faest 0.2.2

Pure Rust implementation of the FAEST post-quantum secure digital signature scheme
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170

#[cfg(not(feature = "std"))]
use alloc::boxed::Box;

use core::{
    fmt::Debug,
    ops::{Add, AddAssign, Mul, MulAssign, Neg, Sub, SubAssign},
};

use generic_array::{
    ArrayLength, GenericArray,
    typenum::{Prod, U3},
};

pub(crate) mod large_fields;
pub(crate) mod large_fields_constants;
pub(crate) mod small_fields;

#[cfg(all(feature = "opt-simd", any(target_arch = "x86", target_arch = "x86_64")))]
#[allow(unused_unsafe)]
pub(crate) mod x86_simd_large_fields;

pub(crate) use large_fields::{
    BigGaloisField, ByteCombine, ByteCombineConstants, ByteCombineSquaredConstants, FromBit,
    Sigmas, SumPoly,
};
#[cfg(not(all(
    feature = "opt-simd",
    target_feature = "avx2",
    target_feature = "pclmulqdq"
)))]
pub(crate) use large_fields::{GF128, GF192, GF256};
pub(crate) use small_fields::{GF8, GF64};

#[cfg(all(
    feature = "opt-simd",
    target_feature = "avx2",
    target_feature = "pclmulqdq"
))]
pub(crate) use x86_simd_large_fields::{GF128, GF192, GF256};

/// Trait covering the basic functionality of a field
///
/// The implementation in general does not require field elements to be
/// inverted. As such, no function to invert elements is provided.
pub(crate) trait Field:
    Sized
    + Default
    + Add<Self, Output = Self>
    + AddAssign
    + Sub<Self, Output = Self>
    + SubAssign
    + Neg<Output = Self>
    + Mul<Self, Output = Self>
    + MulAssign
    + PartialEq
    + Eq
{
    /// Representation of `0`
    const ZERO: Self;

    /// Representation of `1`
    const ONE: Self;

    /// Length of the byte representation of the field
    type Length: ArrayLength;

    /// Obtain byte representation of the field element
    fn as_bytes(&self) -> GenericArray<u8, Self::Length>;

    /*/
    /// Obtain a boxed byte representation of the field element
    fn as_boxed_bytes(&self) -> Box<GenericArray<u8, Self::Length>>;
    */
}

/// Marker trait denoting that the current field is the base field of some `ExtensionField`.
///
/// For security, FAEST requires the extension field to have 3x the length of the base field.
pub(crate) trait BaseField: Field<Length: Mul<U3, Output: ArrayLength>> {
    type ExtenionField: ExtensionField<BaseField = Self, Length = Prod<Self::Length, U3>>;
}

/// Double a field element
///
/// This operation is not equivalent to `self + self` but corresponds to a the
/// multiplication with the element representing `2`.
pub(crate) trait Double {
    /// Output type
    type Output;

    /// Double a field element
    fn double(self) -> Self::Output;
}

/// Square a field element
pub(crate) trait Square {
    /// Output type
    type Output;
    /// Square an element
    fn square(self) -> Self::Output;
}

// blanket implementation for GenericArray

impl<F, L> Square for GenericArray<F, L>
where
    F: Square,
    L: ArrayLength,
{
    type Output = GenericArray<F::Output, L>;

    fn square(self) -> Self::Output {
        self.into_iter().map(|x| x.square()).collect()
    }
}

impl<F, L> Square for &GenericArray<F, L>
where
    F: Square + Clone,
    L: ArrayLength,
{
    type Output = GenericArray<F::Output, L>;

    fn square(self) -> Self::Output {
        self.iter().cloned().map(|x| x.square()).collect()
    }
}

impl<F, L> Square for &Box<GenericArray<F, L>>
where
    F: Square + Clone,
    L: ArrayLength,
{
    type Output = Box<GenericArray<F::Output, L>>;

    fn square(self) -> Self::Output {
        self.iter().cloned().map(|x| x.square()).collect()
    }
}

/// Trait covering the basic functionality of an extension field
///
/// The implementation in general does not require field elements to be
/// inverted. As such, no function to invert elements is provided.
/// Furthermore, we only require extension field elements to support multiplication for base field elements.
pub(crate) trait ExtensionField:
    Sized
    + Default
    + Add<Self, Output = Self>
    + AddAssign
    + Sub<Self, Output = Self>
    + SubAssign
    + Neg<Output = Self>
    + Mul<Self::BaseField, Output = Self>
    + for<'a> Mul<&'a Self::BaseField, Output = Self>
    + for<'a> Add<&'a Self, Output = Self>
    + for<'a> From<&'a [u8]>
    + PartialEq
    + Eq
    + Debug
{
    /// Length of the byte representation of the field
    type Length: ArrayLength;

    /// Base field of the extension field
    type BaseField: Field;

    /// Obtain byte representation of the field element
    fn as_bytes(&self) -> GenericArray<u8, Self::Length>;
}