *out) {
uint32 L[p];
int i;
for (i = 0; i < p; ++i) {
L[i] = urandom32();
}
randombytes((unsigned char *) L, sizeof L);
crypto_decode_pxint32(L, (unsigned char *) L);
for (i = 0; i < p; ++i) {
out[i] = (small) ((((L[i] & 0x3fffffff) * 3) >> 30) - 1);
}

Просмотреть файл

@ -73,25 +73,12 @@ static void Hash(unsigned char *out, const unsigned char *in, int inlen) {
/* ----- higher-level randomness */
static uint32 urandom32(void) {
unsigned char c[4];
uint32 out[4];
randombytes(c, 4);
out[0] = (uint32)c[0];
out[1] = ((uint32)c[1]) << 8;
out[2] = ((uint32)c[2]) << 16;
out[3] = ((uint32)c[3]) << 24;
return out[0] + out[1] + out[2] + out[3];
}
static void Short_random(small *out) {
uint32 L[ppadsort];
int i;
for (i = 0; i < ppadsort; ++i) {
L[i] = urandom32();
}
randombytes((unsigned char *) L, 4 * p);
crypto_decode_pxint32(L, (unsigned char *) L);
for (i = 0; i < w; ++i) {
L[i] = L[i] & (uint32) - 2;
}
@ -111,9 +98,8 @@ static void Small_random(small *out) {
uint32 L[p];
int i;
for (i = 0; i < p; ++i) {
L[i] = urandom32();
}
randombytes((unsigned char *) L, sizeof L);
crypto_decode_pxint32(L, (unsigned char *) L);
for (i = 0; i < p; ++i) {
out[i] = (small) ((((L[i] & 0x3fffffff) * 3) >> 30) - 1);
}