NTRU Prime: Get random bytes in one shot and use corresponding KATs
This commit is contained in:
förälder
7b93f968f1
incheckning
7c342d2039
@ -6,7 +6,7 @@ length-public-key: 897
|
||||
length-secret-key: 1125
|
||||
length-ciphertext: 1025
|
||||
length-shared-secret: 32
|
||||
nistkat-sha256: 6f8be58bb5d9785a0693fa8d34f5d89193757e1244e26f6182372c3e6de84fb2
|
||||
nistkat-sha256: 1b24f14e46c7a2fe7d3b5b1d15f5d901311e1a94d64d35ee2e17a6deb7a75d61
|
||||
principal-submitters:
|
||||
- Daniel J. Bernstein
|
||||
- Chitchanok Chuengsatiansup
|
||||
|
@ -107,25 +107,11 @@ static void Hash(unsigned char *out, const unsigned char *in, int inlen) {
|
||||
|
||||
/* ----- higher-level randomness */
|
||||
|
||||
static uint32 urandom32(void) {
|
||||
unsigned char c[4];
|
||||
uint32 out[4];
|
||||
|
||||
randombytes(c, 4);
|
||||
out[0] = (uint32)c[0];
|
||||
out[1] = ((uint32)c[1]) << 8;
|
||||
out[2] = ((uint32)c[2]) << 16;
|
||||
out[3] = ((uint32)c[3]) << 24;
|
||||
return out[0] + out[1] + out[2] + out[3];
|
||||
}
|
||||
|
||||
static void Short_random(small *out) {
|
||||
uint32 L[p];
|
||||
int i;
|
||||
|
||||
for (i = 0; i < p; ++i) {
|
||||
L[i] = urandom32();
|
||||
}
|
||||
randombytes((unsigned char *) L, sizeof L);
|
||||
crypto_decode_pxint32(L, (unsigned char *) L);
|
||||
Short_fromlist(out, L);
|
||||
}
|
||||
|
||||
|
@ -107,25 +107,11 @@ static void Hash(unsigned char *out, const unsigned char *in, int inlen) {
|
||||
|
||||
/* ----- higher-level randomness */
|
||||
|
||||
static uint32 urandom32(void) {
|
||||
unsigned char c[4];
|
||||
uint32 out[4];
|
||||
|
||||
randombytes(c, 4);
|
||||
out[0] = (uint32)c[0];
|
||||
out[1] = ((uint32)c[1]) << 8;
|
||||
out[2] = ((uint32)c[2]) << 16;
|
||||
out[3] = ((uint32)c[3]) << 24;
|
||||
return out[0] + out[1] + out[2] + out[3];
|
||||
}
|
||||
|
||||
static void Short_random(small *out) {
|
||||
uint32 L[p];
|
||||
int i;
|
||||
|
||||
for (i = 0; i < p; ++i) {
|
||||
L[i] = urandom32();
|
||||
}
|
||||
randombytes((unsigned char *) L, sizeof L);
|
||||
crypto_decode_pxint32(L, (unsigned char *) L);
|
||||
Short_fromlist(out, L);
|
||||
}
|
||||
|
||||
|
@ -6,7 +6,7 @@ length-public-key: 1039
|
||||
length-secret-key: 1294
|
||||
length-ciphertext: 1167
|
||||
length-shared-secret: 32
|
||||
nistkat-sha256: 212f68484864e927c674a656ea44ea0f47c048d0dd3518b102c98a9eacd16a72
|
||||
nistkat-sha256: 06aa733e296035f1f171c4f48d1700571979cb0ccb27a4c0479c3ca32684797f
|
||||
principal-submitters:
|
||||
- Daniel J. Bernstein
|
||||
- Chitchanok Chuengsatiansup
|
||||
|
@ -107,25 +107,11 @@ static void Hash(unsigned char *out, const unsigned char *in, int inlen) {
|
||||
|
||||
/* ----- higher-level randomness */
|
||||
|
||||
static uint32 urandom32(void) {
|
||||
unsigned char c[4];
|
||||
uint32 out[4];
|
||||
|
||||
randombytes(c, 4);
|
||||
out[0] = (uint32)c[0];
|
||||
out[1] = ((uint32)c[1]) << 8;
|
||||
out[2] = ((uint32)c[2]) << 16;
|
||||
out[3] = ((uint32)c[3]) << 24;
|
||||
return out[0] + out[1] + out[2] + out[3];
|
||||
}
|
||||
|
||||
static void Short_random(small *out) {
|
||||
uint32 L[p];
|
||||
int i;
|
||||
|
||||
for (i = 0; i < p; ++i) {
|
||||
L[i] = urandom32();
|
||||
}
|
||||
randombytes((unsigned char *) L, sizeof L);
|
||||
crypto_decode_pxint32(L, (unsigned char *) L);
|
||||
Short_fromlist(out, L);
|
||||
}
|
||||
|
||||
|
@ -107,25 +107,11 @@ static void Hash(unsigned char *out, const unsigned char *in, int inlen) {
|
||||
|
||||
/* ----- higher-level randomness */
|
||||
|
||||
static uint32 urandom32(void) {
|
||||
unsigned char c[4];
|
||||
uint32 out[4];
|
||||
|
||||
randombytes(c, 4);
|
||||
out[0] = (uint32)c[0];
|
||||
out[1] = ((uint32)c[1]) << 8;
|
||||
out[2] = ((uint32)c[2]) << 16;
|
||||
out[3] = ((uint32)c[3]) << 24;
|
||||
return out[0] + out[1] + out[2] + out[3];
|
||||
}
|
||||
|
||||
static void Short_random(small *out) {
|
||||
uint32 L[p];
|
||||
int i;
|
||||
|
||||
for (i = 0; i < p; ++i) {
|
||||
L[i] = urandom32();
|
||||
}
|
||||
randombytes((unsigned char *) L, sizeof L);
|
||||
crypto_decode_pxint32(L, (unsigned char *) L);
|
||||
Short_fromlist(out, L);
|
||||
}
|
||||
|
||||
|
@ -6,7 +6,7 @@ length-public-key: 1184
|
||||
length-secret-key: 1463
|
||||
length-ciphertext: 1312
|
||||
length-shared-secret: 32
|
||||
nistkat-sha256: cc8c8b8f3e31c07cce27c0e54c636884426593bf0f71c6e9215bde2ed3f516ef
|
||||
nistkat-sha256: b5816d6156b856a42b9152322b23aca53db17c67c8b30ba660e1ff6d389d2608
|
||||
principal-submitters:
|
||||
- Daniel J. Bernstein
|
||||
- Chitchanok Chuengsatiansup
|
||||
|
@ -107,25 +107,11 @@ static void Hash(unsigned char *out, const unsigned char *in, int inlen) {
|
||||
|
||||
/* ----- higher-level randomness */
|
||||
|
||||
static uint32 urandom32(void) {
|
||||
unsigned char c[4];
|
||||
uint32 out[4];
|
||||
|
||||
randombytes(c, 4);
|
||||
out[0] = (uint32)c[0];
|
||||
out[1] = ((uint32)c[1]) << 8;
|
||||
out[2] = ((uint32)c[2]) << 16;
|
||||
out[3] = ((uint32)c[3]) << 24;
|
||||
return out[0] + out[1] + out[2] + out[3];
|
||||
}
|
||||
|
||||
static void Short_random(small *out) {
|
||||
uint32 L[p];
|
||||
int i;
|
||||
|
||||
for (i = 0; i < p; ++i) {
|
||||
L[i] = urandom32();
|
||||
}
|
||||
randombytes((unsigned char *) L, sizeof L);
|
||||
crypto_decode_pxint32(L, (unsigned char *) L);
|
||||
Short_fromlist(out, L);
|
||||
}
|
||||
|
||||
|
@ -107,25 +107,11 @@ static void Hash(unsigned char *out, const unsigned char *in, int inlen) {
|
||||
|
||||
/* ----- higher-level randomness */
|
||||
|
||||
static uint32 urandom32(void) {
|
||||
unsigned char c[4];
|
||||
uint32 out[4];
|
||||
|
||||
randombytes(c, 4);
|
||||
out[0] = (uint32)c[0];
|
||||
out[1] = ((uint32)c[1]) << 8;
|
||||
out[2] = ((uint32)c[2]) << 16;
|
||||
out[3] = ((uint32)c[3]) << 24;
|
||||
return out[0] + out[1] + out[2] + out[3];
|
||||
}
|
||||
|
||||
static void Short_random(small *out) {
|
||||
uint32 L[p];
|
||||
int i;
|
||||
|
||||
for (i = 0; i < p; ++i) {
|
||||
L[i] = urandom32();
|
||||
}
|
||||
randombytes((unsigned char *) L, sizeof L);
|
||||
crypto_decode_pxint32(L, (unsigned char *) L);
|
||||
Short_fromlist(out, L);
|
||||
}
|
||||
|
||||
|
@ -6,7 +6,7 @@ length-public-key: 994
|
||||
length-secret-key: 1518
|
||||
length-ciphertext: 897
|
||||
length-shared-secret: 32
|
||||
nistkat-sha256: 91dae8987131825001061f9d194bbfde53b3d17f3962f6992a3ec5fa3cf141d7
|
||||
nistkat-sha256: 0d8643f1c81a20f4de836542224c49f01a3d4498d612f98577d76710896ed7fc
|
||||
principal-submitters:
|
||||
- Daniel J. Bernstein
|
||||
- Chitchanok Chuengsatiansup
|
||||
|
@ -73,25 +73,12 @@ static void Hash(unsigned char *out, const unsigned char *in, int inlen) {
|
||||
|
||||
/* ----- higher-level randomness */
|
||||
|
||||
static uint32 urandom32(void) {
|
||||
unsigned char c[4];
|
||||
uint32 out[4];
|
||||
|
||||
randombytes(c, 4);
|
||||
out[0] = (uint32)c[0];
|
||||
out[1] = ((uint32)c[1]) << 8;
|
||||
out[2] = ((uint32)c[2]) << 16;
|
||||
out[3] = ((uint32)c[3]) << 24;
|
||||
return out[0] + out[1] + out[2] + out[3];
|
||||
}
|
||||
|
||||
static void Short_random(small *out) {
|
||||
uint32 L[ppadsort];
|
||||
int i;
|
||||
|
||||
for (i = 0; i < ppadsort; ++i) {
|
||||
L[i] = urandom32();
|
||||
}
|
||||
randombytes((unsigned char *) L, 4 * p);
|
||||
crypto_decode_pxint32(L, (unsigned char *) L);
|
||||
for (i = 0; i < w; ++i) {
|
||||
L[i] = L[i] & (uint32) - 2;
|
||||
}
|
||||
@ -111,9 +98,8 @@ static void Small_random(small *out) {
|
||||
uint32 L[p];
|
||||
int i;
|
||||
|
||||
for (i = 0; i < p; ++i) {
|
||||
L[i] = urandom32();
|
||||
}
|
||||
randombytes((unsigned char *) L, sizeof L);
|
||||
crypto_decode_pxint32(L, (unsigned char *) L);
|
||||
for (i = 0; i < p; ++i) {
|
||||
out[i] = (small) ((((L[i] & 0x3fffffff) * 3) >> 30) - 1);
|
||||
}
|
||||
|
@ -73,25 +73,12 @@ static void Hash(unsigned char *out, const unsigned char *in, int inlen) {
|
||||
|
||||
/* ----- higher-level randomness */
|
||||
|
||||
static uint32 urandom32(void) {
|
||||
unsigned char c[4];
|
||||
uint32 out[4];
|
||||
|
||||
randombytes(c, 4);
|
||||
out[0] = (uint32)c[0];
|
||||
out[1] = ((uint32)c[1]) << 8;
|
||||
out[2] = ((uint32)c[2]) << 16;
|
||||
out[3] = ((uint32)c[3]) << 24;
|
||||
return out[0] + out[1] + out[2] + out[3];
|
||||
}
|
||||
|
||||
static void Short_random(small *out) {
|
||||
uint32 L[ppadsort];
|
||||
int i;
|
||||
|
||||
for (i = 0; i < ppadsort; ++i) {
|
||||
L[i] = urandom32();
|
||||
}
|
||||
randombytes((unsigned char *) L, 4 * p);
|
||||
crypto_decode_pxint32(L, (unsigned char *) L);
|
||||
for (i = 0; i < w; ++i) {
|
||||
L[i] = L[i] & (uint32) - 2;
|
||||
}
|
||||
@ -111,9 +98,8 @@ static void Small_random(small *out) {
|
||||
uint32 L[p];
|
||||
int i;
|
||||
|
||||
for (i = 0; i < p; ++i) {
|
||||
L[i] = urandom32();
|
||||
}
|
||||
randombytes((unsigned char *) L, sizeof L);
|
||||
crypto_decode_pxint32(L, (unsigned char *) L);
|
||||
for (i = 0; i < p; ++i) {
|
||||
out[i] = (small) ((((L[i] & 0x3fffffff) * 3) >> 30) - 1);
|
||||
}
|
||||
|
@ -6,7 +6,7 @@ length-public-key: 1158
|
||||
length-secret-key: 1763
|
||||
length-ciphertext: 1039
|
||||
length-shared-secret: 32
|
||||
nistkat-sha256: 2eba10673b9077530ba9c063d22f2534e415a6da42985c333c6baee133cc0ff1
|
||||
nistkat-sha256: afc42c3a5b10f4ef69654250097ebda9b9564570f4086744b24a6daf2bd1f89a
|
||||
principal-submitters:
|
||||
- Daniel J. Bernstein
|
||||
- Chitchanok Chuengsatiansup
|
||||
|
@ -73,25 +73,12 @@ static void Hash(unsigned char *out, const unsigned char *in, int inlen) {
|
||||
|
||||
/* ----- higher-level randomness */
|
||||
|
||||
static uint32 urandom32(void) {
|
||||
unsigned char c[4];
|
||||
uint32 out[4];
|
||||
|
||||
randombytes(c, 4);
|
||||
out[0] = (uint32)c[0];
|
||||
out[1] = ((uint32)c[1]) << 8;
|
||||
out[2] = ((uint32)c[2]) << 16;
|
||||
out[3] = ((uint32)c[3]) << 24;
|
||||
return out[0] + out[1] + out[2] + out[3];
|
||||
}
|
||||
|
||||
static void Short_random(small *out) {
|
||||
uint32 L[ppadsort];
|
||||
int i;
|
||||
|
||||
for (i = 0; i < ppadsort; ++i) {
|
||||
L[i] = urandom32();
|
||||
}
|
||||
randombytes((unsigned char *) L, 4 * p);
|
||||
crypto_decode_pxint32(L, (unsigned char *) L);
|
||||
for (i = 0; i < w; ++i) {
|
||||
L[i] = L[i] & (uint32) - 2;
|
||||
}
|
||||
@ -111,9 +98,8 @@ static void Small_random(small *out) {
|
||||
uint32 L[p];
|
||||
int i;
|
||||
|
||||
for (i = 0; i < p; ++i) {
|
||||
L[i] = urandom32();
|
||||
}
|
||||
randombytes((unsigned char *) L, sizeof L);
|
||||
crypto_decode_pxint32(L, (unsigned char *) L);
|
||||
for (i = 0; i < p; ++i) {
|
||||
out[i] = (small) ((((L[i] & 0x3fffffff) * 3) >> 30) - 1);
|
||||
}
|
||||
|
@ -73,25 +73,12 @@ static void Hash(unsigned char *out, const unsigned char *in, int inlen) {
|
||||
|
||||
/* ----- higher-level randomness */
|
||||
|
||||
static uint32 urandom32(void) {
|
||||
unsigned char c[4];
|
||||
uint32 out[4];
|
||||
|
||||
randombytes(c, 4);
|
||||
out[0] = (uint32)c[0];
|
||||
out[1] = ((uint32)c[1]) << 8;
|
||||
out[2] = ((uint32)c[2]) << 16;
|
||||
out[3] = ((uint32)c[3]) << 24;
|
||||
return out[0] + out[1] + out[2] + out[3];
|
||||
}
|
||||
|
||||
static void Short_random(small *out) {
|
||||
uint32 L[ppadsort];
|
||||
int i;
|
||||
|
||||
for (i = 0; i < ppadsort; ++i) {
|
||||
L[i] = urandom32();
|
||||
}
|
||||
randombytes((unsigned char *) L, 4 * p);
|
||||
crypto_decode_pxint32(L, (unsigned char *) L);
|
||||
for (i = 0; i < w; ++i) {
|
||||
L[i] = L[i] & (uint32) - 2;
|
||||
}
|
||||
@ -111,9 +98,8 @@ static void Small_random(small *out) {
|
||||
uint32 L[p];
|
||||
int i;
|
||||
|
||||
for (i = 0; i < p; ++i) {
|
||||
L[i] = urandom32();
|
||||
}
|
||||
randombytes((unsigned char *) L, sizeof L);
|
||||
crypto_decode_pxint32(L, (unsigned char *) L);
|
||||
for (i = 0; i < p; ++i) {
|
||||
out[i] = (small) ((((L[i] & 0x3fffffff) * 3) >> 30) - 1);
|
||||
}
|
||||
|
@ -6,7 +6,7 @@ length-public-key: 1322
|
||||
length-secret-key: 1999
|
||||
length-ciphertext: 1184
|
||||
length-shared-secret: 32
|
||||
nistkat-sha256: eb63dfbd70483c57c558f00db8211a723255c0c86e395ab4ce88148a623b2d27
|
||||
nistkat-sha256: 8e58185a923122f15522eba1626f7f01f5bd5aa4503c1245df88f0e31a22d967
|
||||
principal-submitters:
|
||||
- Daniel J. Bernstein
|
||||
- Chitchanok Chuengsatiansup
|
||||
|
@ -73,25 +73,12 @@ static void Hash(unsigned char *out, const unsigned char *in, int inlen) {
|
||||
|
||||
/* ----- higher-level randomness */
|
||||
|
||||
static uint32 urandom32(void) {
|
||||
unsigned char c[4];
|
||||
uint32 out[4];
|
||||
|
||||
randombytes(c, 4);
|
||||
out[0] = (uint32)c[0];
|
||||
out[1] = ((uint32)c[1]) << 8;
|
||||
out[2] = ((uint32)c[2]) << 16;
|
||||
out[3] = ((uint32)c[3]) << 24;
|
||||
return out[0] + out[1] + out[2] + out[3];
|
||||
}
|
||||
|
||||
static void Short_random(small *out) {
|
||||
uint32 L[ppadsort];
|
||||
int i;
|
||||
|
||||
for (i = 0; i < ppadsort; ++i) {
|
||||
L[i] = urandom32();
|
||||
}
|
||||
randombytes((unsigned char *) L, 4 * p);
|
||||
crypto_decode_pxint32(L, (unsigned char *) L);
|
||||
for (i = 0; i < w; ++i) {
|
||||
L[i] = L[i] & (uint32) - 2;
|
||||
}
|
||||
@ -111,9 +98,8 @@ static void Small_random(small *out) {
|
||||
uint32 L[p];
|
||||
int i;
|
||||
|
||||
for (i = 0; i < p; ++i) {
|
||||
L[i] = urandom32();
|
||||
}
|
||||
randombytes((unsigned char *) L, sizeof L);
|
||||
crypto_decode_pxint32(L, (unsigned char *) L);
|
||||
for (i = 0; i < p; ++i) {
|
||||
out[i] = (small) ((((L[i] & 0x3fffffff) * 3) >> 30) - 1);
|
||||
}
|
||||
|
@ -73,25 +73,12 @@ static void Hash(unsigned char *out, const unsigned char *in, int inlen) {
|
||||
|
||||
/* ----- higher-level randomness */
|
||||
|
||||
static uint32 urandom32(void) {
|
||||
unsigned char c[4];
|
||||
uint32 out[4];
|
||||
|
||||
randombytes(c, 4);
|
||||
out[0] = (uint32)c[0];
|
||||
out[1] = ((uint32)c[1]) << 8;
|
||||
out[2] = ((uint32)c[2]) << 16;
|
||||
out[3] = ((uint32)c[3]) << 24;
|
||||
return out[0] + out[1] + out[2] + out[3];
|
||||
}
|
||||
|
||||
static void Short_random(small *out) {
|
||||
uint32 L[ppadsort];
|
||||
int i;
|
||||
|
||||
for (i = 0; i < ppadsort; ++i) {
|
||||
L[i] = urandom32();
|
||||
}
|
||||
randombytes((unsigned char *) L, 4 * p);
|
||||
crypto_decode_pxint32(L, (unsigned char *) L);
|
||||
for (i = 0; i < w; ++i) {
|
||||
L[i] = L[i] & (uint32) - 2;
|
||||
}
|
||||
@ -111,9 +98,8 @@ static void Small_random(small *out) {
|
||||
uint32 L[p];
|
||||
int i;
|
||||
|
||||
for (i = 0; i < p; ++i) {
|
||||
L[i] = urandom32();
|
||||
}
|
||||
randombytes((unsigned char *) L, sizeof L);
|
||||
crypto_decode_pxint32(L, (unsigned char *) L);
|
||||
for (i = 0; i < p; ++i) {
|
||||
out[i] = (small) ((((L[i] & 0x3fffffff) * 3) >> 30) - 1);
|
||||
}
|
||||
|
Laddar…
Referens i nytt ärende
Block a user