discrete_gaussian/lib.rs
1//! [](https://dl.circleci.com/status-badge/redirect/gh/chancehudson/discrete-gaussian/tree/main) [](https://docs.rs/discrete-gaussian) [](https://crates.io/crates/discrete-gaussian)
2//!
3//! Discrete gaussian samples based on [FACCT](https://eprint.iacr.org/2018/1234.pdf) and [DDLL13](https://eprint.iacr.org/2013/383.pdf).
4//! Implemented with ~40 bits of accuracy (relative error <= 2^-40).
5//! Based on the analysis in [WALT19](https://eprint.iacr.org/2019/068.pdf) this implies an upper bound of 2^80 security in constructions.
6//!
7
8pub mod ctime;
9pub mod vtime;
10
11pub use ctime::sample;
12pub use vtime::sample_vartime;
13pub use vtime::sample_vartime_k;
14
15/// Approximation of `sqrt(1/(2*ln(2)))` as defined
16/// in [FACCT](https://eprint.iacr.org/2018/1234.pdf) page 6
17///
18/// Approximated to 14 decimals (~2^-46).
19pub const THETA_0: f64 = 0.84932180028802;
20
21/// Approximate a `k` value for the requested theta.
22pub fn k_from_theta(theta: f64) -> u32 {
23 // using `as` here should be okay as long as
24 // theta / THETA_0 < 2^32
25 // most standard deviations (theta) should be < 10000
26 ((theta / THETA_0).trunc() as u64).try_into().unwrap()
27}