@@ -116,7 +116,7 @@ void PQCLEAN_HQC192_AVX2_vect_set_random(AES_XOF_struct *ctx, uint64_t *v) { | |||||
seedexpander(ctx, rand_bytes, VEC_N_SIZE_BYTES); | seedexpander(ctx, rand_bytes, VEC_N_SIZE_BYTES); | ||||
memcpy(v, rand_bytes, VEC_N_SIZE_BYTES); | |||||
PQCLEAN_HQC192_AVX2_load8_arr(v, VEC_N_SIZE_64, rand_bytes, VEC_N_SIZE_BYTES); | |||||
v[VEC_N_SIZE_64 - 1] &= RED_MASK; | v[VEC_N_SIZE_64 - 1] &= RED_MASK; | ||||
} | } | ||||
@@ -133,7 +133,7 @@ void PQCLEAN_HQC192_AVX2_vect_set_random_from_randombytes(uint64_t *v) { | |||||
uint8_t rand_bytes [VEC_K_SIZE_BYTES] = {0}; | uint8_t rand_bytes [VEC_K_SIZE_BYTES] = {0}; | ||||
randombytes(rand_bytes, VEC_K_SIZE_BYTES); | randombytes(rand_bytes, VEC_K_SIZE_BYTES); | ||||
memcpy(v, rand_bytes, VEC_K_SIZE_BYTES); | |||||
PQCLEAN_HQC192_AVX2_load8_arr(v, VEC_K_SIZE_64, rand_bytes, VEC_K_SIZE_BYTES); | |||||
} | } | ||||
@@ -116,7 +116,7 @@ void PQCLEAN_HQC256_AVX2_vect_set_random(AES_XOF_struct *ctx, uint64_t *v) { | |||||
seedexpander(ctx, rand_bytes, VEC_N_SIZE_BYTES); | seedexpander(ctx, rand_bytes, VEC_N_SIZE_BYTES); | ||||
memcpy(v, rand_bytes, VEC_N_SIZE_BYTES); | |||||
PQCLEAN_HQC256_AVX2_load8_arr(v, VEC_N_SIZE_64, rand_bytes, VEC_N_SIZE_BYTES); | |||||
v[VEC_N_SIZE_64 - 1] &= RED_MASK; | v[VEC_N_SIZE_64 - 1] &= RED_MASK; | ||||
} | } | ||||
@@ -133,7 +133,7 @@ void PQCLEAN_HQC256_AVX2_vect_set_random_from_randombytes(uint64_t *v) { | |||||
uint8_t rand_bytes [VEC_K_SIZE_BYTES] = {0}; | uint8_t rand_bytes [VEC_K_SIZE_BYTES] = {0}; | ||||
randombytes(rand_bytes, VEC_K_SIZE_BYTES); | randombytes(rand_bytes, VEC_K_SIZE_BYTES); | ||||
memcpy(v, rand_bytes, VEC_K_SIZE_BYTES); | |||||
PQCLEAN_HQC256_AVX2_load8_arr(v, VEC_K_SIZE_64, rand_bytes, VEC_K_SIZE_BYTES); | |||||
} | } | ||||
@@ -21,8 +21,8 @@ | |||||
* @param[out] em Pointer to an array that is the tensor code word | * @param[out] em Pointer to an array that is the tensor code word | ||||
* @param[in] m Pointer to an array that is the message | * @param[in] m Pointer to an array that is the message | ||||
*/ | */ | ||||
void PQCLEAN_HQCRMRS128_AVX2_code_encode(uint64_t *em, const uint64_t *m) { | |||||
uint64_t tmp[VEC_N1_SIZE_64] = {0}; | |||||
void PQCLEAN_HQCRMRS128_AVX2_code_encode(uint8_t *em, const uint8_t *m) { | |||||
uint8_t tmp[8 * VEC_N1_SIZE_64] = {0}; | |||||
PQCLEAN_HQCRMRS128_AVX2_reed_solomon_encode(tmp, m); | PQCLEAN_HQCRMRS128_AVX2_reed_solomon_encode(tmp, m); | ||||
PQCLEAN_HQCRMRS128_AVX2_reed_muller_encode(em, tmp); | PQCLEAN_HQCRMRS128_AVX2_reed_muller_encode(em, tmp); | ||||
@@ -37,8 +37,8 @@ void PQCLEAN_HQCRMRS128_AVX2_code_encode(uint64_t *em, const uint64_t *m) { | |||||
* @param[out] m Pointer to an array that is the message | * @param[out] m Pointer to an array that is the message | ||||
* @param[in] em Pointer to an array that is the code word | * @param[in] em Pointer to an array that is the code word | ||||
*/ | */ | ||||
void PQCLEAN_HQCRMRS128_AVX2_code_decode(uint64_t *m, const uint64_t *em) { | |||||
uint64_t tmp[VEC_N1_SIZE_64] = {0}; | |||||
void PQCLEAN_HQCRMRS128_AVX2_code_decode(uint8_t *m, const uint8_t *em) { | |||||
uint8_t tmp[8 * VEC_N1_SIZE_64] = {0}; | |||||
PQCLEAN_HQCRMRS128_AVX2_reed_muller_decode(tmp, em); | PQCLEAN_HQCRMRS128_AVX2_reed_muller_decode(tmp, em); | ||||
PQCLEAN_HQCRMRS128_AVX2_reed_solomon_decode(m, tmp); | PQCLEAN_HQCRMRS128_AVX2_reed_solomon_decode(m, tmp); | ||||
@@ -12,9 +12,9 @@ | |||||
#include <stddef.h> | #include <stddef.h> | ||||
#include <stdint.h> | #include <stdint.h> | ||||
void PQCLEAN_HQCRMRS128_AVX2_code_encode(uint64_t *em, const uint64_t *message); | |||||
void PQCLEAN_HQCRMRS128_AVX2_code_encode(uint8_t *em, const uint8_t *message); | |||||
void PQCLEAN_HQCRMRS128_AVX2_code_decode(uint64_t *m, const uint64_t *em); | |||||
void PQCLEAN_HQCRMRS128_AVX2_code_decode(uint8_t *m, const uint8_t *em); | |||||
#endif | #endif |
@@ -70,7 +70,7 @@ void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_keygen(unsigned char *pk, unsigned char *sk | |||||
* @param[in] theta Seed used to derive randomness required for encryption | * @param[in] theta Seed used to derive randomness required for encryption | ||||
* @param[in] pk String containing the public key | * @param[in] pk String containing the public key | ||||
*/ | */ | ||||
void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint64_t *m, unsigned char *theta, const unsigned char *pk) { | |||||
void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint8_t *m, unsigned char *theta, const unsigned char *pk) { | |||||
AES_XOF_struct seedexpander; | AES_XOF_struct seedexpander; | ||||
uint64_t h[VEC_N_256_SIZE_64] = {0}; | uint64_t h[VEC_N_256_SIZE_64] = {0}; | ||||
uint64_t s[VEC_N_256_SIZE_64] = {0}; | uint64_t s[VEC_N_256_SIZE_64] = {0}; | ||||
@@ -96,7 +96,8 @@ void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint64_t | |||||
PQCLEAN_HQCRMRS128_AVX2_vect_add(u, r1, u, VEC_N_256_SIZE_64); | PQCLEAN_HQCRMRS128_AVX2_vect_add(u, r1, u, VEC_N_256_SIZE_64); | ||||
// Compute v = m.G by encoding the message | // Compute v = m.G by encoding the message | ||||
PQCLEAN_HQCRMRS128_AVX2_code_encode(v, m); | |||||
PQCLEAN_HQCRMRS128_AVX2_code_encode((uint8_t *)v, m); | |||||
PQCLEAN_HQCRMRS128_AVX2_load8_arr(v, VEC_N1N2_256_SIZE_64, (uint8_t *)v, VEC_N1N2_SIZE_BYTES); | |||||
PQCLEAN_HQCRMRS128_AVX2_vect_resize(tmp1, PARAM_N, v, PARAM_N1N2); | PQCLEAN_HQCRMRS128_AVX2_vect_resize(tmp1, PARAM_N, v, PARAM_N1N2); | ||||
// Compute v = m.G + s.r2 + e | // Compute v = m.G + s.r2 + e | ||||
@@ -117,15 +118,14 @@ void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint64_t | |||||
* @param[in] v Vector v (second part of the ciphertext) | * @param[in] v Vector v (second part of the ciphertext) | ||||
* @param[in] sk String containing the secret key | * @param[in] sk String containing the secret key | ||||
*/ | */ | ||||
void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_decrypt(uint64_t *m, const uint64_t *u, const uint64_t *v, const unsigned char *sk) { | |||||
uint64_t x[VEC_N_256_SIZE_64] = {0}; | |||||
uint64_t y[VEC_N_256_SIZE_64] = {0}; | |||||
void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_decrypt(uint8_t *m, const uint64_t *u, const uint64_t *v, const unsigned char *sk) { | |||||
uint8_t pk[PUBLIC_KEY_BYTES] = {0}; | uint8_t pk[PUBLIC_KEY_BYTES] = {0}; | ||||
uint64_t tmp1[VEC_N_256_SIZE_64] = {0}; | uint64_t tmp1[VEC_N_256_SIZE_64] = {0}; | ||||
uint64_t tmp2[VEC_N_256_SIZE_64] = {0}; | uint64_t tmp2[VEC_N_256_SIZE_64] = {0}; | ||||
uint64_t y[VEC_N_256_SIZE_64] = {0}; | |||||
// Retrieve x, y, pk from secret key | // Retrieve x, y, pk from secret key | ||||
PQCLEAN_HQCRMRS128_AVX2_hqc_secret_key_from_string(x, y, pk, sk); | |||||
PQCLEAN_HQCRMRS128_AVX2_hqc_secret_key_from_string(tmp1, y, pk, sk); | |||||
// Compute v - u.y | // Compute v - u.y | ||||
PQCLEAN_HQCRMRS128_AVX2_vect_resize(tmp1, PARAM_N, v, PARAM_N1N2); | PQCLEAN_HQCRMRS128_AVX2_vect_resize(tmp1, PARAM_N, v, PARAM_N1N2); | ||||
@@ -134,5 +134,6 @@ void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_decrypt(uint64_t *m, const uint64_t *u, con | |||||
// Compute m by decoding v - u.y | // Compute m by decoding v - u.y | ||||
PQCLEAN_HQCRMRS128_AVX2_code_decode(m, tmp2); | |||||
PQCLEAN_HQCRMRS128_AVX2_store8_arr((uint8_t *)tmp1, VEC_N_SIZE_BYTES, tmp2, VEC_N_256_SIZE_64); | |||||
PQCLEAN_HQCRMRS128_AVX2_code_decode(m, (uint8_t *)tmp1); | |||||
} | } |
@@ -13,9 +13,9 @@ | |||||
void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_keygen(unsigned char *pk, unsigned char *sk); | void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_keygen(unsigned char *pk, unsigned char *sk); | ||||
void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint64_t *m, unsigned char *theta, const unsigned char *pk); | |||||
void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint8_t *m, unsigned char *theta, const unsigned char *pk); | |||||
void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_decrypt(uint64_t *m, const uint64_t *u, const uint64_t *v, const unsigned char *sk); | |||||
void PQCLEAN_HQCRMRS128_AVX2_hqc_pke_decrypt(uint8_t *m, const uint64_t *u, const uint64_t *v, const unsigned char *sk); | |||||
#endif | #endif |
@@ -47,26 +47,26 @@ int PQCLEAN_HQCRMRS128_AVX2_crypto_kem_keypair(unsigned char *pk, unsigned char | |||||
int PQCLEAN_HQCRMRS128_AVX2_crypto_kem_enc(unsigned char *ct, unsigned char *ss, const unsigned char *pk) { | int PQCLEAN_HQCRMRS128_AVX2_crypto_kem_enc(unsigned char *ct, unsigned char *ss, const unsigned char *pk) { | ||||
uint8_t theta[SHA512_BYTES] = {0}; | uint8_t theta[SHA512_BYTES] = {0}; | ||||
uint64_t m[VEC_K_SIZE_64] = {0}; | |||||
uint8_t m[VEC_K_SIZE_BYTES] = {0}; | |||||
uint64_t u[VEC_N_256_SIZE_64] = {0}; | uint64_t u[VEC_N_256_SIZE_64] = {0}; | ||||
uint64_t v[VEC_N1N2_256_SIZE_64] = {0}; | uint64_t v[VEC_N1N2_256_SIZE_64] = {0}; | ||||
unsigned char d[SHA512_BYTES] = {0}; | unsigned char d[SHA512_BYTES] = {0}; | ||||
unsigned char mc[VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES] = {0}; | unsigned char mc[VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES] = {0}; | ||||
// Computing m | // Computing m | ||||
PQCLEAN_HQCRMRS128_AVX2_vect_set_random_from_randombytes(m); | |||||
randombytes(m, VEC_K_SIZE_BYTES); | |||||
// Computing theta | // Computing theta | ||||
sha3_512(theta, (uint8_t *) m, VEC_K_SIZE_BYTES); | |||||
sha3_512(theta, m, VEC_K_SIZE_BYTES); | |||||
// Encrypting m | // Encrypting m | ||||
PQCLEAN_HQCRMRS128_AVX2_hqc_pke_encrypt(u, v, m, theta, pk); | PQCLEAN_HQCRMRS128_AVX2_hqc_pke_encrypt(u, v, m, theta, pk); | ||||
// Computing d | // Computing d | ||||
sha512(d, (unsigned char *) m, VEC_K_SIZE_BYTES); | |||||
sha512(d, m, VEC_K_SIZE_BYTES); | |||||
// Computing shared secret | // Computing shared secret | ||||
PQCLEAN_HQCRMRS128_AVX2_store8_arr(mc, VEC_K_SIZE_BYTES, m, VEC_K_SIZE_64); | |||||
memcpy(mc, m, VEC_K_SIZE_BYTES); | |||||
PQCLEAN_HQCRMRS128_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64); | PQCLEAN_HQCRMRS128_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64); | ||||
PQCLEAN_HQCRMRS128_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64); | PQCLEAN_HQCRMRS128_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64); | ||||
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES); | sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES); | ||||
@@ -95,7 +95,7 @@ int PQCLEAN_HQCRMRS128_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned cha | |||||
uint64_t v[VEC_N1N2_256_SIZE_64] = {0}; | uint64_t v[VEC_N1N2_256_SIZE_64] = {0}; | ||||
unsigned char d[SHA512_BYTES] = {0}; | unsigned char d[SHA512_BYTES] = {0}; | ||||
unsigned char pk[PUBLIC_KEY_BYTES] = {0}; | unsigned char pk[PUBLIC_KEY_BYTES] = {0}; | ||||
uint64_t m[VEC_K_SIZE_64] = {0}; | |||||
uint8_t m[VEC_K_SIZE_BYTES] = {0}; | |||||
uint8_t theta[SHA512_BYTES] = {0}; | uint8_t theta[SHA512_BYTES] = {0}; | ||||
uint64_t u2[VEC_N_256_SIZE_64] = {0}; | uint64_t u2[VEC_N_256_SIZE_64] = {0}; | ||||
uint64_t v2[VEC_N1N2_256_SIZE_64] = {0}; | uint64_t v2[VEC_N1N2_256_SIZE_64] = {0}; | ||||
@@ -112,17 +112,17 @@ int PQCLEAN_HQCRMRS128_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned cha | |||||
PQCLEAN_HQCRMRS128_AVX2_hqc_pke_decrypt(m, u, v, sk); | PQCLEAN_HQCRMRS128_AVX2_hqc_pke_decrypt(m, u, v, sk); | ||||
// Computing theta | // Computing theta | ||||
sha3_512(theta, (uint8_t *) m, VEC_K_SIZE_BYTES); | |||||
sha3_512(theta, m, VEC_K_SIZE_BYTES); | |||||
// Encrypting m' | // Encrypting m' | ||||
PQCLEAN_HQCRMRS128_AVX2_hqc_pke_encrypt(u2, v2, m, theta, pk); | PQCLEAN_HQCRMRS128_AVX2_hqc_pke_encrypt(u2, v2, m, theta, pk); | ||||
// Computing d' | // Computing d' | ||||
sha512(d2, (unsigned char *) m, VEC_K_SIZE_BYTES); | |||||
sha512(d2, m, VEC_K_SIZE_BYTES); | |||||
// Computing shared secret | // Computing shared secret | ||||
PQCLEAN_HQCRMRS128_AVX2_store8_arr(mc, VEC_K_SIZE_BYTES, m, VEC_K_SIZE_64); | |||||
PQCLEAN_HQCRMRS128_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64); | |||||
memcpy(mc, m, VEC_K_SIZE_BYTES); | |||||
PQCLEAN_HQCRMRS128_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_256_SIZE_64); | |||||
PQCLEAN_HQCRMRS128_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64); | PQCLEAN_HQCRMRS128_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64); | ||||
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES); | sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES); | ||||
@@ -15,10 +15,10 @@ | |||||
// copy bit 0 into all bits of a 64 bit value | // copy bit 0 into all bits of a 64 bit value | ||||
#define BIT0MASK(x) (int64_t)(-((x) & 1)) | #define BIT0MASK(x) (int64_t)(-((x) & 1)) | ||||
static void encode(uint64_t *word, uint32_t message); | |||||
static void encode(uint8_t *word, uint8_t message); | |||||
static void expand_and_sum(__m256i *dst, const uint64_t *src); | static void expand_and_sum(__m256i *dst, const uint64_t *src); | ||||
static void hadamard(__m256i *src, __m256i *dst); | static void hadamard(__m256i *src, __m256i *dst); | ||||
static int32_t find_peaks(__m256i *transform); | |||||
static uint32_t find_peaks(__m256i *transform); | |||||
@@ -39,28 +39,38 @@ static int32_t find_peaks(__m256i *transform); | |||||
* @param[out] word An RM(1,7) codeword | * @param[out] word An RM(1,7) codeword | ||||
* @param[in] message A message to encode | * @param[in] message A message to encode | ||||
*/ | */ | ||||
static void encode(uint64_t *word, uint32_t message) { | |||||
// the four parts of the word are identical | |||||
// except for encoding bits 5 and 6 | |||||
uint32_t first_word; | |||||
static void encode(uint8_t *word, uint8_t message) { | |||||
uint32_t e; | |||||
// bit 7 flips all the bits, do that first to save work | // bit 7 flips all the bits, do that first to save work | ||||
first_word = BIT0MASK(message >> 7); | |||||
e = BIT0MASK(message >> 7); | |||||
// bits 0, 1, 2, 3, 4 are the same for all four longs | // bits 0, 1, 2, 3, 4 are the same for all four longs | ||||
// (Warning: in the bit matrix above, low bits are at the left!) | // (Warning: in the bit matrix above, low bits are at the left!) | ||||
first_word ^= BIT0MASK(message >> 0) & 0xaaaaaaaa; | |||||
first_word ^= BIT0MASK(message >> 1) & 0xcccccccc; | |||||
first_word ^= BIT0MASK(message >> 2) & 0xf0f0f0f0; | |||||
first_word ^= BIT0MASK(message >> 3) & 0xff00ff00; | |||||
first_word ^= BIT0MASK(message >> 4) & 0xffff0000; | |||||
e ^= BIT0MASK(message >> 0) & 0xaaaaaaaa; | |||||
e ^= BIT0MASK(message >> 1) & 0xcccccccc; | |||||
e ^= BIT0MASK(message >> 2) & 0xf0f0f0f0; | |||||
e ^= BIT0MASK(message >> 3) & 0xff00ff00; | |||||
e ^= BIT0MASK(message >> 4) & 0xffff0000; | |||||
// we can store this in the first quarter | // we can store this in the first quarter | ||||
((uint32_t *) word)[0] = first_word; | |||||
word[0 + 0] = (e >> 0x00) & 0xff; | |||||
word[0 + 1] = (e >> 0x08) & 0xff; | |||||
word[0 + 2] = (e >> 0x10) & 0xff; | |||||
word[0 + 3] = (e >> 0x18) & 0xff; | |||||
// bit 5 flips entries 1 and 3; bit 6 flips 2 and 3 | // bit 5 flips entries 1 and 3; bit 6 flips 2 and 3 | ||||
first_word ^= BIT0MASK(message >> 5); | |||||
((uint32_t *) word)[1] = first_word; | |||||
first_word ^= BIT0MASK(message >> 6); | |||||
((uint32_t *) word)[3] = first_word; | |||||
first_word ^= BIT0MASK(message >> 5); | |||||
((uint32_t *) word)[2] = first_word; | |||||
e ^= BIT0MASK(message >> 5); | |||||
word[4 + 0] = (e >> 0x00) & 0xff; | |||||
word[4 + 1] = (e >> 0x08) & 0xff; | |||||
word[4 + 2] = (e >> 0x10) & 0xff; | |||||
word[4 + 3] = (e >> 0x18) & 0xff; | |||||
e ^= BIT0MASK(message >> 6); | |||||
word[12 + 0] = (e >> 0x00) & 0xff; | |||||
word[12 + 1] = (e >> 0x08) & 0xff; | |||||
word[12 + 2] = (e >> 0x10) & 0xff; | |||||
word[12 + 3] = (e >> 0x18) & 0xff; | |||||
e ^= BIT0MASK(message >> 5); | |||||
word[8 + 0] = (e >> 0x00) & 0xff; | |||||
word[8 + 1] = (e >> 0x08) & 0xff; | |||||
word[8 + 2] = (e >> 0x10) & 0xff; | |||||
word[8 + 3] = (e >> 0x18) & 0xff; | |||||
} | } | ||||
@@ -218,7 +228,7 @@ inline void hadamard(__m256i *src, __m256i *dst) { | |||||
* | * | ||||
* @param[in] transform Structure that contain the expanded codeword | * @param[in] transform Structure that contain the expanded codeword | ||||
*/ | */ | ||||
inline int32_t find_peaks(__m256i *transform) { | |||||
inline uint32_t find_peaks(__m256i *transform) { | |||||
// a whole lot of vector variables | // a whole lot of vector variables | ||||
__m256i bitmap, abs_rows[8], bound, active_row, max_abs_rows; | __m256i bitmap, abs_rows[8], bound, active_row, max_abs_rows; | ||||
__m256i peak_mask; | __m256i peak_mask; | ||||
@@ -322,7 +332,7 @@ inline int32_t find_peaks(__m256i *transform) { | |||||
result |= message_mask & ptr[i]; | result |= message_mask & ptr[i]; | ||||
} | } | ||||
message |= (0x8000 & ~result) >> 8; | message |= (0x8000 & ~result) >> 8; | ||||
return message; | |||||
return (uint32_t) message; | |||||
} | } | ||||
@@ -336,14 +346,13 @@ inline int32_t find_peaks(__m256i *transform) { | |||||
* @param[out] cdw Array of size VEC_N1N2_SIZE_64 receiving the encoded message | * @param[out] cdw Array of size VEC_N1N2_SIZE_64 receiving the encoded message | ||||
* @param[in] msg Array of size VEC_N1_SIZE_64 storing the message | * @param[in] msg Array of size VEC_N1_SIZE_64 storing the message | ||||
*/ | */ | ||||
void PQCLEAN_HQCRMRS128_AVX2_reed_muller_encode(uint64_t *cdw, const uint64_t *msg) { | |||||
void PQCLEAN_HQCRMRS128_AVX2_reed_muller_encode(uint8_t *cdw, const uint8_t *msg) { | |||||
for (size_t i = 0; i < VEC_N1_SIZE_BYTES; i++) { | for (size_t i = 0; i < VEC_N1_SIZE_BYTES; i++) { | ||||
// fill entries i * MULTIPLICITY to (i+1) * MULTIPLICITY | |||||
// encode first word | // encode first word | ||||
encode(&cdw[2 * i * MULTIPLICITY], ((uint8_t *)msg)[i]); | |||||
encode(&cdw[16 * i * MULTIPLICITY], msg[i]); | |||||
// copy to other identical codewords | // copy to other identical codewords | ||||
for (size_t copy = 1; copy < MULTIPLICITY; copy++) { | for (size_t copy = 1; copy < MULTIPLICITY; copy++) { | ||||
memcpy(&cdw[2 * (i * MULTIPLICITY + copy)], &cdw[2 * i * MULTIPLICITY], 2 * sizeof(uint64_t)); | |||||
memcpy(&cdw[16 * i * MULTIPLICITY + 16 * copy], &cdw[16 * i * MULTIPLICITY], 16); | |||||
} | } | ||||
} | } | ||||
} | } | ||||
@@ -359,18 +368,18 @@ void PQCLEAN_HQCRMRS128_AVX2_reed_muller_encode(uint64_t *cdw, const uint64_t *m | |||||
* @param[out] msg Array of size VEC_N1_SIZE_64 receiving the decoded message | * @param[out] msg Array of size VEC_N1_SIZE_64 receiving the decoded message | ||||
* @param[in] cdw Array of size VEC_N1N2_SIZE_64 storing the received word | * @param[in] cdw Array of size VEC_N1N2_SIZE_64 storing the received word | ||||
*/ | */ | ||||
void PQCLEAN_HQCRMRS128_AVX2_reed_muller_decode(uint64_t *msg, const uint64_t *cdw) { | |||||
void PQCLEAN_HQCRMRS128_AVX2_reed_muller_decode(uint8_t *msg, const uint8_t *cdw) { | |||||
__m256i expanded[8]; | __m256i expanded[8]; | ||||
__m256i transform[8]; | __m256i transform[8]; | ||||
for (size_t i = 0; i < VEC_N1_SIZE_BYTES; i++) { | for (size_t i = 0; i < VEC_N1_SIZE_BYTES; i++) { | ||||
// collect the codewords | // collect the codewords | ||||
expand_and_sum(expanded, &cdw[2 * i * MULTIPLICITY]); | |||||
expand_and_sum(expanded, (uint64_t *)&cdw[16 * i * MULTIPLICITY]); | |||||
// apply hadamard transform | // apply hadamard transform | ||||
hadamard(expanded, transform); | hadamard(expanded, transform); | ||||
// fix the first entry to get the half Hadamard transform | // fix the first entry to get the half Hadamard transform | ||||
transform[0] -= _mm256_set_epi16(0, 0, 0, 0, 0, 0, 0, 0, | transform[0] -= _mm256_set_epi16(0, 0, 0, 0, 0, 0, 0, 0, | ||||
0, 0, 0, 0, 0, 0, 0, 64 * MULTIPLICITY); | 0, 0, 0, 0, 0, 0, 0, 64 * MULTIPLICITY); | ||||
// finish the decoding | // finish the decoding | ||||
((uint8_t *)msg)[i] = find_peaks(transform); | |||||
msg[i] = find_peaks(transform); | |||||
} | } | ||||
} | } |
@@ -12,9 +12,9 @@ | |||||
#include <stddef.h> | #include <stddef.h> | ||||
#include <stdint.h> | #include <stdint.h> | ||||
void PQCLEAN_HQCRMRS128_AVX2_reed_muller_encode(uint64_t *cdw, const uint64_t *msg); | |||||
void PQCLEAN_HQCRMRS128_AVX2_reed_muller_encode(uint8_t *cdw, const uint8_t *msg); | |||||
void PQCLEAN_HQCRMRS128_AVX2_reed_muller_decode(uint64_t *msg, const uint64_t *cdw); | |||||
void PQCLEAN_HQCRMRS128_AVX2_reed_muller_decode(uint8_t *msg, const uint8_t *cdw); | |||||
#endif | #endif |
@@ -1,6 +1,7 @@ | |||||
#include "fft.h" | #include "fft.h" | ||||
#include "gf.h" | #include "gf.h" | ||||
#include "parameters.h" | #include "parameters.h" | ||||
#include "parsing.h" | |||||
#include "reed_solomon.h" | #include "reed_solomon.h" | ||||
#include <stdint.h> | #include <stdint.h> | ||||
#include <stdio.h> | #include <stdio.h> | ||||
@@ -30,37 +31,31 @@ static void correct_errors(uint8_t *cdw, const uint16_t *error_values); | |||||
* @param[out] cdw Array of size VEC_N1_SIZE_64 receiving the encoded message | * @param[out] cdw Array of size VEC_N1_SIZE_64 receiving the encoded message | ||||
* @param[in] msg Array of size VEC_K_SIZE_64 storing the message | * @param[in] msg Array of size VEC_K_SIZE_64 storing the message | ||||
*/ | */ | ||||
void PQCLEAN_HQCRMRS128_AVX2_reed_solomon_encode(uint64_t *cdw, const uint64_t *msg) { | |||||
void PQCLEAN_HQCRMRS128_AVX2_reed_solomon_encode(uint8_t *cdw, const uint8_t *msg) { | |||||
uint8_t gate_value = 0; | uint8_t gate_value = 0; | ||||
uint16_t tmp[PARAM_G] = {0}; | uint16_t tmp[PARAM_G] = {0}; | ||||
uint16_t PARAM_RS_POLY [] = {RS_POLY_COEFS}; | uint16_t PARAM_RS_POLY [] = {RS_POLY_COEFS}; | ||||
uint8_t msg_bytes[PARAM_K] = {0}; | |||||
uint8_t cdw_bytes[PARAM_N1] = {0}; | |||||
for (size_t i = 0; i < VEC_K_SIZE_64; ++i) { | |||||
for (size_t j = 0; j < 8; ++j) { | |||||
msg_bytes[i * 8 + j] = (uint8_t) (msg[i] >> (j * 8)); | |||||
} | |||||
for (size_t i = 0; i < PARAM_N1; i++) { | |||||
cdw[i] = 0; | |||||
} | } | ||||
for (int i = PARAM_K - 1; i >= 0; --i) { | for (int i = PARAM_K - 1; i >= 0; --i) { | ||||
gate_value = msg_bytes[i] ^ cdw_bytes[PARAM_N1 - PARAM_K - 1]; | |||||
gate_value = msg[i] ^ cdw[PARAM_N1 - PARAM_K - 1]; | |||||
for (size_t j = 0; j < PARAM_G; ++j) { | for (size_t j = 0; j < PARAM_G; ++j) { | ||||
tmp[j] = PQCLEAN_HQCRMRS128_AVX2_gf_mul(gate_value, PARAM_RS_POLY[j]); | tmp[j] = PQCLEAN_HQCRMRS128_AVX2_gf_mul(gate_value, PARAM_RS_POLY[j]); | ||||
} | } | ||||
for (size_t k = PARAM_N1 - PARAM_K - 1; k; --k) { | for (size_t k = PARAM_N1 - PARAM_K - 1; k; --k) { | ||||
cdw_bytes[k] = cdw_bytes[k - 1] ^ tmp[k]; | |||||
cdw[k] = cdw[k - 1] ^ tmp[k]; | |||||
} | } | ||||
cdw_bytes[0] = tmp[0]; | |||||
cdw[0] = tmp[0]; | |||||
} | } | ||||
memcpy(cdw_bytes + PARAM_N1 - PARAM_K, msg_bytes, PARAM_K); | |||||
memcpy(cdw, cdw_bytes, PARAM_N1); | |||||
memcpy(cdw + PARAM_N1 - PARAM_K, msg, PARAM_K); | |||||
} | } | ||||
@@ -312,8 +307,7 @@ static void correct_errors(uint8_t *cdw, const uint16_t *error_values) { | |||||
* @param[out] msg Array of size VEC_K_SIZE_64 receiving the decoded message | * @param[out] msg Array of size VEC_K_SIZE_64 receiving the decoded message | ||||
* @param[in] cdw Array of size VEC_N1_SIZE_64 storing the received word | * @param[in] cdw Array of size VEC_N1_SIZE_64 storing the received word | ||||
*/ | */ | ||||
void PQCLEAN_HQCRMRS128_AVX2_reed_solomon_decode(uint64_t *msg, uint64_t *cdw) { | |||||
uint8_t cdw_bytes[PARAM_N1] = {0}; | |||||
void PQCLEAN_HQCRMRS128_AVX2_reed_solomon_decode(uint8_t *msg, uint8_t *cdw) { | |||||
uint16_t syndromes[2 * PARAM_DELTA] = {0}; | uint16_t syndromes[2 * PARAM_DELTA] = {0}; | ||||
uint16_t sigma[1 << PARAM_FFT] = {0}; | uint16_t sigma[1 << PARAM_FFT] = {0}; | ||||
uint8_t error[1 << PARAM_M] = {0}; | uint8_t error[1 << PARAM_M] = {0}; | ||||
@@ -321,11 +315,8 @@ void PQCLEAN_HQCRMRS128_AVX2_reed_solomon_decode(uint64_t *msg, uint64_t *cdw) { | |||||
uint16_t error_values[PARAM_N1] = {0}; | uint16_t error_values[PARAM_N1] = {0}; | ||||
uint16_t deg; | uint16_t deg; | ||||
// Copy the vector in an array of bytes | |||||
memcpy(cdw_bytes, cdw, PARAM_N1); | |||||
// Calculate the 2*PARAM_DELTA syndromes | // Calculate the 2*PARAM_DELTA syndromes | ||||
compute_syndromes(syndromes, cdw_bytes); | |||||
compute_syndromes(syndromes, cdw); | |||||
// Compute the error locator polynomial sigma | // Compute the error locator polynomial sigma | ||||
// Sigma's degree is at most PARAM_DELTA but the FFT requires the extra room | // Sigma's degree is at most PARAM_DELTA but the FFT requires the extra room | ||||
@@ -341,9 +332,9 @@ void PQCLEAN_HQCRMRS128_AVX2_reed_solomon_decode(uint64_t *msg, uint64_t *cdw) { | |||||
compute_error_values(error_values, z, error); | compute_error_values(error_values, z, error); | ||||
// Correct the errors | // Correct the errors | ||||
correct_errors(cdw_bytes, error_values); | |||||
correct_errors(cdw, error_values); | |||||
// Retrieve the message from the decoded codeword | // Retrieve the message from the decoded codeword | ||||
memcpy(msg, cdw_bytes + (PARAM_G - 1), PARAM_K); | |||||
memcpy(msg, cdw + (PARAM_G - 1), PARAM_K); | |||||
} | } |
@@ -122,22 +122,6 @@ void PQCLEAN_HQCRMRS128_AVX2_vect_set_random(AES_XOF_struct *ctx, uint64_t *v) { | |||||
/** | |||||
* @brief Generates a random vector | |||||
* | |||||
* This function generates a random binary vector. It uses the the randombytes function. | |||||
* | |||||
* @param[in] v Pointer to an array | |||||
*/ | |||||
void PQCLEAN_HQCRMRS128_AVX2_vect_set_random_from_randombytes(uint64_t *v) { | |||||
uint8_t rand_bytes [VEC_K_SIZE_BYTES] = {0}; | |||||
randombytes(rand_bytes, VEC_K_SIZE_BYTES); | |||||
PQCLEAN_HQCRMRS128_AVX2_load8_arr(v, VEC_K_SIZE_64, rand_bytes, VEC_K_SIZE_BYTES); | |||||
} | |||||
/** | /** | ||||
* @brief Adds two vectors | * @brief Adds two vectors | ||||
* | * | ||||
@@ -21,8 +21,8 @@ | |||||
* @param[out] em Pointer to an array that is the tensor code word | * @param[out] em Pointer to an array that is the tensor code word | ||||
* @param[in] m Pointer to an array that is the message | * @param[in] m Pointer to an array that is the message | ||||
*/ | */ | ||||
void PQCLEAN_HQCRMRS192_AVX2_code_encode(uint64_t *em, const uint64_t *m) { | |||||
uint64_t tmp[VEC_N1_SIZE_64] = {0}; | |||||
void PQCLEAN_HQCRMRS192_AVX2_code_encode(uint8_t *em, const uint8_t *m) { | |||||
uint8_t tmp[8 * VEC_N1_SIZE_64] = {0}; | |||||
PQCLEAN_HQCRMRS192_AVX2_reed_solomon_encode(tmp, m); | PQCLEAN_HQCRMRS192_AVX2_reed_solomon_encode(tmp, m); | ||||
PQCLEAN_HQCRMRS192_AVX2_reed_muller_encode(em, tmp); | PQCLEAN_HQCRMRS192_AVX2_reed_muller_encode(em, tmp); | ||||
@@ -37,8 +37,8 @@ void PQCLEAN_HQCRMRS192_AVX2_code_encode(uint64_t *em, const uint64_t *m) { | |||||
* @param[out] m Pointer to an array that is the message | * @param[out] m Pointer to an array that is the message | ||||
* @param[in] em Pointer to an array that is the code word | * @param[in] em Pointer to an array that is the code word | ||||
*/ | */ | ||||
void PQCLEAN_HQCRMRS192_AVX2_code_decode(uint64_t *m, const uint64_t *em) { | |||||
uint64_t tmp[VEC_N1_SIZE_64] = {0}; | |||||
void PQCLEAN_HQCRMRS192_AVX2_code_decode(uint8_t *m, const uint8_t *em) { | |||||
uint8_t tmp[8 * VEC_N1_SIZE_64] = {0}; | |||||
PQCLEAN_HQCRMRS192_AVX2_reed_muller_decode(tmp, em); | PQCLEAN_HQCRMRS192_AVX2_reed_muller_decode(tmp, em); | ||||
PQCLEAN_HQCRMRS192_AVX2_reed_solomon_decode(m, tmp); | PQCLEAN_HQCRMRS192_AVX2_reed_solomon_decode(m, tmp); | ||||
@@ -12,9 +12,9 @@ | |||||
#include <stddef.h> | #include <stddef.h> | ||||
#include <stdint.h> | #include <stdint.h> | ||||
void PQCLEAN_HQCRMRS192_AVX2_code_encode(uint64_t *em, const uint64_t *message); | |||||
void PQCLEAN_HQCRMRS192_AVX2_code_encode(uint8_t *em, const uint8_t *message); | |||||
void PQCLEAN_HQCRMRS192_AVX2_code_decode(uint64_t *m, const uint64_t *em); | |||||
void PQCLEAN_HQCRMRS192_AVX2_code_decode(uint8_t *m, const uint8_t *em); | |||||
#endif | #endif |
@@ -70,7 +70,7 @@ void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_keygen(unsigned char *pk, unsigned char *sk | |||||
* @param[in] theta Seed used to derive randomness required for encryption | * @param[in] theta Seed used to derive randomness required for encryption | ||||
* @param[in] pk String containing the public key | * @param[in] pk String containing the public key | ||||
*/ | */ | ||||
void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint64_t *m, unsigned char *theta, const unsigned char *pk) { | |||||
void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint8_t *m, unsigned char *theta, const unsigned char *pk) { | |||||
AES_XOF_struct seedexpander; | AES_XOF_struct seedexpander; | ||||
uint64_t h[VEC_N_256_SIZE_64] = {0}; | uint64_t h[VEC_N_256_SIZE_64] = {0}; | ||||
uint64_t s[VEC_N_256_SIZE_64] = {0}; | uint64_t s[VEC_N_256_SIZE_64] = {0}; | ||||
@@ -96,7 +96,8 @@ void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint64_t | |||||
PQCLEAN_HQCRMRS192_AVX2_vect_add(u, r1, u, VEC_N_256_SIZE_64); | PQCLEAN_HQCRMRS192_AVX2_vect_add(u, r1, u, VEC_N_256_SIZE_64); | ||||
// Compute v = m.G by encoding the message | // Compute v = m.G by encoding the message | ||||
PQCLEAN_HQCRMRS192_AVX2_code_encode(v, m); | |||||
PQCLEAN_HQCRMRS192_AVX2_code_encode((uint8_t *)v, m); | |||||
PQCLEAN_HQCRMRS192_AVX2_load8_arr(v, VEC_N1N2_256_SIZE_64, (uint8_t *)v, VEC_N1N2_SIZE_BYTES); | |||||
PQCLEAN_HQCRMRS192_AVX2_vect_resize(tmp1, PARAM_N, v, PARAM_N1N2); | PQCLEAN_HQCRMRS192_AVX2_vect_resize(tmp1, PARAM_N, v, PARAM_N1N2); | ||||
// Compute v = m.G + s.r2 + e | // Compute v = m.G + s.r2 + e | ||||
@@ -117,15 +118,14 @@ void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint64_t | |||||
* @param[in] v Vector v (second part of the ciphertext) | * @param[in] v Vector v (second part of the ciphertext) | ||||
* @param[in] sk String containing the secret key | * @param[in] sk String containing the secret key | ||||
*/ | */ | ||||
void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_decrypt(uint64_t *m, const uint64_t *u, const uint64_t *v, const unsigned char *sk) { | |||||
uint64_t x[VEC_N_256_SIZE_64] = {0}; | |||||
uint64_t y[VEC_N_256_SIZE_64] = {0}; | |||||
void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_decrypt(uint8_t *m, const uint64_t *u, const uint64_t *v, const unsigned char *sk) { | |||||
uint8_t pk[PUBLIC_KEY_BYTES] = {0}; | uint8_t pk[PUBLIC_KEY_BYTES] = {0}; | ||||
uint64_t tmp1[VEC_N_256_SIZE_64] = {0}; | uint64_t tmp1[VEC_N_256_SIZE_64] = {0}; | ||||
uint64_t tmp2[VEC_N_256_SIZE_64] = {0}; | uint64_t tmp2[VEC_N_256_SIZE_64] = {0}; | ||||
uint64_t y[VEC_N_256_SIZE_64] = {0}; | |||||
// Retrieve x, y, pk from secret key | // Retrieve x, y, pk from secret key | ||||
PQCLEAN_HQCRMRS192_AVX2_hqc_secret_key_from_string(x, y, pk, sk); | |||||
PQCLEAN_HQCRMRS192_AVX2_hqc_secret_key_from_string(tmp1, y, pk, sk); | |||||
// Compute v - u.y | // Compute v - u.y | ||||
PQCLEAN_HQCRMRS192_AVX2_vect_resize(tmp1, PARAM_N, v, PARAM_N1N2); | PQCLEAN_HQCRMRS192_AVX2_vect_resize(tmp1, PARAM_N, v, PARAM_N1N2); | ||||
@@ -134,5 +134,6 @@ void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_decrypt(uint64_t *m, const uint64_t *u, con | |||||
// Compute m by decoding v - u.y | // Compute m by decoding v - u.y | ||||
PQCLEAN_HQCRMRS192_AVX2_code_decode(m, tmp2); | |||||
PQCLEAN_HQCRMRS192_AVX2_store8_arr((uint8_t *)tmp1, VEC_N_SIZE_BYTES, tmp2, VEC_N_256_SIZE_64); | |||||
PQCLEAN_HQCRMRS192_AVX2_code_decode(m, (uint8_t *)tmp1); | |||||
} | } |
@@ -13,9 +13,9 @@ | |||||
void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_keygen(unsigned char *pk, unsigned char *sk); | void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_keygen(unsigned char *pk, unsigned char *sk); | ||||
void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint64_t *m, unsigned char *theta, const unsigned char *pk); | |||||
void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint8_t *m, unsigned char *theta, const unsigned char *pk); | |||||
void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_decrypt(uint64_t *m, const uint64_t *u, const uint64_t *v, const unsigned char *sk); | |||||
void PQCLEAN_HQCRMRS192_AVX2_hqc_pke_decrypt(uint8_t *m, const uint64_t *u, const uint64_t *v, const unsigned char *sk); | |||||
#endif | #endif |
@@ -47,26 +47,26 @@ int PQCLEAN_HQCRMRS192_AVX2_crypto_kem_keypair(unsigned char *pk, unsigned char | |||||
int PQCLEAN_HQCRMRS192_AVX2_crypto_kem_enc(unsigned char *ct, unsigned char *ss, const unsigned char *pk) { | int PQCLEAN_HQCRMRS192_AVX2_crypto_kem_enc(unsigned char *ct, unsigned char *ss, const unsigned char *pk) { | ||||
uint8_t theta[SHA512_BYTES] = {0}; | uint8_t theta[SHA512_BYTES] = {0}; | ||||
uint64_t m[VEC_K_SIZE_64] = {0}; | |||||
uint8_t m[VEC_K_SIZE_BYTES] = {0}; | |||||
uint64_t u[VEC_N_256_SIZE_64] = {0}; | uint64_t u[VEC_N_256_SIZE_64] = {0}; | ||||
uint64_t v[VEC_N1N2_256_SIZE_64] = {0}; | uint64_t v[VEC_N1N2_256_SIZE_64] = {0}; | ||||
unsigned char d[SHA512_BYTES] = {0}; | unsigned char d[SHA512_BYTES] = {0}; | ||||
unsigned char mc[VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES] = {0}; | unsigned char mc[VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES] = {0}; | ||||
// Computing m | // Computing m | ||||
PQCLEAN_HQCRMRS192_AVX2_vect_set_random_from_randombytes(m); | |||||
randombytes(m, VEC_K_SIZE_BYTES); | |||||
// Computing theta | // Computing theta | ||||
sha3_512(theta, (uint8_t *) m, VEC_K_SIZE_BYTES); | |||||
sha3_512(theta, m, VEC_K_SIZE_BYTES); | |||||
// Encrypting m | // Encrypting m | ||||
PQCLEAN_HQCRMRS192_AVX2_hqc_pke_encrypt(u, v, m, theta, pk); | PQCLEAN_HQCRMRS192_AVX2_hqc_pke_encrypt(u, v, m, theta, pk); | ||||
// Computing d | // Computing d | ||||
sha512(d, (unsigned char *) m, VEC_K_SIZE_BYTES); | |||||
sha512(d, m, VEC_K_SIZE_BYTES); | |||||
// Computing shared secret | // Computing shared secret | ||||
PQCLEAN_HQCRMRS192_AVX2_store8_arr(mc, VEC_K_SIZE_BYTES, m, VEC_K_SIZE_64); | |||||
memcpy(mc, m, VEC_K_SIZE_BYTES); | |||||
PQCLEAN_HQCRMRS192_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64); | PQCLEAN_HQCRMRS192_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64); | ||||
PQCLEAN_HQCRMRS192_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64); | PQCLEAN_HQCRMRS192_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64); | ||||
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES); | sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES); | ||||
@@ -95,7 +95,7 @@ int PQCLEAN_HQCRMRS192_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned cha | |||||
uint64_t v[VEC_N1N2_256_SIZE_64] = {0}; | uint64_t v[VEC_N1N2_256_SIZE_64] = {0}; | ||||
unsigned char d[SHA512_BYTES] = {0}; | unsigned char d[SHA512_BYTES] = {0}; | ||||
unsigned char pk[PUBLIC_KEY_BYTES] = {0}; | unsigned char pk[PUBLIC_KEY_BYTES] = {0}; | ||||
uint64_t m[VEC_K_SIZE_64] = {0}; | |||||
uint8_t m[VEC_K_SIZE_BYTES] = {0}; | |||||
uint8_t theta[SHA512_BYTES] = {0}; | uint8_t theta[SHA512_BYTES] = {0}; | ||||
uint64_t u2[VEC_N_256_SIZE_64] = {0}; | uint64_t u2[VEC_N_256_SIZE_64] = {0}; | ||||
uint64_t v2[VEC_N1N2_256_SIZE_64] = {0}; | uint64_t v2[VEC_N1N2_256_SIZE_64] = {0}; | ||||
@@ -112,17 +112,17 @@ int PQCLEAN_HQCRMRS192_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned cha | |||||
PQCLEAN_HQCRMRS192_AVX2_hqc_pke_decrypt(m, u, v, sk); | PQCLEAN_HQCRMRS192_AVX2_hqc_pke_decrypt(m, u, v, sk); | ||||
// Computing theta | // Computing theta | ||||
sha3_512(theta, (uint8_t *) m, VEC_K_SIZE_BYTES); | |||||
sha3_512(theta, m, VEC_K_SIZE_BYTES); | |||||
// Encrypting m' | // Encrypting m' | ||||
PQCLEAN_HQCRMRS192_AVX2_hqc_pke_encrypt(u2, v2, m, theta, pk); | PQCLEAN_HQCRMRS192_AVX2_hqc_pke_encrypt(u2, v2, m, theta, pk); | ||||
// Computing d' | // Computing d' | ||||
sha512(d2, (unsigned char *) m, VEC_K_SIZE_BYTES); | |||||
sha512(d2, m, VEC_K_SIZE_BYTES); | |||||
// Computing shared secret | // Computing shared secret | ||||
PQCLEAN_HQCRMRS192_AVX2_store8_arr(mc, VEC_K_SIZE_BYTES, m, VEC_K_SIZE_64); | |||||
PQCLEAN_HQCRMRS192_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64); | |||||
memcpy(mc, m, VEC_K_SIZE_BYTES); | |||||
PQCLEAN_HQCRMRS192_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_256_SIZE_64); | |||||
PQCLEAN_HQCRMRS192_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64); | PQCLEAN_HQCRMRS192_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64); | ||||
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES); | sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES); | ||||
@@ -15,10 +15,10 @@ | |||||
// copy bit 0 into all bits of a 64 bit value | // copy bit 0 into all bits of a 64 bit value | ||||
#define BIT0MASK(x) (int64_t)(-((x) & 1)) | #define BIT0MASK(x) (int64_t)(-((x) & 1)) | ||||
static void encode(uint64_t *word, uint32_t message); | |||||
static void encode(uint8_t *word, uint8_t message); | |||||
static void expand_and_sum(__m256i *dst, const uint64_t *src); | static void expand_and_sum(__m256i *dst, const uint64_t *src); | ||||
static void hadamard(__m256i *src, __m256i *dst); | static void hadamard(__m256i *src, __m256i *dst); | ||||
static int32_t find_peaks(__m256i *transform); | |||||
static uint32_t find_peaks(__m256i *transform); | |||||
@@ -39,28 +39,38 @@ static int32_t find_peaks(__m256i *transform); | |||||
* @param[out] word An RM(1,7) codeword | * @param[out] word An RM(1,7) codeword | ||||
* @param[in] message A message to encode | * @param[in] message A message to encode | ||||
*/ | */ | ||||
static void encode(uint64_t *word, uint32_t message) { | |||||
// the four parts of the word are identical | |||||
// except for encoding bits 5 and 6 | |||||
uint32_t first_word; | |||||
static void encode(uint8_t *word, uint8_t message) { | |||||
uint32_t e; | |||||
// bit 7 flips all the bits, do that first to save work | // bit 7 flips all the bits, do that first to save work | ||||
first_word = BIT0MASK(message >> 7); | |||||
e = BIT0MASK(message >> 7); | |||||
// bits 0, 1, 2, 3, 4 are the same for all four longs | // bits 0, 1, 2, 3, 4 are the same for all four longs | ||||
// (Warning: in the bit matrix above, low bits are at the left!) | // (Warning: in the bit matrix above, low bits are at the left!) | ||||
first_word ^= BIT0MASK(message >> 0) & 0xaaaaaaaa; | |||||
first_word ^= BIT0MASK(message >> 1) & 0xcccccccc; | |||||
first_word ^= BIT0MASK(message >> 2) & 0xf0f0f0f0; | |||||
first_word ^= BIT0MASK(message >> 3) & 0xff00ff00; | |||||
first_word ^= BIT0MASK(message >> 4) & 0xffff0000; | |||||
e ^= BIT0MASK(message >> 0) & 0xaaaaaaaa; | |||||
e ^= BIT0MASK(message >> 1) & 0xcccccccc; | |||||
e ^= BIT0MASK(message >> 2) & 0xf0f0f0f0; | |||||
e ^= BIT0MASK(message >> 3) & 0xff00ff00; | |||||
e ^= BIT0MASK(message >> 4) & 0xffff0000; | |||||
// we can store this in the first quarter | // we can store this in the first quarter | ||||
((uint32_t *) word)[0] = first_word; | |||||
word[0 + 0] = (e >> 0x00) & 0xff; | |||||
word[0 + 1] = (e >> 0x08) & 0xff; | |||||
word[0 + 2] = (e >> 0x10) & 0xff; | |||||
word[0 + 3] = (e >> 0x18) & 0xff; | |||||
// bit 5 flips entries 1 and 3; bit 6 flips 2 and 3 | // bit 5 flips entries 1 and 3; bit 6 flips 2 and 3 | ||||
first_word ^= BIT0MASK(message >> 5); | |||||
((uint32_t *) word)[1] = first_word; | |||||
first_word ^= BIT0MASK(message >> 6); | |||||
((uint32_t *) word)[3] = first_word; | |||||
first_word ^= BIT0MASK(message >> 5); | |||||
((uint32_t *) word)[2] = first_word; | |||||
e ^= BIT0MASK(message >> 5); | |||||
word[4 + 0] = (e >> 0x00) & 0xff; | |||||
word[4 + 1] = (e >> 0x08) & 0xff; | |||||
word[4 + 2] = (e >> 0x10) & 0xff; | |||||
word[4 + 3] = (e >> 0x18) & 0xff; | |||||
e ^= BIT0MASK(message >> 6); | |||||
word[12 + 0] = (e >> 0x00) & 0xff; | |||||
word[12 + 1] = (e >> 0x08) & 0xff; | |||||
word[12 + 2] = (e >> 0x10) & 0xff; | |||||
word[12 + 3] = (e >> 0x18) & 0xff; | |||||
e ^= BIT0MASK(message >> 5); | |||||
word[8 + 0] = (e >> 0x00) & 0xff; | |||||
word[8 + 1] = (e >> 0x08) & 0xff; | |||||
word[8 + 2] = (e >> 0x10) & 0xff; | |||||
word[8 + 3] = (e >> 0x18) & 0xff; | |||||
} | } | ||||
@@ -218,7 +228,7 @@ inline void hadamard(__m256i *src, __m256i *dst) { | |||||
* | * | ||||
* @param[in] transform Structure that contain the expanded codeword | * @param[in] transform Structure that contain the expanded codeword | ||||
*/ | */ | ||||
inline int32_t find_peaks(__m256i *transform) { | |||||
inline uint32_t find_peaks(__m256i *transform) { | |||||
// a whole lot of vector variables | // a whole lot of vector variables | ||||
__m256i bitmap, abs_rows[8], bound, active_row, max_abs_rows; | __m256i bitmap, abs_rows[8], bound, active_row, max_abs_rows; | ||||
__m256i peak_mask; | __m256i peak_mask; | ||||
@@ -322,7 +332,7 @@ inline int32_t find_peaks(__m256i *transform) { | |||||
result |= message_mask & ptr[i]; | result |= message_mask & ptr[i]; | ||||
} | } | ||||
message |= (0x8000 & ~result) >> 8; | message |= (0x8000 & ~result) >> 8; | ||||
return message; | |||||
return (uint32_t) message; | |||||
} | } | ||||
@@ -336,14 +346,13 @@ inline int32_t find_peaks(__m256i *transform) { | |||||
* @param[out] cdw Array of size VEC_N1N2_SIZE_64 receiving the encoded message | * @param[out] cdw Array of size VEC_N1N2_SIZE_64 receiving the encoded message | ||||
* @param[in] msg Array of size VEC_N1_SIZE_64 storing the message | * @param[in] msg Array of size VEC_N1_SIZE_64 storing the message | ||||
*/ | */ | ||||
void PQCLEAN_HQCRMRS192_AVX2_reed_muller_encode(uint64_t *cdw, const uint64_t *msg) { | |||||
void PQCLEAN_HQCRMRS192_AVX2_reed_muller_encode(uint8_t *cdw, const uint8_t *msg) { | |||||
for (size_t i = 0; i < VEC_N1_SIZE_BYTES; i++) { | for (size_t i = 0; i < VEC_N1_SIZE_BYTES; i++) { | ||||
// fill entries i * MULTIPLICITY to (i+1) * MULTIPLICITY | |||||
// encode first word | // encode first word | ||||
encode(&cdw[2 * i * MULTIPLICITY], ((uint8_t *)msg)[i]); | |||||
encode(&cdw[16 * i * MULTIPLICITY], msg[i]); | |||||
// copy to other identical codewords | // copy to other identical codewords | ||||
for (size_t copy = 1; copy < MULTIPLICITY; copy++) { | for (size_t copy = 1; copy < MULTIPLICITY; copy++) { | ||||
memcpy(&cdw[2 * (i * MULTIPLICITY + copy)], &cdw[2 * i * MULTIPLICITY], 2 * sizeof(uint64_t)); | |||||
memcpy(&cdw[16 * i * MULTIPLICITY + 16 * copy], &cdw[16 * i * MULTIPLICITY], 16); | |||||
} | } | ||||
} | } | ||||
} | } | ||||
@@ -359,18 +368,18 @@ void PQCLEAN_HQCRMRS192_AVX2_reed_muller_encode(uint64_t *cdw, const uint64_t *m | |||||
* @param[out] msg Array of size VEC_N1_SIZE_64 receiving the decoded message | * @param[out] msg Array of size VEC_N1_SIZE_64 receiving the decoded message | ||||
* @param[in] cdw Array of size VEC_N1N2_SIZE_64 storing the received word | * @param[in] cdw Array of size VEC_N1N2_SIZE_64 storing the received word | ||||
*/ | */ | ||||
void PQCLEAN_HQCRMRS192_AVX2_reed_muller_decode(uint64_t *msg, const uint64_t *cdw) { | |||||
void PQCLEAN_HQCRMRS192_AVX2_reed_muller_decode(uint8_t *msg, const uint8_t *cdw) { | |||||
__m256i expanded[8]; | __m256i expanded[8]; | ||||
__m256i transform[8]; | __m256i transform[8]; | ||||
for (size_t i = 0; i < VEC_N1_SIZE_BYTES; i++) { | for (size_t i = 0; i < VEC_N1_SIZE_BYTES; i++) { | ||||
// collect the codewords | // collect the codewords | ||||
expand_and_sum(expanded, &cdw[2 * i * MULTIPLICITY]); | |||||
expand_and_sum(expanded, (uint64_t *)&cdw[16 * i * MULTIPLICITY]); | |||||
// apply hadamard transform | // apply hadamard transform | ||||
hadamard(expanded, transform); | hadamard(expanded, transform); | ||||
// fix the first entry to get the half Hadamard transform | // fix the first entry to get the half Hadamard transform | ||||
transform[0] -= _mm256_set_epi16(0, 0, 0, 0, 0, 0, 0, 0, | transform[0] -= _mm256_set_epi16(0, 0, 0, 0, 0, 0, 0, 0, | ||||
0, 0, 0, 0, 0, 0, 0, 64 * MULTIPLICITY); | 0, 0, 0, 0, 0, 0, 0, 64 * MULTIPLICITY); | ||||
// finish the decoding | // finish the decoding | ||||
((uint8_t *)msg)[i] = find_peaks(transform); | |||||
msg[i] = find_peaks(transform); | |||||
} | } | ||||
} | } |
@@ -12,9 +12,9 @@ | |||||
#include <stddef.h> | #include <stddef.h> | ||||
#include <stdint.h> | #include <stdint.h> | ||||
void PQCLEAN_HQCRMRS192_AVX2_reed_muller_encode(uint64_t *cdw, const uint64_t *msg); | |||||
void PQCLEAN_HQCRMRS192_AVX2_reed_muller_encode(uint8_t *cdw, const uint8_t *msg); | |||||
void PQCLEAN_HQCRMRS192_AVX2_reed_muller_decode(uint64_t *msg, const uint64_t *cdw); | |||||
void PQCLEAN_HQCRMRS192_AVX2_reed_muller_decode(uint8_t *msg, const uint8_t *cdw); | |||||
#endif | #endif |
@@ -1,6 +1,7 @@ | |||||
#include "fft.h" | #include "fft.h" | ||||
#include "gf.h" | #include "gf.h" | ||||
#include "parameters.h" | #include "parameters.h" | ||||
#include "parsing.h" | |||||
#include "reed_solomon.h" | #include "reed_solomon.h" | ||||
#include <stdint.h> | #include <stdint.h> | ||||
#include <stdio.h> | #include <stdio.h> | ||||
@@ -30,37 +31,31 @@ static void correct_errors(uint8_t *cdw, const uint16_t *error_values); | |||||
* @param[out] cdw Array of size VEC_N1_SIZE_64 receiving the encoded message | * @param[out] cdw Array of size VEC_N1_SIZE_64 receiving the encoded message | ||||
* @param[in] msg Array of size VEC_K_SIZE_64 storing the message | * @param[in] msg Array of size VEC_K_SIZE_64 storing the message | ||||
*/ | */ | ||||
void PQCLEAN_HQCRMRS192_AVX2_reed_solomon_encode(uint64_t *cdw, const uint64_t *msg) { | |||||
void PQCLEAN_HQCRMRS192_AVX2_reed_solomon_encode(uint8_t *cdw, const uint8_t *msg) { | |||||
uint8_t gate_value = 0; | uint8_t gate_value = 0; | ||||
uint16_t tmp[PARAM_G] = {0}; | uint16_t tmp[PARAM_G] = {0}; | ||||
uint16_t PARAM_RS_POLY [] = {RS_POLY_COEFS}; | uint16_t PARAM_RS_POLY [] = {RS_POLY_COEFS}; | ||||
uint8_t msg_bytes[PARAM_K] = {0}; | |||||
uint8_t cdw_bytes[PARAM_N1] = {0}; | |||||
for (size_t i = 0; i < VEC_K_SIZE_64; ++i) { | |||||
for (size_t j = 0; j < 8; ++j) { | |||||
msg_bytes[i * 8 + j] = (uint8_t) (msg[i] >> (j * 8)); | |||||
} | |||||
for (size_t i = 0; i < PARAM_N1; i++) { | |||||
cdw[i] = 0; | |||||
} | } | ||||
for (int i = PARAM_K - 1; i >= 0; --i) { | for (int i = PARAM_K - 1; i >= 0; --i) { | ||||
gate_value = msg_bytes[i] ^ cdw_bytes[PARAM_N1 - PARAM_K - 1]; | |||||
gate_value = msg[i] ^ cdw[PARAM_N1 - PARAM_K - 1]; | |||||
for (size_t j = 0; j < PARAM_G; ++j) { | for (size_t j = 0; j < PARAM_G; ++j) { | ||||
tmp[j] = PQCLEAN_HQCRMRS192_AVX2_gf_mul(gate_value, PARAM_RS_POLY[j]); | tmp[j] = PQCLEAN_HQCRMRS192_AVX2_gf_mul(gate_value, PARAM_RS_POLY[j]); | ||||
} | } | ||||
for (size_t k = PARAM_N1 - PARAM_K - 1; k; --k) { | for (size_t k = PARAM_N1 - PARAM_K - 1; k; --k) { | ||||
cdw_bytes[k] = cdw_bytes[k - 1] ^ tmp[k]; | |||||
cdw[k] = cdw[k - 1] ^ tmp[k]; | |||||
} | } | ||||
cdw_bytes[0] = tmp[0]; | |||||
cdw[0] = tmp[0]; | |||||
} | } | ||||
memcpy(cdw_bytes + PARAM_N1 - PARAM_K, msg_bytes, PARAM_K); | |||||
memcpy(cdw, cdw_bytes, PARAM_N1); | |||||
memcpy(cdw + PARAM_N1 - PARAM_K, msg, PARAM_K); | |||||
} | } | ||||
@@ -312,8 +307,7 @@ static void correct_errors(uint8_t *cdw, const uint16_t *error_values) { | |||||
* @param[out] msg Array of size VEC_K_SIZE_64 receiving the decoded message | * @param[out] msg Array of size VEC_K_SIZE_64 receiving the decoded message | ||||
* @param[in] cdw Array of size VEC_N1_SIZE_64 storing the received word | * @param[in] cdw Array of size VEC_N1_SIZE_64 storing the received word | ||||
*/ | */ | ||||
void PQCLEAN_HQCRMRS192_AVX2_reed_solomon_decode(uint64_t *msg, uint64_t *cdw) { | |||||
uint8_t cdw_bytes[PARAM_N1] = {0}; | |||||
void PQCLEAN_HQCRMRS192_AVX2_reed_solomon_decode(uint8_t *msg, uint8_t *cdw) { | |||||
uint16_t syndromes[2 * PARAM_DELTA] = {0}; | uint16_t syndromes[2 * PARAM_DELTA] = {0}; | ||||
uint16_t sigma[1 << PARAM_FFT] = {0}; | uint16_t sigma[1 << PARAM_FFT] = {0}; | ||||
uint8_t error[1 << PARAM_M] = {0}; | uint8_t error[1 << PARAM_M] = {0}; | ||||
@@ -321,11 +315,8 @@ void PQCLEAN_HQCRMRS192_AVX2_reed_solomon_decode(uint64_t *msg, uint64_t *cdw) { | |||||
uint16_t error_values[PARAM_N1] = {0}; | uint16_t error_values[PARAM_N1] = {0}; | ||||
uint16_t deg; | uint16_t deg; | ||||
// Copy the vector in an array of bytes | |||||
memcpy(cdw_bytes, cdw, PARAM_N1); | |||||
// Calculate the 2*PARAM_DELTA syndromes | // Calculate the 2*PARAM_DELTA syndromes | ||||
compute_syndromes(syndromes, cdw_bytes); | |||||
compute_syndromes(syndromes, cdw); | |||||
// Compute the error locator polynomial sigma | // Compute the error locator polynomial sigma | ||||
// Sigma's degree is at most PARAM_DELTA but the FFT requires the extra room | // Sigma's degree is at most PARAM_DELTA but the FFT requires the extra room | ||||
@@ -341,9 +332,9 @@ void PQCLEAN_HQCRMRS192_AVX2_reed_solomon_decode(uint64_t *msg, uint64_t *cdw) { | |||||
compute_error_values(error_values, z, error); | compute_error_values(error_values, z, error); | ||||
// Correct the errors | // Correct the errors | ||||
correct_errors(cdw_bytes, error_values); | |||||
correct_errors(cdw, error_values); | |||||
// Retrieve the message from the decoded codeword | // Retrieve the message from the decoded codeword | ||||
memcpy(msg, cdw_bytes + (PARAM_G - 1), PARAM_K); | |||||
memcpy(msg, cdw + (PARAM_G - 1), PARAM_K); | |||||
} | } |
@@ -122,22 +122,6 @@ void PQCLEAN_HQCRMRS192_AVX2_vect_set_random(AES_XOF_struct *ctx, uint64_t *v) { | |||||
/** | |||||
* @brief Generates a random vector | |||||
* | |||||
* This function generates a random binary vector. It uses the the randombytes function. | |||||
* | |||||
* @param[in] v Pointer to an array | |||||
*/ | |||||
void PQCLEAN_HQCRMRS192_AVX2_vect_set_random_from_randombytes(uint64_t *v) { | |||||
uint8_t rand_bytes [VEC_K_SIZE_BYTES] = {0}; | |||||
randombytes(rand_bytes, VEC_K_SIZE_BYTES); | |||||
PQCLEAN_HQCRMRS192_AVX2_load8_arr(v, VEC_K_SIZE_64, rand_bytes, VEC_K_SIZE_BYTES); | |||||
} | |||||
/** | /** | ||||
* @brief Adds two vectors | * @brief Adds two vectors | ||||
* | * | ||||
@@ -21,8 +21,8 @@ | |||||
* @param[out] em Pointer to an array that is the tensor code word | * @param[out] em Pointer to an array that is the tensor code word | ||||
* @param[in] m Pointer to an array that is the message | * @param[in] m Pointer to an array that is the message | ||||
*/ | */ | ||||
void PQCLEAN_HQCRMRS256_AVX2_code_encode(uint64_t *em, const uint64_t *m) { | |||||
uint64_t tmp[VEC_N1_SIZE_64] = {0}; | |||||
void PQCLEAN_HQCRMRS256_AVX2_code_encode(uint8_t *em, const uint8_t *m) { | |||||
uint8_t tmp[8 * VEC_N1_SIZE_64] = {0}; | |||||
PQCLEAN_HQCRMRS256_AVX2_reed_solomon_encode(tmp, m); | PQCLEAN_HQCRMRS256_AVX2_reed_solomon_encode(tmp, m); | ||||
PQCLEAN_HQCRMRS256_AVX2_reed_muller_encode(em, tmp); | PQCLEAN_HQCRMRS256_AVX2_reed_muller_encode(em, tmp); | ||||
@@ -37,8 +37,8 @@ void PQCLEAN_HQCRMRS256_AVX2_code_encode(uint64_t *em, const uint64_t *m) { | |||||
* @param[out] m Pointer to an array that is the message | * @param[out] m Pointer to an array that is the message | ||||
* @param[in] em Pointer to an array that is the code word | * @param[in] em Pointer to an array that is the code word | ||||
*/ | */ | ||||
void PQCLEAN_HQCRMRS256_AVX2_code_decode(uint64_t *m, const uint64_t *em) { | |||||
uint64_t tmp[VEC_N1_SIZE_64] = {0}; | |||||
void PQCLEAN_HQCRMRS256_AVX2_code_decode(uint8_t *m, const uint8_t *em) { | |||||
uint8_t tmp[8 * VEC_N1_SIZE_64] = {0}; | |||||
PQCLEAN_HQCRMRS256_AVX2_reed_muller_decode(tmp, em); | PQCLEAN_HQCRMRS256_AVX2_reed_muller_decode(tmp, em); | ||||
PQCLEAN_HQCRMRS256_AVX2_reed_solomon_decode(m, tmp); | PQCLEAN_HQCRMRS256_AVX2_reed_solomon_decode(m, tmp); | ||||
@@ -12,9 +12,9 @@ | |||||
#include <stddef.h> | #include <stddef.h> | ||||
#include <stdint.h> | #include <stdint.h> | ||||
void PQCLEAN_HQCRMRS256_AVX2_code_encode(uint64_t *em, const uint64_t *message); | |||||
void PQCLEAN_HQCRMRS256_AVX2_code_encode(uint8_t *em, const uint8_t *message); | |||||
void PQCLEAN_HQCRMRS256_AVX2_code_decode(uint64_t *m, const uint64_t *em); | |||||
void PQCLEAN_HQCRMRS256_AVX2_code_decode(uint8_t *m, const uint8_t *em); | |||||
#endif | #endif |
@@ -70,7 +70,7 @@ void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_keygen(unsigned char *pk, unsigned char *sk | |||||
* @param[in] theta Seed used to derive randomness required for encryption | * @param[in] theta Seed used to derive randomness required for encryption | ||||
* @param[in] pk String containing the public key | * @param[in] pk String containing the public key | ||||
*/ | */ | ||||
void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint64_t *m, unsigned char *theta, const unsigned char *pk) { | |||||
void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint8_t *m, unsigned char *theta, const unsigned char *pk) { | |||||
AES_XOF_struct seedexpander; | AES_XOF_struct seedexpander; | ||||
uint64_t h[VEC_N_256_SIZE_64] = {0}; | uint64_t h[VEC_N_256_SIZE_64] = {0}; | ||||
uint64_t s[VEC_N_256_SIZE_64] = {0}; | uint64_t s[VEC_N_256_SIZE_64] = {0}; | ||||
@@ -96,7 +96,8 @@ void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint64_t | |||||
PQCLEAN_HQCRMRS256_AVX2_vect_add(u, r1, u, VEC_N_256_SIZE_64); | PQCLEAN_HQCRMRS256_AVX2_vect_add(u, r1, u, VEC_N_256_SIZE_64); | ||||
// Compute v = m.G by encoding the message | // Compute v = m.G by encoding the message | ||||
PQCLEAN_HQCRMRS256_AVX2_code_encode(v, m); | |||||
PQCLEAN_HQCRMRS256_AVX2_code_encode((uint8_t *)v, m); | |||||
PQCLEAN_HQCRMRS256_AVX2_load8_arr(v, VEC_N1N2_256_SIZE_64, (uint8_t *)v, VEC_N1N2_SIZE_BYTES); | |||||
PQCLEAN_HQCRMRS256_AVX2_vect_resize(tmp1, PARAM_N, v, PARAM_N1N2); | PQCLEAN_HQCRMRS256_AVX2_vect_resize(tmp1, PARAM_N, v, PARAM_N1N2); | ||||
// Compute v = m.G + s.r2 + e | // Compute v = m.G + s.r2 + e | ||||
@@ -117,15 +118,14 @@ void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint64_t | |||||
* @param[in] v Vector v (second part of the ciphertext) | * @param[in] v Vector v (second part of the ciphertext) | ||||
* @param[in] sk String containing the secret key | * @param[in] sk String containing the secret key | ||||
*/ | */ | ||||
void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_decrypt(uint64_t *m, const uint64_t *u, const uint64_t *v, const unsigned char *sk) { | |||||
uint64_t x[VEC_N_256_SIZE_64] = {0}; | |||||
uint64_t y[VEC_N_256_SIZE_64] = {0}; | |||||
void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_decrypt(uint8_t *m, const uint64_t *u, const uint64_t *v, const unsigned char *sk) { | |||||
uint8_t pk[PUBLIC_KEY_BYTES] = {0}; | uint8_t pk[PUBLIC_KEY_BYTES] = {0}; | ||||
uint64_t tmp1[VEC_N_256_SIZE_64] = {0}; | uint64_t tmp1[VEC_N_256_SIZE_64] = {0}; | ||||
uint64_t tmp2[VEC_N_256_SIZE_64] = {0}; | uint64_t tmp2[VEC_N_256_SIZE_64] = {0}; | ||||
uint64_t y[VEC_N_256_SIZE_64] = {0}; | |||||
// Retrieve x, y, pk from secret key | // Retrieve x, y, pk from secret key | ||||
PQCLEAN_HQCRMRS256_AVX2_hqc_secret_key_from_string(x, y, pk, sk); | |||||
PQCLEAN_HQCRMRS256_AVX2_hqc_secret_key_from_string(tmp1, y, pk, sk); | |||||
// Compute v - u.y | // Compute v - u.y | ||||
PQCLEAN_HQCRMRS256_AVX2_vect_resize(tmp1, PARAM_N, v, PARAM_N1N2); | PQCLEAN_HQCRMRS256_AVX2_vect_resize(tmp1, PARAM_N, v, PARAM_N1N2); | ||||
@@ -134,5 +134,6 @@ void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_decrypt(uint64_t *m, const uint64_t *u, con | |||||
// Compute m by decoding v - u.y | // Compute m by decoding v - u.y | ||||
PQCLEAN_HQCRMRS256_AVX2_code_decode(m, tmp2); | |||||
PQCLEAN_HQCRMRS256_AVX2_store8_arr((uint8_t *)tmp1, VEC_N_SIZE_BYTES, tmp2, VEC_N_256_SIZE_64); | |||||
PQCLEAN_HQCRMRS256_AVX2_code_decode(m, (uint8_t *)tmp1); | |||||
} | } |
@@ -13,9 +13,9 @@ | |||||
void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_keygen(unsigned char *pk, unsigned char *sk); | void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_keygen(unsigned char *pk, unsigned char *sk); | ||||
void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint64_t *m, unsigned char *theta, const unsigned char *pk); | |||||
void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_encrypt(uint64_t *u, uint64_t *v, uint8_t *m, unsigned char *theta, const unsigned char *pk); | |||||
void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_decrypt(uint64_t *m, const uint64_t *u, const uint64_t *v, const unsigned char *sk); | |||||
void PQCLEAN_HQCRMRS256_AVX2_hqc_pke_decrypt(uint8_t *m, const uint64_t *u, const uint64_t *v, const unsigned char *sk); | |||||
#endif | #endif |
@@ -47,26 +47,26 @@ int PQCLEAN_HQCRMRS256_AVX2_crypto_kem_keypair(unsigned char *pk, unsigned char | |||||
int PQCLEAN_HQCRMRS256_AVX2_crypto_kem_enc(unsigned char *ct, unsigned char *ss, const unsigned char *pk) { | int PQCLEAN_HQCRMRS256_AVX2_crypto_kem_enc(unsigned char *ct, unsigned char *ss, const unsigned char *pk) { | ||||
uint8_t theta[SHA512_BYTES] = {0}; | uint8_t theta[SHA512_BYTES] = {0}; | ||||
uint64_t m[VEC_K_SIZE_64] = {0}; | |||||
uint8_t m[VEC_K_SIZE_BYTES] = {0}; | |||||
uint64_t u[VEC_N_256_SIZE_64] = {0}; | uint64_t u[VEC_N_256_SIZE_64] = {0}; | ||||
uint64_t v[VEC_N1N2_256_SIZE_64] = {0}; | uint64_t v[VEC_N1N2_256_SIZE_64] = {0}; | ||||
unsigned char d[SHA512_BYTES] = {0}; | unsigned char d[SHA512_BYTES] = {0}; | ||||
unsigned char mc[VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES] = {0}; | unsigned char mc[VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES] = {0}; | ||||
// Computing m | // Computing m | ||||
PQCLEAN_HQCRMRS256_AVX2_vect_set_random_from_randombytes(m); | |||||
randombytes(m, VEC_K_SIZE_BYTES); | |||||
// Computing theta | // Computing theta | ||||
sha3_512(theta, (uint8_t *) m, VEC_K_SIZE_BYTES); | |||||
sha3_512(theta, m, VEC_K_SIZE_BYTES); | |||||
// Encrypting m | // Encrypting m | ||||
PQCLEAN_HQCRMRS256_AVX2_hqc_pke_encrypt(u, v, m, theta, pk); | PQCLEAN_HQCRMRS256_AVX2_hqc_pke_encrypt(u, v, m, theta, pk); | ||||
// Computing d | // Computing d | ||||
sha512(d, (unsigned char *) m, VEC_K_SIZE_BYTES); | |||||
sha512(d, m, VEC_K_SIZE_BYTES); | |||||
// Computing shared secret | // Computing shared secret | ||||
PQCLEAN_HQCRMRS256_AVX2_store8_arr(mc, VEC_K_SIZE_BYTES, m, VEC_K_SIZE_64); | |||||
memcpy(mc, m, VEC_K_SIZE_BYTES); | |||||
PQCLEAN_HQCRMRS256_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64); | PQCLEAN_HQCRMRS256_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64); | ||||
PQCLEAN_HQCRMRS256_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64); | PQCLEAN_HQCRMRS256_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64); | ||||
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES); | sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES); | ||||
@@ -95,7 +95,7 @@ int PQCLEAN_HQCRMRS256_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned cha | |||||
uint64_t v[VEC_N1N2_256_SIZE_64] = {0}; | uint64_t v[VEC_N1N2_256_SIZE_64] = {0}; | ||||
unsigned char d[SHA512_BYTES] = {0}; | unsigned char d[SHA512_BYTES] = {0}; | ||||
unsigned char pk[PUBLIC_KEY_BYTES] = {0}; | unsigned char pk[PUBLIC_KEY_BYTES] = {0}; | ||||
uint64_t m[VEC_K_SIZE_64] = {0}; | |||||
uint8_t m[VEC_K_SIZE_BYTES] = {0}; | |||||
uint8_t theta[SHA512_BYTES] = {0}; | uint8_t theta[SHA512_BYTES] = {0}; | ||||
uint64_t u2[VEC_N_256_SIZE_64] = {0}; | uint64_t u2[VEC_N_256_SIZE_64] = {0}; | ||||
uint64_t v2[VEC_N1N2_256_SIZE_64] = {0}; | uint64_t v2[VEC_N1N2_256_SIZE_64] = {0}; | ||||
@@ -112,17 +112,17 @@ int PQCLEAN_HQCRMRS256_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned cha | |||||
PQCLEAN_HQCRMRS256_AVX2_hqc_pke_decrypt(m, u, v, sk); | PQCLEAN_HQCRMRS256_AVX2_hqc_pke_decrypt(m, u, v, sk); | ||||
// Computing theta | // Computing theta | ||||
sha3_512(theta, (uint8_t *) m, VEC_K_SIZE_BYTES); | |||||
sha3_512(theta, m, VEC_K_SIZE_BYTES); | |||||
// Encrypting m' | // Encrypting m' | ||||
PQCLEAN_HQCRMRS256_AVX2_hqc_pke_encrypt(u2, v2, m, theta, pk); | PQCLEAN_HQCRMRS256_AVX2_hqc_pke_encrypt(u2, v2, m, theta, pk); | ||||
// Computing d' | // Computing d' | ||||
sha512(d2, (unsigned char *) m, VEC_K_SIZE_BYTES); | |||||
sha512(d2, m, VEC_K_SIZE_BYTES); | |||||
// Computing shared secret | // Computing shared secret | ||||
PQCLEAN_HQCRMRS256_AVX2_store8_arr(mc, VEC_K_SIZE_BYTES, m, VEC_K_SIZE_64); | |||||
PQCLEAN_HQCRMRS256_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64); | |||||
memcpy(mc, m, VEC_K_SIZE_BYTES); | |||||
PQCLEAN_HQCRMRS256_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_256_SIZE_64); | |||||
PQCLEAN_HQCRMRS256_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64); | PQCLEAN_HQCRMRS256_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64); | ||||
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES); | sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES); | ||||
@@ -15,10 +15,10 @@ | |||||
// copy bit 0 into all bits of a 64 bit value | // copy bit 0 into all bits of a 64 bit value | ||||
#define BIT0MASK(x) (int64_t)(-((x) & 1)) | #define BIT0MASK(x) (int64_t)(-((x) & 1)) | ||||
static void encode(uint64_t *word, uint32_t message); | |||||
static void encode(uint8_t *word, uint8_t message); | |||||
static void expand_and_sum(__m256i *dst, const uint64_t *src); | static void expand_and_sum(__m256i *dst, const uint64_t *src); | ||||
static void hadamard(__m256i *src, __m256i *dst); | static void hadamard(__m256i *src, __m256i *dst); | ||||
static int32_t find_peaks(__m256i *transform); | |||||
static uint32_t find_peaks(__m256i *transform); | |||||
@@ -39,28 +39,38 @@ static int32_t find_peaks(__m256i *transform); | |||||
* @param[out] word An RM(1,7) codeword | * @param[out] word An RM(1,7) codeword | ||||
* @param[in] message A message to encode | * @param[in] message A message to encode | ||||
*/ | */ | ||||
static void encode(uint64_t *word, uint32_t message) { | |||||
// the four parts of the word are identical | |||||
// except for encoding bits 5 and 6 | |||||
uint32_t first_word; | |||||
static void encode(uint8_t *word, uint8_t message) { | |||||
uint32_t e; | |||||
// bit 7 flips all the bits, do that first to save work | // bit 7 flips all the bits, do that first to save work | ||||
first_word = BIT0MASK(message >> 7); | |||||
e = BIT0MASK(message >> 7); | |||||
// bits 0, 1, 2, 3, 4 are the same for all four longs | // bits 0, 1, 2, 3, 4 are the same for all four longs | ||||
// (Warning: in the bit matrix above, low bits are at the left!) | // (Warning: in the bit matrix above, low bits are at the left!) | ||||
first_word ^= BIT0MASK(message >> 0) & 0xaaaaaaaa; | |||||
first_word ^= BIT0MASK(message >> 1) & 0xcccccccc; | |||||
first_word ^= BIT0MASK(message >> 2) & 0xf0f0f0f0; | |||||
first_word ^= BIT0MASK(message >> 3) & 0xff00ff00; | |||||
first_word ^= BIT0MASK(message >> 4) & 0xffff0000; | |||||
e ^= BIT0MASK(message >> 0) & 0xaaaaaaaa; | |||||
e ^= BIT0MASK(message >> 1) & 0xcccccccc; | |||||
e ^= BIT0MASK(message >> 2) & 0xf0f0f0f0; | |||||
e ^= BIT0MASK(message >> 3) & 0xff00ff00; | |||||
e ^= BIT0MASK(message >> 4) & 0xffff0000; | |||||
// we can store this in the first quarter | // we can store this in the first quarter | ||||
((uint32_t *) word)[0] = first_word; | |||||
word[0 + 0] = (e >> 0x00) & 0xff; | |||||
word[0 + 1] = (e >> 0x08) & 0xff; | |||||
word[0 + 2] = (e >> 0x10) & 0xff; | |||||
word[0 + 3] = (e >> 0x18) & 0xff; | |||||
// bit 5 flips entries 1 and 3; bit 6 flips 2 and 3 | // bit 5 flips entries 1 and 3; bit 6 flips 2 and 3 | ||||
first_word ^= BIT0MASK(message >> 5); | |||||
((uint32_t *) word)[1] = first_word; | |||||
first_word ^= BIT0MASK(message >> 6); | |||||
((uint32_t *) word)[3] = first_word; | |||||
first_word ^= BIT0MASK(message >> 5); | |||||
((uint32_t *) word)[2] = first_word; | |||||
e ^= BIT0MASK(message >> 5); | |||||
word[4 + 0] = (e >> 0x00) & 0xff; | |||||
word[4 + 1] = (e >> 0x08) & 0xff; | |||||
word[4 + 2] = (e >> 0x10) & 0xff; | |||||
word[4 + 3] = (e >> 0x18) & 0xff; | |||||
e ^= BIT0MASK(message >> 6); | |||||
word[12 + 0] = (e >> 0x00) & 0xff; | |||||
word[12 + 1] = (e >> 0x08) & 0xff; | |||||
word[12 + 2] = (e >> 0x10) & 0xff; | |||||
word[12 + 3] = (e >> 0x18) & 0xff; | |||||
e ^= BIT0MASK(message >> 5); | |||||
word[8 + 0] = (e >> 0x00) & 0xff; | |||||
word[8 + 1] = (e >> 0x08) & 0xff; | |||||
word[8 + 2] = (e >> 0x10) & 0xff; | |||||
word[8 + 3] = (e >> 0x18) & 0xff; | |||||
} | } | ||||
@@ -218,7 +228,7 @@ inline void hadamard(__m256i *src, __m256i *dst) { | |||||
* | * | ||||
* @param[in] transform Structure that contain the expanded codeword | * @param[in] transform Structure that contain the expanded codeword | ||||
*/ | */ | ||||
inline int32_t find_peaks(__m256i *transform) { | |||||
inline uint32_t find_peaks(__m256i *transform) { | |||||
// a whole lot of vector variables | // a whole lot of vector variables | ||||
__m256i bitmap, abs_rows[8], bound, active_row, max_abs_rows; | __m256i bitmap, abs_rows[8], bound, active_row, max_abs_rows; | ||||
__m256i peak_mask; | __m256i peak_mask; | ||||
@@ -322,7 +332,7 @@ inline int32_t find_peaks(__m256i *transform) { | |||||
result |= message_mask & ptr[i]; | result |= message_mask & ptr[i]; | ||||
} | } | ||||
message |= (0x8000 & ~result) >> 8; | message |= (0x8000 & ~result) >> 8; | ||||
return message; | |||||
return (uint32_t) message; | |||||
} | } | ||||
@@ -336,14 +346,13 @@ inline int32_t find_peaks(__m256i *transform) { | |||||
* @param[out] cdw Array of size VEC_N1N2_SIZE_64 receiving the encoded message | * @param[out] cdw Array of size VEC_N1N2_SIZE_64 receiving the encoded message | ||||
* @param[in] msg Array of size VEC_N1_SIZE_64 storing the message | * @param[in] msg Array of size VEC_N1_SIZE_64 storing the message | ||||
*/ | */ | ||||
void PQCLEAN_HQCRMRS256_AVX2_reed_muller_encode(uint64_t *cdw, const uint64_t *msg) { | |||||
void PQCLEAN_HQCRMRS256_AVX2_reed_muller_encode(uint8_t *cdw, const uint8_t *msg) { | |||||
for (size_t i = 0; i < VEC_N1_SIZE_BYTES; i++) { | for (size_t i = 0; i < VEC_N1_SIZE_BYTES; i++) { | ||||
// fill entries i * MULTIPLICITY to (i+1) * MULTIPLICITY | |||||
// encode first word | // encode first word | ||||
encode(&cdw[2 * i * MULTIPLICITY], ((uint8_t *)msg)[i]); | |||||
encode(&cdw[16 * i * MULTIPLICITY], msg[i]); | |||||
// copy to other identical codewords | // copy to other identical codewords | ||||
for (size_t copy = 1; copy < MULTIPLICITY; copy++) { | for (size_t copy = 1; copy < MULTIPLICITY; copy++) { | ||||
memcpy(&cdw[2 * (i * MULTIPLICITY + copy)], &cdw[2 * i * MULTIPLICITY], 2 * sizeof(uint64_t)); | |||||
memcpy(&cdw[16 * i * MULTIPLICITY + 16 * copy], &cdw[16 * i * MULTIPLICITY], 16); | |||||
} | } | ||||
} | } | ||||
} | } | ||||
@@ -359,18 +368,18 @@ void PQCLEAN_HQCRMRS256_AVX2_reed_muller_encode(uint64_t *cdw, const uint64_t *m | |||||
* @param[out] msg Array of size VEC_N1_SIZE_64 receiving the decoded message | * @param[out] msg Array of size VEC_N1_SIZE_64 receiving the decoded message | ||||
* @param[in] cdw Array of size VEC_N1N2_SIZE_64 storing the received word | * @param[in] cdw Array of size VEC_N1N2_SIZE_64 storing the received word | ||||
*/ | */ | ||||
void PQCLEAN_HQCRMRS256_AVX2_reed_muller_decode(uint64_t *msg, const uint64_t *cdw) { | |||||
void PQCLEAN_HQCRMRS256_AVX2_reed_muller_decode(uint8_t *msg, const uint8_t *cdw) { | |||||
__m256i expanded[8]; | __m256i expanded[8]; | ||||
__m256i transform[8]; | __m256i transform[8]; | ||||
for (size_t i = 0; i < VEC_N1_SIZE_BYTES; i++) { | for (size_t i = 0; i < VEC_N1_SIZE_BYTES; i++) { | ||||
// collect the codewords | // collect the codewords | ||||
expand_and_sum(expanded, &cdw[2 * i * MULTIPLICITY]); | |||||
expand_and_sum(expanded, (uint64_t *)&cdw[16 * i * MULTIPLICITY]); | |||||
// apply hadamard transform | // apply hadamard transform | ||||
hadamard(expanded, transform); | hadamard(expanded, transform); | ||||
// fix the first entry to get the half Hadamard transform | // fix the first entry to get the half Hadamard transform | ||||
transform[0] -= _mm256_set_epi16(0, 0, 0, 0, 0, 0, 0, 0, | transform[0] -= _mm256_set_epi16(0, 0, 0, 0, 0, 0, 0, 0, | ||||
0, 0, 0, 0, 0, 0, 0, 64 * MULTIPLICITY); | 0, 0, 0, 0, 0, 0, 0, 64 * MULTIPLICITY); | ||||
// finish the decoding | // finish the decoding | ||||
((uint8_t *)msg)[i] = find_peaks(transform); | |||||
msg[i] = find_peaks(transform); | |||||
} | } | ||||
} | } |
@@ -12,9 +12,9 @@ | |||||
#include <stddef.h> | #include <stddef.h> | ||||
#include <stdint.h> | #include <stdint.h> | ||||
void PQCLEAN_HQCRMRS256_AVX2_reed_muller_encode(uint64_t *cdw, const uint64_t *msg); | |||||
void PQCLEAN_HQCRMRS256_AVX2_reed_muller_encode(uint8_t *cdw, const uint8_t *msg); | |||||
void PQCLEAN_HQCRMRS256_AVX2_reed_muller_decode(uint64_t *msg, const uint64_t *cdw); | |||||
void PQCLEAN_HQCRMRS256_AVX2_reed_muller_decode(uint8_t *msg, const uint8_t *cdw); | |||||
#endif | #endif |
@@ -1,6 +1,7 @@ | |||||
#include "fft.h" | #include "fft.h" | ||||
#include "gf.h" | #include "gf.h" | ||||
#include "parameters.h" | #include "parameters.h" | ||||
#include "parsing.h" | |||||
#include "reed_solomon.h" | #include "reed_solomon.h" | ||||
#include <stdint.h> | #include <stdint.h> | ||||
#include <stdio.h> | #include <stdio.h> | ||||
@@ -30,37 +31,31 @@ static void correct_errors(uint8_t *cdw, const uint16_t *error_values); | |||||
* @param[out] cdw Array of size VEC_N1_SIZE_64 receiving the encoded message | * @param[out] cdw Array of size VEC_N1_SIZE_64 receiving the encoded message | ||||
* @param[in] msg Array of size VEC_K_SIZE_64 storing the message | * @param[in] msg Array of size VEC_K_SIZE_64 storing the message | ||||
*/ | */ | ||||
void PQCLEAN_HQCRMRS256_AVX2_reed_solomon_encode(uint64_t *cdw, const uint64_t *msg) { | |||||
void PQCLEAN_HQCRMRS256_AVX2_reed_solomon_encode(uint8_t *cdw, const uint8_t *msg) { | |||||
uint8_t gate_value = 0; | uint8_t gate_value = 0; | ||||
uint16_t tmp[PARAM_G] = {0}; | uint16_t tmp[PARAM_G] = {0}; | ||||
uint16_t PARAM_RS_POLY [] = {RS_POLY_COEFS}; | uint16_t PARAM_RS_POLY [] = {RS_POLY_COEFS}; | ||||
uint8_t msg_bytes[PARAM_K] = {0}; | |||||
uint8_t cdw_bytes[PARAM_N1] = {0}; | |||||
for (size_t i = 0; i < VEC_K_SIZE_64; ++i) { | |||||
for (size_t j = 0; j < 8; ++j) { | |||||
msg_bytes[i * 8 + j] = (uint8_t) (msg[i] >> (j * 8)); | |||||
} | |||||
for (size_t i = 0; i < PARAM_N1; i++) { | |||||
cdw[i] = 0; | |||||
} | } | ||||
for (int i = PARAM_K - 1; i >= 0; --i) { | for (int i = PARAM_K - 1; i >= 0; --i) { | ||||
gate_value = msg_bytes[i] ^ cdw_bytes[PARAM_N1 - PARAM_K - 1]; | |||||
gate_value = msg[i] ^ cdw[PARAM_N1 - PARAM_K - 1]; | |||||
for (size_t j = 0; j < PARAM_G; ++j) { | for (size_t j = 0; j < PARAM_G; ++j) { | ||||
tmp[j] = PQCLEAN_HQCRMRS256_AVX2_gf_mul(gate_value, PARAM_RS_POLY[j]); | tmp[j] = PQCLEAN_HQCRMRS256_AVX2_gf_mul(gate_value, PARAM_RS_POLY[j]); | ||||
} | } | ||||
for (size_t k = PARAM_N1 - PARAM_K - 1; k; --k) { | for (size_t k = PARAM_N1 - PARAM_K - 1; k; --k) { | ||||
cdw_bytes[k] = cdw_bytes[k - 1] ^ tmp[k]; | |||||
cdw[k] = cdw[k - 1] ^ tmp[k]; | |||||
} | } | ||||
cdw_bytes[0] = tmp[0]; | |||||
cdw[0] = tmp[0]; | |||||
} | } | ||||
memcpy(cdw_bytes + PARAM_N1 - PARAM_K, msg_bytes, PARAM_K); | |||||
memcpy(cdw, cdw_bytes, PARAM_N1); | |||||
memcpy(cdw + PARAM_N1 - PARAM_K, msg, PARAM_K); | |||||
} | } | ||||
@@ -312,8 +307,7 @@ static void correct_errors(uint8_t *cdw, const uint16_t *error_values) { | |||||
* @param[out] msg Array of size VEC_K_SIZE_64 receiving the decoded message | * @param[out] msg Array of size VEC_K_SIZE_64 receiving the decoded message | ||||
* @param[in] cdw Array of size VEC_N1_SIZE_64 storing the received word | * @param[in] cdw Array of size VEC_N1_SIZE_64 storing the received word | ||||
*/ | */ | ||||
void PQCLEAN_HQCRMRS256_AVX2_reed_solomon_decode(uint64_t *msg, uint64_t *cdw) { | |||||
uint8_t cdw_bytes[PARAM_N1] = {0}; | |||||
void PQCLEAN_HQCRMRS256_AVX2_reed_solomon_decode(uint8_t *msg, uint8_t *cdw) { | |||||
uint16_t syndromes[2 * PARAM_DELTA] = {0}; | uint16_t syndromes[2 * PARAM_DELTA] = {0}; | ||||
uint16_t sigma[1 << PARAM_FFT] = {0}; | uint16_t sigma[1 << PARAM_FFT] = {0}; | ||||
uint8_t error[1 << PARAM_M] = {0}; | uint8_t error[1 << PARAM_M] = {0}; | ||||
@@ -321,11 +315,8 @@ void PQCLEAN_HQCRMRS256_AVX2_reed_solomon_decode(uint64_t *msg, uint64_t *cdw) { | |||||
uint16_t error_values[PARAM_N1] = {0}; | uint16_t error_values[PARAM_N1] = {0}; | ||||
uint16_t deg; | uint16_t deg; | ||||
// Copy the vector in an array of bytes | |||||
memcpy(cdw_bytes, cdw, PARAM_N1); | |||||
// Calculate the 2*PARAM_DELTA syndromes | // Calculate the 2*PARAM_DELTA syndromes | ||||
compute_syndromes(syndromes, cdw_bytes); | |||||
compute_syndromes(syndromes, cdw); | |||||
// Compute the error locator polynomial sigma | // Compute the error locator polynomial sigma | ||||
// Sigma's degree is at most PARAM_DELTA but the FFT requires the extra room | // Sigma's degree is at most PARAM_DELTA but the FFT requires the extra room | ||||
@@ -341,9 +332,9 @@ void PQCLEAN_HQCRMRS256_AVX2_reed_solomon_decode(uint64_t *msg, uint64_t *cdw) { | |||||
compute_error_values(error_values, z, error); | compute_error_values(error_values, z, error); | ||||
// Correct the errors | // Correct the errors | ||||
correct_errors(cdw_bytes, error_values); | |||||
correct_errors(cdw, error_values); | |||||
// Retrieve the message from the decoded codeword | // Retrieve the message from the decoded codeword | ||||
memcpy(msg, cdw_bytes + (PARAM_G - 1), PARAM_K); | |||||
memcpy(msg, cdw + (PARAM_G - 1), PARAM_K); | |||||
} | } |
@@ -122,22 +122,6 @@ void PQCLEAN_HQCRMRS256_AVX2_vect_set_random(AES_XOF_struct *ctx, uint64_t *v) { | |||||
/** | |||||
* @brief Generates a random vector | |||||
* | |||||
* This function generates a random binary vector. It uses the the randombytes function. | |||||
* | |||||
* @param[in] v Pointer to an array | |||||
*/ | |||||
void PQCLEAN_HQCRMRS256_AVX2_vect_set_random_from_randombytes(uint64_t *v) { | |||||
uint8_t rand_bytes [VEC_K_SIZE_BYTES] = {0}; | |||||
randombytes(rand_bytes, VEC_K_SIZE_BYTES); | |||||
PQCLEAN_HQCRMRS256_AVX2_load8_arr(v, VEC_K_SIZE_64, rand_bytes, VEC_K_SIZE_BYTES); | |||||
} | |||||
/** | /** | ||||
* @brief Adds two vectors | * @brief Adds two vectors | ||||
* | * | ||||
@@ -1,21 +1,21 @@ | |||||
consistency_checks: | consistency_checks: | ||||
- source: | |||||
scheme: hqc-128 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-128 | |||||
implementation: clean | |||||
files: | |||||
- api.h | - api.h | ||||
- code.h | - code.h | ||||
- hqc.h | - hqc.h | ||||
- source: | |||||
scheme: hqc-192 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-192 | |||||
implementation: clean | |||||
files: | |||||
- code.h | - code.h | ||||
- hqc.h | - hqc.h | ||||
- source: | |||||
scheme: hqc-192 | |||||
implementation: avx2 | |||||
files: | |||||
- source: | |||||
scheme: hqc-192 | |||||
implementation: avx2 | |||||
files: | |||||
- alpha_table.h | - alpha_table.h | ||||
- bch.h | - bch.h | ||||
- code.h | - code.h | ||||
@@ -34,16 +34,17 @@ consistency_checks: | |||||
- kem.c | - kem.c | ||||
- parsing.c | - parsing.c | ||||
- repetition.c | - repetition.c | ||||
- source: | |||||
scheme: hqc-256 | |||||
implementation: clean | |||||
files: | |||||
- vector.c | |||||
- source: | |||||
scheme: hqc-256 | |||||
implementation: clean | |||||
files: | |||||
- code.h | - code.h | ||||
- hqc.h | - hqc.h | ||||
- source: | |||||
scheme: hqc-256 | |||||
implementation: avx2 | |||||
files: | |||||
- source: | |||||
scheme: hqc-256 | |||||
implementation: avx2 | |||||
files: | |||||
- bch.h | - bch.h | ||||
- code.h | - code.h | ||||
- fft.h | - fft.h | ||||
@@ -59,55 +60,29 @@ consistency_checks: | |||||
- hqc.c | - hqc.c | ||||
- kem.c | - kem.c | ||||
- parsing.c | - parsing.c | ||||
- source: | |||||
scheme: hqc-rmrs-128 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-128 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | |||||
- vector.c | |||||
- source: | |||||
scheme: hqc-rmrs-128 | |||||
implementation: avx2 | |||||
files: | |||||
- gf2x.h | - gf2x.h | ||||
- hqc.h | |||||
- parsing.h | - parsing.h | ||||
- vector.h | - vector.h | ||||
- gf2x.c | - gf2x.c | ||||
- hqc.c | |||||
- kem.c | |||||
- parsing.c | - parsing.c | ||||
- vector.c | |||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | |||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: avx2 | |||||
files: | |||||
- gf2x.h | - gf2x.h | ||||
- hqc.h | |||||
- parsing.h | - parsing.h | ||||
- vector.h | - vector.h | ||||
- hqc.c | |||||
- kem.c | |||||
- parsing.c | - parsing.c | ||||
- vector.c | |||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | |||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: avx2 | |||||
files: | |||||
- gf2x.h | - gf2x.h | ||||
- hqc.h | |||||
- parsing.h | - parsing.h | ||||
- vector.h | - vector.h | ||||
- hqc.c | |||||
- kem.c | |||||
- parsing.c | - parsing.c | ||||
- vector.c |
@@ -1,15 +1,15 @@ | |||||
consistency_checks: | consistency_checks: | ||||
- source: | |||||
scheme: hqc-128 | |||||
implementation: avx2 | |||||
files: | |||||
- source: | |||||
scheme: hqc-128 | |||||
implementation: avx2 | |||||
files: | |||||
- api.h | - api.h | ||||
- code.h | - code.h | ||||
- hqc.h | - hqc.h | ||||
- source: | |||||
scheme: hqc-192 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-192 | |||||
implementation: clean | |||||
files: | |||||
- bch.h | - bch.h | ||||
- code.h | - code.h | ||||
- fft.h | - fft.h | ||||
@@ -27,16 +27,16 @@ consistency_checks: | |||||
- kem.c | - kem.c | ||||
- parsing.c | - parsing.c | ||||
- vector.c | - vector.c | ||||
- source: | |||||
scheme: hqc-192 | |||||
implementation: avx2 | |||||
files: | |||||
- source: | |||||
scheme: hqc-192 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | - code.h | ||||
- hqc.h | - hqc.h | ||||
- source: | |||||
scheme: hqc-256 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-256 | |||||
implementation: clean | |||||
files: | |||||
- bch.h | - bch.h | ||||
- code.h | - code.h | ||||
- fft.h | - fft.h | ||||
@@ -54,16 +54,16 @@ consistency_checks: | |||||
- kem.c | - kem.c | ||||
- parsing.c | - parsing.c | ||||
- vector.c | - vector.c | ||||
- source: | |||||
scheme: hqc-256 | |||||
implementation: avx2 | |||||
files: | |||||
- source: | |||||
scheme: hqc-256 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | - code.h | ||||
- hqc.h | - hqc.h | ||||
- source: | |||||
scheme: hqc-rmrs-128 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-128 | |||||
implementation: clean | |||||
files: | |||||
- gf2x.h | - gf2x.h | ||||
- parsing.h | - parsing.h | ||||
- vector.h | - vector.h | ||||
@@ -71,16 +71,10 @@ consistency_checks: | |||||
- gf.c | - gf.c | ||||
- parsing.c | - parsing.c | ||||
- vector.c | - vector.c | ||||
- source: | |||||
scheme: hqc-rmrs-128 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | |||||
- hqc.h | |||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: clean | |||||
files: | |||||
- gf2x.h | - gf2x.h | ||||
- parsing.h | - parsing.h | ||||
- vector.h | - vector.h | ||||
@@ -88,16 +82,10 @@ consistency_checks: | |||||
- gf.c | - gf.c | ||||
- parsing.c | - parsing.c | ||||
- vector.c | - vector.c | ||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | |||||
- hqc.h | |||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: clean | |||||
files: | |||||
- gf2x.h | - gf2x.h | ||||
- parsing.h | - parsing.h | ||||
- vector.h | - vector.h | ||||
@@ -105,9 +93,3 @@ consistency_checks: | |||||
- gf.c | - gf.c | ||||
- parsing.c | - parsing.c | ||||
- vector.c | - vector.c | ||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | |||||
- hqc.h |
@@ -1,21 +1,21 @@ | |||||
consistency_checks: | consistency_checks: | ||||
- source: | |||||
scheme: hqc-192 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-192 | |||||
implementation: clean | |||||
files: | |||||
- api.h | - api.h | ||||
- code.h | - code.h | ||||
- hqc.h | - hqc.h | ||||
- source: | |||||
scheme: hqc-256 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-256 | |||||
implementation: clean | |||||
files: | |||||
- code.h | - code.h | ||||
- hqc.h | - hqc.h | ||||
- source: | |||||
scheme: hqc-256 | |||||
implementation: avx2 | |||||
files: | |||||
- source: | |||||
scheme: hqc-256 | |||||
implementation: avx2 | |||||
files: | |||||
- bch.h | - bch.h | ||||
- code.h | - code.h | ||||
- fft.h | - fft.h | ||||
@@ -32,52 +32,28 @@ consistency_checks: | |||||
- kem.c | - kem.c | ||||
- parsing.c | - parsing.c | ||||
- vector.c | - vector.c | ||||
- source: | |||||
scheme: hqc-rmrs-128 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-128 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | |||||
- source: | |||||
scheme: hqc-rmrs-128 | |||||
implementation: avx2 | |||||
files: | |||||
- gf2x.h | - gf2x.h | ||||
- hqc.h | |||||
- parsing.h | - parsing.h | ||||
- vector.h | - vector.h | ||||
- hqc.c | |||||
- kem.c | |||||
- parsing.c | - parsing.c | ||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | |||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: avx2 | |||||
files: | |||||
- gf2x.h | - gf2x.h | ||||
- hqc.h | |||||
- parsing.h | - parsing.h | ||||
- vector.h | - vector.h | ||||
- gf2x.c | - gf2x.c | ||||
- hqc.c | |||||
- kem.c | |||||
- parsing.c | - parsing.c | ||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | |||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: avx2 | |||||
files: | |||||
- gf2x.h | - gf2x.h | ||||
- hqc.h | |||||
- parsing.h | - parsing.h | ||||
- vector.h | - vector.h | ||||
- hqc.c | |||||
- kem.c | |||||
- parsing.c | - parsing.c |
@@ -1,15 +1,15 @@ | |||||
consistency_checks: | consistency_checks: | ||||
- source: | |||||
scheme: hqc-192 | |||||
implementation: avx2 | |||||
files: | |||||
- source: | |||||
scheme: hqc-192 | |||||
implementation: avx2 | |||||
files: | |||||
- api.h | - api.h | ||||
- code.h | - code.h | ||||
- hqc.h | - hqc.h | ||||
- source: | |||||
scheme: hqc-256 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-256 | |||||
implementation: clean | |||||
files: | |||||
- bch.h | - bch.h | ||||
- code.h | - code.h | ||||
- fft.h | - fft.h | ||||
@@ -28,16 +28,16 @@ consistency_checks: | |||||
- kem.c | - kem.c | ||||
- parsing.c | - parsing.c | ||||
- vector.c | - vector.c | ||||
- source: | |||||
scheme: hqc-256 | |||||
implementation: avx2 | |||||
files: | |||||
- source: | |||||
scheme: hqc-256 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | - code.h | ||||
- hqc.h | - hqc.h | ||||
- source: | |||||
scheme: hqc-rmrs-128 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-128 | |||||
implementation: clean | |||||
files: | |||||
- gf2x.h | - gf2x.h | ||||
- parsing.h | - parsing.h | ||||
- vector.h | - vector.h | ||||
@@ -45,16 +45,10 @@ consistency_checks: | |||||
- gf.c | - gf.c | ||||
- parsing.c | - parsing.c | ||||
- vector.c | - vector.c | ||||
- source: | |||||
scheme: hqc-rmrs-128 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | |||||
- hqc.h | |||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: clean | |||||
files: | |||||
- gf2x.h | - gf2x.h | ||||
- parsing.h | - parsing.h | ||||
- vector.h | - vector.h | ||||
@@ -62,16 +56,10 @@ consistency_checks: | |||||
- gf.c | - gf.c | ||||
- parsing.c | - parsing.c | ||||
- vector.c | - vector.c | ||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | |||||
- hqc.h | |||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: clean | |||||
files: | |||||
- gf2x.h | - gf2x.h | ||||
- parsing.h | - parsing.h | ||||
- vector.h | - vector.h | ||||
@@ -79,9 +67,3 @@ consistency_checks: | |||||
- gf.c | - gf.c | ||||
- parsing.c | - parsing.c | ||||
- vector.c | - vector.c | ||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | |||||
- hqc.h |
@@ -1,57 +1,33 @@ | |||||
consistency_checks: | consistency_checks: | ||||
- source: | |||||
scheme: hqc-256 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-256 | |||||
implementation: clean | |||||
files: | |||||
- api.h | - api.h | ||||
- code.h | - code.h | ||||
- hqc.h | - hqc.h | ||||
- source: | |||||
scheme: hqc-rmrs-128 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-128 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | |||||
- source: | |||||
scheme: hqc-rmrs-128 | |||||
implementation: avx2 | |||||
files: | |||||
- gf2x.h | - gf2x.h | ||||
- hqc.h | |||||
- parsing.h | - parsing.h | ||||
- vector.h | - vector.h | ||||
- hqc.c | |||||
- kem.c | |||||
- parsing.c | - parsing.c | ||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | |||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: avx2 | |||||
files: | |||||
- gf2x.h | - gf2x.h | ||||
- hqc.h | |||||
- parsing.h | - parsing.h | ||||
- vector.h | - vector.h | ||||
- hqc.c | |||||
- kem.c | |||||
- parsing.c | - parsing.c | ||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | |||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: avx2 | |||||
files: | |||||
- gf2x.h | - gf2x.h | ||||
- hqc.h | |||||
- parsing.h | - parsing.h | ||||
- vector.h | - vector.h | ||||
- gf2x.c | - gf2x.c | ||||
- hqc.c | |||||
- kem.c | |||||
- parsing.c | - parsing.c |
@@ -1,15 +1,15 @@ | |||||
consistency_checks: | consistency_checks: | ||||
- source: | |||||
scheme: hqc-256 | |||||
implementation: avx2 | |||||
files: | |||||
- source: | |||||
scheme: hqc-256 | |||||
implementation: avx2 | |||||
files: | |||||
- api.h | - api.h | ||||
- code.h | - code.h | ||||
- hqc.h | - hqc.h | ||||
- source: | |||||
scheme: hqc-rmrs-128 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-128 | |||||
implementation: clean | |||||
files: | |||||
- gf2x.h | - gf2x.h | ||||
- parsing.h | - parsing.h | ||||
- vector.h | - vector.h | ||||
@@ -17,16 +17,10 @@ consistency_checks: | |||||
- gf.c | - gf.c | ||||
- parsing.c | - parsing.c | ||||
- vector.c | - vector.c | ||||
- source: | |||||
scheme: hqc-rmrs-128 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | |||||
- hqc.h | |||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: clean | |||||
files: | |||||
- gf2x.h | - gf2x.h | ||||
- parsing.h | - parsing.h | ||||
- vector.h | - vector.h | ||||
@@ -34,16 +28,10 @@ consistency_checks: | |||||
- gf.c | - gf.c | ||||
- parsing.c | - parsing.c | ||||
- vector.c | - vector.c | ||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | |||||
- hqc.h | |||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: clean | |||||
files: | |||||
- gf2x.h | - gf2x.h | ||||
- parsing.h | - parsing.h | ||||
- vector.h | - vector.h | ||||
@@ -51,9 +39,3 @@ consistency_checks: | |||||
- gf.c | - gf.c | ||||
- parsing.c | - parsing.c | ||||
- vector.c | - vector.c | ||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | |||||
- hqc.h |
@@ -1,23 +1,31 @@ | |||||
consistency_checks: | consistency_checks: | ||||
- source: | |||||
scheme: hqc-rmrs-128 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-128 | |||||
implementation: clean | |||||
files: | |||||
- api.h | - api.h | ||||
- code.h | |||||
- fft.h | - fft.h | ||||
- gf.h | - gf.h | ||||
- hqc.h | |||||
- reed_muller.h | |||||
- fft.c | - fft.c | ||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: clean | |||||
files: | |||||
- reed_solomon.c | |||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: clean | |||||
files: | |||||
- code.h | |||||
- fft.h | - fft.h | ||||
- gf.h | - gf.h | ||||
- hqc.h | |||||
- reed_muller.h | |||||
- fft.c | - fft.c | ||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: avx2 | |||||
files: | |||||
- reed_solomon.c | |||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | - code.h | ||||
- fft.h | - fft.h | ||||
- gf2x.h | - gf2x.h | ||||
@@ -35,17 +43,22 @@ consistency_checks: | |||||
- reed_muller.c | - reed_muller.c | ||||
- reed_solomon.c | - reed_solomon.c | ||||
- vector.c | - vector.c | ||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: clean | |||||
files: | |||||
- code.h | |||||
- fft.h | - fft.h | ||||
- gf.h | - gf.h | ||||
- hqc.h | |||||
- reed_muller.h | |||||
- reed_solomon.h | |||||
- fft.c | - fft.c | ||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: avx2 | |||||
files: | |||||
- reed_solomon.c | |||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | - code.h | ||||
- fft.h | - fft.h | ||||
- gf2x.h | - gf2x.h | ||||
@@ -1,16 +1,20 @@ | |||||
consistency_checks: | consistency_checks: | ||||
- source: | |||||
scheme: hqc-rmrs-128 | |||||
implementation: avx2 | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-128 | |||||
implementation: avx2 | |||||
files: | |||||
- api.h | - api.h | ||||
- code.h | |||||
- fft.h | - fft.h | ||||
- gf.h | - gf.h | ||||
- hqc.h | |||||
- reed_muller.h | |||||
- fft.c | - fft.c | ||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: clean | |||||
files: | |||||
- reed_solomon.c | |||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: clean | |||||
files: | |||||
- code.h | - code.h | ||||
- fft.h | - fft.h | ||||
- gf2x.h | - gf2x.h | ||||
@@ -29,17 +33,21 @@ consistency_checks: | |||||
- reed_muller.c | - reed_muller.c | ||||
- reed_solomon.c | - reed_solomon.c | ||||
- vector.c | - vector.c | ||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: avx2 | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | |||||
- fft.h | - fft.h | ||||
- gf.h | - gf.h | ||||
- hqc.h | |||||
- reed_muller.h | |||||
- fft.c | - fft.c | ||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: clean | |||||
files: | |||||
- reed_solomon.c | |||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: clean | |||||
files: | |||||
- code.h | - code.h | ||||
- fft.h | - fft.h | ||||
- gf2x.h | - gf2x.h | ||||
@@ -58,10 +66,14 @@ consistency_checks: | |||||
- reed_muller.c | - reed_muller.c | ||||
- reed_solomon.c | - reed_solomon.c | ||||
- vector.c | - vector.c | ||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: avx2 | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | |||||
- fft.h | - fft.h | ||||
- gf.h | - gf.h | ||||
- hqc.h | |||||
- reed_muller.h | |||||
- fft.c | - fft.c | ||||
- reed_solomon.c |
@@ -1,23 +1,31 @@ | |||||
consistency_checks: | consistency_checks: | ||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: clean | |||||
files: | |||||
- api.h | - api.h | ||||
- code.h | |||||
- fft.h | - fft.h | ||||
- gf.h | - gf.h | ||||
- hqc.h | |||||
- reed_muller.h | |||||
- fft.c | - fft.c | ||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: clean | |||||
files: | |||||
- reed_solomon.c | |||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: clean | |||||
files: | |||||
- code.h | |||||
- fft.h | - fft.h | ||||
- gf.h | - gf.h | ||||
- hqc.h | |||||
- reed_muller.h | |||||
- fft.c | - fft.c | ||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: avx2 | |||||
files: | |||||
- reed_solomon.c | |||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | - code.h | ||||
- fft.h | - fft.h | ||||
- gf2x.h | - gf2x.h | ||||
@@ -1,16 +1,20 @@ | |||||
consistency_checks: | consistency_checks: | ||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: avx2 | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-192 | |||||
implementation: avx2 | |||||
files: | |||||
- api.h | - api.h | ||||
- code.h | |||||
- fft.h | - fft.h | ||||
- gf.h | - gf.h | ||||
- hqc.h | |||||
- reed_muller.h | |||||
- fft.c | - fft.c | ||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: clean | |||||
files: | |||||
- reed_solomon.c | |||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: clean | |||||
files: | |||||
- code.h | - code.h | ||||
- fft.h | - fft.h | ||||
- gf2x.h | - gf2x.h | ||||
@@ -29,10 +33,14 @@ consistency_checks: | |||||
- reed_muller.c | - reed_muller.c | ||||
- reed_solomon.c | - reed_solomon.c | ||||
- vector.c | - vector.c | ||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: avx2 | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: avx2 | |||||
files: | |||||
- code.h | |||||
- fft.h | - fft.h | ||||
- gf.h | - gf.h | ||||
- hqc.h | |||||
- reed_muller.h | |||||
- fft.c | - fft.c | ||||
- reed_solomon.c |
@@ -1,9 +1,13 @@ | |||||
consistency_checks: | consistency_checks: | ||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: clean | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: clean | |||||
files: | |||||
- api.h | - api.h | ||||
- code.h | |||||
- fft.h | - fft.h | ||||
- gf.h | - gf.h | ||||
- hqc.h | |||||
- reed_muller.h | |||||
- fft.c | - fft.c | ||||
- reed_solomon.c |
@@ -1,9 +1,13 @@ | |||||
consistency_checks: | consistency_checks: | ||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: avx2 | |||||
files: | |||||
- source: | |||||
scheme: hqc-rmrs-256 | |||||
implementation: avx2 | |||||
files: | |||||
- api.h | - api.h | ||||
- code.h | |||||
- fft.h | - fft.h | ||||
- gf.h | - gf.h | ||||
- hqc.h | |||||
- reed_muller.h | |||||
- fft.c | - fft.c | ||||
- reed_solomon.c |