Update Falcon verification to use horner_eval_base
#1661
Conversation
stdlib/tests/crypto/falcon.rs
Outdated
| #[test] | ||
| fn test_falcon512_probabilistic_product_failure() { | ||
| // Create a polynomial pi that is not equal to h * s2. | ||
| // create a polynomial pi that is not equal to h * s2. |
There was a problem hiding this comment.
The random_coefficients use rng - can we either fix a seed, or generate those coefficients deterministically?
| adv_push.2 | ||
| dup.1 dup.1 ext2inv | ||
| push.0.0 | ||
| loc_storew.4 |
There was a problem hiding this comment.
nit: can we add the state of the stack after this block?
| @@ -218,182 +207,83 @@ export.load_h_s2_and_product.4 | |||
| push.M u32lt assert | |||
| push.M u32lt assert | |||
|
|
|||
| horner_eval_base | |||
There was a problem hiding this comment.
can we also add some comments for the state of the stack in this loop? It's quite hard to follow
There was a problem hiding this comment.
I ran the miden-base tests on top of this branch, and I'm getting some NotU32 errors (for example, with the scripts::p2id::prove_consume_multiple_notes test).
Would be good to make sure the bus works fine too after we fix those (and #1664 might be useful if there's a bug there)
There was a problem hiding this comment.
My bad, miden-base reimplements the dsa::falcon_sign method which was updated in this PR. After updating it, all tests pass.
I also confirmed that the bus is fixed with this PR, which confirms the findings of #1664 that rcombbase was the problem.
Al-Kindi-0
force-pushed
the
al-introduce-horner-eval-ops
branch
from
cec1812 to
6fcd075
Compare
|
One other thing, before merging this PR we'd need to update |
Al-Kindi-0
force-pushed
the
al-introduce-horner-eval-ops
branch
from
6fcd075 to
3402f34
Compare
Indeed, we have now changed how and what advice is provided for the signature. |
Al-Kindi-0
force-pushed
the
al-update-falcon-with-horner
branch
2 times, most recently
from
66cfab3 to
4c3f3a4
Compare
Sure thing, will open one soon |
Al-Kindi-0
force-pushed
the
al-update-falcon-with-horner
branch
from
a037d70 to
f330f6c
Compare
processor/src/host/dsa.rs
Outdated
| /// 1. The challenge point at which we evaluate the three aforementioned polynomials to check the | ||
| /// product relationship. |
There was a problem hiding this comment.
I'm not sure the word "aforementioned" is correct here. Also, I would specify that the challenge point is 2 field elements.
There was a problem hiding this comment.
Indeed, this was from the previous order of the bullet points. Changed it now and updated the comment.
Al-Kindi-0
force-pushed
the
al-update-falcon-with-horner
branch
from
7e72ef6 to
1b82170
Compare
Signed-off-by: Al-Kindi-0 <82364884+Al-Kindi-0@users.noreply.github.com>
Al-Kindi-0
force-pushed
the
al-update-falcon-with-horner
branch
from
1b82170 to
0891f41
Compare
As the title says. The current cycle count is around
57500cycles.