uint8_t api for encode/decode in optimized rmrs
This commit is contained in:
parent
26e0aea3e2
commit
d1a4fa5e68
@ -116,7 +116,7 @@ void PQCLEAN_HQC192_AVX2_vect_set_random(AES_XOF_struct *ctx, uint64_t *v) {
|
|||||||
|
|
||||||
seedexpander(ctx, rand_bytes, VEC_N_SIZE_BYTES);
|
seedexpander(ctx, rand_bytes, VEC_N_SIZE_BYTES);
|
||||||
|
|
||||||
memcpy(v, rand_bytes, VEC_N_SIZE_BYTES);
|
PQCLEAN_HQC192_AVX2_load8_arr(v, VEC_N_SIZE_64, rand_bytes, VEC_N_SIZE_BYTES);
|
||||||
v[VEC_N_SIZE_64 - 1] &= RED_MASK;
|
v[VEC_N_SIZE_64 - 1] &= RED_MASK;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -133,7 +133,7 @@ void PQCLEAN_HQC192_AVX2_vect_set_random_from_randombytes(uint64_t *v) {
|
|||||||
uint8_t rand_bytes [VEC_K_SIZE_BYTES] = {0};
|
uint8_t rand_bytes [VEC_K_SIZE_BYTES] = {0};
|
||||||
|
|
||||||
randombytes(rand_bytes, VEC_K_SIZE_BYTES);
|
randombytes(rand_bytes, VEC_K_SIZE_BYTES);
|
||||||
memcpy(v, rand_bytes, VEC_K_SIZE_BYTES);
|
PQCLEAN_HQC192_AVX2_load8_arr(v, VEC_K_SIZE_64, rand_bytes, VEC_K_SIZE_BYTES);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -116,7 +116,7 @@ void PQCLEAN_HQC256_AVX2_vect_set_random(AES_XOF_struct *ctx, uint64_t *v) {
|
|||||||
|
|
||||||
seedexpander(ctx, rand_bytes, VEC_N_SIZE_BYTES);
|
seedexpander(ctx, rand_bytes, VEC_N_SIZE_BYTES);
|
||||||
|
|
||||||
memcpy(v, rand_bytes, VEC_N_SIZE_BYTES);
|
PQCLEAN_HQC256_AVX2_load8_arr(v, VEC_N_SIZE_64, rand_bytes, VEC_N_SIZE_BYTES);
|
||||||
v[VEC_N_SIZE_64 - 1] &= RED_MASK;
|
v[VEC_N_SIZE_64 - 1] &= RED_MASK;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -133,7 +133,7 @@ void PQCLEAN_HQC256_AVX2_vect_set_random_from_randombytes(uint64_t *v) {
|
|||||||
uint8_t rand_bytes [VEC_K_SIZE_BYTES] = {0};
|
uint8_t rand_bytes [VEC_K_SIZE_BYTES] = {0};
|
||||||
|
|
||||||
randombytes(rand_bytes, VEC_K_SIZE_BYTES);
|
randombytes(rand_bytes, VEC_K_SIZE_BYTES);
|
||||||
memcpy(v, rand_bytes, VEC_K_SIZE_BYTES);
|
PQCLEAN_HQC256_AVX2_load8_arr(v, VEC_K_SIZE_64, rand_bytes, VEC_K_SIZE_BYTES);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -21,8 +21,8 @@
|
|||||||
* @param[out] em Pointer to an array that is the tensor code word
|
* @param[out] em Pointer to an array that is the tensor code word
|
||||||
* @param[in] m Pointer to an array that is the message
|
* @param[in] m Pointer to an array that is the message
|
||||||
*/
|
*/
|
||||||
void PQCLEAN_HQCRMRS128_AVX2_code_encode(uint64_t *em, const uint64_t *m) {
|
void PQCLEAN_HQCRMRS128_AVX2_code_encode(uint8_t *em, const uint8_t *m) {
|
||||||
uint64_t tmp[VEC_N1_SIZE_64] = {0};
|
uint8_t tmp[8 * VEC_N1_SIZE_64] = {0};
|
||||||
|
|
||||||
PQCLEAN_HQCRMRS128_AVX2_reed_solomon_encode(tmp, m);
|
PQCLEAN_HQCRMRS128_AVX2_reed_solomon_encode(tmp, m);
|
||||||
PQCLEAN_HQCRMRS128_AVX2_reed_muller_encode(em, tmp);
|
PQCLEAN_HQCRMRS128_AVX2_reed_muller_encode(em, tmp);
|
||||||
@ -37,8 +37,8 @@ void PQCLEAN_HQCRMRS128_AVX2_code_encode(uint64_t *em, const uint64_t *m) {
|
|||||||
* @param[out] m Pointer to an array that is the message
|
* @param[out] m Pointer to an array that is the message
|
||||||
* @param[in] em Pointer to an array that is the code word
|
* @param[in] em Pointer to an array that is the code word
|
||||||
*/
|
*/
|
||||||
void PQCLEAN_HQCRMRS128_AVX2_code_decode(uint64_t *m, const uint64_t *em) {
|
void PQCLEAN_HQCRMRS128_AVX2_code_decode(uint8_t *m, const uint8_t *em) {
|
||||||
uint64_t tmp[VEC_N1_SIZE_64] = {0};
|
uint8_t tmp[8 * VEC_N1_SIZE_64] = {0};
|
||||||
|
|
||||||
PQCLEAN_HQCRMRS128_AVX2_reed_muller_decode(tmp, em);
|
PQCLEAN_HQCRMRS128_AVX2_reed_muller_decode(tmp, em);
|
||||||
PQCLEAN_HQCRMRS128_AVX2_reed_solomon_decode(m, tmp);
|
PQCLEAN_HQCRMRS128_AVX2_reed_solomon_decode(m, tmp);
|
||||||
|
@ -12,9 +12,9 @@
|
|||||||
#include <stddef.h>
|
#include <stddef.h>
|
||||||
#include <stdint.h>
|
#include <stdint.h>
|
||||||
|
|
||||||
void PQCLEAN_HQCRMRS128_AVX2_code_encode(uint64_t *em, const uint64_t *message);
|
void PQCLEAN_HQCRMRS128_AVX2_code_encode(uint8_t *em, const uint8_t *message);
|
||||||
|
|
||||||
void PQCLEAN_HQCRMRS128_AVX2_code_decode(uint64_t *m, const uint64_t *em);
|
void PQCLEAN_HQCRMRS128_AVX2_code_decode(uint8_t *m, const uint8_t *em);
|
||||||
|
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
@ -70,7 +70,7 @@ void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_keygen(unsigned char *pk, unsigned char *sk
|
|||||||
* @param[in] theta Seed used to derive randomness required for encryption
|
* @param[in] theta Seed used to derive randomness required for encryption
|
||||||
* @param[in] pk String containing the public key
|
* @param[in] pk String containing the public key
|
||||||
*/
|
*/
|
||||||
void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint64_t *m, unsigned char *theta, const unsigned char *pk) {
|
void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint8_t *m, unsigned char *theta, const unsigned char *pk) {
|
||||||
AES_XOF_struct seedexpander;
|
AES_XOF_struct seedexpander;
|
||||||
uint64_t h[VEC_N_256_SIZE_64] = {0};
|
uint64_t h[VEC_N_256_SIZE_64] = {0};
|
||||||
uint64_t s[VEC_N_256_SIZE_64] = {0};
|
uint64_t s[VEC_N_256_SIZE_64] = {0};
|
||||||
@ -96,7 +96,8 @@ void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint64_t
|
|||||||
PQCLEAN_HQCRMRS128_AVX2_vect_add(u, r1, u, VEC_N_256_SIZE_64);
|
PQCLEAN_HQCRMRS128_AVX2_vect_add(u, r1, u, VEC_N_256_SIZE_64);
|
||||||
|
|
||||||
// Compute v = m.G by encoding the message
|
// Compute v = m.G by encoding the message
|
||||||
PQCLEAN_HQCRMRS128_AVX2_code_encode(v, m);
|
PQCLEAN_HQCRMRS128_AVX2_code_encode((uint8_t *)v, m);
|
||||||
|
PQCLEAN_HQCRMRS128_AVX2_load8_arr(v, VEC_N1N2_256_SIZE_64, (uint8_t *)v, VEC_N1N2_SIZE_BYTES);
|
||||||
PQCLEAN_HQCRMRS128_AVX2_vect_resize(tmp1, PARAM_N, v, PARAM_N1N2);
|
PQCLEAN_HQCRMRS128_AVX2_vect_resize(tmp1, PARAM_N, v, PARAM_N1N2);
|
||||||
|
|
||||||
// Compute v = m.G + s.r2 + e
|
// Compute v = m.G + s.r2 + e
|
||||||
@ -117,15 +118,14 @@ void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint64_t
|
|||||||
* @param[in] v Vector v (second part of the ciphertext)
|
* @param[in] v Vector v (second part of the ciphertext)
|
||||||
* @param[in] sk String containing the secret key
|
* @param[in] sk String containing the secret key
|
||||||
*/
|
*/
|
||||||
void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_decrypt(uint64_t *m, const uint64_t *u, const uint64_t *v, const unsigned char *sk) {
|
void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_decrypt(uint8_t *m, const uint64_t *u, const uint64_t *v, const unsigned char *sk) {
|
||||||
uint64_t x[VEC_N_256_SIZE_64] = {0};
|
|
||||||
uint64_t y[VEC_N_256_SIZE_64] = {0};
|
|
||||||
uint8_t pk[PUBLIC_KEY_BYTES] = {0};
|
uint8_t pk[PUBLIC_KEY_BYTES] = {0};
|
||||||
uint64_t tmp1[VEC_N_256_SIZE_64] = {0};
|
uint64_t tmp1[VEC_N_256_SIZE_64] = {0};
|
||||||
uint64_t tmp2[VEC_N_256_SIZE_64] = {0};
|
uint64_t tmp2[VEC_N_256_SIZE_64] = {0};
|
||||||
|
uint64_t y[VEC_N_256_SIZE_64] = {0};
|
||||||
|
|
||||||
// Retrieve x, y, pk from secret key
|
// Retrieve x, y, pk from secret key
|
||||||
PQCLEAN_HQCRMRS128_AVX2_hqc_secret_key_from_string(x, y, pk, sk);
|
PQCLEAN_HQCRMRS128_AVX2_hqc_secret_key_from_string(tmp1, y, pk, sk);
|
||||||
|
|
||||||
// Compute v - u.y
|
// Compute v - u.y
|
||||||
PQCLEAN_HQCRMRS128_AVX2_vect_resize(tmp1, PARAM_N, v, PARAM_N1N2);
|
PQCLEAN_HQCRMRS128_AVX2_vect_resize(tmp1, PARAM_N, v, PARAM_N1N2);
|
||||||
@ -134,5 +134,6 @@ void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_decrypt(uint64_t *m, const uint64_t *u, con
|
|||||||
|
|
||||||
|
|
||||||
// Compute m by decoding v - u.y
|
// Compute m by decoding v - u.y
|
||||||
PQCLEAN_HQCRMRS128_AVX2_code_decode(m, tmp2);
|
PQCLEAN_HQCRMRS128_AVX2_store8_arr((uint8_t *)tmp1, VEC_N_SIZE_BYTES, tmp2, VEC_N_256_SIZE_64);
|
||||||
|
PQCLEAN_HQCRMRS128_AVX2_code_decode(m, (uint8_t *)tmp1);
|
||||||
}
|
}
|
||||||
|
@ -13,9 +13,9 @@
|
|||||||
|
|
||||||
void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_keygen(unsigned char *pk, unsigned char *sk);
|
void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_keygen(unsigned char *pk, unsigned char *sk);
|
||||||
|
|
||||||
void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint64_t *m, unsigned char *theta, const unsigned char *pk);
|
void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint8_t *m, unsigned char *theta, const unsigned char *pk);
|
||||||
|
|
||||||
void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_decrypt(uint64_t *m, const uint64_t *u, const uint64_t *v, const unsigned char *sk);
|
void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_decrypt(uint8_t *m, const uint64_t *u, const uint64_t *v, const unsigned char *sk);
|
||||||
|
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
@ -47,26 +47,26 @@ int PQCLEAN_HQCRMRS128_AVX2_crypto_kem_keypair(unsigned char *pk, unsigned char
|
|||||||
int PQCLEAN_HQCRMRS128_AVX2_crypto_kem_enc(unsigned char *ct, unsigned char *ss, const unsigned char *pk) {
|
int PQCLEAN_HQCRMRS128_AVX2_crypto_kem_enc(unsigned char *ct, unsigned char *ss, const unsigned char *pk) {
|
||||||
|
|
||||||
uint8_t theta[SHA512_BYTES] = {0};
|
uint8_t theta[SHA512_BYTES] = {0};
|
||||||
uint64_t m[VEC_K_SIZE_64] = {0};
|
uint8_t m[VEC_K_SIZE_BYTES] = {0};
|
||||||
uint64_t u[VEC_N_256_SIZE_64] = {0};
|
uint64_t u[VEC_N_256_SIZE_64] = {0};
|
||||||
uint64_t v[VEC_N1N2_256_SIZE_64] = {0};
|
uint64_t v[VEC_N1N2_256_SIZE_64] = {0};
|
||||||
unsigned char d[SHA512_BYTES] = {0};
|
unsigned char d[SHA512_BYTES] = {0};
|
||||||
unsigned char mc[VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES] = {0};
|
unsigned char mc[VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES] = {0};
|
||||||
|
|
||||||
// Computing m
|
// Computing m
|
||||||
PQCLEAN_HQCRMRS128_AVX2_vect_set_random_from_randombytes(m);
|
randombytes(m, VEC_K_SIZE_BYTES);
|
||||||
|
|
||||||
// Computing theta
|
// Computing theta
|
||||||
sha3_512(theta, (uint8_t *) m, VEC_K_SIZE_BYTES);
|
sha3_512(theta, m, VEC_K_SIZE_BYTES);
|
||||||
|
|
||||||
// Encrypting m
|
// Encrypting m
|
||||||
PQCLEAN_HQCRMRS128_AVX2_hqc_pke_encrypt(u, v, m, theta, pk);
|
PQCLEAN_HQCRMRS128_AVX2_hqc_pke_encrypt(u, v, m, theta, pk);
|
||||||
|
|
||||||
// Computing d
|
// Computing d
|
||||||
sha512(d, (unsigned char *) m, VEC_K_SIZE_BYTES);
|
sha512(d, m, VEC_K_SIZE_BYTES);
|
||||||
|
|
||||||
// Computing shared secret
|
// Computing shared secret
|
||||||
PQCLEAN_HQCRMRS128_AVX2_store8_arr(mc, VEC_K_SIZE_BYTES, m, VEC_K_SIZE_64);
|
memcpy(mc, m, VEC_K_SIZE_BYTES);
|
||||||
PQCLEAN_HQCRMRS128_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
|
PQCLEAN_HQCRMRS128_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
|
||||||
PQCLEAN_HQCRMRS128_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
|
PQCLEAN_HQCRMRS128_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
|
||||||
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
|
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
|
||||||
@ -95,7 +95,7 @@ int PQCLEAN_HQCRMRS128_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned cha
|
|||||||
uint64_t v[VEC_N1N2_256_SIZE_64] = {0};
|
uint64_t v[VEC_N1N2_256_SIZE_64] = {0};
|
||||||
unsigned char d[SHA512_BYTES] = {0};
|
unsigned char d[SHA512_BYTES] = {0};
|
||||||
unsigned char pk[PUBLIC_KEY_BYTES] = {0};
|
unsigned char pk[PUBLIC_KEY_BYTES] = {0};
|
||||||
uint64_t m[VEC_K_SIZE_64] = {0};
|
uint8_t m[VEC_K_SIZE_BYTES] = {0};
|
||||||
uint8_t theta[SHA512_BYTES] = {0};
|
uint8_t theta[SHA512_BYTES] = {0};
|
||||||
uint64_t u2[VEC_N_256_SIZE_64] = {0};
|
uint64_t u2[VEC_N_256_SIZE_64] = {0};
|
||||||
uint64_t v2[VEC_N1N2_256_SIZE_64] = {0};
|
uint64_t v2[VEC_N1N2_256_SIZE_64] = {0};
|
||||||
@ -112,17 +112,17 @@ int PQCLEAN_HQCRMRS128_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned cha
|
|||||||
PQCLEAN_HQCRMRS128_AVX2_hqc_pke_decrypt(m, u, v, sk);
|
PQCLEAN_HQCRMRS128_AVX2_hqc_pke_decrypt(m, u, v, sk);
|
||||||
|
|
||||||
// Computing theta
|
// Computing theta
|
||||||
sha3_512(theta, (uint8_t *) m, VEC_K_SIZE_BYTES);
|
sha3_512(theta, m, VEC_K_SIZE_BYTES);
|
||||||
|
|
||||||
// Encrypting m'
|
// Encrypting m'
|
||||||
PQCLEAN_HQCRMRS128_AVX2_hqc_pke_encrypt(u2, v2, m, theta, pk);
|
PQCLEAN_HQCRMRS128_AVX2_hqc_pke_encrypt(u2, v2, m, theta, pk);
|
||||||
|
|
||||||
// Computing d'
|
// Computing d'
|
||||||
sha512(d2, (unsigned char *) m, VEC_K_SIZE_BYTES);
|
sha512(d2, m, VEC_K_SIZE_BYTES);
|
||||||
|
|
||||||
// Computing shared secret
|
// Computing shared secret
|
||||||
PQCLEAN_HQCRMRS128_AVX2_store8_arr(mc, VEC_K_SIZE_BYTES, m, VEC_K_SIZE_64);
|
memcpy(mc, m, VEC_K_SIZE_BYTES);
|
||||||
PQCLEAN_HQCRMRS128_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
|
PQCLEAN_HQCRMRS128_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_256_SIZE_64);
|
||||||
PQCLEAN_HQCRMRS128_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
|
PQCLEAN_HQCRMRS128_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
|
||||||
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
|
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
|
||||||
|
|
||||||
|
@ -15,10 +15,10 @@
|
|||||||
// copy bit 0 into all bits of a 64 bit value
|
// copy bit 0 into all bits of a 64 bit value
|
||||||
#define BIT0MASK(x) (int64_t)(-((x) & 1))
|
#define BIT0MASK(x) (int64_t)(-((x) & 1))
|
||||||
|
|
||||||
static void encode(uint64_t *word, uint32_t message);
|
static void encode(uint8_t *word, uint8_t message);
|
||||||
static void expand_and_sum(__m256i *dst, const uint64_t *src);
|
static void expand_and_sum(__m256i *dst, const uint64_t *src);
|
||||||
static void hadamard(__m256i *src, __m256i *dst);
|
static void hadamard(__m256i *src, __m256i *dst);
|
||||||
static int32_t find_peaks(__m256i *transform);
|
static uint32_t find_peaks(__m256i *transform);
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -39,28 +39,38 @@ static int32_t find_peaks(__m256i *transform);
|
|||||||
* @param[out] word An RM(1,7) codeword
|
* @param[out] word An RM(1,7) codeword
|
||||||
* @param[in] message A message to encode
|
* @param[in] message A message to encode
|
||||||
*/
|
*/
|
||||||
static void encode(uint64_t *word, uint32_t message) {
|
static void encode(uint8_t *word, uint8_t message) {
|
||||||
// the four parts of the word are identical
|
uint32_t e;
|
||||||
// except for encoding bits 5 and 6
|
|
||||||
uint32_t first_word;
|
|
||||||
// bit 7 flips all the bits, do that first to save work
|
// bit 7 flips all the bits, do that first to save work
|
||||||
first_word = BIT0MASK(message >> 7);
|
e = BIT0MASK(message >> 7);
|
||||||
// bits 0, 1, 2, 3, 4 are the same for all four longs
|
// bits 0, 1, 2, 3, 4 are the same for all four longs
|
||||||
// (Warning: in the bit matrix above, low bits are at the left!)
|
// (Warning: in the bit matrix above, low bits are at the left!)
|
||||||
first_word ^= BIT0MASK(message >> 0) & 0xaaaaaaaa;
|
e ^= BIT0MASK(message >> 0) & 0xaaaaaaaa;
|
||||||
first_word ^= BIT0MASK(message >> 1) & 0xcccccccc;
|
e ^= BIT0MASK(message >> 1) & 0xcccccccc;
|
||||||
first_word ^= BIT0MASK(message >> 2) & 0xf0f0f0f0;
|
e ^= BIT0MASK(message >> 2) & 0xf0f0f0f0;
|
||||||
first_word ^= BIT0MASK(message >> 3) & 0xff00ff00;
|
e ^= BIT0MASK(message >> 3) & 0xff00ff00;
|
||||||
first_word ^= BIT0MASK(message >> 4) & 0xffff0000;
|
e ^= BIT0MASK(message >> 4) & 0xffff0000;
|
||||||
// we can store this in the first quarter
|
// we can store this in the first quarter
|
||||||
((uint32_t *) word)[0] = first_word;
|
word[0 + 0] = (e >> 0x00) & 0xff;
|
||||||
|
word[0 + 1] = (e >> 0x08) & 0xff;
|
||||||
|
word[0 + 2] = (e >> 0x10) & 0xff;
|
||||||
|
word[0 + 3] = (e >> 0x18) & 0xff;
|
||||||
// bit 5 flips entries 1 and 3; bit 6 flips 2 and 3
|
// bit 5 flips entries 1 and 3; bit 6 flips 2 and 3
|
||||||
first_word ^= BIT0MASK(message >> 5);
|
e ^= BIT0MASK(message >> 5);
|
||||||
((uint32_t *) word)[1] = first_word;
|
word[4 + 0] = (e >> 0x00) & 0xff;
|
||||||
first_word ^= BIT0MASK(message >> 6);
|
word[4 + 1] = (e >> 0x08) & 0xff;
|
||||||
((uint32_t *) word)[3] = first_word;
|
word[4 + 2] = (e >> 0x10) & 0xff;
|
||||||
first_word ^= BIT0MASK(message >> 5);
|
word[4 + 3] = (e >> 0x18) & 0xff;
|
||||||
((uint32_t *) word)[2] = first_word;
|
e ^= BIT0MASK(message >> 6);
|
||||||
|
word[12 + 0] = (e >> 0x00) & 0xff;
|
||||||
|
word[12 + 1] = (e >> 0x08) & 0xff;
|
||||||
|
word[12 + 2] = (e >> 0x10) & 0xff;
|
||||||
|
word[12 + 3] = (e >> 0x18) & 0xff;
|
||||||
|
e ^= BIT0MASK(message >> 5);
|
||||||
|
word[8 + 0] = (e >> 0x00) & 0xff;
|
||||||
|
word[8 + 1] = (e >> 0x08) & 0xff;
|
||||||
|
word[8 + 2] = (e >> 0x10) & 0xff;
|
||||||
|
word[8 + 3] = (e >> 0x18) & 0xff;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -218,7 +228,7 @@ inline void hadamard(__m256i *src, __m256i *dst) {
|
|||||||
*
|
*
|
||||||
* @param[in] transform Structure that contain the expanded codeword
|
* @param[in] transform Structure that contain the expanded codeword
|
||||||
*/
|
*/
|
||||||
inline int32_t find_peaks(__m256i *transform) {
|
inline uint32_t find_peaks(__m256i *transform) {
|
||||||
// a whole lot of vector variables
|
// a whole lot of vector variables
|
||||||
__m256i bitmap, abs_rows[8], bound, active_row, max_abs_rows;
|
__m256i bitmap, abs_rows[8], bound, active_row, max_abs_rows;
|
||||||
__m256i peak_mask;
|
__m256i peak_mask;
|
||||||
@ -322,7 +332,7 @@ inline int32_t find_peaks(__m256i *transform) {
|
|||||||
result |= message_mask & ptr[i];
|
result |= message_mask & ptr[i];
|
||||||
}
|
}
|
||||||
message |= (0x8000 & ~result) >> 8;
|
message |= (0x8000 & ~result) >> 8;
|
||||||
return message;
|
return (uint32_t) message;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -336,14 +346,13 @@ inline int32_t find_peaks(__m256i *transform) {
|
|||||||
* @param[out] cdw Array of size VEC_N1N2_SIZE_64 receiving the encoded message
|
* @param[out] cdw Array of size VEC_N1N2_SIZE_64 receiving the encoded message
|
||||||
* @param[in] msg Array of size VEC_N1_SIZE_64 storing the message
|
* @param[in] msg Array of size VEC_N1_SIZE_64 storing the message
|
||||||
*/
|
*/
|
||||||
void PQCLEAN_HQCRMRS128_AVX2_reed_muller_encode(uint64_t *cdw, const uint64_t *msg) {
|
void PQCLEAN_HQCRMRS128_AVX2_reed_muller_encode(uint8_t *cdw, const uint8_t *msg) {
|
||||||
for (size_t i = 0; i < VEC_N1_SIZE_BYTES; i++) {
|
for (size_t i = 0; i < VEC_N1_SIZE_BYTES; i++) {
|
||||||
// fill entries i * MULTIPLICITY to (i+1) * MULTIPLICITY
|
|
||||||
// encode first word
|
// encode first word
|
||||||
encode(&cdw[2 * i * MULTIPLICITY], ((uint8_t *)msg)[i]);
|
encode(&cdw[16 * i * MULTIPLICITY], msg[i]);
|
||||||
// copy to other identical codewords
|
// copy to other identical codewords
|
||||||
for (size_t copy = 1; copy < MULTIPLICITY; copy++) {
|
for (size_t copy = 1; copy < MULTIPLICITY; copy++) {
|
||||||
memcpy(&cdw[2 * (i * MULTIPLICITY + copy)], &cdw[2 * i * MULTIPLICITY], 2 * sizeof(uint64_t));
|
memcpy(&cdw[16 * i * MULTIPLICITY + 16 * copy], &cdw[16 * i * MULTIPLICITY], 16);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -359,18 +368,18 @@ void PQCLEAN_HQCRMRS128_AVX2_reed_muller_encode(uint64_t *cdw, const uint64_t *m
|
|||||||
* @param[out] msg Array of size VEC_N1_SIZE_64 receiving the decoded message
|
* @param[out] msg Array of size VEC_N1_SIZE_64 receiving the decoded message
|
||||||
* @param[in] cdw Array of size VEC_N1N2_SIZE_64 storing the received word
|
* @param[in] cdw Array of size VEC_N1N2_SIZE_64 storing the received word
|
||||||
*/
|
*/
|
||||||
void PQCLEAN_HQCRMRS128_AVX2_reed_muller_decode(uint64_t *msg, const uint64_t *cdw) {
|
void PQCLEAN_HQCRMRS128_AVX2_reed_muller_decode(uint8_t *msg, const uint8_t *cdw) {
|
||||||
__m256i expanded[8];
|
__m256i expanded[8];
|
||||||
__m256i transform[8];
|
__m256i transform[8];
|
||||||
for (size_t i = 0; i < VEC_N1_SIZE_BYTES; i++) {
|
for (size_t i = 0; i < VEC_N1_SIZE_BYTES; i++) {
|
||||||
// collect the codewords
|
// collect the codewords
|
||||||
expand_and_sum(expanded, &cdw[2 * i * MULTIPLICITY]);
|
expand_and_sum(expanded, (uint64_t *)&cdw[16 * i * MULTIPLICITY]);
|
||||||
// apply hadamard transform
|
// apply hadamard transform
|
||||||
hadamard(expanded, transform);
|
hadamard(expanded, transform);
|
||||||
// fix the first entry to get the half Hadamard transform
|
// fix the first entry to get the half Hadamard transform
|
||||||
transform[0] -= _mm256_set_epi16(0, 0, 0, 0, 0, 0, 0, 0,
|
transform[0] -= _mm256_set_epi16(0, 0, 0, 0, 0, 0, 0, 0,
|
||||||
0, 0, 0, 0, 0, 0, 0, 64 * MULTIPLICITY);
|
0, 0, 0, 0, 0, 0, 0, 64 * MULTIPLICITY);
|
||||||
// finish the decoding
|
// finish the decoding
|
||||||
((uint8_t *)msg)[i] = find_peaks(transform);
|
msg[i] = find_peaks(transform);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -12,9 +12,9 @@
|
|||||||
#include <stddef.h>
|
#include <stddef.h>
|
||||||
#include <stdint.h>
|
#include <stdint.h>
|
||||||
|
|
||||||
void PQCLEAN_HQCRMRS128_AVX2_reed_muller_encode(uint64_t *cdw, const uint64_t *msg);
|
void PQCLEAN_HQCRMRS128_AVX2_reed_muller_encode(uint8_t *cdw, const uint8_t *msg);
|
||||||
|
|
||||||
void PQCLEAN_HQCRMRS128_AVX2_reed_muller_decode(uint64_t *msg, const uint64_t *cdw);
|
void PQCLEAN_HQCRMRS128_AVX2_reed_muller_decode(uint8_t *msg, const uint8_t *cdw);
|
||||||
|
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
#include "fft.h"
|
#include "fft.h"
|
||||||
#include "gf.h"
|
#include "gf.h"
|
||||||
#include "parameters.h"
|
#include "parameters.h"
|
||||||
|
#include "parsing.h"
|
||||||
#include "reed_solomon.h"
|
#include "reed_solomon.h"
|
||||||
#include <stdint.h>
|
#include <stdint.h>
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
@ -30,37 +31,31 @@ static void correct_errors(uint8_t *cdw, const uint16_t *error_values);
|
|||||||
* @param[out] cdw Array of size VEC_N1_SIZE_64 receiving the encoded message
|
* @param[out] cdw Array of size VEC_N1_SIZE_64 receiving the encoded message
|
||||||
* @param[in] msg Array of size VEC_K_SIZE_64 storing the message
|
* @param[in] msg Array of size VEC_K_SIZE_64 storing the message
|
||||||
*/
|
*/
|
||||||
void PQCLEAN_HQCRMRS128_AVX2_reed_solomon_encode(uint64_t *cdw, const uint64_t *msg) {
|
void PQCLEAN_HQCRMRS128_AVX2_reed_solomon_encode(uint8_t *cdw, const uint8_t *msg) {
|
||||||
uint8_t gate_value = 0;
|
uint8_t gate_value = 0;
|
||||||
|
|
||||||
uint16_t tmp[PARAM_G] = {0};
|
uint16_t tmp[PARAM_G] = {0};
|
||||||
uint16_t PARAM_RS_POLY [] = {RS_POLY_COEFS};
|
uint16_t PARAM_RS_POLY [] = {RS_POLY_COEFS};
|
||||||
|
|
||||||
uint8_t msg_bytes[PARAM_K] = {0};
|
for (size_t i = 0; i < PARAM_N1; i++) {
|
||||||
uint8_t cdw_bytes[PARAM_N1] = {0};
|
cdw[i] = 0;
|
||||||
|
|
||||||
for (size_t i = 0; i < VEC_K_SIZE_64; ++i) {
|
|
||||||
for (size_t j = 0; j < 8; ++j) {
|
|
||||||
msg_bytes[i * 8 + j] = (uint8_t) (msg[i] >> (j * 8));
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
for (int i = PARAM_K - 1; i >= 0; --i) {
|
for (int i = PARAM_K - 1; i >= 0; --i) {
|
||||||
gate_value = msg_bytes[i] ^ cdw_bytes[PARAM_N1 - PARAM_K - 1];
|
gate_value = msg[i] ^ cdw[PARAM_N1 - PARAM_K - 1];
|
||||||
|
|
||||||
for (size_t j = 0; j < PARAM_G; ++j) {
|
for (size_t j = 0; j < PARAM_G; ++j) {
|
||||||
tmp[j] = PQCLEAN_HQCRMRS128_AVX2_gf_mul(gate_value, PARAM_RS_POLY[j]);
|
tmp[j] = PQCLEAN_HQCRMRS128_AVX2_gf_mul(gate_value, PARAM_RS_POLY[j]);
|
||||||
}
|
}
|
||||||
|
|
||||||
for (size_t k = PARAM_N1 - PARAM_K - 1; k; --k) {
|
for (size_t k = PARAM_N1 - PARAM_K - 1; k; --k) {
|
||||||
cdw_bytes[k] = cdw_bytes[k - 1] ^ tmp[k];
|
cdw[k] = cdw[k - 1] ^ tmp[k];
|
||||||
}
|
}
|
||||||
|
|
||||||
cdw_bytes[0] = tmp[0];
|
cdw[0] = tmp[0];
|
||||||
}
|
}
|
||||||
|
|
||||||
memcpy(cdw_bytes + PARAM_N1 - PARAM_K, msg_bytes, PARAM_K);
|
memcpy(cdw + PARAM_N1 - PARAM_K, msg, PARAM_K);
|
||||||
memcpy(cdw, cdw_bytes, PARAM_N1);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -312,8 +307,7 @@ static void correct_errors(uint8_t *cdw, const uint16_t *error_values) {
|
|||||||
* @param[out] msg Array of size VEC_K_SIZE_64 receiving the decoded message
|
* @param[out] msg Array of size VEC_K_SIZE_64 receiving the decoded message
|
||||||
* @param[in] cdw Array of size VEC_N1_SIZE_64 storing the received word
|
* @param[in] cdw Array of size VEC_N1_SIZE_64 storing the received word
|
||||||
*/
|
*/
|
||||||
void PQCLEAN_HQCRMRS128_AVX2_reed_solomon_decode(uint64_t *msg, uint64_t *cdw) {
|
void PQCLEAN_HQCRMRS128_AVX2_reed_solomon_decode(uint8_t *msg, uint8_t *cdw) {
|
||||||
uint8_t cdw_bytes[PARAM_N1] = {0};
|
|
||||||
uint16_t syndromes[2 * PARAM_DELTA] = {0};
|
uint16_t syndromes[2 * PARAM_DELTA] = {0};
|
||||||
uint16_t sigma[1 << PARAM_FFT] = {0};
|
uint16_t sigma[1 << PARAM_FFT] = {0};
|
||||||
uint8_t error[1 << PARAM_M] = {0};
|
uint8_t error[1 << PARAM_M] = {0};
|
||||||
@ -321,11 +315,8 @@ void PQCLEAN_HQCRMRS128_AVX2_reed_solomon_decode(uint64_t *msg, uint64_t *cdw) {
|
|||||||
uint16_t error_values[PARAM_N1] = {0};
|
uint16_t error_values[PARAM_N1] = {0};
|
||||||
uint16_t deg;
|
uint16_t deg;
|
||||||
|
|
||||||
// Copy the vector in an array of bytes
|
|
||||||
memcpy(cdw_bytes, cdw, PARAM_N1);
|
|
||||||
|
|
||||||
// Calculate the 2*PARAM_DELTA syndromes
|
// Calculate the 2*PARAM_DELTA syndromes
|
||||||
compute_syndromes(syndromes, cdw_bytes);
|
compute_syndromes(syndromes, cdw);
|
||||||
|
|
||||||
// Compute the error locator polynomial sigma
|
// Compute the error locator polynomial sigma
|
||||||
// Sigma's degree is at most PARAM_DELTA but the FFT requires the extra room
|
// Sigma's degree is at most PARAM_DELTA but the FFT requires the extra room
|
||||||
@ -341,9 +332,9 @@ void PQCLEAN_HQCRMRS128_AVX2_reed_solomon_decode(uint64_t *msg, uint64_t *cdw) {
|
|||||||
compute_error_values(error_values, z, error);
|
compute_error_values(error_values, z, error);
|
||||||
|
|
||||||
// Correct the errors
|
// Correct the errors
|
||||||
correct_errors(cdw_bytes, error_values);
|
correct_errors(cdw, error_values);
|
||||||
|
|
||||||
// Retrieve the message from the decoded codeword
|
// Retrieve the message from the decoded codeword
|
||||||
memcpy(msg, cdw_bytes + (PARAM_G - 1), PARAM_K);
|
memcpy(msg, cdw + (PARAM_G - 1), PARAM_K);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
File diff suppressed because one or more lines are too long
@ -122,22 +122,6 @@ void PQCLEAN_HQCRMRS128_AVX2_vect_set_random(AES_XOF_struct *ctx, uint64_t *v) {
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @brief Generates a random vector
|
|
||||||
*
|
|
||||||
* This function generates a random binary vector. It uses the the randombytes function.
|
|
||||||
*
|
|
||||||
* @param[in] v Pointer to an array
|
|
||||||
*/
|
|
||||||
void PQCLEAN_HQCRMRS128_AVX2_vect_set_random_from_randombytes(uint64_t *v) {
|
|
||||||
uint8_t rand_bytes [VEC_K_SIZE_BYTES] = {0};
|
|
||||||
|
|
||||||
randombytes(rand_bytes, VEC_K_SIZE_BYTES);
|
|
||||||
PQCLEAN_HQCRMRS128_AVX2_load8_arr(v, VEC_K_SIZE_64, rand_bytes, VEC_K_SIZE_BYTES);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief Adds two vectors
|
* @brief Adds two vectors
|
||||||
*
|
*
|
||||||
|
@ -21,8 +21,8 @@
|
|||||||
* @param[out] em Pointer to an array that is the tensor code word
|
* @param[out] em Pointer to an array that is the tensor code word
|
||||||
* @param[in] m Pointer to an array that is the message
|
* @param[in] m Pointer to an array that is the message
|
||||||
*/
|
*/
|
||||||
void PQCLEAN_HQCRMRS192_AVX2_code_encode(uint64_t *em, const uint64_t *m) {
|
void PQCLEAN_HQCRMRS192_AVX2_code_encode(uint8_t *em, const uint8_t *m) {
|
||||||
uint64_t tmp[VEC_N1_SIZE_64] = {0};
|
uint8_t tmp[8 * VEC_N1_SIZE_64] = {0};
|
||||||
|
|
||||||
PQCLEAN_HQCRMRS192_AVX2_reed_solomon_encode(tmp, m);
|
PQCLEAN_HQCRMRS192_AVX2_reed_solomon_encode(tmp, m);
|
||||||
PQCLEAN_HQCRMRS192_AVX2_reed_muller_encode(em, tmp);
|
PQCLEAN_HQCRMRS192_AVX2_reed_muller_encode(em, tmp);
|
||||||
@ -37,8 +37,8 @@ void PQCLEAN_HQCRMRS192_AVX2_code_encode(uint64_t *em, const uint64_t *m) {
|
|||||||
* @param[out] m Pointer to an array that is the message
|
* @param[out] m Pointer to an array that is the message
|
||||||
* @param[in] em Pointer to an array that is the code word
|
* @param[in] em Pointer to an array that is the code word
|
||||||
*/
|
*/
|
||||||
void PQCLEAN_HQCRMRS192_AVX2_code_decode(uint64_t *m, const uint64_t *em) {
|
void PQCLEAN_HQCRMRS192_AVX2_code_decode(uint8_t *m, const uint8_t *em) {
|
||||||
uint64_t tmp[VEC_N1_SIZE_64] = {0};
|
uint8_t tmp[8 * VEC_N1_SIZE_64] = {0};
|
||||||
|
|
||||||
PQCLEAN_HQCRMRS192_AVX2_reed_muller_decode(tmp, em);
|
PQCLEAN_HQCRMRS192_AVX2_reed_muller_decode(tmp, em);
|
||||||
PQCLEAN_HQCRMRS192_AVX2_reed_solomon_decode(m, tmp);
|
PQCLEAN_HQCRMRS192_AVX2_reed_solomon_decode(m, tmp);
|
||||||
|
@ -12,9 +12,9 @@
|
|||||||
#include <stddef.h>
|
#include <stddef.h>
|
||||||
#include <stdint.h>
|
#include <stdint.h>
|
||||||
|
|
||||||
void PQCLEAN_HQCRMRS192_AVX2_code_encode(uint64_t *em, const uint64_t *message);
|
void PQCLEAN_HQCRMRS192_AVX2_code_encode(uint8_t *em, const uint8_t *message);
|
||||||
|
|
||||||
void PQCLEAN_HQCRMRS192_AVX2_code_decode(uint64_t *m, const uint64_t *em);
|
void PQCLEAN_HQCRMRS192_AVX2_code_decode(uint8_t *m, const uint8_t *em);
|
||||||
|
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
@ -70,7 +70,7 @@ void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_keygen(unsigned char *pk, unsigned char *sk
|
|||||||
* @param[in] theta Seed used to derive randomness required for encryption
|
* @param[in] theta Seed used to derive randomness required for encryption
|
||||||
* @param[in] pk String containing the public key
|
* @param[in] pk String containing the public key
|
||||||
*/
|
*/
|
||||||
void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint64_t *m, unsigned char *theta, const unsigned char *pk) {
|
void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint8_t *m, unsigned char *theta, const unsigned char *pk) {
|
||||||
AES_XOF_struct seedexpander;
|
AES_XOF_struct seedexpander;
|
||||||
uint64_t h[VEC_N_256_SIZE_64] = {0};
|
uint64_t h[VEC_N_256_SIZE_64] = {0};
|
||||||
uint64_t s[VEC_N_256_SIZE_64] = {0};
|
uint64_t s[VEC_N_256_SIZE_64] = {0};
|
||||||
@ -96,7 +96,8 @@ void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint64_t
|
|||||||
PQCLEAN_HQCRMRS192_AVX2_vect_add(u, r1, u, VEC_N_256_SIZE_64);
|
PQCLEAN_HQCRMRS192_AVX2_vect_add(u, r1, u, VEC_N_256_SIZE_64);
|
||||||
|
|
||||||
// Compute v = m.G by encoding the message
|
// Compute v = m.G by encoding the message
|
||||||
PQCLEAN_HQCRMRS192_AVX2_code_encode(v, m);
|
PQCLEAN_HQCRMRS192_AVX2_code_encode((uint8_t *)v, m);
|
||||||
|
PQCLEAN_HQCRMRS192_AVX2_load8_arr(v, VEC_N1N2_256_SIZE_64, (uint8_t *)v, VEC_N1N2_SIZE_BYTES);
|
||||||
PQCLEAN_HQCRMRS192_AVX2_vect_resize(tmp1, PARAM_N, v, PARAM_N1N2);
|
PQCLEAN_HQCRMRS192_AVX2_vect_resize(tmp1, PARAM_N, v, PARAM_N1N2);
|
||||||
|
|
||||||
// Compute v = m.G + s.r2 + e
|
// Compute v = m.G + s.r2 + e
|
||||||
@ -117,15 +118,14 @@ void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint64_t
|
|||||||
* @param[in] v Vector v (second part of the ciphertext)
|
* @param[in] v Vector v (second part of the ciphertext)
|
||||||
* @param[in] sk String containing the secret key
|
* @param[in] sk String containing the secret key
|
||||||
*/
|
*/
|
||||||
void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_decrypt(uint64_t *m, const uint64_t *u, const uint64_t *v, const unsigned char *sk) {
|
void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_decrypt(uint8_t *m, const uint64_t *u, const uint64_t *v, const unsigned char *sk) {
|
||||||
uint64_t x[VEC_N_256_SIZE_64] = {0};
|
|
||||||
uint64_t y[VEC_N_256_SIZE_64] = {0};
|
|
||||||
uint8_t pk[PUBLIC_KEY_BYTES] = {0};
|
uint8_t pk[PUBLIC_KEY_BYTES] = {0};
|
||||||
uint64_t tmp1[VEC_N_256_SIZE_64] = {0};
|
uint64_t tmp1[VEC_N_256_SIZE_64] = {0};
|
||||||
uint64_t tmp2[VEC_N_256_SIZE_64] = {0};
|
uint64_t tmp2[VEC_N_256_SIZE_64] = {0};
|
||||||
|
uint64_t y[VEC_N_256_SIZE_64] = {0};
|
||||||
|
|
||||||
// Retrieve x, y, pk from secret key
|
// Retrieve x, y, pk from secret key
|
||||||
PQCLEAN_HQCRMRS192_AVX2_hqc_secret_key_from_string(x, y, pk, sk);
|
PQCLEAN_HQCRMRS192_AVX2_hqc_secret_key_from_string(tmp1, y, pk, sk);
|
||||||
|
|
||||||
// Compute v - u.y
|
// Compute v - u.y
|
||||||
PQCLEAN_HQCRMRS192_AVX2_vect_resize(tmp1, PARAM_N, v, PARAM_N1N2);
|
PQCLEAN_HQCRMRS192_AVX2_vect_resize(tmp1, PARAM_N, v, PARAM_N1N2);
|
||||||
@ -134,5 +134,6 @@ void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_decrypt(uint64_t *m, const uint64_t *u, con
|
|||||||
|
|
||||||
|
|
||||||
// Compute m by decoding v - u.y
|
// Compute m by decoding v - u.y
|
||||||
PQCLEAN_HQCRMRS192_AVX2_code_decode(m, tmp2);
|
PQCLEAN_HQCRMRS192_AVX2_store8_arr((uint8_t *)tmp1, VEC_N_SIZE_BYTES, tmp2, VEC_N_256_SIZE_64);
|
||||||
|
PQCLEAN_HQCRMRS192_AVX2_code_decode(m, (uint8_t *)tmp1);
|
||||||
}
|
}
|
||||||
|
@ -13,9 +13,9 @@
|
|||||||
|
|
||||||
void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_keygen(unsigned char *pk, unsigned char *sk);
|
void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_keygen(unsigned char *pk, unsigned char *sk);
|
||||||
|
|
||||||
void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint64_t *m, unsigned char *theta, const unsigned char *pk);
|
void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint8_t *m, unsigned char *theta, const unsigned char *pk);
|
||||||
|
|
||||||
void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_decrypt(uint64_t *m, const uint64_t *u, const uint64_t *v, const unsigned char *sk);
|
void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_decrypt(uint8_t *m, const uint64_t *u, const uint64_t *v, const unsigned char *sk);
|
||||||
|
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
@ -47,26 +47,26 @@ int PQCLEAN_HQCRMRS192_AVX2_crypto_kem_keypair(unsigned char *pk, unsigned char
|
|||||||
int PQCLEAN_HQCRMRS192_AVX2_crypto_kem_enc(unsigned char *ct, unsigned char *ss, const unsigned char *pk) {
|
int PQCLEAN_HQCRMRS192_AVX2_crypto_kem_enc(unsigned char *ct, unsigned char *ss, const unsigned char *pk) {
|
||||||
|
|
||||||
uint8_t theta[SHA512_BYTES] = {0};
|
uint8_t theta[SHA512_BYTES] = {0};
|
||||||
uint64_t m[VEC_K_SIZE_64] = {0};
|
uint8_t m[VEC_K_SIZE_BYTES] = {0};
|
||||||
uint64_t u[VEC_N_256_SIZE_64] = {0};
|
uint64_t u[VEC_N_256_SIZE_64] = {0};
|
||||||
uint64_t v[VEC_N1N2_256_SIZE_64] = {0};
|
uint64_t v[VEC_N1N2_256_SIZE_64] = {0};
|
||||||
unsigned char d[SHA512_BYTES] = {0};
|
unsigned char d[SHA512_BYTES] = {0};
|
||||||
unsigned char mc[VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES] = {0};
|
unsigned char mc[VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES] = {0};
|
||||||
|
|
||||||
// Computing m
|
// Computing m
|
||||||
PQCLEAN_HQCRMRS192_AVX2_vect_set_random_from_randombytes(m);
|
randombytes(m, VEC_K_SIZE_BYTES);
|
||||||
|
|
||||||
// Computing theta
|
// Computing theta
|
||||||
sha3_512(theta, (uint8_t *) m, VEC_K_SIZE_BYTES);
|
sha3_512(theta, m, VEC_K_SIZE_BYTES);
|
||||||
|
|
||||||
// Encrypting m
|
// Encrypting m
|
||||||
PQCLEAN_HQCRMRS192_AVX2_hqc_pke_encrypt(u, v, m, theta, pk);
|
PQCLEAN_HQCRMRS192_AVX2_hqc_pke_encrypt(u, v, m, theta, pk);
|
||||||
|
|
||||||
// Computing d
|
// Computing d
|
||||||
sha512(d, (unsigned char *) m, VEC_K_SIZE_BYTES);
|
sha512(d, m, VEC_K_SIZE_BYTES);
|
||||||
|
|
||||||
// Computing shared secret
|
// Computing shared secret
|
||||||
PQCLEAN_HQCRMRS192_AVX2_store8_arr(mc, VEC_K_SIZE_BYTES, m, VEC_K_SIZE_64);
|
memcpy(mc, m, VEC_K_SIZE_BYTES);
|
||||||
PQCLEAN_HQCRMRS192_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
|
PQCLEAN_HQCRMRS192_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
|
||||||
PQCLEAN_HQCRMRS192_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
|
PQCLEAN_HQCRMRS192_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
|
||||||
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
|
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
|
||||||
@ -95,7 +95,7 @@ int PQCLEAN_HQCRMRS192_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned cha
|
|||||||
uint64_t v[VEC_N1N2_256_SIZE_64] = {0};
|
uint64_t v[VEC_N1N2_256_SIZE_64] = {0};
|
||||||
unsigned char d[SHA512_BYTES] = {0};
|
unsigned char d[SHA512_BYTES] = {0};
|
||||||
unsigned char pk[PUBLIC_KEY_BYTES] = {0};
|
unsigned char pk[PUBLIC_KEY_BYTES] = {0};
|
||||||
uint64_t m[VEC_K_SIZE_64] = {0};
|
uint8_t m[VEC_K_SIZE_BYTES] = {0};
|
||||||
uint8_t theta[SHA512_BYTES] = {0};
|
uint8_t theta[SHA512_BYTES] = {0};
|
||||||
uint64_t u2[VEC_N_256_SIZE_64] = {0};
|
uint64_t u2[VEC_N_256_SIZE_64] = {0};
|
||||||
uint64_t v2[VEC_N1N2_256_SIZE_64] = {0};
|
uint64_t v2[VEC_N1N2_256_SIZE_64] = {0};
|
||||||
@ -112,17 +112,17 @@ int PQCLEAN_HQCRMRS192_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned cha
|
|||||||
PQCLEAN_HQCRMRS192_AVX2_hqc_pke_decrypt(m, u, v, sk);
|
PQCLEAN_HQCRMRS192_AVX2_hqc_pke_decrypt(m, u, v, sk);
|
||||||
|
|
||||||
// Computing theta
|
// Computing theta
|
||||||
sha3_512(theta, (uint8_t *) m, VEC_K_SIZE_BYTES);
|
sha3_512(theta, m, VEC_K_SIZE_BYTES);
|
||||||
|
|
||||||
// Encrypting m'
|
// Encrypting m'
|
||||||
PQCLEAN_HQCRMRS192_AVX2_hqc_pke_encrypt(u2, v2, m, theta, pk);
|
PQCLEAN_HQCRMRS192_AVX2_hqc_pke_encrypt(u2, v2, m, theta, pk);
|
||||||
|
|
||||||
// Computing d'
|
// Computing d'
|
||||||
sha512(d2, (unsigned char *) m, VEC_K_SIZE_BYTES);
|
sha512(d2, m, VEC_K_SIZE_BYTES);
|
||||||
|
|
||||||
// Computing shared secret
|
// Computing shared secret
|
||||||
PQCLEAN_HQCRMRS192_AVX2_store8_arr(mc, VEC_K_SIZE_BYTES, m, VEC_K_SIZE_64);
|
memcpy(mc, m, VEC_K_SIZE_BYTES);
|
||||||
PQCLEAN_HQCRMRS192_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
|
PQCLEAN_HQCRMRS192_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_256_SIZE_64);
|
||||||
PQCLEAN_HQCRMRS192_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
|
PQCLEAN_HQCRMRS192_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
|
||||||
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
|
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
|
||||||
|
|
||||||
|
@ -15,10 +15,10 @@
|
|||||||
// copy bit 0 into all bits of a 64 bit value
|
// copy bit 0 into all bits of a 64 bit value
|
||||||
#define BIT0MASK(x) (int64_t)(-((x) & 1))
|
#define BIT0MASK(x) (int64_t)(-((x) & 1))
|
||||||
|
|
||||||
static void encode(uint64_t *word, uint32_t message);
|
static void encode(uint8_t *word, uint8_t message);
|
||||||
static void expand_and_sum(__m256i *dst, const uint64_t *src);
|
static void expand_and_sum(__m256i *dst, const uint64_t *src);
|
||||||
static void hadamard(__m256i *src, __m256i *dst);
|
static void hadamard(__m256i *src, __m256i *dst);
|
||||||
static int32_t find_peaks(__m256i *transform);
|
static uint32_t find_peaks(__m256i *transform);
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -39,28 +39,38 @@ static int32_t find_peaks(__m256i *transform);
|
|||||||
* @param[out] word An RM(1,7) codeword
|
* @param[out] word An RM(1,7) codeword
|
||||||
* @param[in] message A message to encode
|
* @param[in] message A message to encode
|
||||||
*/
|
*/
|
||||||
static void encode(uint64_t *word, uint32_t message) {
|
static void encode(uint8_t *word, uint8_t message) {
|
||||||
// the four parts of the word are identical
|
uint32_t e;
|
||||||
// except for encoding bits 5 and 6
|
|
||||||
uint32_t first_word;
|
|
||||||
// bit 7 flips all the bits, do that first to save work
|
// bit 7 flips all the bits, do that first to save work
|
||||||
first_word = BIT0MASK(message >> 7);
|
e = BIT0MASK(message >> 7);
|
||||||
// bits 0, 1, 2, 3, 4 are the same for all four longs
|
// bits 0, 1, 2, 3, 4 are the same for all four longs
|
||||||
// (Warning: in the bit matrix above, low bits are at the left!)
|
// (Warning: in the bit matrix above, low bits are at the left!)
|
||||||
first_word ^= BIT0MASK(message >> 0) & 0xaaaaaaaa;
|
e ^= BIT0MASK(message >> 0) & 0xaaaaaaaa;
|
||||||
first_word ^= BIT0MASK(message >> 1) & 0xcccccccc;
|
e ^= BIT0MASK(message >> 1) & 0xcccccccc;
|
||||||
first_word ^= BIT0MASK(message >> 2) & 0xf0f0f0f0;
|
e ^= BIT0MASK(message >> 2) & 0xf0f0f0f0;
|
||||||
first_word ^= BIT0MASK(message >> 3) & 0xff00ff00;
|
e ^= BIT0MASK(message >> 3) & 0xff00ff00;
|
||||||
first_word ^= BIT0MASK(message >> 4) & 0xffff0000;
|
e ^= BIT0MASK(message >> 4) & 0xffff0000;
|
||||||
// we can store this in the first quarter
|
// we can store this in the first quarter
|
||||||
((uint32_t *) word)[0] = first_word;
|
word[0 + 0] = (e >> 0x00) & 0xff;
|
||||||
|
word[0 + 1] = (e >> 0x08) & 0xff;
|
||||||
|
word[0 + 2] = (e >> 0x10) & 0xff;
|
||||||
|
word[0 + 3] = (e >> 0x18) & 0xff;
|
||||||
// bit 5 flips entries 1 and 3; bit 6 flips 2 and 3
|
// bit 5 flips entries 1 and 3; bit 6 flips 2 and 3
|
||||||
first_word ^= BIT0MASK(message >> 5);
|
e ^= BIT0MASK(message >> 5);
|
||||||
((uint32_t *) word)[1] = first_word;
|
word[4 + 0] = (e >> 0x00) & 0xff;
|
||||||
first_word ^= BIT0MASK(message >> 6);
|
word[4 + 1] = (e >> 0x08) & 0xff;
|
||||||
((uint32_t *) word)[3] = first_word;
|
word[4 + 2] = (e >> 0x10) & 0xff;
|
||||||
first_word ^= BIT0MASK(message >> 5);
|
word[4 + 3] = (e >> 0x18) & 0xff;
|
||||||
((uint32_t *) word)[2] = first_word;
|
e ^= BIT0MASK(message >> 6);
|
||||||
|
word[12 + 0] = (e >> 0x00) & 0xff;
|
||||||
|
word[12 + 1] = (e >> 0x08) & 0xff;
|
||||||
|
word[12 + 2] = (e >> 0x10) & 0xff;
|
||||||
|
word[12 + 3] = (e >> 0x18) & 0xff;
|
||||||
|
e ^= BIT0MASK(message >> 5);
|
||||||
|
word[8 + 0] = (e >> 0x00) & 0xff;
|
||||||
|
word[8 + 1] = (e >> 0x08) & 0xff;
|
||||||
|
word[8 + 2] = (e >> 0x10) & 0xff;
|
||||||
|
word[8 + 3] = (e >> 0x18) & 0xff;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -218,7 +228,7 @@ inline void hadamard(__m256i *src, __m256i *dst) {
|
|||||||
*
|
*
|
||||||
* @param[in] transform Structure that contain the expanded codeword
|
* @param[in] transform Structure that contain the expanded codeword
|
||||||
*/
|
*/
|
||||||
inline int32_t find_peaks(__m256i *transform) {
|
inline uint32_t find_peaks(__m256i *transform) {
|
||||||
// a whole lot of vector variables
|
// a whole lot of vector variables
|
||||||
__m256i bitmap, abs_rows[8], bound, active_row, max_abs_rows;
|
__m256i bitmap, abs_rows[8], bound, active_row, max_abs_rows;
|
||||||
__m256i peak_mask;
|
__m256i peak_mask;
|
||||||
@ -322,7 +332,7 @@ inline int32_t find_peaks(__m256i *transform) {
|
|||||||
result |= message_mask & ptr[i];
|
result |= message_mask & ptr[i];
|
||||||
}
|
}
|
||||||
message |= (0x8000 & ~result) >> 8;
|
message |= (0x8000 & ~result) >> 8;
|
||||||
return message;
|
return (uint32_t) message;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -336,14 +346,13 @@ inline int32_t find_peaks(__m256i *transform) {
|
|||||||
* @param[out] cdw Array of size VEC_N1N2_SIZE_64 receiving the encoded message
|
* @param[out] cdw Array of size VEC_N1N2_SIZE_64 receiving the encoded message
|
||||||
* @param[in] msg Array of size VEC_N1_SIZE_64 storing the message
|
* @param[in] msg Array of size VEC_N1_SIZE_64 storing the message
|
||||||
*/
|
*/
|
||||||
void PQCLEAN_HQCRMRS192_AVX2_reed_muller_encode(uint64_t *cdw, const uint64_t *msg) {
|
void PQCLEAN_HQCRMRS192_AVX2_reed_muller_encode(uint8_t *cdw, const uint8_t *msg) {
|
||||||
for (size_t i = 0; i < VEC_N1_SIZE_BYTES; i++) {
|
for (size_t i = 0; i < VEC_N1_SIZE_BYTES; i++) {
|
||||||
// fill entries i * MULTIPLICITY to (i+1) * MULTIPLICITY
|
|
||||||
// encode first word
|
// encode first word
|
||||||
encode(&cdw[2 * i * MULTIPLICITY], ((uint8_t *)msg)[i]);
|
encode(&cdw[16 * i * MULTIPLICITY], msg[i]);
|
||||||
// copy to other identical codewords
|
// copy to other identical codewords
|
||||||
for (size_t copy = 1; copy < MULTIPLICITY; copy++) {
|
for (size_t copy = 1; copy < MULTIPLICITY; copy++) {
|
||||||
memcpy(&cdw[2 * (i * MULTIPLICITY + copy)], &cdw[2 * i * MULTIPLICITY], 2 * sizeof(uint64_t));
|
memcpy(&cdw[16 * i * MULTIPLICITY + 16 * copy], &cdw[16 * i * MULTIPLICITY], 16);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -359,18 +368,18 @@ void PQCLEAN_HQCRMRS192_AVX2_reed_muller_encode(uint64_t *cdw, const uint64_t *m
|
|||||||
* @param[out] msg Array of size VEC_N1_SIZE_64 receiving the decoded message
|
* @param[out] msg Array of size VEC_N1_SIZE_64 receiving the decoded message
|
||||||
* @param[in] cdw Array of size VEC_N1N2_SIZE_64 storing the received word
|
* @param[in] cdw Array of size VEC_N1N2_SIZE_64 storing the received word
|
||||||
*/
|
*/
|
||||||
void PQCLEAN_HQCRMRS192_AVX2_reed_muller_decode(uint64_t *msg, const uint64_t *cdw) {
|
void PQCLEAN_HQCRMRS192_AVX2_reed_muller_decode(uint8_t *msg, const uint8_t *cdw) {
|
||||||
__m256i expanded[8];
|
__m256i expanded[8];
|
||||||
__m256i transform[8];
|
__m256i transform[8];
|
||||||
for (size_t i = 0; i < VEC_N1_SIZE_BYTES; i++) {
|
for (size_t i = 0; i < VEC_N1_SIZE_BYTES; i++) {
|
||||||
// collect the codewords
|
// collect the codewords
|
||||||
expand_and_sum(expanded, &cdw[2 * i * MULTIPLICITY]);
|
expand_and_sum(expanded, (uint64_t *)&cdw[16 * i * MULTIPLICITY]);
|
||||||
// apply hadamard transform
|
// apply hadamard transform
|
||||||
hadamard(expanded, transform);
|
hadamard(expanded, transform);
|
||||||
// fix the first entry to get the half Hadamard transform
|
// fix the first entry to get the half Hadamard transform
|
||||||
transform[0] -= _mm256_set_epi16(0, 0, 0, 0, 0, 0, 0, 0,
|
transform[0] -= _mm256_set_epi16(0, 0, 0, 0, 0, 0, 0, 0,
|
||||||
0, 0, 0, 0, 0, 0, 0, 64 * MULTIPLICITY);
|
0, 0, 0, 0, 0, 0, 0, 64 * MULTIPLICITY);
|
||||||
// finish the decoding
|
// finish the decoding
|
||||||
((uint8_t *)msg)[i] = find_peaks(transform);
|
msg[i] = find_peaks(transform);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -12,9 +12,9 @@
|
|||||||
#include <stddef.h>
|
#include <stddef.h>
|
||||||
#include <stdint.h>
|
#include <stdint.h>
|
||||||
|
|
||||||
void PQCLEAN_HQCRMRS192_AVX2_reed_muller_encode(uint64_t *cdw, const uint64_t *msg);
|
void PQCLEAN_HQCRMRS192_AVX2_reed_muller_encode(uint8_t *cdw, const uint8_t *msg);
|
||||||
|
|
||||||
void PQCLEAN_HQCRMRS192_AVX2_reed_muller_decode(uint64_t *msg, const uint64_t *cdw);
|
void PQCLEAN_HQCRMRS192_AVX2_reed_muller_decode(uint8_t *msg, const uint8_t *cdw);
|
||||||
|
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
#include "fft.h"
|
#include "fft.h"
|
||||||
#include "gf.h"
|
#include "gf.h"
|
||||||
#include "parameters.h"
|
#include "parameters.h"
|
||||||
|
#include "parsing.h"
|
||||||
#include "reed_solomon.h"
|
#include "reed_solomon.h"
|
||||||
#include <stdint.h>
|
#include <stdint.h>
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
@ -30,37 +31,31 @@ static void correct_errors(uint8_t *cdw, const uint16_t *error_values);
|
|||||||
* @param[out] cdw Array of size VEC_N1_SIZE_64 receiving the encoded message
|
* @param[out] cdw Array of size VEC_N1_SIZE_64 receiving the encoded message
|
||||||
* @param[in] msg Array of size VEC_K_SIZE_64 storing the message
|
* @param[in] msg Array of size VEC_K_SIZE_64 storing the message
|
||||||
*/
|
*/
|
||||||
void PQCLEAN_HQCRMRS192_AVX2_reed_solomon_encode(uint64_t *cdw, const uint64_t *msg) {
|
void PQCLEAN_HQCRMRS192_AVX2_reed_solomon_encode(uint8_t *cdw, const uint8_t *msg) {
|
||||||
uint8_t gate_value = 0;
|
uint8_t gate_value = 0;
|
||||||
|
|
||||||
uint16_t tmp[PARAM_G] = {0};
|
uint16_t tmp[PARAM_G] = {0};
|
||||||
uint16_t PARAM_RS_POLY [] = {RS_POLY_COEFS};
|
uint16_t PARAM_RS_POLY [] = {RS_POLY_COEFS};
|
||||||
|
|
||||||
uint8_t msg_bytes[PARAM_K] = {0};
|
for (size_t i = 0; i < PARAM_N1; i++) {
|
||||||
uint8_t cdw_bytes[PARAM_N1] = {0};
|
cdw[i] = 0;
|
||||||
|
|
||||||
for (size_t i = 0; i < VEC_K_SIZE_64; ++i) {
|
|
||||||
for (size_t j = 0; j < 8; ++j) {
|
|
||||||
msg_bytes[i * 8 + j] = (uint8_t) (msg[i] >> (j * 8));
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
for (int i = PARAM_K - 1; i >= 0; --i) {
|
for (int i = PARAM_K - 1; i >= 0; --i) {
|
||||||
gate_value = msg_bytes[i] ^ cdw_bytes[PARAM_N1 - PARAM_K - 1];
|
gate_value = msg[i] ^ cdw[PARAM_N1 - PARAM_K - 1];
|
||||||
|
|
||||||
for (size_t j = 0; j < PARAM_G; ++j) {
|
for (size_t j = 0; j < PARAM_G; ++j) {
|
||||||
tmp[j] = PQCLEAN_HQCRMRS192_AVX2_gf_mul(gate_value, PARAM_RS_POLY[j]);
|
tmp[j] = PQCLEAN_HQCRMRS192_AVX2_gf_mul(gate_value, PARAM_RS_POLY[j]);
|
||||||
}
|
}
|
||||||
|
|
||||||
for (size_t k = PARAM_N1 - PARAM_K - 1; k; --k) {
|
for (size_t k = PARAM_N1 - PARAM_K - 1; k; --k) {
|
||||||
cdw_bytes[k] = cdw_bytes[k - 1] ^ tmp[k];
|
cdw[k] = cdw[k - 1] ^ tmp[k];
|
||||||
}
|
}
|
||||||
|
|
||||||
cdw_bytes[0] = tmp[0];
|
cdw[0] = tmp[0];
|
||||||
}
|
}
|
||||||
|
|
||||||
memcpy(cdw_bytes + PARAM_N1 - PARAM_K, msg_bytes, PARAM_K);
|
memcpy(cdw + PARAM_N1 - PARAM_K, msg, PARAM_K);
|
||||||
memcpy(cdw, cdw_bytes, PARAM_N1);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -312,8 +307,7 @@ static void correct_errors(uint8_t *cdw, const uint16_t *error_values) {
|
|||||||
* @param[out] msg Array of size VEC_K_SIZE_64 receiving the decoded message
|
* @param[out] msg Array of size VEC_K_SIZE_64 receiving the decoded message
|
||||||
* @param[in] cdw Array of size VEC_N1_SIZE_64 storing the received word
|
* @param[in] cdw Array of size VEC_N1_SIZE_64 storing the received word
|
||||||
*/
|
*/
|
||||||
void PQCLEAN_HQCRMRS192_AVX2_reed_solomon_decode(uint64_t *msg, uint64_t *cdw) {
|
void PQCLEAN_HQCRMRS192_AVX2_reed_solomon_decode(uint8_t *msg, uint8_t *cdw) {
|
||||||
uint8_t cdw_bytes[PARAM_N1] = {0};
|
|
||||||
uint16_t syndromes[2 * PARAM_DELTA] = {0};
|
uint16_t syndromes[2 * PARAM_DELTA] = {0};
|
||||||
uint16_t sigma[1 << PARAM_FFT] = {0};
|
uint16_t sigma[1 << PARAM_FFT] = {0};
|
||||||
uint8_t error[1 << PARAM_M] = {0};
|
uint8_t error[1 << PARAM_M] = {0};
|
||||||
@ -321,11 +315,8 @@ void PQCLEAN_HQCRMRS192_AVX2_reed_solomon_decode(uint64_t *msg, uint64_t *cdw) {
|
|||||||
uint16_t error_values[PARAM_N1] = {0};
|
uint16_t error_values[PARAM_N1] = {0};
|
||||||
uint16_t deg;
|
uint16_t deg;
|
||||||
|
|
||||||
// Copy the vector in an array of bytes
|
|
||||||
memcpy(cdw_bytes, cdw, PARAM_N1);
|
|
||||||
|
|
||||||
// Calculate the 2*PARAM_DELTA syndromes
|
// Calculate the 2*PARAM_DELTA syndromes
|
||||||
compute_syndromes(syndromes, cdw_bytes);
|
compute_syndromes(syndromes, cdw);
|
||||||
|
|
||||||
// Compute the error locator polynomial sigma
|
// Compute the error locator polynomial sigma
|
||||||
// Sigma's degree is at most PARAM_DELTA but the FFT requires the extra room
|
// Sigma's degree is at most PARAM_DELTA but the FFT requires the extra room
|
||||||
@ -341,9 +332,9 @@ void PQCLEAN_HQCRMRS192_AVX2_reed_solomon_decode(uint64_t *msg, uint64_t *cdw) {
|
|||||||
compute_error_values(error_values, z, error);
|
compute_error_values(error_values, z, error);
|
||||||
|
|
||||||
// Correct the errors
|
// Correct the errors
|
||||||
correct_errors(cdw_bytes, error_values);
|
correct_errors(cdw, error_values);
|
||||||
|
|
||||||
// Retrieve the message from the decoded codeword
|
// Retrieve the message from the decoded codeword
|
||||||
memcpy(msg, cdw_bytes + (PARAM_G - 1), PARAM_K);
|
memcpy(msg, cdw + (PARAM_G - 1), PARAM_K);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
File diff suppressed because one or more lines are too long
@ -122,22 +122,6 @@ void PQCLEAN_HQCRMRS192_AVX2_vect_set_random(AES_XOF_struct *ctx, uint64_t *v) {
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @brief Generates a random vector
|
|
||||||
*
|
|
||||||
* This function generates a random binary vector. It uses the the randombytes function.
|
|
||||||
*
|
|
||||||
* @param[in] v Pointer to an array
|
|
||||||
*/
|
|
||||||
void PQCLEAN_HQCRMRS192_AVX2_vect_set_random_from_randombytes(uint64_t *v) {
|
|
||||||
uint8_t rand_bytes [VEC_K_SIZE_BYTES] = {0};
|
|
||||||
|
|
||||||
randombytes(rand_bytes, VEC_K_SIZE_BYTES);
|
|
||||||
PQCLEAN_HQCRMRS192_AVX2_load8_arr(v, VEC_K_SIZE_64, rand_bytes, VEC_K_SIZE_BYTES);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief Adds two vectors
|
* @brief Adds two vectors
|
||||||
*
|
*
|
||||||
|
@ -21,8 +21,8 @@
|
|||||||
* @param[out] em Pointer to an array that is the tensor code word
|
* @param[out] em Pointer to an array that is the tensor code word
|
||||||
* @param[in] m Pointer to an array that is the message
|
* @param[in] m Pointer to an array that is the message
|
||||||
*/
|
*/
|
||||||
void PQCLEAN_HQCRMRS256_AVX2_code_encode(uint64_t *em, const uint64_t *m) {
|
void PQCLEAN_HQCRMRS256_AVX2_code_encode(uint8_t *em, const uint8_t *m) {
|
||||||
uint64_t tmp[VEC_N1_SIZE_64] = {0};
|
uint8_t tmp[8 * VEC_N1_SIZE_64] = {0};
|
||||||
|
|
||||||
PQCLEAN_HQCRMRS256_AVX2_reed_solomon_encode(tmp, m);
|
PQCLEAN_HQCRMRS256_AVX2_reed_solomon_encode(tmp, m);
|
||||||
PQCLEAN_HQCRMRS256_AVX2_reed_muller_encode(em, tmp);
|
PQCLEAN_HQCRMRS256_AVX2_reed_muller_encode(em, tmp);
|
||||||
@ -37,8 +37,8 @@ void PQCLEAN_HQCRMRS256_AVX2_code_encode(uint64_t *em, const uint64_t *m) {
|
|||||||
* @param[out] m Pointer to an array that is the message
|
* @param[out] m Pointer to an array that is the message
|
||||||
* @param[in] em Pointer to an array that is the code word
|
* @param[in] em Pointer to an array that is the code word
|
||||||
*/
|
*/
|
||||||
void PQCLEAN_HQCRMRS256_AVX2_code_decode(uint64_t *m, const uint64_t *em) {
|
void PQCLEAN_HQCRMRS256_AVX2_code_decode(uint8_t *m, const uint8_t *em) {
|
||||||
uint64_t tmp[VEC_N1_SIZE_64] = {0};
|
uint8_t tmp[8 * VEC_N1_SIZE_64] = {0};
|
||||||
|
|
||||||
PQCLEAN_HQCRMRS256_AVX2_reed_muller_decode(tmp, em);
|
PQCLEAN_HQCRMRS256_AVX2_reed_muller_decode(tmp, em);
|
||||||
PQCLEAN_HQCRMRS256_AVX2_reed_solomon_decode(m, tmp);
|
PQCLEAN_HQCRMRS256_AVX2_reed_solomon_decode(m, tmp);
|
||||||
|
@ -12,9 +12,9 @@
|
|||||||
#include <stddef.h>
|
#include <stddef.h>
|
||||||
#include <stdint.h>
|
#include <stdint.h>
|
||||||
|
|
||||||
void PQCLEAN_HQCRMRS256_AVX2_code_encode(uint64_t *em, const uint64_t *message);
|
void PQCLEAN_HQCRMRS256_AVX2_code_encode(uint8_t *em, const uint8_t *message);
|
||||||
|
|
||||||
void PQCLEAN_HQCRMRS256_AVX2_code_decode(uint64_t *m, const uint64_t *em);
|
void PQCLEAN_HQCRMRS256_AVX2_code_decode(uint8_t *m, const uint8_t *em);
|
||||||
|
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
@ -70,7 +70,7 @@ void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_keygen(unsigned char *pk, unsigned char *sk
|
|||||||
* @param[in] theta Seed used to derive randomness required for encryption
|
* @param[in] theta Seed used to derive randomness required for encryption
|
||||||
* @param[in] pk String containing the public key
|
* @param[in] pk String containing the public key
|
||||||
*/
|
*/
|
||||||
void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint64_t *m, unsigned char *theta, const unsigned char *pk) {
|
void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint8_t *m, unsigned char *theta, const unsigned char *pk) {
|
||||||
AES_XOF_struct seedexpander;
|
AES_XOF_struct seedexpander;
|
||||||
uint64_t h[VEC_N_256_SIZE_64] = {0};
|
uint64_t h[VEC_N_256_SIZE_64] = {0};
|
||||||
uint64_t s[VEC_N_256_SIZE_64] = {0};
|
uint64_t s[VEC_N_256_SIZE_64] = {0};
|
||||||
@ -96,7 +96,8 @@ void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint64_t
|
|||||||
PQCLEAN_HQCRMRS256_AVX2_vect_add(u, r1, u, VEC_N_256_SIZE_64);
|
PQCLEAN_HQCRMRS256_AVX2_vect_add(u, r1, u, VEC_N_256_SIZE_64);
|
||||||
|
|
||||||
// Compute v = m.G by encoding the message
|
// Compute v = m.G by encoding the message
|
||||||
PQCLEAN_HQCRMRS256_AVX2_code_encode(v, m);
|
PQCLEAN_HQCRMRS256_AVX2_code_encode((uint8_t *)v, m);
|
||||||
|
PQCLEAN_HQCRMRS256_AVX2_load8_arr(v, VEC_N1N2_256_SIZE_64, (uint8_t *)v, VEC_N1N2_SIZE_BYTES);
|
||||||
PQCLEAN_HQCRMRS256_AVX2_vect_resize(tmp1, PARAM_N, v, PARAM_N1N2);
|
PQCLEAN_HQCRMRS256_AVX2_vect_resize(tmp1, PARAM_N, v, PARAM_N1N2);
|
||||||
|
|
||||||
// Compute v = m.G + s.r2 + e
|
// Compute v = m.G + s.r2 + e
|
||||||
@ -117,15 +118,14 @@ void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint64_t
|
|||||||
* @param[in] v Vector v (second part of the ciphertext)
|
* @param[in] v Vector v (second part of the ciphertext)
|
||||||
* @param[in] sk String containing the secret key
|
* @param[in] sk String containing the secret key
|
||||||
*/
|
*/
|
||||||
void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_decrypt(uint64_t *m, const uint64_t *u, const uint64_t *v, const unsigned char *sk) {
|
void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_decrypt(uint8_t *m, const uint64_t *u, const uint64_t *v, const unsigned char *sk) {
|
||||||
uint64_t x[VEC_N_256_SIZE_64] = {0};
|
|
||||||
uint64_t y[VEC_N_256_SIZE_64] = {0};
|
|
||||||
uint8_t pk[PUBLIC_KEY_BYTES] = {0};
|
uint8_t pk[PUBLIC_KEY_BYTES] = {0};
|
||||||
uint64_t tmp1[VEC_N_256_SIZE_64] = {0};
|
uint64_t tmp1[VEC_N_256_SIZE_64] = {0};
|
||||||
uint64_t tmp2[VEC_N_256_SIZE_64] = {0};
|
uint64_t tmp2[VEC_N_256_SIZE_64] = {0};
|
||||||
|
uint64_t y[VEC_N_256_SIZE_64] = {0};
|
||||||
|
|
||||||
// Retrieve x, y, pk from secret key
|
// Retrieve x, y, pk from secret key
|
||||||
PQCLEAN_HQCRMRS256_AVX2_hqc_secret_key_from_string(x, y, pk, sk);
|
PQCLEAN_HQCRMRS256_AVX2_hqc_secret_key_from_string(tmp1, y, pk, sk);
|
||||||
|
|
||||||
// Compute v - u.y
|
// Compute v - u.y
|
||||||
PQCLEAN_HQCRMRS256_AVX2_vect_resize(tmp1, PARAM_N, v, PARAM_N1N2);
|
PQCLEAN_HQCRMRS256_AVX2_vect_resize(tmp1, PARAM_N, v, PARAM_N1N2);
|
||||||
@ -134,5 +134,6 @@ void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_decrypt(uint64_t *m, const uint64_t *u, con
|
|||||||
|
|
||||||
|
|
||||||
// Compute m by decoding v - u.y
|
// Compute m by decoding v - u.y
|
||||||
PQCLEAN_HQCRMRS256_AVX2_code_decode(m, tmp2);
|
PQCLEAN_HQCRMRS256_AVX2_store8_arr((uint8_t *)tmp1, VEC_N_SIZE_BYTES, tmp2, VEC_N_256_SIZE_64);
|
||||||
|
PQCLEAN_HQCRMRS256_AVX2_code_decode(m, (uint8_t *)tmp1);
|
||||||
}
|
}
|
||||||
|
@ -13,9 +13,9 @@
|
|||||||
|
|
||||||
void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_keygen(unsigned char *pk, unsigned char *sk);
|
void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_keygen(unsigned char *pk, unsigned char *sk);
|
||||||
|
|
||||||
void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint64_t *m, unsigned char *theta, const unsigned char *pk);
|
void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint8_t *m, unsigned char *theta, const unsigned char *pk);
|
||||||
|
|
||||||
void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_decrypt(uint64_t *m, const uint64_t *u, const uint64_t *v, const unsigned char *sk);
|
void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_decrypt(uint8_t *m, const uint64_t *u, const uint64_t *v, const unsigned char *sk);
|
||||||
|
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
@ -47,26 +47,26 @@ int PQCLEAN_HQCRMRS256_AVX2_crypto_kem_keypair(unsigned char *pk, unsigned char
|
|||||||
int PQCLEAN_HQCRMRS256_AVX2_crypto_kem_enc(unsigned char *ct, unsigned char *ss, const unsigned char *pk) {
|
int PQCLEAN_HQCRMRS256_AVX2_crypto_kem_enc(unsigned char *ct, unsigned char *ss, const unsigned char *pk) {
|
||||||
|
|
||||||
uint8_t theta[SHA512_BYTES] = {0};
|
uint8_t theta[SHA512_BYTES] = {0};
|
||||||
uint64_t m[VEC_K_SIZE_64] = {0};
|
uint8_t m[VEC_K_SIZE_BYTES] = {0};
|
||||||
uint64_t u[VEC_N_256_SIZE_64] = {0};
|
uint64_t u[VEC_N_256_SIZE_64] = {0};
|
||||||
uint64_t v[VEC_N1N2_256_SIZE_64] = {0};
|
uint64_t v[VEC_N1N2_256_SIZE_64] = {0};
|
||||||
unsigned char d[SHA512_BYTES] = {0};
|
unsigned char d[SHA512_BYTES] = {0};
|
||||||
unsigned char mc[VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES] = {0};
|
unsigned char mc[VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES] = {0};
|
||||||
|
|
||||||
// Computing m
|
// Computing m
|
||||||
PQCLEAN_HQCRMRS256_AVX2_vect_set_random_from_randombytes(m);
|
randombytes(m, VEC_K_SIZE_BYTES);
|
||||||
|
|
||||||
// Computing theta
|
// Computing theta
|
||||||
sha3_512(theta, (uint8_t *) m, VEC_K_SIZE_BYTES);
|
sha3_512(theta, m, VEC_K_SIZE_BYTES);
|
||||||
|
|
||||||
// Encrypting m
|
// Encrypting m
|
||||||
PQCLEAN_HQCRMRS256_AVX2_hqc_pke_encrypt(u, v, m, theta, pk);
|
PQCLEAN_HQCRMRS256_AVX2_hqc_pke_encrypt(u, v, m, theta, pk);
|
||||||
|
|
||||||
// Computing d
|
// Computing d
|
||||||
sha512(d, (unsigned char *) m, VEC_K_SIZE_BYTES);
|
sha512(d, m, VEC_K_SIZE_BYTES);
|
||||||
|
|
||||||
// Computing shared secret
|
// Computing shared secret
|
||||||
PQCLEAN_HQCRMRS256_AVX2_store8_arr(mc, VEC_K_SIZE_BYTES, m, VEC_K_SIZE_64);
|
memcpy(mc, m, VEC_K_SIZE_BYTES);
|
||||||
PQCLEAN_HQCRMRS256_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
|
PQCLEAN_HQCRMRS256_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
|
||||||
PQCLEAN_HQCRMRS256_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
|
PQCLEAN_HQCRMRS256_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
|
||||||
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
|
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
|
||||||
@ -95,7 +95,7 @@ int PQCLEAN_HQCRMRS256_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned cha
|
|||||||
uint64_t v[VEC_N1N2_256_SIZE_64] = {0};
|
uint64_t v[VEC_N1N2_256_SIZE_64] = {0};
|
||||||
unsigned char d[SHA512_BYTES] = {0};
|
unsigned char d[SHA512_BYTES] = {0};
|
||||||
unsigned char pk[PUBLIC_KEY_BYTES] = {0};
|
unsigned char pk[PUBLIC_KEY_BYTES] = {0};
|
||||||
uint64_t m[VEC_K_SIZE_64] = {0};
|
uint8_t m[VEC_K_SIZE_BYTES] = {0};
|
||||||
uint8_t theta[SHA512_BYTES] = {0};
|
uint8_t theta[SHA512_BYTES] = {0};
|
||||||
uint64_t u2[VEC_N_256_SIZE_64] = {0};
|
uint64_t u2[VEC_N_256_SIZE_64] = {0};
|
||||||
uint64_t v2[VEC_N1N2_256_SIZE_64] = {0};
|
uint64_t v2[VEC_N1N2_256_SIZE_64] = {0};
|
||||||
@ -112,17 +112,17 @@ int PQCLEAN_HQCRMRS256_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned cha
|
|||||||
PQCLEAN_HQCRMRS256_AVX2_hqc_pke_decrypt(m, u, v, sk);
|
PQCLEAN_HQCRMRS256_AVX2_hqc_pke_decrypt(m, u, v, sk);
|
||||||
|
|
||||||
// Computing theta
|
// Computing theta
|
||||||
sha3_512(theta, (uint8_t *) m, VEC_K_SIZE_BYTES);
|
sha3_512(theta, m, VEC_K_SIZE_BYTES);
|
||||||
|
|
||||||
// Encrypting m'
|
// Encrypting m'
|
||||||
PQCLEAN_HQCRMRS256_AVX2_hqc_pke_encrypt(u2, v2, m, theta, pk);
|
PQCLEAN_HQCRMRS256_AVX2_hqc_pke_encrypt(u2, v2, m, theta, pk);
|
||||||
|
|
||||||
// Computing d'
|
// Computing d'
|
||||||
sha512(d2, (unsigned char *) m, VEC_K_SIZE_BYTES);
|
sha512(d2, m, VEC_K_SIZE_BYTES);
|
||||||
|
|
||||||
// Computing shared secret
|
// Computing shared secret
|
||||||
PQCLEAN_HQCRMRS256_AVX2_store8_arr(mc, VEC_K_SIZE_BYTES, m, VEC_K_SIZE_64);
|
memcpy(mc, m, VEC_K_SIZE_BYTES);
|
||||||
PQCLEAN_HQCRMRS256_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
|
PQCLEAN_HQCRMRS256_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_256_SIZE_64);
|
||||||
PQCLEAN_HQCRMRS256_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
|
PQCLEAN_HQCRMRS256_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
|
||||||
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
|
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
|
||||||
|
|
||||||
|
@ -15,10 +15,10 @@
|
|||||||
// copy bit 0 into all bits of a 64 bit value
|
// copy bit 0 into all bits of a 64 bit value
|
||||||
#define BIT0MASK(x) (int64_t)(-((x) & 1))
|
#define BIT0MASK(x) (int64_t)(-((x) & 1))
|
||||||
|
|
||||||
static void encode(uint64_t *word, uint32_t message);
|
static void encode(uint8_t *word, uint8_t message);
|
||||||
static void expand_and_sum(__m256i *dst, const uint64_t *src);
|
static void expand_and_sum(__m256i *dst, const uint64_t *src);
|
||||||
static void hadamard(__m256i *src, __m256i *dst);
|
static void hadamard(__m256i *src, __m256i *dst);
|
||||||
static int32_t find_peaks(__m256i *transform);
|
static uint32_t find_peaks(__m256i *transform);
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -39,28 +39,38 @@ static int32_t find_peaks(__m256i *transform);
|
|||||||
* @param[out] word An RM(1,7) codeword
|
* @param[out] word An RM(1,7) codeword
|
||||||
* @param[in] message A message to encode
|
* @param[in] message A message to encode
|
||||||
*/
|
*/
|
||||||
static void encode(uint64_t *word, uint32_t message) {
|
static void encode(uint8_t *word, uint8_t message) {
|
||||||
// the four parts of the word are identical
|
uint32_t e;
|
||||||
// except for encoding bits 5 and 6
|
|
||||||
uint32_t first_word;
|
|
||||||
// bit 7 flips all the bits, do that first to save work
|
// bit 7 flips all the bits, do that first to save work
|
||||||
first_word = BIT0MASK(message >> 7);
|
e = BIT0MASK(message >> 7);
|
||||||
// bits 0, 1, 2, 3, 4 are the same for all four longs
|
// bits 0, 1, 2, 3, 4 are the same for all four longs
|
||||||
// (Warning: in the bit matrix above, low bits are at the left!)
|
// (Warning: in the bit matrix above, low bits are at the left!)
|
||||||
first_word ^= BIT0MASK(message >> 0) & 0xaaaaaaaa;
|
e ^= BIT0MASK(message >> 0) & 0xaaaaaaaa;
|
||||||
first_word ^= BIT0MASK(message >> 1) & 0xcccccccc;
|
e ^= BIT0MASK(message >> 1) & 0xcccccccc;
|
||||||
first_word ^= BIT0MASK(message >> 2) & 0xf0f0f0f0;
|
e ^= BIT0MASK(message >> 2) & 0xf0f0f0f0;
|
||||||
first_word ^= BIT0MASK(message >> 3) & 0xff00ff00;
|
e ^= BIT0MASK(message >> 3) & 0xff00ff00;
|
||||||
first_word ^= BIT0MASK(message >> 4) & 0xffff0000;
|
e ^= BIT0MASK(message >> 4) & 0xffff0000;
|
||||||
// we can store this in the first quarter
|
// we can store this in the first quarter
|
||||||
((uint32_t *) word)[0] = first_word;
|
word[0 + 0] = (e >> 0x00) & 0xff;
|
||||||
|
word[0 + 1] = (e >> 0x08) & 0xff;
|
||||||
|
word[0 + 2] = (e >> 0x10) & 0xff;
|
||||||
|
word[0 + 3] = (e >> 0x18) & 0xff;
|
||||||
// bit 5 flips entries 1 and 3; bit 6 flips 2 and 3
|
// bit 5 flips entries 1 and 3; bit 6 flips 2 and 3
|
||||||
first_word ^= BIT0MASK(message >> 5);
|
e ^= BIT0MASK(message >> 5);
|
||||||
((uint32_t *) word)[1] = first_word;
|
word[4 + 0] = (e >> 0x00) & 0xff;
|
||||||
first_word ^= BIT0MASK(message >> 6);
|
word[4 + 1] = (e >> 0x08) & 0xff;
|
||||||
((uint32_t *) word)[3] = first_word;
|
word[4 + 2] = (e >> 0x10) & 0xff;
|
||||||
first_word ^= BIT0MASK(message >> 5);
|
word[4 + 3] = (e >> 0x18) & 0xff;
|
||||||
((uint32_t *) word)[2] = first_word;
|
e ^= BIT0MASK(message >> 6);
|
||||||
|
word[12 + 0] = (e >> 0x00) & 0xff;
|
||||||
|
word[12 + 1] = (e >> 0x08) & 0xff;
|
||||||
|
word[12 + 2] = (e >> 0x10) & 0xff;
|
||||||
|
word[12 + 3] = (e >> 0x18) & 0xff;
|
||||||
|
e ^= BIT0MASK(message >> 5);
|
||||||
|
word[8 + 0] = (e >> 0x00) & 0xff;
|
||||||
|
word[8 + 1] = (e >> 0x08) & 0xff;
|
||||||
|
word[8 + 2] = (e >> 0x10) & 0xff;
|
||||||
|
word[8 + 3] = (e >> 0x18) & 0xff;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -218,7 +228,7 @@ inline void hadamard(__m256i *src, __m256i *dst) {
|
|||||||
*
|
*
|
||||||
* @param[in] transform Structure that contain the expanded codeword
|
* @param[in] transform Structure that contain the expanded codeword
|
||||||
*/
|
*/
|
||||||
inline int32_t find_peaks(__m256i *transform) {
|
inline uint32_t find_peaks(__m256i *transform) {
|
||||||
// a whole lot of vector variables
|
// a whole lot of vector variables
|
||||||
__m256i bitmap, abs_rows[8], bound, active_row, max_abs_rows;
|
__m256i bitmap, abs_rows[8], bound, active_row, max_abs_rows;
|
||||||
__m256i peak_mask;
|
__m256i peak_mask;
|
||||||
@ -322,7 +332,7 @@ inline int32_t find_peaks(__m256i *transform) {
|
|||||||
result |= message_mask & ptr[i];
|
result |= message_mask & ptr[i];
|
||||||
}
|
}
|
||||||
message |= (0x8000 & ~result) >> 8;
|
message |= (0x8000 & ~result) >> 8;
|
||||||
return message;
|
return (uint32_t) message;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -336,14 +346,13 @@ inline int32_t find_peaks(__m256i *transform) {
|
|||||||
* @param[out] cdw Array of size VEC_N1N2_SIZE_64 receiving the encoded message
|
* @param[out] cdw Array of size VEC_N1N2_SIZE_64 receiving the encoded message
|
||||||
* @param[in] msg Array of size VEC_N1_SIZE_64 storing the message
|
* @param[in] msg Array of size VEC_N1_SIZE_64 storing the message
|
||||||
*/
|
*/
|
||||||
void PQCLEAN_HQCRMRS256_AVX2_reed_muller_encode(uint64_t *cdw, const uint64_t *msg) {
|
void PQCLEAN_HQCRMRS256_AVX2_reed_muller_encode(uint8_t *cdw, const uint8_t *msg) {
|
||||||
for (size_t i = 0; i < VEC_N1_SIZE_BYTES; i++) {
|
for (size_t i = 0; i < VEC_N1_SIZE_BYTES; i++) {
|
||||||
// fill entries i * MULTIPLICITY to (i+1) * MULTIPLICITY
|
|
||||||
// encode first word
|
// encode first word
|
||||||
encode(&cdw[2 * i * MULTIPLICITY], ((uint8_t *)msg)[i]);
|
encode(&cdw[16 * i * MULTIPLICITY], msg[i]);
|
||||||
// copy to other identical codewords
|
// copy to other identical codewords
|
||||||
for (size_t copy = 1; copy < MULTIPLICITY; copy++) {
|
for (size_t copy = 1; copy < MULTIPLICITY; copy++) {
|
||||||
memcpy(&cdw[2 * (i * MULTIPLICITY + copy)], &cdw[2 * i * MULTIPLICITY], 2 * sizeof(uint64_t));
|
memcpy(&cdw[16 * i * MULTIPLICITY + 16 * copy], &cdw[16 * i * MULTIPLICITY], 16);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -359,18 +368,18 @@ void PQCLEAN_HQCRMRS256_AVX2_reed_muller_encode(uint64_t *cdw, const uint64_t *m
|
|||||||
* @param[out] msg Array of size VEC_N1_SIZE_64 receiving the decoded message
|
* @param[out] msg Array of size VEC_N1_SIZE_64 receiving the decoded message
|
||||||
* @param[in] cdw Array of size VEC_N1N2_SIZE_64 storing the received word
|
* @param[in] cdw Array of size VEC_N1N2_SIZE_64 storing the received word
|
||||||
*/
|
*/
|
||||||
void PQCLEAN_HQCRMRS256_AVX2_reed_muller_decode(uint64_t *msg, const uint64_t *cdw) {
|
void PQCLEAN_HQCRMRS256_AVX2_reed_muller_decode(uint8_t *msg, const uint8_t *cdw) {
|
||||||
__m256i expanded[8];
|
__m256i expanded[8];
|
||||||
__m256i transform[8];
|
__m256i transform[8];
|
||||||
for (size_t i = 0; i < VEC_N1_SIZE_BYTES; i++) {
|
for (size_t i = 0; i < VEC_N1_SIZE_BYTES; i++) {
|
||||||
// collect the codewords
|
// collect the codewords
|
||||||
expand_and_sum(expanded, &cdw[2 * i * MULTIPLICITY]);
|
expand_and_sum(expanded, (uint64_t *)&cdw[16 * i * MULTIPLICITY]);
|
||||||
// apply hadamard transform
|
// apply hadamard transform
|
||||||
hadamard(expanded, transform);
|
hadamard(expanded, transform);
|
||||||
// fix the first entry to get the half Hadamard transform
|
// fix the first entry to get the half Hadamard transform
|
||||||
transform[0] -= _mm256_set_epi16(0, 0, 0, 0, 0, 0, 0, 0,
|
transform[0] -= _mm256_set_epi16(0, 0, 0, 0, 0, 0, 0, 0,
|
||||||
0, 0, 0, 0, 0, 0, 0, 64 * MULTIPLICITY);
|
0, 0, 0, 0, 0, 0, 0, 64 * MULTIPLICITY);
|
||||||
// finish the decoding
|
// finish the decoding
|
||||||
((uint8_t *)msg)[i] = find_peaks(transform);
|
msg[i] = find_peaks(transform);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -12,9 +12,9 @@
|
|||||||
#include <stddef.h>
|
#include <stddef.h>
|
||||||
#include <stdint.h>
|
#include <stdint.h>
|
||||||
|
|
||||||
void PQCLEAN_HQCRMRS256_AVX2_reed_muller_encode(uint64_t *cdw, const uint64_t *msg);
|
void PQCLEAN_HQCRMRS256_AVX2_reed_muller_encode(uint8_t *cdw, const uint8_t *msg);
|
||||||
|
|
||||||
void PQCLEAN_HQCRMRS256_AVX2_reed_muller_decode(uint64_t *msg, const uint64_t *cdw);
|
void PQCLEAN_HQCRMRS256_AVX2_reed_muller_decode(uint8_t *msg, const uint8_t *cdw);
|
||||||
|
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
#include "fft.h"
|
#include "fft.h"
|
||||||
#include "gf.h"
|
#include "gf.h"
|
||||||
#include "parameters.h"
|
#include "parameters.h"
|
||||||
|
#include "parsing.h"
|
||||||
#include "reed_solomon.h"
|
#include "reed_solomon.h"
|
||||||
#include <stdint.h>
|
#include <stdint.h>
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
@ -30,37 +31,31 @@ static void correct_errors(uint8_t *cdw, const uint16_t *error_values);
|
|||||||
* @param[out] cdw Array of size VEC_N1_SIZE_64 receiving the encoded message
|
* @param[out] cdw Array of size VEC_N1_SIZE_64 receiving the encoded message
|
||||||
* @param[in] msg Array of size VEC_K_SIZE_64 storing the message
|
* @param[in] msg Array of size VEC_K_SIZE_64 storing the message
|
||||||
*/
|
*/
|
||||||
void PQCLEAN_HQCRMRS256_AVX2_reed_solomon_encode(uint64_t *cdw, const uint64_t *msg) {
|
void PQCLEAN_HQCRMRS256_AVX2_reed_solomon_encode(uint8_t *cdw, const uint8_t *msg) {
|
||||||
uint8_t gate_value = 0;
|
uint8_t gate_value = 0;
|
||||||
|
|
||||||
uint16_t tmp[PARAM_G] = {0};
|
uint16_t tmp[PARAM_G] = {0};
|
||||||
uint16_t PARAM_RS_POLY [] = {RS_POLY_COEFS};
|
uint16_t PARAM_RS_POLY [] = {RS_POLY_COEFS};
|
||||||
|
|
||||||
uint8_t msg_bytes[PARAM_K] = {0};
|
for (size_t i = 0; i < PARAM_N1; i++) {
|
||||||
uint8_t cdw_bytes[PARAM_N1] = {0};
|
cdw[i] = 0;
|
||||||
|
|
||||||
for (size_t i = 0; i < VEC_K_SIZE_64; ++i) {
|
|
||||||
for (size_t j = 0; j < 8; ++j) {
|
|
||||||
msg_bytes[i * 8 + j] = (uint8_t) (msg[i] >> (j * 8));
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
for (int i = PARAM_K - 1; i >= 0; --i) {
|
for (int i = PARAM_K - 1; i >= 0; --i) {
|
||||||
gate_value = msg_bytes[i] ^ cdw_bytes[PARAM_N1 - PARAM_K - 1];
|
gate_value = msg[i] ^ cdw[PARAM_N1 - PARAM_K - 1];
|
||||||
|
|
||||||
for (size_t j = 0; j < PARAM_G; ++j) {
|
for (size_t j = 0; j < PARAM_G; ++j) {
|
||||||
tmp[j] = PQCLEAN_HQCRMRS256_AVX2_gf_mul(gate_value, PARAM_RS_POLY[j]);
|
tmp[j] = PQCLEAN_HQCRMRS256_AVX2_gf_mul(gate_value, PARAM_RS_POLY[j]);
|
||||||
}
|
}
|
||||||
|
|
||||||
for (size_t k = PARAM_N1 - PARAM_K - 1; k; --k) {
|
for (size_t k = PARAM_N1 - PARAM_K - 1; k; --k) {
|
||||||
cdw_bytes[k] = cdw_bytes[k - 1] ^ tmp[k];
|
cdw[k] = cdw[k - 1] ^ tmp[k];
|
||||||
}
|
}
|
||||||
|
|
||||||
cdw_bytes[0] = tmp[0];
|
cdw[0] = tmp[0];
|
||||||
}
|
}
|
||||||
|
|
||||||
memcpy(cdw_bytes + PARAM_N1 - PARAM_K, msg_bytes, PARAM_K);
|
memcpy(cdw + PARAM_N1 - PARAM_K, msg, PARAM_K);
|
||||||
memcpy(cdw, cdw_bytes, PARAM_N1);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -312,8 +307,7 @@ static void correct_errors(uint8_t *cdw, const uint16_t *error_values) {
|
|||||||
* @param[out] msg Array of size VEC_K_SIZE_64 receiving the decoded message
|
* @param[out] msg Array of size VEC_K_SIZE_64 receiving the decoded message
|
||||||
* @param[in] cdw Array of size VEC_N1_SIZE_64 storing the received word
|
* @param[in] cdw Array of size VEC_N1_SIZE_64 storing the received word
|
||||||
*/
|
*/
|
||||||
void PQCLEAN_HQCRMRS256_AVX2_reed_solomon_decode(uint64_t *msg, uint64_t *cdw) {
|
void PQCLEAN_HQCRMRS256_AVX2_reed_solomon_decode(uint8_t *msg, uint8_t *cdw) {
|
||||||
uint8_t cdw_bytes[PARAM_N1] = {0};
|
|
||||||
uint16_t syndromes[2 * PARAM_DELTA] = {0};
|
uint16_t syndromes[2 * PARAM_DELTA] = {0};
|
||||||
uint16_t sigma[1 << PARAM_FFT] = {0};
|
uint16_t sigma[1 << PARAM_FFT] = {0};
|
||||||
uint8_t error[1 << PARAM_M] = {0};
|
uint8_t error[1 << PARAM_M] = {0};
|
||||||
@ -321,11 +315,8 @@ void PQCLEAN_HQCRMRS256_AVX2_reed_solomon_decode(uint64_t *msg, uint64_t *cdw) {
|
|||||||
uint16_t error_values[PARAM_N1] = {0};
|
uint16_t error_values[PARAM_N1] = {0};
|
||||||
uint16_t deg;
|
uint16_t deg;
|
||||||
|
|
||||||
// Copy the vector in an array of bytes
|
|
||||||
memcpy(cdw_bytes, cdw, PARAM_N1);
|
|
||||||
|
|
||||||
// Calculate the 2*PARAM_DELTA syndromes
|
// Calculate the 2*PARAM_DELTA syndromes
|
||||||
compute_syndromes(syndromes, cdw_bytes);
|
compute_syndromes(syndromes, cdw);
|
||||||
|
|
||||||
// Compute the error locator polynomial sigma
|
// Compute the error locator polynomial sigma
|
||||||
// Sigma's degree is at most PARAM_DELTA but the FFT requires the extra room
|
// Sigma's degree is at most PARAM_DELTA but the FFT requires the extra room
|
||||||
@ -341,9 +332,9 @@ void PQCLEAN_HQCRMRS256_AVX2_reed_solomon_decode(uint64_t *msg, uint64_t *cdw) {
|
|||||||
compute_error_values(error_values, z, error);
|
compute_error_values(error_values, z, error);
|
||||||
|
|
||||||
// Correct the errors
|
// Correct the errors
|
||||||
correct_errors(cdw_bytes, error_values);
|
correct_errors(cdw, error_values);
|
||||||
|
|
||||||
// Retrieve the message from the decoded codeword
|
// Retrieve the message from the decoded codeword
|
||||||
memcpy(msg, cdw_bytes + (PARAM_G - 1), PARAM_K);
|
memcpy(msg, cdw + (PARAM_G - 1), PARAM_K);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
File diff suppressed because one or more lines are too long
@ -122,22 +122,6 @@ void PQCLEAN_HQCRMRS256_AVX2_vect_set_random(AES_XOF_struct *ctx, uint64_t *v) {
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @brief Generates a random vector
|
|
||||||
*
|
|
||||||
* This function generates a random binary vector. It uses the the randombytes function.
|
|
||||||
*
|
|
||||||
* @param[in] v Pointer to an array
|
|
||||||
*/
|
|
||||||
void PQCLEAN_HQCRMRS256_AVX2_vect_set_random_from_randombytes(uint64_t *v) {
|
|
||||||
uint8_t rand_bytes [VEC_K_SIZE_BYTES] = {0};
|
|
||||||
|
|
||||||
randombytes(rand_bytes, VEC_K_SIZE_BYTES);
|
|
||||||
PQCLEAN_HQCRMRS256_AVX2_load8_arr(v, VEC_K_SIZE_64, rand_bytes, VEC_K_SIZE_BYTES);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief Adds two vectors
|
* @brief Adds two vectors
|
||||||
*
|
*
|
||||||
|
@ -34,6 +34,7 @@ consistency_checks:
|
|||||||
- kem.c
|
- kem.c
|
||||||
- parsing.c
|
- parsing.c
|
||||||
- repetition.c
|
- repetition.c
|
||||||
|
- vector.c
|
||||||
- source:
|
- source:
|
||||||
scheme: hqc-256
|
scheme: hqc-256
|
||||||
implementation: clean
|
implementation: clean
|
||||||
@ -59,55 +60,29 @@ consistency_checks:
|
|||||||
- hqc.c
|
- hqc.c
|
||||||
- kem.c
|
- kem.c
|
||||||
- parsing.c
|
- parsing.c
|
||||||
- source:
|
- vector.c
|
||||||
scheme: hqc-rmrs-128
|
|
||||||
implementation: clean
|
|
||||||
files:
|
|
||||||
- source:
|
- source:
|
||||||
scheme: hqc-rmrs-128
|
scheme: hqc-rmrs-128
|
||||||
implementation: avx2
|
implementation: avx2
|
||||||
files:
|
files:
|
||||||
- code.h
|
|
||||||
- gf2x.h
|
- gf2x.h
|
||||||
- hqc.h
|
|
||||||
- parsing.h
|
- parsing.h
|
||||||
- vector.h
|
- vector.h
|
||||||
- gf2x.c
|
- gf2x.c
|
||||||
- hqc.c
|
|
||||||
- kem.c
|
|
||||||
- parsing.c
|
- parsing.c
|
||||||
- vector.c
|
|
||||||
- source:
|
|
||||||
scheme: hqc-rmrs-192
|
|
||||||
implementation: clean
|
|
||||||
files:
|
|
||||||
- source:
|
- source:
|
||||||
scheme: hqc-rmrs-192
|
scheme: hqc-rmrs-192
|
||||||
implementation: avx2
|
implementation: avx2
|
||||||
files:
|
files:
|
||||||
- code.h
|
|
||||||
- gf2x.h
|
- gf2x.h
|
||||||
- hqc.h
|
|
||||||
- parsing.h
|
- parsing.h
|
||||||
- vector.h
|
- vector.h
|
||||||
- hqc.c
|
|
||||||
- kem.c
|
|
||||||
- parsing.c
|
- parsing.c
|
||||||
- vector.c
|
|
||||||
- source:
|
|
||||||
scheme: hqc-rmrs-256
|
|
||||||
implementation: clean
|
|
||||||
files:
|
|
||||||
- source:
|
- source:
|
||||||
scheme: hqc-rmrs-256
|
scheme: hqc-rmrs-256
|
||||||
implementation: avx2
|
implementation: avx2
|
||||||
files:
|
files:
|
||||||
- code.h
|
|
||||||
- gf2x.h
|
- gf2x.h
|
||||||
- hqc.h
|
|
||||||
- parsing.h
|
- parsing.h
|
||||||
- vector.h
|
- vector.h
|
||||||
- hqc.c
|
|
||||||
- kem.c
|
|
||||||
- parsing.c
|
- parsing.c
|
||||||
- vector.c
|
|
||||||
|
@ -71,12 +71,6 @@ consistency_checks:
|
|||||||
- gf.c
|
- gf.c
|
||||||
- parsing.c
|
- parsing.c
|
||||||
- vector.c
|
- vector.c
|
||||||
- source:
|
|
||||||
scheme: hqc-rmrs-128
|
|
||||||
implementation: avx2
|
|
||||||
files:
|
|
||||||
- code.h
|
|
||||||
- hqc.h
|
|
||||||
- source:
|
- source:
|
||||||
scheme: hqc-rmrs-192
|
scheme: hqc-rmrs-192
|
||||||
implementation: clean
|
implementation: clean
|
||||||
@ -88,12 +82,6 @@ consistency_checks:
|
|||||||
- gf.c
|
- gf.c
|
||||||
- parsing.c
|
- parsing.c
|
||||||
- vector.c
|
- vector.c
|
||||||
- source:
|
|
||||||
scheme: hqc-rmrs-192
|
|
||||||
implementation: avx2
|
|
||||||
files:
|
|
||||||
- code.h
|
|
||||||
- hqc.h
|
|
||||||
- source:
|
- source:
|
||||||
scheme: hqc-rmrs-256
|
scheme: hqc-rmrs-256
|
||||||
implementation: clean
|
implementation: clean
|
||||||
@ -105,9 +93,3 @@ consistency_checks:
|
|||||||
- gf.c
|
- gf.c
|
||||||
- parsing.c
|
- parsing.c
|
||||||
- vector.c
|
- vector.c
|
||||||
- source:
|
|
||||||
scheme: hqc-rmrs-256
|
|
||||||
implementation: avx2
|
|
||||||
files:
|
|
||||||
- code.h
|
|
||||||
- hqc.h
|
|
||||||
|
@ -32,52 +32,28 @@ consistency_checks:
|
|||||||
- kem.c
|
- kem.c
|
||||||
- parsing.c
|
- parsing.c
|
||||||
- vector.c
|
- vector.c
|
||||||
- source:
|
|
||||||
scheme: hqc-rmrs-128
|
|
||||||
implementation: clean
|
|
||||||
files:
|
|
||||||
- source:
|
- source:
|
||||||
scheme: hqc-rmrs-128
|
scheme: hqc-rmrs-128
|
||||||
implementation: avx2
|
implementation: avx2
|
||||||
files:
|
files:
|
||||||
- code.h
|
|
||||||
- gf2x.h
|
- gf2x.h
|
||||||
- hqc.h
|
|
||||||
- parsing.h
|
- parsing.h
|
||||||
- vector.h
|
- vector.h
|
||||||
- hqc.c
|
|
||||||
- kem.c
|
|
||||||
- parsing.c
|
- parsing.c
|
||||||
- source:
|
|
||||||
scheme: hqc-rmrs-192
|
|
||||||
implementation: clean
|
|
||||||
files:
|
|
||||||
- source:
|
- source:
|
||||||
scheme: hqc-rmrs-192
|
scheme: hqc-rmrs-192
|
||||||
implementation: avx2
|
implementation: avx2
|
||||||
files:
|
files:
|
||||||
- code.h
|
|
||||||
- gf2x.h
|
- gf2x.h
|
||||||
- hqc.h
|
|
||||||
- parsing.h
|
- parsing.h
|
||||||
- vector.h
|
- vector.h
|
||||||
- gf2x.c
|
- gf2x.c
|
||||||
- hqc.c
|
|
||||||
- kem.c
|
|
||||||
- parsing.c
|
- parsing.c
|
||||||
- source:
|
|
||||||
scheme: hqc-rmrs-256
|
|
||||||
implementation: clean
|
|
||||||
files:
|
|
||||||
- source:
|
- source:
|
||||||
scheme: hqc-rmrs-256
|
scheme: hqc-rmrs-256
|
||||||
implementation: avx2
|
implementation: avx2
|
||||||
files:
|
files:
|
||||||
- code.h
|
|
||||||
- gf2x.h
|
- gf2x.h
|
||||||
- hqc.h
|
|
||||||
- parsing.h
|
- parsing.h
|
||||||
- vector.h
|
- vector.h
|
||||||
- hqc.c
|
|
||||||
- kem.c
|
|
||||||
- parsing.c
|
- parsing.c
|
||||||
|
@ -45,12 +45,6 @@ consistency_checks:
|
|||||||
- gf.c
|
- gf.c
|
||||||
- parsing.c
|
- parsing.c
|
||||||
- vector.c
|
- vector.c
|
||||||
- source:
|
|
||||||
scheme: hqc-rmrs-128
|
|
||||||
implementation: avx2
|
|
||||||
files:
|
|
||||||
- code.h
|
|
||||||
- hqc.h
|
|
||||||
- source:
|
- source:
|
||||||
scheme: hqc-rmrs-192
|
scheme: hqc-rmrs-192
|
||||||
implementation: clean
|
implementation: clean
|
||||||
@ -62,12 +56,6 @@ consistency_checks:
|
|||||||
- gf.c
|
- gf.c
|
||||||
- parsing.c
|
- parsing.c
|
||||||
- vector.c
|
- vector.c
|
||||||
- source:
|
|
||||||
scheme: hqc-rmrs-192
|
|
||||||
implementation: avx2
|
|
||||||
files:
|
|
||||||
- code.h
|
|
||||||
- hqc.h
|
|
||||||
- source:
|
- source:
|
||||||
scheme: hqc-rmrs-256
|
scheme: hqc-rmrs-256
|
||||||
implementation: clean
|
implementation: clean
|
||||||
@ -79,9 +67,3 @@ consistency_checks:
|
|||||||
- gf.c
|
- gf.c
|
||||||
- parsing.c
|
- parsing.c
|
||||||
- vector.c
|
- vector.c
|
||||||
- source:
|
|
||||||
scheme: hqc-rmrs-256
|
|
||||||
implementation: avx2
|
|
||||||
files:
|
|
||||||
- code.h
|
|
||||||
- hqc.h
|
|
||||||
|
@ -6,52 +6,28 @@ consistency_checks:
|
|||||||
- api.h
|
- api.h
|
||||||
- code.h
|
- code.h
|
||||||
- hqc.h
|
- hqc.h
|
||||||
- source:
|
|
||||||
scheme: hqc-rmrs-128
|
|
||||||
implementation: clean
|
|
||||||
files:
|
|
||||||
- source:
|
- source:
|
||||||
scheme: hqc-rmrs-128
|
scheme: hqc-rmrs-128
|
||||||
implementation: avx2
|
implementation: avx2
|
||||||
files:
|
files:
|
||||||
- code.h
|
|
||||||
- gf2x.h
|
- gf2x.h
|
||||||
- hqc.h
|
|
||||||
- parsing.h
|
- parsing.h
|
||||||
- vector.h
|
- vector.h
|
||||||
- hqc.c
|
|
||||||
- kem.c
|
|
||||||
- parsing.c
|
- parsing.c
|
||||||
- source:
|
|
||||||
scheme: hqc-rmrs-192
|
|
||||||
implementation: clean
|
|
||||||
files:
|
|
||||||
- source:
|
- source:
|
||||||
scheme: hqc-rmrs-192
|
scheme: hqc-rmrs-192
|
||||||
implementation: avx2
|
implementation: avx2
|
||||||
files:
|
files:
|
||||||
- code.h
|
|
||||||
- gf2x.h
|
- gf2x.h
|
||||||
- hqc.h
|
|
||||||
- parsing.h
|
- parsing.h
|
||||||
- vector.h
|
- vector.h
|
||||||
- hqc.c
|
|
||||||
- kem.c
|
|
||||||
- parsing.c
|
- parsing.c
|
||||||
- source:
|
|
||||||
scheme: hqc-rmrs-256
|
|
||||||
implementation: clean
|
|
||||||
files:
|
|
||||||
- source:
|
- source:
|
||||||
scheme: hqc-rmrs-256
|
scheme: hqc-rmrs-256
|
||||||
implementation: avx2
|
implementation: avx2
|
||||||
files:
|
files:
|
||||||
- code.h
|
|
||||||
- gf2x.h
|
- gf2x.h
|
||||||
- hqc.h
|
|
||||||
- parsing.h
|
- parsing.h
|
||||||
- vector.h
|
- vector.h
|
||||||
- gf2x.c
|
- gf2x.c
|
||||||
- hqc.c
|
|
||||||
- kem.c
|
|
||||||
- parsing.c
|
- parsing.c
|
||||||
|
@ -17,12 +17,6 @@ consistency_checks:
|
|||||||
- gf.c
|
- gf.c
|
||||||
- parsing.c
|
- parsing.c
|
||||||
- vector.c
|
- vector.c
|
||||||
- source:
|
|
||||||
scheme: hqc-rmrs-128
|
|
||||||
implementation: avx2
|
|
||||||
files:
|
|
||||||
- code.h
|
|
||||||
- hqc.h
|
|
||||||
- source:
|
- source:
|
||||||
scheme: hqc-rmrs-192
|
scheme: hqc-rmrs-192
|
||||||
implementation: clean
|
implementation: clean
|
||||||
@ -34,12 +28,6 @@ consistency_checks:
|
|||||||
- gf.c
|
- gf.c
|
||||||
- parsing.c
|
- parsing.c
|
||||||
- vector.c
|
- vector.c
|
||||||
- source:
|
|
||||||
scheme: hqc-rmrs-192
|
|
||||||
implementation: avx2
|
|
||||||
files:
|
|
||||||
- code.h
|
|
||||||
- hqc.h
|
|
||||||
- source:
|
- source:
|
||||||
scheme: hqc-rmrs-256
|
scheme: hqc-rmrs-256
|
||||||
implementation: clean
|
implementation: clean
|
||||||
@ -51,9 +39,3 @@ consistency_checks:
|
|||||||
- gf.c
|
- gf.c
|
||||||
- parsing.c
|
- parsing.c
|
||||||
- vector.c
|
- vector.c
|
||||||
- source:
|
|
||||||
scheme: hqc-rmrs-256
|
|
||||||
implementation: avx2
|
|
||||||
files:
|
|
||||||
- code.h
|
|
||||||
- hqc.h
|
|
||||||
|
@ -4,16 +4,24 @@ consistency_checks:
|
|||||||
implementation: clean
|
implementation: clean
|
||||||
files:
|
files:
|
||||||
- api.h
|
- api.h
|
||||||
|
- code.h
|
||||||
- fft.h
|
- fft.h
|
||||||
- gf.h
|
- gf.h
|
||||||
|
- hqc.h
|
||||||
|
- reed_muller.h
|
||||||
- fft.c
|
- fft.c
|
||||||
|
- reed_solomon.c
|
||||||
- source:
|
- source:
|
||||||
scheme: hqc-rmrs-192
|
scheme: hqc-rmrs-192
|
||||||
implementation: clean
|
implementation: clean
|
||||||
files:
|
files:
|
||||||
|
- code.h
|
||||||
- fft.h
|
- fft.h
|
||||||
- gf.h
|
- gf.h
|
||||||
|
- hqc.h
|
||||||
|
- reed_muller.h
|
||||||
- fft.c
|
- fft.c
|
||||||
|
- reed_solomon.c
|
||||||
- source:
|
- source:
|
||||||
scheme: hqc-rmrs-192
|
scheme: hqc-rmrs-192
|
||||||
implementation: avx2
|
implementation: avx2
|
||||||
@ -39,9 +47,14 @@ consistency_checks:
|
|||||||
scheme: hqc-rmrs-256
|
scheme: hqc-rmrs-256
|
||||||
implementation: clean
|
implementation: clean
|
||||||
files:
|
files:
|
||||||
|
- code.h
|
||||||
- fft.h
|
- fft.h
|
||||||
- gf.h
|
- gf.h
|
||||||
|
- hqc.h
|
||||||
|
- reed_muller.h
|
||||||
|
- reed_solomon.h
|
||||||
- fft.c
|
- fft.c
|
||||||
|
- reed_solomon.c
|
||||||
- source:
|
- source:
|
||||||
scheme: hqc-rmrs-256
|
scheme: hqc-rmrs-256
|
||||||
implementation: avx2
|
implementation: avx2
|
||||||
|
@ -4,9 +4,13 @@ consistency_checks:
|
|||||||
implementation: avx2
|
implementation: avx2
|
||||||
files:
|
files:
|
||||||
- api.h
|
- api.h
|
||||||
|
- code.h
|
||||||
- fft.h
|
- fft.h
|
||||||
- gf.h
|
- gf.h
|
||||||
|
- hqc.h
|
||||||
|
- reed_muller.h
|
||||||
- fft.c
|
- fft.c
|
||||||
|
- reed_solomon.c
|
||||||
- source:
|
- source:
|
||||||
scheme: hqc-rmrs-192
|
scheme: hqc-rmrs-192
|
||||||
implementation: clean
|
implementation: clean
|
||||||
@ -33,9 +37,13 @@ consistency_checks:
|
|||||||
scheme: hqc-rmrs-192
|
scheme: hqc-rmrs-192
|
||||||
implementation: avx2
|
implementation: avx2
|
||||||
files:
|
files:
|
||||||
|
- code.h
|
||||||
- fft.h
|
- fft.h
|
||||||
- gf.h
|
- gf.h
|
||||||
|
- hqc.h
|
||||||
|
- reed_muller.h
|
||||||
- fft.c
|
- fft.c
|
||||||
|
- reed_solomon.c
|
||||||
- source:
|
- source:
|
||||||
scheme: hqc-rmrs-256
|
scheme: hqc-rmrs-256
|
||||||
implementation: clean
|
implementation: clean
|
||||||
@ -62,6 +70,10 @@ consistency_checks:
|
|||||||
scheme: hqc-rmrs-256
|
scheme: hqc-rmrs-256
|
||||||
implementation: avx2
|
implementation: avx2
|
||||||
files:
|
files:
|
||||||
|
- code.h
|
||||||
- fft.h
|
- fft.h
|
||||||
- gf.h
|
- gf.h
|
||||||
|
- hqc.h
|
||||||
|
- reed_muller.h
|
||||||
- fft.c
|
- fft.c
|
||||||
|
- reed_solomon.c
|
||||||
|
@ -4,16 +4,24 @@ consistency_checks:
|
|||||||
implementation: clean
|
implementation: clean
|
||||||
files:
|
files:
|
||||||
- api.h
|
- api.h
|
||||||
|
- code.h
|
||||||
- fft.h
|
- fft.h
|
||||||
- gf.h
|
- gf.h
|
||||||
|
- hqc.h
|
||||||
|
- reed_muller.h
|
||||||
- fft.c
|
- fft.c
|
||||||
|
- reed_solomon.c
|
||||||
- source:
|
- source:
|
||||||
scheme: hqc-rmrs-256
|
scheme: hqc-rmrs-256
|
||||||
implementation: clean
|
implementation: clean
|
||||||
files:
|
files:
|
||||||
|
- code.h
|
||||||
- fft.h
|
- fft.h
|
||||||
- gf.h
|
- gf.h
|
||||||
|
- hqc.h
|
||||||
|
- reed_muller.h
|
||||||
- fft.c
|
- fft.c
|
||||||
|
- reed_solomon.c
|
||||||
- source:
|
- source:
|
||||||
scheme: hqc-rmrs-256
|
scheme: hqc-rmrs-256
|
||||||
implementation: avx2
|
implementation: avx2
|
||||||
|
@ -4,9 +4,13 @@ consistency_checks:
|
|||||||
implementation: avx2
|
implementation: avx2
|
||||||
files:
|
files:
|
||||||
- api.h
|
- api.h
|
||||||
|
- code.h
|
||||||
- fft.h
|
- fft.h
|
||||||
- gf.h
|
- gf.h
|
||||||
|
- hqc.h
|
||||||
|
- reed_muller.h
|
||||||
- fft.c
|
- fft.c
|
||||||
|
- reed_solomon.c
|
||||||
- source:
|
- source:
|
||||||
scheme: hqc-rmrs-256
|
scheme: hqc-rmrs-256
|
||||||
implementation: clean
|
implementation: clean
|
||||||
@ -33,6 +37,10 @@ consistency_checks:
|
|||||||
scheme: hqc-rmrs-256
|
scheme: hqc-rmrs-256
|
||||||
implementation: avx2
|
implementation: avx2
|
||||||
files:
|
files:
|
||||||
|
- code.h
|
||||||
- fft.h
|
- fft.h
|
||||||
- gf.h
|
- gf.h
|
||||||
|
- hqc.h
|
||||||
|
- reed_muller.h
|
||||||
- fft.c
|
- fft.c
|
||||||
|
- reed_solomon.c
|
||||||
|
@ -4,6 +4,10 @@ consistency_checks:
|
|||||||
implementation: clean
|
implementation: clean
|
||||||
files:
|
files:
|
||||||
- api.h
|
- api.h
|
||||||
|
- code.h
|
||||||
- fft.h
|
- fft.h
|
||||||
- gf.h
|
- gf.h
|
||||||
|
- hqc.h
|
||||||
|
- reed_muller.h
|
||||||
- fft.c
|
- fft.c
|
||||||
|
- reed_solomon.c
|
||||||
|
@ -4,6 +4,10 @@ consistency_checks:
|
|||||||
implementation: avx2
|
implementation: avx2
|
||||||
files:
|
files:
|
||||||
- api.h
|
- api.h
|
||||||
|
- code.h
|
||||||
- fft.h
|
- fft.h
|
||||||
- gf.h
|
- gf.h
|
||||||
|
- hqc.h
|
||||||
|
- reed_muller.h
|
||||||
- fft.c
|
- fft.c
|
||||||
|
- reed_solomon.c
|
||||||
|
Loading…
Reference in New Issue
Block a user