Crate rpo_xhash_m31

Crate rpo_xhash_m31 

Source
Expand description

§rpo‑xhash‑m31

Rust implementation of the RPO‑M31 and XHash‑M31 arithmetisation‑oriented hash functions described in the paper RPO‑M31 and XHash‑M31: Efficient Hash Functions for Circle STARKs.

§High‑level architecture

  • Field arithmetic – delegated to the [stwo‑prover] crate which already exposes highly‑optimised M31 routines.
  • Permutation core – self‑contained implementation of the round‑function for the two ciphers (RpoM31 & XHashM31).
  • Sponge mode – easy‑to‑use, blake2‑like streaming interface that turns the permutation into a general‑purpose hash (Sponge), with rate = 16 and capacity = 8.

§Usage

use rpo_xhash_m31::{RpoM31, XHashM31, Sponge, Felt};

// --- RPO ---
let mut rpo_sponge: Sponge<RpoM31> = Sponge::new();
rpo_sponge.absorb_bytes(b"some input data");
let rpo_digest: [Felt; 16] = rpo_sponge.squeeze();

// --- XHash ---
let mut xhash_sponge: Sponge<XHashM31> = Sponge::new();
xhash_sponge.absorb_bytes(b"different input");
let xhash_digest: [Felt; 16] = xhash_sponge.squeeze();

println!("RPO digest element 0: {:?}", rpo_digest[0]);
println!("XHash digest element 0: {:?}", xhash_digest[0]);

Re-exports§

pub use fields::FieldExpOps;
pub use fields::m31::M31 as Felt;
pub use fields::m31::P as MODULUS;

Modules§

fields

Macros§

impl_extension_field
Used to extend a field (with characteristic M31) by 2.
impl_field

Structs§

RpoM31
A stateless permutation implementing the RPO-M31 algorithm.
Sponge
A generic sponge construction based on a chosen permutation P.
XHashM31
A stateless permutation implementing the XHash-M31 algorithm.

Constants§

INV_QUINTIC_EXP
The exponent 5⁻¹ mod (p-1) used for the inverse quintic S-box.
RATE
The rate (number of elements absorbed/squeezed per permutation) of the sponge (16).
RPO_ROUNDS
The number of rounds in the RPO-M31 permutation (7).
STATE_WIDTH
The width of the permutation state in field elements (24).
XHASH_ROUNDS
The number of round triplets in the XHash-M31 permutation (3).

Traits§

Permutation
A trait abstracting over the permutation function (RpoM31 or XHashM31).