diff --git a/README.md b/README.md index 88d51ea..7d27d65 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ Synchronized multi-signature scheme from lattice ------ -This is a reference implementation for the paper: [Synchronized multi-signature scheme from lattice](tbd). +This is a reference implementation for the paper: [Squirrel: Efficient Synchronized Multi-Signatures from Lattices](https://eprint.iacr.org/2022/694). # Benchmark ``` diff --git a/bench.md b/bench.md index a83d648..12cd222 100644 --- a/bench.md +++ b/bench.md @@ -3,7 +3,7 @@ Parameters and benchmark results # rho = 1024; rho = 21 -- q_hvc = 12289 +- q_hvc = 61441 - q_hots = 6694913 - alpha = 20 - beta_s = 44 diff --git a/benches/bench.rs b/benches/bench.rs index bc06d78..95494e4 100644 --- a/benches/bench.rs +++ b/benches/bench.rs @@ -23,28 +23,29 @@ fn smsig() { rng.fill_bytes(&mut seed); let start = Instant::now(); - for _ in 0..NUM_REPETITIONS { - let _ = SMSigScheme::key_gen(&seed, &pp); - } + // for _ in 0..NUM_REPETITIONS { + // let _ = SMSigScheme::key_gen(&seed, &pp); + // } + + let (pk, sk) = SMSigScheme::key_gen(&seed, &pp); println!( "ken gen time {}", start.elapsed().as_nanos() / NUM_REPETITIONS as u128 ); - let (pk, sk) = SMSigScheme::key_gen(&seed, &pp); // =============================== // sign // =============================== let start = Instant::now(); - for _ in 0..NUM_REPETITIONS { - let _ = SMSigScheme::sign(&sk, 0, message.as_ref(), &pp); - } - + // for _ in 0..NUM_REPETITIONS { + // let _ = SMSigScheme::sign(&sk, 0, message.as_ref(), &pp); + // } + let sig = SMSigScheme::sign(&sk, 0, message.as_ref(), &pp); println!( "signing time {}", start.elapsed().as_nanos() / NUM_REPETITIONS as u128 ); - let sig = SMSigScheme::sign(&sk, 0, message.as_ref(), &pp); + // =============================== // verify @@ -60,7 +61,7 @@ fn smsig() { let mut sigs = Vec::new(); let mut pks = Vec::new(); - for _ in 0..1000 { + for _ in 0..4096 { pks.push(pk); sigs.push(sig.clone()); } @@ -68,25 +69,26 @@ fn smsig() { // aggregation // =============================== let start = Instant::now(); - for _ in 0..NUM_REPETITIONS { - SMSigScheme::aggregate(&sigs, &pks); - } + // for _ in 0..NUM_REPETITIONS { + // SMSigScheme::aggregate(&sigs, &pks); + // } + + let agg_sig = SMSigScheme::aggregate(&sigs, &pks); println!( "aggregating time {}", start.elapsed().as_nanos() / NUM_REPETITIONS as u128 ); - let agg_sig = SMSigScheme::aggregate(&sigs, &pks); // =============================== // batch verification // =============================== let start = Instant::now(); for _ in 0..NUM_REPETITIONS { - assert!(SMSigScheme::batch_verify( + SMSigScheme::batch_verify( &pks, message.as_ref(), &agg_sig, &pp - )); + ); } println!( "batch verification {}", diff --git a/benches/bench_.rs b/benches/bench_.rs index 0d3caea..afb82fe 100644 --- a/benches/bench_.rs +++ b/benches/bench_.rs @@ -7,7 +7,7 @@ use rand_chacha::ChaCha20Rng; use sync_multi_sig::{ HOTSHash, HVCHash, LargeNTTPoly, LargePoly, MultiSig, Path, RandomizedPath, Randomizers, SMSigScheme, SignedPoly, SmallNTTPoly, SmallPoly, TerPolyCoeffEncoding, Tree, ALPHA, HEIGHT, - SMALL_MODULUS_BITS, + SMALL_MODULUS_BITS, LARGE_MODULUS_BITS, }; criterion_main!(bench); @@ -160,7 +160,7 @@ fn bench_hash(c: &mut Criterion) { let num_tests = 1000; let hasher = HVCHash::init(&mut rng); let inputs: Vec> = (0..num_tests) - .map(|_| (0..28).map(|_| SmallPoly::rand_poly(&mut rng)).collect()) + .map(|_| (0..SMALL_MODULUS_BITS<<1).map(|_| SmallPoly::rand_poly(&mut rng)).collect()) .collect(); let mut bench_group = c.benchmark_group("hash"); @@ -176,7 +176,7 @@ fn bench_hash(c: &mut Criterion) { let hasher = HOTSHash::init(&mut rng); let inputs: Vec> = (0..num_tests) - .map(|_| (0..46).map(|_| SignedPoly::rand_binary(&mut rng)).collect()) + .map(|_| (0..LARGE_MODULUS_BITS<<1).map(|_| SignedPoly::rand_binary(&mut rng)).collect()) .collect(); let bench_str = format!("{} hots_hash digests", num_tests); bench_group.bench_function(bench_str, move |b| { diff --git a/cpoly/c/hots_ntt.c b/cpoly/c/hots_ntt.c index ff3aba3..c052923 100644 --- a/cpoly/c/hots_ntt.c +++ b/cpoly/c/hots_ntt.c @@ -1,4 +1,4 @@ -// NTT functions for large ring with q = 0x662801 and n = 512 +// NTT functions for large ring with q = 28930049 and n = 512 #include "params.h" #include @@ -10,134 +10,153 @@ /// 2 -> 010 0000 /// 3 -> 110 0000 ... static const uint32_t HOTS_NTT_TABLE[] = { - 1, 3907658, 2638481, 1553977, 5395941, 4115851, 480732, 3912073, - 1411215, 6000587, 1065596, 3254862, 5357550, 4828077, 590351, 3550809, - 657937, 5596373, 3502275, 5326654, 4073164, 5554234, 3595025, 4795986, - 6554050, 4623093, 3746092, 5708210, 5120546, 1651474, 1693279, 5339857, - 2481694, 3152500, 3061381, 4576909, 3150236, 1255580, 2918321, 258929, - 1079128, 5260044, 5954450, 4978729, 3742785, 4265294, 2638065, 2832108, - 2753360, 2090883, 4475295, 6163550, 5487114, 528477, 3789942, 213275, - 2715286, 2971790, 4119266, 2989433, 529798, 1446094, 4291916, 370297, - 4379382, 5581362, 5174130, 6193671, 6455361, 2141357, 6640905, 5644148, - 1311092, 3579460, 3004500, 4193811, 256255, 5458293, 4684785, 950895, - 797994, 4704955, 2122831, 5756626, 1517622, 508789, 2736708, 6324227, - 3176806, 3017836, 4924468, 1899348, 1651856, 1334124, 2307736, 2773591, - 5285776, 6573094, 5259088, 5656191, 123486, 5201313, 828708, 4807416, - 1431848, 5870842, 4506466, 4523946, 3405013, 2210355, 4367554, 786977, - 1571697, 2271033, 3305840, 3082526, 3239127, 4711679, 3940676, 5383420, - 4484607, 727778, 1295245, 173471, 5470469, 5335775, 4902977, 3409942, - 2374344, 5924954, 3810322, 2293180, 6146472, 2129078, 727525, 4419956, - 6335155, 6689715, 3507368, 3052499, 3946463, 3584152, 2504673, 5052526, - 4548560, 6162301, 1483386, 2375980, 2794657, 2460357, 6116077, 3315701, - 549869, 1144017, 4482237, 5337910, 2443476, 3703347, 4374129, 5257146, - 1480046, 5878610, 4141269, 420748, 6378933, 1029750, 3594597, 6046612, - 4242889, 1251939, 3747093, 749763, 5659578, 830470, 235429, 1240300, - 1929252, 3363775, 5104226, 4414152, 2200129, 5514889, 179661, 5082019, - 2566035, 1758714, 2974195, 2239265, 2109116, 5005721, 3942805, 3010443, - 2113849, 1906416, 5860633, 274197, 869853, 365218, 792850, 1841029, - 2861647, 5371477, 5560154, 5032694, 3828280, 6632391, 1172538, 6242151, - 5022545, 2978329, 5541597, 3225891, 530369, 3312783, 4509142, 3962648, - 6533814, 2873248, 3375751, 5435999, 194587, 4703271, 1309116, 1281941, - 95709, 114603, 954582, 2092398, 1223262, 1997352, 2936852, 890319, - 2801573, 459304, 3517835, 5285268, 2366280, 831420, 3533052, 3899788, - 4835568, 3443805, 5028804, 4492562, 364199, 699880, 4583916, 2398968, - 1697915, 4807767, 2043339, 2085351, 1315688, 724049, 4975733, 2799932, - 894916, 4810308, 3386452, 4857659, 392403, 628306, 6344045, 5865778, - 3884446, 4818740, 2197129, 5333552, 1965763, 574070, 5580860, 2280724, - 834681, 87019, 5023124, 2631717, 522592, 1666624, 4950750, 3001484, - 4659282, 4423839, 153000, 2553274, 4832852, 1681782, 2471318, 1686220, - 4178214, 6436539, 6625875, 1321244, 2210441, 4602838, 69301, 2071121, - 1102824, 3782309, 3607719, 5996221, 6512247, 1978006, 6016524, 5548518, - 3357588, 3416458, 2330099, 1030056, 1664140, 478786, 3334507, 4630096, - 738061, 1789694, 3886118, 4187828, 4358134, 5975204, 5931304, 6601291, - 3731364, 3193334, 2349977, 3075154, 5586454, 2828631, 4648532, 984501, - 230457, 1002250, 4332418, 591293, 5844591, 4789893, 634200, 843129, - 4618620, 1604472, 219403, 1329394, 768746, 2383594, 4092694, 106774, - 6492498, 1902315, 5163134, 5537937, 2099131, 4993555, 3192675, 5358432, - 1260101, 2191088, 5191477, 6342872, 3363198, 6232676, 1755866, 2064300, - 4116220, 3818479, 54264, 3869176, 4267045, 3060200, 3322369, 240984, - 2520282, 2333905, 529305, 3105644, 3232331, 292869, 1800814, 2433529, - 621206, 5650182, 5017252, 330792, 1968745, 4061606, 313514, 3360342, - 252251, 5207342, 4779575, 5096077, 2140987, 507300, 168563, 845036, - 5175842, 1191167, 3594559, 4843694, 5511957, 2237671, 1680242, 2795528, - 5067830, 1330443, 5041371, 4843793, 4783880, 3247398, 2600686, 1400647, - 3765591, 6326699, 1957707, 6657061, 6589043, 1701462, 2566542, 1247072, - 1953129, 6206273, 4983733, 5515135, 4177614, 5061289, 3536743, 6222864, - 2649461, 6636313, 5540487, 4029135, 4627775, 5293303, 266854, 1298704, - 843827, 2081493, 1408985, 2005060, 3595255, 6438984, 3167781, 5206070, - 3839408, 895767, 4995601, 5937928, 4916905, 6322789, 5721686, 362371, - 2674404, 4111440, 6177280, 1331176, 1053186, 473941, 575947, 1778568, - 2260805, 6227802, 3893161, 3035779, 1194990, 4144702, 2522666, 5566594, - 5530236, 2291456, 321189, 1425252, 6541782, 1051829, 4765539, 1935685, - 4878771, 371258, 1039796, 4373329, 4332562, 921353, 6028386, 2610102, - 3493435, 686101, 6501225, 146859, 4731710, 830388, 458196, 5816987, - 1228411, 4314829, 4497044, 1896857, 765841, 5209552, 4980774, 4869864, - 2781913, 29699, 3167299, 2985467, 5757618, 4614191, 5559088, 3705152, - 455834, 1518905, 1702269, 281853, 2587811, 2575092, 2793085, 5552115, - 6693967, 5642421, 1199523, 2818618, 3658433, 2844320, 481612, 1465831, - 3973210, 730922, 2878047, 560528, 6501754, 5264737, 3900646, 1781012, - 218507, 1507325, 829785, 2254805, 3056744, 1201341, 122154, 2148258, - 6053051, 5027124, 4500858, 2828131, 3080496, 4315238, 4937186, 3154593, - 2231939, 3666198, 2830903, 1852797, 5807942, 3915834, 4267403, 2764947, - 3466601, 5013648, 4207046, 3341118, 934367, 2064415, 1593059, 5485945, - 6337510, 3718930, 4250859, 550923, 4442644, 2179233, 3188236, 5784153, - 2186036, 550120, 6308643, 3944581, 929567, 4452241, 3659655, 4529427, - 1255775, 2317905, 5949336, 5531022, 5684063, 2834917, 4227177, 3176566, - 4960786, 1456818, 3081025, 2738203, 5294551, 4927658, 225796, 4266585, - 1622845, 1229715, 275774, 3890986, 3735883, 719342, 2005563, 2533480, - 757461, 3854995, 1112720, 4148389, 3953866, 3257253, 6118295, 588810, - 755915, 1427253, 5918024, 5173714, 3690678, 318957, 6041966, 4725304, - 4539131, 2961258, 1542745, 5091404, 5805768, 4511939, 5750150, 5350014, - 6140237, 669855, 5894644, 2912472, 2056012, 1563724, 1187045, 2113473, - 2136620, 1098051, 6562222, 3269259, 104075, 321252, 1358467, 1142934, - 3361344, 5330610, 3993495, 6498445, 3316885, 1061025, 1337389, 3042249, - 5585418, 4917308, 2706720, 4538362, 2407456, 3713099, 578544, 478286, - 1891299, 1732477, 2648574, 1813688, 745113, 2332002, 5290903, 3261051, - 2027140, 2335824, 4378640, 4996455, 4911602, 4768150, 6225113, 1060243, - 5808214, 2307643, 5578544, 3667172, 4340908, 3313798, 527042, 4055663, - 3174806, 665307, 3553912, 384980, 1969612, 4375114, 4911208, 4980888, - 2638857, 4647438, 5129390, 1837920, 795909, 4947146, 4108432, 6052473, - 2784309, 3289893, 4969903, 3942731, 6555251, 4586338, 5867924, 4153860, - 2077833, 4156974, 5924059, 1711245, 593361, 2639248, 6489069, 5758859, - 4321703, 21725, 2295934, 5849532, 395053, 5586508, 2134610, 6533333, - 2060660, 1059139, 6461030, 1187442, 389401, 6021479, 5706162, 486272, - 5111568, 42070, 13055, 5933043, 3378262, 2822779, 135169, 5757980, - 3188068, 5399083, 778683, 2285740, 1014097, 5165387, 126903, 1317264, - 897490, 667761, 6194764, 1236483, 4294975, 3476414, 5189308, 6392528, - 4873164, 2583101, 2834559, 1306103, 3603222, 709907, 1919088, 151779, - 551530, 4393258, 1831163, 2257289, 612970, 4625685, 6175334, 2449876, - 3663415, 1989472, 3279735, 4059817, 3701890, 1469781, 3870391, 1056889, - 821321, 707713, 3633909, 2424210, 1574016, 5912646, 2792797, 4891995, - 391508, 4713895, 1512926, 903354, 1051530, 3373164, 3029600, 5934161, - 4266895, 6063844, 2550086, 1466389, 747587, 2423522, 5352722, 4920087, - 4103139, 3404936, 5055731, 2051907, 4430583, 4103615, 1390384, 2329043, - 1134924, 3714141, 1503456, 4861158, 5429211, 3381964, 5739259, 6608677, - 3805427, 1673711, 5047636, 3024322, 5723028, 2322528, 5555314, 5097199, - 4760159, 762465, 5934522, 1703208, 1271644, 4658501, 6018423, 1532543, - 5043720, 5206712, 6327787, 3191471, 4195786, 2080274, 1046569, 5949874, - 2919807, 2549146, 5514241, 3009514, 1015052, 1217323, 2588970, 5789526, - 2563669, 1914739, 6681978, 1036920, 2511801, 1305757, 4666103, 6110404, - 4027026, 1341607, 2961726, 3228477, 2611235, 2705548, 5830126, 5667382, - 6333881, 2653782, 2928900, 4980049, 5193280, 2106857, 5984101, 2086796, - 2495246, 2971886, 2225560, 1876915, 407969, 3948129, 3648036, 6351091, - 5897169, 1447160, 1395945, 1127583, 1790115, 4132272, 3632771, 931638, - 1491468, 4163315, 372925, 1731679, 5447957, 600786, 4686841, 1200143, - 2387422, 1310436, 4283238, 6143431, 3184937, 2127936, 1217314, 3985504, - 4329784, 4596315, 562990, 3880881, 1025905, 5450655, 3880362, 6616060, - 6085441, 44566, 4336003, 3787227, 210708, 926559, 3479028, 580712, - 6139543, 194968, 2500079, 2333427, 6424238, 3890981, 2304687, 5269489, - 135954, 304443, 5302247, 4714430, 4670739, 5578314, 1697622, 4694096, - 4202269, 1876296, 816177, 4538700, 597952, 330286, 1962810, 3290008, - 5129218, 5906957, 6082790, 4568532, 6599487, 1091966, 2600198, 2513748, - 3257791, 2858369, 770032, 6447032, 1572405, 3893828, 3469661, 5332510, - 690930, 322213, 952169, 6046061, 1228081, 210985, 4137004, 4592748, - 3650630, 22748, 5966757, 270743, 979757, 2330926, 3641905, 2898607, - 3818710, 1434436, 4121204, 4084034, 4268753, 2511803, 4171468, 3248152, - 4172604, 3620321, 505195, 287000, 5378017, 5433665, 1212720, 1266405, - 2497512, 355015, 2466197, 1664559, 2699137, 4452686, 1715929, 348784, - 2838056, 2068696, 3761044, 6504875, 5259931, 5914689, 1406548, 5903713, - 6106024, 5379311, 3056170, 1001504, 2952554, 58590, 3304370, 3060620, - 3950381, 2522165, 3127559, 1163582, 2268952, 911300, 2232225, 3205915, + 1, 2068501, 6983048, 15465936, 18956325, 25265303, 16573220, + 19098906, 28387479, 5733336, 2583876, 10327273, 19905132, 18969450, + 21574976, 18682988, 19082390, 15382182, 22058319, 20598440, 27256626, + 3213927, 5839070, 256864, 11453918, 3628074, 5551176, 16288635, + 8459294, 7261134, 25456090, 18275602, 7551455, 19792434, 12710237, + 1224370, 14437592, 2137431, 12320218, 18809314, 25250275, 24343371, + 7141285, 14284287, 14006339, 12936593, 25371729, 23518309, 16419773, + 5393538, 8653709, 27201949, 11572980, 1986999, 533941, 23941817, + 16632744, 18263886, 17270423, 21258959, 28586703, 21158604, 5142316, + 1092192, 20205882, 8871504, 25283870, 25656768, 17221441, 14974575, + 14576077, 22083267, 23461957, 27487438, 12729312, 26224158, 18912699, + 17663508, 7537142, 8777748, 9851370, 23292093, 28569003, 5202889, + 19646379, 22966746, 21026225, 26093301, 172242, 9195807, 7366441, + 4836592, 1070461, 1558599, 18764312, 26825511, 18460942, 27370000, + 14984962, 2202088, 1880875, 20968757, 27091049, 9873961, 10774183, + 412288, 23348473, 24137540, 1129725, 12584250, 17770039, 9314148, + 2742300, 19864674, 3055928, 3347477, 16810233, 3186016, 10317637, + 27074298, 11639119, 372917, 13043377, 16810379, 19499371, 20516777, + 10964557, 22324723, 13941082, 16375470, 9810192, 16622171, 23136000, + 28828975, 26677647, 1811901, 8820751, 13240735, 8121874, 20015888, + 22321394, 17277325, 22623282, 17799548, 5161580, 12017983, 17867426, + 14489848, 8900159, 3949921, 15748275, 621628, 26002796, 4567898, + 14374884, 12916439, 15580401, 462901, 6265498, 18737331, 17615025, + 23363250, 18025011, 24357850, 16515815, 5720097, 18153807, 22191405, + 4733488, 23157732, 1776229, 15239729, 10143053, 4767332, 15928893, + 6482460, 13011249, 12332804, 1536768, 1290697, 17546505, 17984781, + 13656462, 6118000, 26117099, 24077273, 17658518, 16224853, 6516923, + 16110383, 6492589, 19492309, 28591422, 4058261, 6820017, 23260598, + 20456590, 27491887, 436570, 22932084, 23040240, 4288669, 19153753, + 28709047, 25912795, 2274712, 9456312, 3588089, 3266110, 4248287, + 22683493, 20452314, 13340458, 25985151, 15302113, 11571615, 16848795, + 8576485, 9718521, 2608146, 21312495, 6701590, 22661855, 17013479, + 478825, 833761, 9685327, 20722278, 17304473, 9048694, 14975555, + 13736158, 24689819, 5470443, 1950166, 1078753, 12326752, 24061965, + 6685790, 16257124, 3365835, 14261142, 3005765, 13217577, 27729227, + 3569269, 5967243, 11266501, 8247175, 20950698, 6806178, 9093720, + 25289060, 28128779, 1539227, 24976081, 15786237, 8903604, 8379110, + 2547867, 25988807, 27286458, 25291885, 27774206, 7418046, 26879936, + 16697503, 26193275, 19239051, 23338494, 3538112, 9064337, 19885502, + 3153567, 14914898, 14293514, 17144413, 259390, 20755790, 22452830, + 11374116, 7970866, 23888567, 17414401, 8073854, 7456085, 15473734, + 9150457, 14135631, 24194929, 28644553, 328741, 12422003, 8286977, + 18234279, 15101931, 18118622, 1056955, 10082374, 17677764, 27347820, + 14174641, 9679794, 3075600, 16515765, 18015243, 16161995, 1075879, + 24900378, 5084807, 4743622, 11061341, 8341504, 7401022, 2455289, + 10859692, 19071344, 21458846, 14820745, 15808729, 19675411, 16906054, + 11092369, 9856724, 3344227, 15017239, 12440165, 25198537, 16054926, + 17197454, 18235287, 17187411, 15429890, 13496228, 9408140, 23776722, + 8420829, 4919, 9089686, 9644949, 3465047, 4614748, 17280538, + 27721147, 4517991, 21592727, 1310157, 9794533, 17613524, 14058492, + 9147701, 11887212, 18740471, 8496666, 11143226, 17953917, 16676960, + 2289164, 9307814, 14586873, 26971560, 25096628, 24019543, 11492492, + 4308481, 22082237, 4431656, 22751369, 19562088, 28354278, 23704211, + 3819914, 16514747, 24174802, 24211185, 23629736, 25360911, 9402368, + 6681268, 6901429, 11006833, 14734872, 4703980, 28233614, 6064703, + 22792529, 20954673, 26840433, 24766502, 873959, 16743009, 17020335, + 6796599, 12006206, 16607194, 23262859, 12819625, 8498529, 12433262, + 8850291, 8215225, 8575664, 6960466, 26605489, 21281125, 7925127, + 22777123, 7522889, 4811327, 8554337, 17488889, 2102996, 3305532, + 23816627, 10055465, 17798631, 22744101, 5328556, 15134650, 22595378, + 21211776, 23562269, 15471582, 12963851, 19101674, 9817895, 13777856, + 25833123, 20928762, 8361770, 13562247, 24036398, 28078000, 12236629, + 28392282, 17736832, 15386922, 7255788, 24269904, 6664204, 22972959, + 15938627, 16697025, 21071463, 6620635, 28172760, 26450148, 25009985, + 19447572, 2204925, 8463852, 4292718, 9157811, 8006895, 23354212, + 5014640, 16561779, 18159047, 8078424, 379632, 11331529, 8717984, + 8797062, 20023552, 19249535, 11966228, 20789374, 1012716, 5372173, + 24101283, 26644122, 643329, 19294883, 23130718, 19733724, 28030586, + 9322287, 9401131, 15281711, 18955704, 1728805, 20444464, 21360283, + 2249945, 3514719, 20592421, 7953284, 14242944, 1249877, 9065443, + 15672237, 8619003, 952103, 12921928, 21739009, 562800, 15257927, + 2811220, 11998808, 23358973, 11780534, 5716393, 22483731, 20445419, + 13649254, 24268076, 22460057, 395653, 11763631, 18273231, 22623307, + 11651975, 28919921, 24507397, 9659661, 17215527, 19075613, 28224670, + 27502187, 21517695, 27369699, 24311384, 12198217, 16436240, 14334585, + 1865809, 26233218, 10148045, 15211449, 26504618, 20113595, 22513068, + 24349479, 24582518, 23849245, 2185818, 4214986, 24958807, 17704728, + 16774167, 15075506, 28349455, 5317168, 28086495, 9913316, 27468018, + 9437714, 10571661, 17465919, 20705533, 25063482, 3640473, 6847960, + 21146139, 27118069, 7916313, 16758904, 2378017, 20753955, 16589914, + 19390757, 23109697, 13283718, 28447204, 13417108, 10988232, 2164715, + 8948142, 3244095, 2095898, 25162159, 15617955, 5802408, 19461680, + 21641801, 18488191, 5993730, 6139682, 13758388, 26883863, 510973, + 17751307, 3532191, 27810692, 8721990, 1089463, 18756457, 8507645, + 26969006, 7413992, 10225135, 1008833, 5063641, 22231691, 11487714, + 15689486, 2350510, 19320521, 483889, 3045087, 20266013, 19624484, + 3281923, 22499230, 7139367, 10316082, 25469994, 22244800, 2486111, + 4369518, 28271967, 2320515, 15400291, 3918813, 23370493, 7702385, + 3219404, 19204241, 885982, 22838979, 14444604, 12511894, 27809886, + 7198845, 27762689, 19072523, 4713646, 2770372, 28228590, 17964636, + 27239501, 19444327, 8952443, 12933043, 20211527, 26749902, 15815035, + 10624511, 13424815, 12468440, 12290673, 5210757, 17093739, 23537292, + 11988900, 11125757, 15448844, 19647787, 28355233, 17543084, 18719484, + 20869728, 17254503, 13118801, 26318033, 18243224, 116303, 19514368, + 25096016, 8958033, 5222332, 5457879, 21760986, 10902298, 22848208, + 24407456, 16111465, 3987386, 15115967, 27336659, 15563762, 9433072, + 6638983, 24804820, 20227831, 19153072, 1368998, 13745731, 17634148, + 3000841, 25254778, 23327596, 4843166, 22766152, 1763215, 713285, + 15054969, 16856350, 27373372, 13312670, 28910107, 4202932, 6288367, + 22656585, 1917133, 5060958, 22389384, 25692126, 92614, 26297185, + 14975674, 28447385, 1059985, 548824, 15868474, 7532221, 11824836, + 22982512, 12667418, 13890089, 4716537, 23216669, 27154563, 17293966, + 15698210, 10694483, 8616768, 18965917, 13864303, 24906201, 16813976, + 21262176, 24032054, 27044697, 20100255, 27976474, 27402078, 27241828, + 13763291, 14297067, 19776059, 26762098, 23076278, 25121483, 11741326, + 23786581, 10708632, 3242900, 8804303, 12273911, 27464347, 5222400, + 7825867, 4797417, 12856724, 25327180, 7942219, 9948138, 16747228, + 7151256, 11563589, 17687036, 19350891, 10888481, 20953677, 20646916, + 11304636, 13004818, 27565306, 21921177, 22593112, 13240071, 7335983, + 12079856, 19054166, 14848840, 4005355, 6600088, 13372487, 28191470, + 17137686, 806732, 19878555, 11511473, 19372615, 18638108, 1367365, + 20699331, 12756070, 3060130, 19701536, 15163147, 10332375, 20370390, + 10636882, 28377569, 14628934, 1255404, 28469283, 5532539, 20024963, + 16852949, 2408270, 14835911, 27523260, 13455425, 13255211, 21129059, + 25027530, 16048500, 9141733, 20204167, 27428637, 26396836, 6736717, + 24499142, 12655104, 811895, 26827240, 28207939, 8789098, 7679469, + 26498215, 19069139, 6982429, 7985973, 1875398, 3437939, 26461931, + 10125961, 21138798, 25491973, 9407773, 16818129, 21920617, 206143, + 12675148, 5085722, 11365141, 16265849, 13518901, 17013903, 26544953, + 12445119, 20797084, 8698427, 6756323, 19601050, 25302324, 10109542, + 11514901, 12010917, 2446080, 26936274, 6198778, 4684341, 9939486, + 3087460, 28558389, 8040466, 24006159, 12732001, 27083470, 12791440, + 9507586, 6348729, 9124670, 20031384, 9622395, 2107797, 21841111, + 9294202, 15031219, 13180802, 6561201, 12662527, 26458270, 17016638, + 18305231, 17246306, 13489499, 9910499, 18493027, 762130, 2850537, + 18558200, 19148373, 9312483, 15624080, 1975053, 17078337, 16468839, + 14227643, 20316570, 12185702, 21540080, 213644, 16329169, 14598463, + 10538204, 28432356, 26255521, 19204222, 15339175, 5881263, 23491773, + 24112092, 19057308, 1911320, 15765029, 17322623, 1138242, 14752086, + 12209111, 17561948, 23071628, 1644054, 83104, 897912, 22724112, + 8425761, 18474603, 27952173, 22612155, 6929765, 23013843, 22561099, + 15199719, 1508982, 9929274, 18012709, 7171619, 11222235, 22302625, + 22568646, 3950306, 20953009, 27530600, 17725259, 15856266, 16594451, + 19629255, 1676546, 5313769, 17892937, 15609483, 22413440, 25867902, + 16430808, 5493412, 3967487, 19176912, 1435036, 5723391, 8397670, + 3751404, 7654964, 16969794, 7427947, 24633645, 13038641, 27676254, + 14255355, 3259164, 17597254, 5194209, 6062302, 3360007, 5154796, + 10380964, 19694425, 2517428, 26772180, 5215743, 28357335, 26024836, + 621488, 12892124, 27656439, 22423526, 24830349, 2783621, 28708720, + 27697645, 7906984, 1108834, 309731, 22948126, 27046799, 13379747, + 8054025, 13959238, 7829456, 22554962, 3905971, 7624898, 14551869, + 25725878, 11557200, 23066540, 2593142, 25365101, 22272654, 19759350, + 1960198, 9435652, 15816287, 25613402, 19326113, 21617531, 12607206, + 9168822, 10762527, 17625498, 19737182, 6254892, 13919787, 28111302, + 12037102, 24062105, 11208425, 10262178, 23203773, 22329794, 22118160, + 10087110, 17059659, 2622576, 1517991, 14103227, 20817063, 23169934, + 26064833, 23397120, }; /// NTT reverse table where the i-th element is (1/g)^rev(i) where @@ -149,134 +168,153 @@ static const uint32_t HOTS_NTT_TABLE[] = { /// 2 -> 010 0000 /// 3 -> 110 0000 ... static const uint32_t HOTS_INV_NTT_TABLE[] = { - 1, 2787255, 5140936, 4056432, 2782840, 6214181, 2579062, 1298972, - 3144104, 6104562, 1866836, 1337363, 3440051, 5629317, 694326, 5283698, - 1355056, 5001634, 5043439, 1574367, 986703, 2948821, 2071820, 140863, - 1898927, 3099888, 1140679, 2621749, 1368259, 3192638, 1098540, 6036976, - 6324616, 2402997, 5248819, 6165115, 3705480, 2575647, 3723123, 3979627, - 6481638, 2904971, 6166436, 1207799, 531363, 2219618, 4604030, 3941553, - 3862805, 4056848, 2429619, 2952128, 1716184, 740463, 1434869, 5615785, - 6435984, 3776592, 5439333, 3544677, 2118004, 3633532, 3542413, 4213219, - 3284971, 1791936, 1359138, 1224444, 6521442, 5399668, 5967135, 2210306, - 1311493, 2754237, 1983234, 3455786, 3612387, 3389073, 4423880, 5123216, - 5907936, 2327359, 4484558, 3289900, 2170967, 2188447, 824071, 5263065, - 1887497, 5866205, 1493600, 6571427, 1038722, 1435825, 121819, 1409137, - 3921322, 4387177, 5360789, 5043057, 4795565, 1770445, 3677077, 3518107, - 370686, 3958205, 6186124, 5177291, 938287, 4572082, 1989958, 5896919, - 5744018, 2010128, 1236620, 6438658, 2501102, 3690413, 3115453, 5383821, - 1050765, 54008, 4553556, 239552, 501242, 1520783, 1113551, 2315531, - 3894981, 1719180, 5970864, 5379225, 4609562, 4651574, 1887146, 4996998, - 4295945, 2110997, 5995033, 6330714, 2202351, 1666109, 3251108, 1859345, - 2795125, 3161861, 5863493, 4328633, 1409645, 3177078, 6235609, 3893340, - 5804594, 3758061, 4697561, 5471651, 4602515, 5740331, 6580310, 6599204, - 5412972, 5385797, 1991642, 6500326, 1258914, 3319162, 3821665, 161099, - 2732265, 2185771, 3382130, 6164544, 3469022, 1153316, 3716584, 1672368, - 452762, 5522375, 62522, 2866633, 1662219, 1134759, 1323436, 3833266, - 4853884, 5902063, 6329695, 5825060, 6420716, 834280, 4788497, 4581064, - 3684470, 2752108, 1689192, 4585797, 4455648, 3720718, 4936199, 4128878, - 1612894, 6515252, 1180024, 4494784, 2280761, 1590687, 3331138, 4765661, - 5454613, 6459484, 5864443, 1035335, 5945150, 2947820, 5442974, 2452024, - 648301, 3100316, 5665163, 315980, 6274165, 2553644, 816303, 5214867, - 1437767, 2320784, 2991566, 4251437, 1357003, 2212676, 5550896, 6145044, - 3379212, 578836, 4234556, 3900256, 4318933, 5211527, 532612, 2146353, - 1642387, 4190240, 3110761, 2748450, 3642414, 3187545, 5198, 359758, - 2274957, 5967388, 4565835, 548441, 4401733, 2884591, 769959, 4320569, - 1142798, 3901828, 4119821, 4107102, 6413060, 4992644, 5176008, 6239079, - 2989761, 1135825, 2080722, 937295, 3709446, 3527614, 6665214, 3913000, - 1825049, 1714139, 1485361, 5929072, 4798056, 2197869, 2380084, 5466502, - 877926, 6236717, 5864525, 1963203, 6548054, 193688, 6008812, 3201478, - 4084811, 666527, 5773560, 2362351, 2321584, 5655117, 6323655, 1816142, - 4759228, 1929374, 5643084, 153131, 5269661, 6373724, 4403457, 1164677, - 1128319, 4172247, 2550211, 5499923, 3659134, 2801752, 467111, 4434108, - 4916345, 6118966, 6220972, 5641727, 5363737, 517633, 2583473, 4020509, - 6332542, 973227, 372124, 1778008, 756985, 1699312, 5799146, 2855505, - 1488843, 3527132, 255929, 3099658, 4689853, 5285928, 4613420, 5851086, - 5396209, 6428059, 1401610, 2067138, 2665778, 1154426, 58600, 4045452, - 472049, 3158170, 1633624, 2517299, 1179778, 1711180, 488640, 4741784, - 5447841, 4128371, 4993451, 105870, 37852, 4737206, 368214, 2929322, - 5294266, 4094227, 3447515, 1911033, 1851120, 1653542, 5364470, 1627083, - 3899385, 5014671, 4457242, 1182956, 1851219, 3100354, 5503746, 1519071, - 5849877, 6526350, 6187613, 4553926, 1598836, 1915338, 1487571, 6442662, - 3334571, 6381399, 2633307, 4726168, 6364121, 1677661, 1044731, 6073707, - 4261384, 4894099, 6402044, 3462582, 3589269, 6165608, 4361008, 4174631, - 6453929, 3372544, 3634713, 2427868, 2825737, 6640649, 2876434, 2578693, - 4630613, 4939047, 462237, 3331715, 352041, 1503436, 4503825, 5434812, - 1336481, 3502238, 1701358, 4595782, 1156976, 1531779, 4792598, 202415, - 6588139, 2602219, 4311319, 5926167, 5365519, 6475510, 5090441, 2076293, - 5851784, 6060713, 1905020, 850322, 6103620, 2362495, 5692663, 6464456, - 5710412, 2046381, 3866282, 1108459, 3619759, 4344936, 3501579, 2963549, - 93622, 763609, 719709, 2336779, 2507085, 2808795, 4905219, 5956852, - 2064817, 3360406, 6216127, 5030773, 5664857, 4364814, 3278455, 3337325, - 1146395, 678389, 4716907, 182666, 698692, 3087194, 2912604, 5592089, - 4623792, 6625612, 2092075, 4484472, 5373669, 69038, 258374, 2516699, - 5008693, 4223595, 5013131, 1862061, 4141639, 6541913, 2271074, 2035631, - 3693429, 1744163, 5028289, 6172321, 4063196, 1671789, 6607894, 5860232, - 4414189, 1114053, 6120843, 4729150, 1361361, 4497784, 1876173, 2810467, - 829135, 350868, 6066607, 6302510, 1837254, 3308461, 1884605, 5799997, - 3488998, 4462688, 5783613, 4425961, 5531331, 3567354, 4172748, 2744532, - 3634293, 3390543, 6636323, 3742359, 5693409, 3638743, 1315602, 588889, - 791200, 5288365, 780224, 1434982, 190038, 2933869, 4626217, 3856857, - 6346129, 4978984, 2242227, 3995776, 5030354, 4228716, 6339898, 4197401, - 5428508, 5482193, 1261248, 1316896, 6407913, 6189718, 3074592, 2522309, - 3446761, 2523445, 4183110, 2426160, 2610879, 2573709, 5260477, 2876203, - 3796306, 3053008, 4363987, 5715156, 6424170, 728156, 6672165, 3044283, - 2102165, 2557909, 6483928, 5466832, 648852, 5742744, 6372700, 6003983, - 1362403, 3225252, 2801085, 5122508, 247881, 5924881, 3836544, 3437122, - 4181165, 4094715, 5602947, 95426, 2126381, 612123, 787956, 1565695, - 3404905, 4732103, 6364627, 6096961, 2156213, 5878736, 4818617, 2492644, - 2000817, 4997291, 1116599, 2024174, 1980483, 1392666, 6390470, 6558959, - 1425424, 4390226, 2803932, 270675, 4361486, 4194834, 6499945, 555370, - 6114201, 3215885, 5768354, 6484205, 2907686, 2358910, 6650347, 609472, - 78853, 2814551, 1244258, 5669008, 2814032, 6131923, 2098598, 2365129, - 2709409, 5477599, 4566977, 3509976, 551482, 2411675, 5384477, 4307491, - 5494770, 2008072, 6094127, 1246956, 4963234, 6321988, 2531598, 5203445, - 5763275, 3062142, 2562641, 4904798, 5567330, 5298968, 5247753, 797744, - 343822, 3046877, 2746784, 6286944, 4817998, 4469353, 3723027, 4199667, - 4608117, 710812, 4588056, 1501633, 1714864, 3766013, 4041131, 361032, - 1027531, 864787, 3989365, 4083678, 3466436, 3733187, 5353306, 2667887, - 584509, 2028810, 5389156, 4183112, 5657993, 12935, 4780174, 4131244, - 905387, 4105943, 5477590, 5679861, 3685399, 1180672, 4145767, 3775106, - 745039, 5648344, 4614639, 2499127, 3503442, 367126, 1488201, 1651193, - 5162370, 676490, 2036412, 5423269, 4991705, 760391, 5932448, 1934754, - 1597714, 1139599, 4372385, 971885, 3670591, 1647277, 5021202, 2889486, - 86236, 955654, 3312949, 1265702, 1833755, 5191457, 2980772, 5559989, - 4365870, 5304529, 2591298, 2264330, 4643006, 1639182, 3289977, 2591774, - 1774826, 1342191, 4271391, 5947326, 5228524, 4144827, 631069, 2428018, - 760752, 3665313, 3321749, 5643383, 5791559, 5181987, 1981018, 6303405, - 1802918, 3902116, 782267, 5120897, 4270703, 3061004, 5987200, 5873592, - 5638024, 2824522, 5225132, 2993023, 2635096, 3415178, 4705441, 3031498, - 4245037, 519579, 2069228, 6081943, 4437624, 4863750, 2301655, 6143383, - 6543134, 4775825, 5985006, 3091691, 5388810, 3860354, 4111812, 1821749, - 302385, 1505605, 3218499, 2399938, 5458430, 500149, 6027152, 5797423, - 5377649, 6568010, 1529526, 5680816, 4409173, 5916230, 1295830, 3506845, - 936933, 6559744, 3872134, 3316651, 761870, 6681858, 6652843, 1583345, - 6208641, 988751, 673434, 6305512, 5507471, 233883, 5635774, 4634253, - 161580, 4560303, 1108405, 6299860, 845381, 4398979, 6673188, 2373210, - 936054, 205844, 4055665, 6101552, 4983668, 770854, 2537939, 4617080, - 2541053, 826989, 2108575, 139662, 2752182, 1725010, 3405020, 3910604, - 642440, 2586481, 1747767, 5899004, 4856993, 1565523, 2047475, 4056056, - 1714025, 1783705, 2319799, 4725301, 6309933, 3141001, 6029606, 3520107, - 2639250, 6167871, 3381115, 2354005, 3027741, 1116369, 4387270, 886699, - 5634670, 469800, 1926763, 1783311, 1698458, 2316273, 4359089, 4667773, - 3433862, 1404010, 4362911, 5949800, 4881225, 4046339, 4962436, 4803614, - 6216627, 6116369, 2981814, 4287457, 2156551, 3988193, 1777605, 1109495, - 3652664, 5357524, 5633888, 3378028, 196468, 2701418, 1364303, 3333569, - 5551979, 5336446, 6373661, 6590838, 3425654, 132691, 5596862, 4558293, - 4581440, 5507868, 5131189, 4638901, 3782441, 800269, 6025058, 554676, - 1344899, 944763, 2182974, 889145, 1603509, 5152168, 3733655, 2155782, - 1969609, 652947, 6375956, 3004235, 1521199, 776889, 5267660, 5938998, - 6106103, 576618, 3437660, 2741047, 2546524, 5582193, 2839918, 5937452, - 4161433, 4689350, 5975571, 2959030, 2803927, 6419139, 5465198, 5072068, - 2428328, 6469117, 1767255, 1400362, 3956710, 3613888, 5238095, 1734127, - 3518347, 2467736, 3859996, 1010850, 1163891, 745577, 4377008, 5439138, - 2165486, 3035258, 2242672, 5765346, 2750332, 386270, 6144793, 4508877, - 910760, 3506677, 4515680, 2252269, 6143990, 2444054, 2975983, 357403, - 1208968, 5101854, 4630498, 5760546, 3353795, 2487867, 1681265, 3228312, - 3929966, 2427510, 2779079, 886971, 4842116, 3864010, 3028715, 4462974, - 3540320, 1757727, 2379675, 3614417, 3866782, 2194055, 1667789, 641862, - 4546655, 6572759, 5493572, 3638169, 4440108, 5865128, 5187588, 6476406, - 4913901, 2794267, 1430176, 193159, 6134385, 3816866, 5963991, 2721703, - 5229082, 6213301, 3850593, 3036480, 3876295, 5495390, 1052492, 946, + 1, 26861548, 13464113, 21947001, 9831143, 12356829, 3664746, + 9973724, 10247061, 7355073, 9960599, 9024917, 18602776, 26346173, + 23196713, 542570, 10654447, 3473959, 21668915, 20470755, 12641414, + 23378873, 25301975, 17476131, 28673185, 23090979, 25716122, 1673423, + 8331609, 6871730, 13547867, 9847659, 27837857, 23787733, 7771445, + 343346, 7671090, 11659626, 10666163, 12297305, 4988232, 28396108, + 26943050, 17357069, 1728100, 20276340, 23536511, 12510276, 5411740, + 3558320, 15993456, 14923710, 14645762, 21788764, 4586678, 3679774, + 10120735, 16609831, 26792618, 14492457, 27705679, 16219812, 9137615, + 21378594, 6605326, 17965492, 8413272, 9430678, 12119670, 15886672, + 28557132, 17290930, 1855751, 18612412, 25744033, 12119816, 25582572, + 25874121, 9065375, 26187749, 19615901, 11160010, 16345799, 27800324, + 4792509, 5581576, 28517761, 18155866, 19056088, 1839000, 7961292, + 27049174, 26727961, 13945087, 1560049, 10469107, 2104538, 10165737, + 27371450, 27859588, 24093457, 21563608, 19734242, 28757807, 2836748, + 7903824, 5963303, 9283670, 23727160, 361046, 5637956, 19078679, + 20152301, 21392907, 11266541, 10017350, 2705891, 16200737, 1442611, + 5468092, 6846782, 14353972, 13955474, 11708608, 3273281, 3646179, + 20058545, 8724167, 3953968, 27390822, 801270, 3640989, 19836329, + 22123871, 7979351, 20682874, 17663548, 22962806, 25360780, 1200822, + 15712472, 25924284, 14668907, 25564214, 12672925, 22244259, 4868084, + 16603297, 27851296, 26979883, 23459606, 4240230, 15193891, 13954494, + 19881355, 11625576, 8207771, 19244722, 28096288, 28451224, 11916570, + 6268194, 22228459, 7617554, 26321903, 19211528, 20353564, 12081254, + 17358434, 13627936, 2944898, 15589591, 8477735, 6246556, 24681762, + 25663939, 25341960, 19473737, 26655337, 3017254, 221002, 9776296, + 24641380, 5889809, 5997965, 28493479, 1438162, 8473459, 5669451, + 22110032, 24871788, 338627, 9437740, 22437460, 12819666, 22413126, + 12705196, 11271531, 4852776, 2812950, 22812049, 15273587, 10945268, + 11383544, 27639352, 27393281, 16597245, 15918800, 22447589, 13001156, + 24162717, 18786996, 13690320, 27153820, 5772317, 24196561, 6738644, + 10776242, 23209952, 12414234, 4572199, 10905038, 5566799, 11315024, + 10192718, 22664551, 28467148, 13349648, 16013610, 14555165, 24362151, + 2927253, 28308421, 13181774, 24980128, 20029890, 14440201, 11062623, + 16912066, 23768469, 11130501, 6306767, 11652724, 6608655, 8914161, + 20808175, 15689314, 20109298, 27118148, 2252402, 101074, 5794049, + 12307878, 19119857, 12554579, 14988967, 17278074, 6306742, 10656818, + 17166418, 28534396, 6469992, 4661973, 15280795, 8484630, 6446318, + 23213656, 17149515, 5571076, 16931241, 26118829, 13672122, 28367249, + 7191040, 16008121, 27977946, 20311046, 13257812, 19864606, 27680172, + 14687105, 20976765, 8337628, 25415330, 26680104, 7569766, 8485585, + 27201244, 9974345, 13648338, 19528918, 19607762, 899463, 9196325, + 5799331, 9635166, 28286720, 2285927, 4828766, 23557876, 27917333, + 8140675, 16963821, 9680514, 8906497, 20132987, 20212065, 17598520, + 28550417, 20851625, 10771002, 12368270, 23915409, 5575837, 20923154, + 19772238, 24637331, 20466197, 26725124, 9482477, 3920064, 2479901, + 757289, 22309414, 7858586, 12233024, 12991422, 5957090, 22265845, + 4660145, 21674261, 13543127, 11193217, 537767, 16693420, 852049, + 4893651, 15367802, 20568279, 8001287, 3096926, 15152193, 19112154, + 9828375, 15966198, 13458467, 5367780, 7718273, 6334671, 13795399, + 23601493, 6185948, 11131418, 18874584, 5113422, 25624517, 26827053, + 11441160, 20375712, 24118722, 21407160, 6152926, 21004922, 7648924, + 2324560, 21969583, 20354385, 20714824, 20079758, 16496787, 20431520, + 16110424, 5667190, 12322855, 16923843, 22133450, 11909714, 12187040, + 28056090, 4163547, 2089616, 7975376, 6137520, 22865346, 696435, + 24226069, 14195177, 17923216, 22028620, 22248781, 19527681, 3569138, + 5300313, 4718864, 4755247, 12415302, 25110135, 5225838, 575771, + 9367961, 6178680, 24498393, 6847812, 24621568, 17437557, 4910506, + 3833421, 1958489, 14343176, 19622235, 26640885, 12253089, 10976132, + 17786823, 20433383, 10189578, 17042837, 19782348, 14871557, 11316525, + 19135516, 27619892, 7337322, 24412058, 1208902, 11649511, 24315301, + 25465002, 19285100, 19840363, 28925130, 20509220, 5153327, 19521909, + 15433821, 13500159, 11742638, 10694762, 11732595, 12875123, 3731512, + 16489884, 13912810, 25585822, 19073325, 17837680, 12023995, 9254638, + 13121320, 14109304, 7471203, 9858705, 18070357, 26474760, 21529027, + 20588545, 17868708, 24186427, 23845242, 4029671, 27854170, 12768054, + 10914806, 12414284, 25854449, 19250255, 14755408, 1582229, 11252285, + 18847675, 27873094, 10811427, 13828118, 10695770, 20643072, 16508046, + 28601308, 285496, 4735120, 14794418, 19779592, 13456315, 21473964, + 20856195, 11515648, 5041482, 20959183, 17555933, 6477219, 8174259, + 28670659, 11785636, 14636535, 14015151, 25776482, 9044547, 19865712, + 25391937, 5591555, 9690998, 2736774, 12232546, 2050113, 21512003, + 1155843, 3638164, 1643591, 2941242, 26382182, 20550939, 20026445, + 13143812, 5532929, 2865216, 5760115, 8112986, 14826822, 27412058, + 26307473, 11870390, 18842939, 6811889, 6600255, 5726276, 18667871, + 17721624, 4867944, 16892947, 818747, 15010262, 22675157, 9192867, + 11304551, 18167522, 19761227, 16322843, 7312518, 9603936, 3316647, + 13113762, 19494397, 26969851, 9170699, 6657395, 3564948, 26336907, + 5863509, 17372849, 3204171, 14378180, 21305151, 25024078, 6375087, + 21100593, 14970811, 20876024, 15550302, 1883250, 5981923, 28620318, + 27821215, 21023065, 1232404, 221329, 26146428, 4099700, 6506523, + 1273610, 16037925, 28308561, 2905213, 572714, 23714306, 2157869, + 26412621, 9235624, 18549085, 23775253, 25570042, 22867747, 23735840, + 11332795, 25670885, 14674694, 1253795, 15891408, 4296404, 21502102, + 11960255, 21275085, 25178645, 20532379, 23206658, 27495013, 9753137, + 24962562, 23436637, 12499241, 3062147, 6516609, 13320566, 11037112, + 23616280, 27253503, 9300794, 12335598, 13073783, 11204790, 1399449, + 7977040, 24979743, 6361403, 6627424, 17707814, 21758430, 10917340, + 19000775, 27421067, 13730330, 6368950, 5916206, 22000284, 6317894, + 977876, 10455446, 20504288, 6205937, 28032137, 28846945, 27285995, + 5858421, 11368101, 16720938, 14177963, 27791807, 11607426, 13165020, + 27018729, 9872741, 4817957, 5438276, 23048786, 13590874, 9725827, + 2674528, 497693, 18391845, 14331586, 12600880, 28716405, 7389969, + 16744347, 8613479, 14702406, 12461210, 11851712, 26954996, 13305969, + 19617566, 9781676, 10371849, 26079512, 28167919, 10437022, 19019550, + 15440550, 11683743, 10624818, 11913411, 2471779, 16267522, 22368848, + 15749247, 13898830, 19635847, 7088938, 26822252, 19307654, 8898665, + 19805379, 22581320, 19422463, 16138609, 1846579, 16198048, 4923890, + 20889583, 371660, 25842589, 18990563, 24245708, 22731271, 1993775, + 26483969, 16919132, 17415148, 18820507, 3627725, 9328999, 22173726, + 20231622, 8132965, 16484930, 2385096, 11916146, 15411148, 12664200, + 17564908, 23844327, 16254901, 28723906, 7009432, 12111920, 19522276, + 3438076, 7791251, 18804088, 2468118, 25492110, 27054651, 20944076, + 21947620, 9860910, 2431834, 21250580, 20140951, 722110, 2102809, + 28118154, 16274945, 4430907, 22193332, 2533213, 1501412, 8725882, + 19788316, 12881549, 3902519, 7800990, 15674838, 15474624, 1406789, + 14094138, 26521779, 12077100, 8905086, 23397510, 460766, 27674645, + 14301115, 552480, 18293167, 8559659, 18597674, 13766902, 9228513, + 25869919, 16173979, 8230718, 27562684, 10291941, 9557434, 17418576, + 9051494, 28123317, 11792363, 738579, 15557562, 22329961, 24924694, + 14081209, 9875883, 16850193, 21594066, 15689978, 6336937, 7008872, + 1364743, 15925231, 17625413, 8283133, 7976372, 18041568, 9579158, + 11243013, 17366460, 21778793, 12182821, 18981911, 20987830, 3602869, + 16073325, 24132632, 21104182, 23707649, 1465702, 16656138, 20125746, + 25687149, 18221417, 5143468, 17188723, 3808566, 5853771, 2167951, + 9153990, 14632982, 15166758, 1688221, 1527971, 953575, 8829794, + 1885352, 4897995, 7667873, 12116073, 4023848, 15065746, 9964132, + 20313281, 18235566, 13231839, 11636083, 1775486, 5713380, 24213512, + 15039960, 16262631, 5947537, 17105213, 21397828, 13061575, 28381225, + 27870064, 482664, 13954375, 2632864, 28837435, 3237923, 6540665, + 23869091, 27012916, 6273464, 22641682, 24727117, 19942, 15617379, + 1556677, 12073699, 13875080, 28216764, 27166834, 6163897, 24086883, + 5602453, 3675271, 25929208, 11295901, 15184318, 27561051, 9776977, + 8702218, 4125229, 22291066, 19496977, 13366287, 1593390, 13814082, + 24942663, 12818584, 4522593, 6081841, 18027751, 7169063, 23472170, + 23707717, 19972016, 3834033, 9415681, 28813746, 10686825, 2612016, + 15811248, 11675546, 8060321, 10210565, 11386965, 574816, 9282262, + 13481205, 17804292, 16941149, 5392757, 11836310, 23719292, 16639376, + 16461609, 15505234, 18305538, 13115014, 2180147, 8718522, 15997006, + 19977606, 9485722, 1690548, 10965413, 701459, 26159677, 24216403, + 9857526, 1167360, 21731204, 1120163, 16418155, 14485445, 6091070, + 28044067, 9725808, 25710645, 21227664, 5559556, 25011236, 13529758, + 26609534, 658082, 24560531, 26443938, 6685249, 3460055, 18613967, + 21790682, 6430819, 25648126, 9305565, 8664036, 25884962, 28446160, + 9609528, 26579539, 13240563, 17442335, 6698358, 23866408, 27921216, + 18704914, 21516057, 1961043, 20422404, 10173592, 27840586, 20208059, + 1119357, 25397858, 11178742, 28419076, 2046186, 15171661, 22790367, + 22936319, 10441858, 7288248, 9468369, 23127641, 13312094, 3767890, + 26834151, 25685954, 19981907, 26765334, 17941817, 15512941, 482845, + 15646331, 5820352, 9539292, 12340135, 8176094, 26552032, 12171145, + 21013736, 1811980, 7783910, 22082089, 25289576, 3866567, 8224516, + 11464130, 18358388, 19492335, 1462031, 19016733, 843554, 23612881, + 580594, 13854543, 12155882, 11225321, 3971242, 24715063, 26744231, + 5080804, 4347531, 4580570, 6416981, 8816454, 2425431, 13718600, + 18782004, 2696831, 27064240, 14595464, 12493809, 16731832, 4618665, + 1560350, 7412354, 1427862, 705379, 9854436, 11714522, 19270388, + 4422652, 10128, }; /// convert a polynomial into its NTT form @@ -296,9 +334,9 @@ void hots_ntt(uint32_t *p) { j = j1; while (j < j2) { u = p[j]; - v = (uint32_t)(((uint64_t)p[j + ht]) * ((uint64_t)s) % 0x662801); - p[j] = ((u + v) % 0x662801); - p[j + ht] = (u + 0x662801 - v) % 0x662801; + v = (uint32_t)(((uint64_t)p[j + ht]) * ((uint64_t)s) % 28930049); + p[j] = ((u + v) % 28930049); + p[j + ht] = (u + 28930049 - v) % 28930049; j++; } i++; @@ -328,9 +366,9 @@ void hots_inv_ntt(uint32_t *p) { while (j < j2) { u = p[j]; v = p[j + t]; - p[j] = (u + v) % 0x662801; - p[j + t] = (uint32_t)(((uint64_t)(u + 0x662801 - v)) * ((uint64_t)s) % - 0x662801); + p[j] = (u + v) % 28930049; + p[j + t] = (uint32_t)(((uint64_t)(u + 28930049 - v)) * ((uint64_t)s) % + 28930049); j++; } i++; @@ -341,6 +379,6 @@ void hots_inv_ntt(uint32_t *p) { } for (i = 0; i < N; i++) { - p[i] = (uint32_t)(((uint64_t)p[i]) * 6681837 % 0x662801); + p[i] = (uint32_t)(((uint64_t)p[i]) * 28873545 % 28930049); } } diff --git a/cpoly/c/hvc_ntt.c b/cpoly/c/hvc_ntt.c index 875d16a..9346e79 100644 --- a/cpoly/c/hvc_ntt.c +++ b/cpoly/c/hvc_ntt.c @@ -1,220 +1,220 @@ -// NTT functions for small ring with q = 12289 and n = 512 +// NTT functions for small ring with q = 61441 and n = 512 #include "params.h" #include /// NTT forward table where the i-th element is g^rev(i) where -/// - g = 7 is a primitive root +/// - g = 61 is a primitive root /// - rev(i) is the reverse bit decomposition of i, i.e., /// 0 -> 0 /// 1 -> 100 0000 /// 2 -> 010 0000 /// 3 -> 110 0000 ... static const uint16_t NTT_TABLE[] = { - 1, 10810, 7143, 4043, 10984, 722, 5736, 8155, 3542, 8785, 9744, - 3621, 10643, 1212, 3195, 5860, 7468, 2639, 9664, 11340, 11726, 9314, - 9283, 9545, 5728, 7698, 5023, 5828, 8961, 6512, 7311, 1351, 2319, - 11119, 11334, 11499, 9088, 3014, 5086, 10963, 4846, 9542, 9154, 3712, - 4805, 8736, 11227, 9995, 3091, 12208, 7969, 11289, 9326, 7393, 9238, - 2366, 11112, 8034, 10654, 9521, 12149, 10436, 7678, 11563, 1260, 4388, - 4632, 6534, 2426, 334, 1428, 1696, 2013, 9000, 729, 3241, 2881, - 3284, 7197, 10200, 8595, 7110, 10530, 8582, 3382, 11934, 9741, 8058, - 3637, 3459, 145, 6747, 9558, 8357, 7399, 6378, 9447, 480, 1022, - 9, 9821, 339, 5791, 544, 10616, 4278, 6958, 7300, 8112, 8705, - 1381, 9764, 11336, 8541, 827, 5767, 2476, 118, 2197, 7222, 3949, - 8993, 4452, 2396, 7935, 130, 2837, 6915, 2401, 442, 7188, 11222, - 390, 773, 8456, 3778, 354, 4861, 9377, 5698, 5012, 9808, 2859, - 11244, 1017, 7404, 1632, 7205, 27, 9223, 8526, 10849, 1537, 242, - 4714, 8146, 9611, 3704, 5019, 11744, 1002, 5011, 5088, 8005, 7313, - 10682, 8509, 11414, 9852, 3646, 6022, 2987, 9723, 10102, 6250, 9867, - 11224, 2143, 11885, 7644, 1168, 5277, 11082, 3248, 493, 8193, 6845, - 2381, 7952, 11854, 1378, 1912, 2166, 3915, 12176, 7370, 12129, 3149, - 12286, 4437, 3636, 4938, 5291, 2704, 10863, 7635, 1663, 10512, 3364, - 1689, 4057, 9018, 9442, 7875, 2174, 4372, 7247, 9984, 4053, 2645, - 5195, 9509, 7394, 1484, 9042, 9603, 8311, 9320, 9919, 2865, 5332, - 3510, 1630, 10163, 5407, 3186, 11136, 9405, 10040, 8241, 9890, 8889, - 7098, 9153, 9289, 671, 3016, 243, 6730, 420, 10111, 1544, 3985, - 4905, 3531, 476, 49, 1263, 5915, 1483, 9789, 10800, 10706, 6347, - 1512, 350, 10474, 5383, 5369, 10232, 9087, 4493, 9551, 6421, 6554, - 2655, 9280, 1693, 174, 723, 10314, 8532, 347, 2925, 8974, 11863, - 1858, 4754, 3030, 4115, 2361, 10446, 2908, 218, 3434, 8760, 3963, - 576, 6142, 9842, 1954, 10238, 9407, 10484, 3991, 8320, 9522, 156, - 2281, 5876, 10258, 5333, 3772, 418, 5908, 11836, 5429, 7515, 7552, - 1293, 295, 6099, 5766, 652, 8273, 4077, 8527, 9370, 325, 10885, - 11143, 11341, 5990, 1159, 8561, 8240, 3329, 4298, 12121, 2692, 5961, - 7183, 10327, 1594, 6167, 9734, 7105, 11089, 1360, 3956, 6170, 5297, - 8210, 11231, 922, 441, 1958, 4322, 1112, 2078, 4046, 709, 9139, - 1319, 4240, 8719, 6224, 11454, 2459, 683, 3656, 12225, 10723, 5782, - 9341, 9786, 9166, 10542, 9235, 6803, 7856, 6370, 3834, 7032, 7048, - 9369, 8120, 9162, 6821, 1010, 8807, 787, 5057, 4698, 4780, 8844, - 12097, 1321, 4912, 10240, 677, 6415, 6234, 8953, 1323, 9523, 12237, - 3174, 1579, 11858, 9784, 5906, 3957, 9450, 151, 10162, 12231, 12048, - 3532, 11286, 1956, 7280, 11404, 6281, 3477, 6608, 142, 11184, 9445, - 3438, 11314, 4212, 9260, 6695, 4782, 5886, 8076, 504, 2302, 11684, - 11868, 8209, 3602, 6068, 8689, 3263, 6077, 7665, 7822, 7500, 6752, - 4749, 4449, 6833, 12142, 8500, 6118, 8471, 1190, 9606, 3860, 5445, - 7753, 11239, 5079, 9027, 2169, 11767, 7965, 4916, 8214, 5315, 11011, - 9945, 1973, 6715, 8775, 11248, 5925, 11271, 654, 3565, 1702, 1987, - 6760, 5206, 3199, 12233, 6136, 6427, 6874, 8646, 4948, 6152, 400, - 10561, 5339, 5446, 3710, 6093, 468, 8301, 316, 11907, 10256, 8291, - 3879, 1922, 10930, 6854, 973, 11035, 7, 1936, 845, 3723, 3154, - 5054, 3285, 7929, 216, 50, 6763, 769, 767, 8484, 10076, 4153, - 3120, 6184, 6203, 5646, 8348, 3753, 3536, 5370, 3229, 4730, 10583, - 3929, 1282, 8717, 2021, 9457, 3944, 4099, 5604, 6759, 2171, 8809, - 11024, 3007, 9344, 5349, 2633, 1406, 9057, 11996, 4855, 8520, 9348, - 11722, 6627, 5289, 3837, 2595, 3221, 4273, 4050, 7082, 844, 5202, - 11309, 11607, 4590, 7207, 8820, 6138, 7846, 8871, 4693, 2338, 9996, - 11872, 1802, 1555, 5103, 10398, 7878, 10699, 1223, 9955, 11009, 614, - 12265, 10918, 11385, 9804, 6742, 7250, 881, 11924, 1015, 10362, 5461, - 9343, 2637, 7779, 4684, 3360, 7154, 63, 7302, 2373, 3670, 3808, - 578, 5368, 11839, 1944, 7628, 11779, 9667, 6903, 5618, 10631, 5789, - 3502, 5043, 826, 3090, 1398, 3065, 1506, 6586, 4483, 6389, 910, - 7570, 11538, 4518, 3094, 1160, 4820, 2730, 5411, 10036, 1868, 2478, - 9449, 4194, 3019, 10506, 7211, 7724, 4974, 7119, 2672, 11424, 1279, - 189, 3116, 10526, 2209, 10759, 1694, 8420, 7866, 5832, 1350, 10555, - 8474, 7014, 10499, 11038, 6879, 2035, 1040, 10407, 6164, 7519, 944, - 5287, 8620, 6616, 9269, 6883, 7624, 4834, 2712, 9461, 4352, 8176, - 72, 3840, 10447, 3451, 8195, 11048, 4378, 6508, 9244, 9646, 1095, - 2873, 2827, 11498, 2434, 11169, 9754, 12268, 6481, 874, 9988, 170, - 6639, 2307, 4289, 11641, 12139, 11259, 11823, 3821, 1681, 4649, 5969, - 2929, 6026, 1573, 8443, 3793, 6226, 11787, 5118, 2602, 10388, 1849, - 5776, 9021, 3795, 7988, 7766, 457, 12281, 11410, 9696, 982, 10013, - 4218, 4390, 8835, 8531, 7785, 778, 530, 2626, 3578, 4697, 8823, - 1701, 10243, 2940, 9332, 10808, 3317, 9757, 139, 3332, 343, 8841, - 4538, 10381, 7078, 1866, 1208, 7562, 10584, 2450, 11873, 814, 716, - 10179, 2164, 6873, 5412, 8080, 9011, 6296, 3515, 11851, 1218, 5061, - 10753, 10568, 2429, 8186, 1373, 9307, 717, 8700, 8921, 4227, 4238, - 11677, 8067, 1526, 11749, 12164, 3163, 4032, 6127, 7449, 1389, 10221, - 4404, 11943, 3359, 9084, 5209, 1092, 3678, 4265, 10361, 464, 1826, - 2926, 4489, 9118, 1136, 3449, 3708, 9051, 2065, 5826, 3495, 4564, - 8755, 3961, 10533, 4145, 2275, 2461, 4267, 5653, 5063, 8113, 10771, - 8524, 11014, 5508, 11113, 6555, 4860, 1125, 10844, 11158, 6302, 6693, - 579, 3889, 9520, 3114, 6323, 212, 8314, 4883, 6454, 3087, 1417, - 5676, 7784, 2257, 3744, 4963, 2528, 9233, 5102, 11877, 6701, 6444, - 4924, 4781, 1014, 11841, 1327, 3607, 3942, 7057, 2717, 60, 3200, - 10754, 5836, 7723, 2260, 68, 180, 4138, 7684, 2689, 10880, 7070, - 204, 5509, 10821, 8308, 8882, 463, 10945, 9247, 9806, 10235, 4739, - 8038, 6771, 1226, 9261, 5216, 11925, 9929, 11053, 9272, 7043, 4475, - 3121, 4705, 1057, 9689, 11883, 10602, 146, 5268, 1403, 1804, 6094, - 7100, 12050, 9389, 994, 4554, 4670, 11777, 5464, 4906, 3375, 9998, - 8896, 4335, 7376, 3528, 3825, 8054, 9342, 8307, 636, 5609, 11667, - 10552, 5672, 4499, 5598, 3344, 10397, 8665, 6565, 10964, 11260, 10344, - 5959, 10141, 8330, 5797, 2442, 1248, 5115, 4939, 10975, 1744, 2894, - 8635, 6599, 9834, 8342, 338, 3343, 8170, 1522, 10138, 12269, 5002, - 4608, 5163, 4578, 377, 11914, 1620, 10453, 11864, 10104, 11897, 6085, - 8122, 11251, 11366, 10058, 6197, 2800, 193, 506, 1255, 1392, 5784, - 3276, 8951, 2212, 9615, 10347, 8881, 2575, 1165, 2776, 11111, 6811, - 3511, + 1, 32495, 5167, 44853, 23695, 51854, 41593, 46858, 36770, 59464, 15018, + 45488, 31770, 34468, 46679, 40138, 59983, 54742, 23757, 38991, 43973, 30739, + 61114, 3428, 27333, 56180, 38193, 34776, 5854, 4394, 18646, 32069, 1162, + 34416, 44277, 17218, 8022, 42168, 38440, 12270, 25245, 37484, 1672, 17796, + 52140, 53725, 50036, 6637, 26152, 18769, 18625, 25525, 39155, 21497, 50113, + 51112, 57390, 30818, 19864, 42975, 43838, 6225, 39420, 30932, 54092, 15412, + 59696, 6268, 50680, 43477, 2018, 17363, 56229, 28897, 42195, 9169, 59511, + 15911, 42573, 4079, 24108, 16710, 25129, 15965, 22083, 17646, 6924, 59879, + 41853, 16700, 43572, 25736, 49095, 26460, 45417, 12595, 761, 29413, 61304, + 33378, 29682, 15772, 10158, 23158, 26315, 31528, 672, 25085, 30657, 56282, + 9821, 8841, 57841, 1664, 15423, 57589, 39549, 44799, 58358, 28186, 33355, + 51485, 3280, 44906, 31142, 26020, 58176, 12432, 21616, 18408, 51575, 3468, + 18944, 7901, 8135, 27643, 19544, 28104, 36285, 28285, 14263, 26722, 29162, + 14647, 3105, 10853, 7434, 43259, 28098, 31250, 58724, 1802, 13472, 5515, + 58612, 48822, 33045, 54359, 60417, 26142, 49864, 8628, 25175, 36151, 17050, + 26253, 52397, 48964, 38399, 31677, 14644, 57676, 45977, 23259, 32253, 657, + 44432, 15781, 36568, 8220, 24705, 869, 37778, 4930, 48450, 18566, 30516, + 21121, 59106, 3810, 38932, 25150, 30442, 12690, 4854, 11683, 5850, 58737, + 59419, 36980, 20202, 28346, 56916, 49879, 61000, 46899, 56111, 3829, 37407, + 53162, 50024, 46784, 10999, 10208, 60349, 28358, 37164, 21325, 23263, 22562, + 28568, 5091, 29574, 8449, 45029, 61381, 49217, 58626, 39190, 52884, 46635, + 23501, 4262, 5676, 25876, 20535, 40527, 59912, 12081, 25546, 28147, 26039, + 4702, 49164, 1110, 3583, 21357, 19620, 52986, 18927, 59007, 43178, 17876, + 17406, 19469, 48619, 3721, 59448, 56815, 24257, 1260, 23994, 59115, 50501, + 53504, 16503, 32109, 52334, 3686, 28061, 60293, 51868, 43031, 18067, 47639, + 23310, 6150, 38118, 12053, 37301, 21238, 23498, 3120, 6750, 32620, 6768, + 14877, 10327, 22932, 18892, 31396, 46656, 50977, 48255, 592, 6007, 54797, + 6894, 15971, 46959, 43703, 43152, 17726, 58436, 50489, 42473, 59618, 52180, + 19144, 55596, 58479, 27857, 40715, 24872, 421, 40493, 56784, 61409, 22153, + 18979, 57057, 23599, 19601, 37089, 17851, 3764, 13176, 33232, 21504, 3987, + 25840, 18094, 7067, 37148, 19235, 2032, 2008, 61059, 53248, 53759, 24226, + 41778, 20425, 24693, 43519, 23849, 50054, 38578, 18402, 29178, 33907, 47953, + 5395, 19352, 43192, 27277, 37245, 11457, 11703, 30636, 42602, 24819, 42872, + 12406, 40201, 34394, 47987, 26426, 59979, 47644, 3089, 43902, 10634, 7646, + 17624, 319, 3135, 2647, 39562, 37147, 1656, 50845, 16253, 55840, 6867, + 50894, 30332, 1818, 17797, 30823, 41363, 7369, 38521, 2402, 30608, 52, + 49040, 21024, 6996, 3320, 2797, 17276, 13464, 52760, 41517, 34878, 27808, + 8173, 54897, 21, 41143, 47066, 17004, 6067, 60479, 13279, 53565, 32586, + 40091, 23522, 35938, 57664, 16944, 22479, 32354, 26279, 53598, 60424, 28673, + 37811, 19140, 48498, 55182, 44946, 39154, 50443, 11569, 38617, 56371, 35112, + 14556, 24402, 7068, 8202, 36087, 45580, 49535, 8507, 38919, 32802, 59521, + 33656, 17736, 14740, 33381, 36181, 29299, 42710, 58750, 47939, 17946, 18739, + 12513, 54838, 27582, 37223, 34515, 20911, 7573, 13430, 53215, 25921, 44994, + 29994, 52695, 24796, 8598, 19783, 4023, 42378, 3302, 22504, 42277, 31796, + 26497, 47282, 19451, 16678, 7124, 46133, 6549, 39572, 24753, 24604, 40030, + 7439, 39523, 60103, 46898, 29387, 13763, 61087, 26184, 14112, 58178, 15981, + 36354, 58564, 37434, 8912, 5210, 28995, 61380, 45358, 53459, 28812, 29189, + 31838, 43349, 29389, 30347, 59156, 5517, 51518, 28142, 47887, 40308, 9222, + 27497, 39993, 25407, 17748, 21051, 29592, 19947, 36656, 53035, 13716, 4985, + 29099, 11552, 39171, 29973, 9903, 52000, 51059, 2507, 55640, 2186, 8274, + 51359, 50263, 57521, 48234, 20890, 20382, 14392, 40589, 19854, 25230, 2194, + 22470, 31254, 40441, 7744, 40385, 15157, 15659, 1347, 24773, 17116, 20488, + 29286, 50362, 53020, 17819, 18202, 42924, 45004, 47739, 42011, 51307, 61225, + 46795, 10727, 19072, 6627, 55101, 56289, 12485, 45010, 58386, 3996, 25187, + 3156, 9191, 4639, 29532, 7723, 33841, 27489, 25797, 45512, 27570, 15814, + 44847, 55849, 30438, 15020, 49037, 8357, 52936, 32628, 20964, 56213, 505, + 53692, 42904, 20449, 5840, 34594, 7494, 15329, 13668, 35277, 21378, 42253, + 50649, 45151, 32106, 3740, 1002, 54339, 54347, 45684, 25579, 5009, 10246, + 14842, 40381, 33126, 44491, 48857, 34216, 11795, 9567, 56734, 34125, 36636, + 6004, 59932, 56404, 51572, 28865, 2907, 28148, 56359, 13818, 38054, 3164, + 6370, 59862, 42855, 12960, 38382, 32231, 49687, 32467, 11808, 1915, 1023, + 2804, 30346, 26661, 350, 6665, 4447, 57474, 60156, 23805, 53860, 33815, + 28331, 45342, 21689, 55785, 60120, 21364, 54493, 20415, 42669, 51549, 29020, + 8432, 30300, 6475, 55159, 34853, 43195, 1880, 19553, 13354, 21347, 1875, + 47709, 24643, 11111, 24629, 11796, 42062, 460, 17537, 57939, 52683, 30261, + 29431, 26901, 26888, 17925, 12195, 52931, 13491, 20586, 33903, 4912, 53163, + 5171, 51951, 6313, 50877, 55541, 36861, 39141, 58095, 39216, 37580, 18076, + 3660, 8372, 48833, 5609, 30449, 42992, 41023, 47223, 22410, 19030, 37626, + 46934, 31828, 351, 39160, 3381, 9087, 20383, 11605, 55172, 27201, 48925, + 32000, 24227, 12832, 25592, 8105, 15502, 44172, 41211, 44850, 18783, 60132, + 36422, 56348, 46022, 10950, 19004, 52930, 54070, 37814, 7463, 2558, 20918, + 8627, 8587, 30984, 17072, 3851, 43189, 52674, 54937, 9560, 2059, 59397, + 56184, 41206, 55444, 18337, 37733, 17239, 14118, 45904, 14291, 14967, 50956, + 41711, 23894, 5613, 25329, 2219, 36638, 9553, 8825, 23228, 37521, 9691, + 24652, 60423, 53662, 51110, 49762, 11952, 61036, 49340, 57800, 21071, 35466, + 18833, 35760, 49008, 38313, 1952, 369, 9660, 21660, 35045, 33159, 10888, + 17027, 16160, 56438, 401, 39958, 2557, 21226, 2204, 60441, 7289, 55485, + 60371, 394, 23302, 8245, 38515, 58239, 32064, 44336, 29752, 48745, 19795, + 18756, 42941, 44857, 1931, 20667, 24035, 39551, 48348, 7251, 56451, 1372, + 38415, 23409, 35875, 43241, 22066, 26771, 41967, 5379, 52401, 21961, 46921, + 27741, 42884, 57335, 25382, 27177, 25122, 30874, 41982, 54529, 22856, 44358, + 7350, 21866, 31946, 53064, 34456, 11200, 28957, 54419, 11984, 20321, 24468, + 57379, 42019, 46418, 37801, 37583, 58269, 19169, 7797, 3331, 43244, 13706, + 52102, 38870, 38013, 47985, 22877, 24060, 54416, 30538, 60160, 9358, 16701, + 7253, 60000, 58682, 50155, 50349, 39807, 12089, 39742, 19658, 46074, 10913, + 41924, 53959, 55888, 48336, 596, 32736, 28287, 61280, 52231, 13153, 23139, + 7805, 56468, 31583, 40562, 2065, 8603, 33699, 47503, 60380, 52647, 10569, + 45906, 50415, 34042, 22140, 26631, 55679, 35978, 24042, 22475, 52753, 4835, + 55991, 36653, 41269, 24889, 11232, 24300, 35440, 34137, 37846, 2714, 45020, + 14690, 29575, 40944, 10258, 16285, 20211, 13596, 41978, 23469, 28491, 22057, + 361, 56905, 44342, 40399, 1625, 26556, 42590, 3525, 42309, 27139, 56964, + 12173, 30598, 43748, 26092, 35181, 15810, 37749, 46737, 20177, 26949, 50623, + 20631, 21594, 242, 60783, 14720, 8215, 55723, 52615, 51284, 9337, 50836, + 13094, }; /// NTT reverse table where the i-th element is (1/g)^rev(i) where -/// - g = 7 is a primitive root -/// - 1/g = 8778 +/// - g = 61 is a primitive root +/// - 1/g = 49738 /// - rev(i) is the reverse bit decomposition of i, i.e., /// 0 -> 0 /// 1 -> 100 0000 /// 2 -> 010 0000 /// 3 -> 110 0000 ... static const uint16_t INV_NTT_TABLE[] = { - 1, 1479, 8246, 5146, 4134, 6553, 11567, 1305, 6429, 9094, 11077, - 1646, 8668, 2545, 3504, 8747, 10938, 4978, 5777, 3328, 6461, 7266, - 4591, 6561, 2744, 3006, 2975, 563, 949, 2625, 9650, 4821, 726, - 4611, 1853, 140, 2768, 1635, 4255, 1177, 9923, 3051, 4896, 2963, - 1000, 4320, 81, 9198, 2294, 1062, 3553, 7484, 8577, 3135, 2747, - 7443, 1326, 7203, 9275, 3201, 790, 955, 1170, 9970, 5374, 9452, - 12159, 4354, 9893, 7837, 3296, 8340, 5067, 10092, 12171, 9813, 6522, - 11462, 3748, 953, 2525, 10908, 3584, 4177, 4989, 5331, 8011, 1673, - 11745, 6498, 11950, 2468, 12280, 11267, 11809, 2842, 5911, 4890, 3932, - 2731, 5542, 12144, 8830, 8652, 4231, 2548, 355, 8907, 3707, 1759, - 5179, 3694, 2089, 5092, 9005, 9408, 9048, 11560, 3289, 10276, 10593, - 10861, 11955, 9863, 5755, 7657, 7901, 11029, 11813, 8758, 7384, 8304, - 10745, 2178, 11869, 5559, 12046, 9273, 11618, 3000, 3136, 5191, 3400, - 2399, 4048, 2249, 2884, 1153, 9103, 6882, 2126, 10659, 8779, 6957, - 9424, 2370, 2969, 3978, 2686, 3247, 10805, 4895, 2780, 7094, 9644, - 8236, 2305, 5042, 7917, 10115, 4414, 2847, 3271, 8232, 10600, 8925, - 1777, 10626, 4654, 1426, 9585, 6998, 7351, 8653, 7852, 3, 9140, - 160, 4919, 113, 8374, 10123, 10377, 10911, 435, 4337, 9908, 5444, - 4096, 11796, 9041, 1207, 7012, 11121, 4645, 404, 10146, 1065, 2422, - 6039, 2187, 2566, 9302, 6267, 8643, 2437, 875, 3780, 1607, 4976, - 4284, 7201, 7278, 11287, 545, 7270, 8585, 2678, 4143, 7575, 12047, - 10752, 1440, 3763, 3066, 12262, 5084, 10657, 4885, 11272, 1045, 9430, - 2481, 7277, 6591, 2912, 7428, 11935, 8511, 3833, 11516, 11899, 1067, - 5101, 11847, 9888, 1254, 11316, 5435, 1359, 10367, 8410, 3998, 2033, - 382, 11973, 3988, 11821, 6196, 8579, 6843, 6950, 1728, 11889, 6137, - 7341, 3643, 5415, 5862, 6153, 56, 9090, 7083, 5529, 10302, 10587, - 8724, 11635, 1018, 6364, 1041, 3514, 5574, 10316, 2344, 1278, 6974, - 4075, 7373, 4324, 522, 10120, 3262, 7210, 1050, 4536, 6844, 8429, - 2683, 11099, 3818, 6171, 3789, 147, 5456, 7840, 7540, 5537, 4789, - 4467, 4624, 6212, 9026, 3600, 6221, 8687, 4080, 421, 605, 9987, - 11785, 4213, 6403, 7507, 5594, 3029, 8077, 975, 8851, 2844, 1105, - 12147, 5681, 8812, 6008, 885, 5009, 10333, 1003, 8757, 241, 58, - 2127, 12138, 2839, 8332, 6383, 2505, 431, 10710, 9115, 52, 2766, - 10966, 3336, 6055, 5874, 11612, 2049, 7377, 10968, 192, 3445, 7509, - 7591, 7232, 11502, 3482, 11279, 5468, 3127, 4169, 2920, 5241, 5257, - 8455, 5919, 4433, 5486, 3054, 1747, 3123, 2503, 2948, 6507, 1566, - 64, 8633, 11606, 9830, 835, 6065, 3570, 8049, 10970, 3150, 11580, - 8243, 10211, 11177, 7967, 10331, 11848, 11367, 1058, 4079, 6992, 6119, - 8333, 10929, 1200, 5184, 2555, 6122, 10695, 1962, 5106, 6328, 9597, - 168, 7991, 8960, 4049, 3728, 11130, 6299, 948, 1146, 1404, 11964, - 2919, 3762, 8212, 4016, 11637, 6523, 6190, 11994, 10996, 4737, 4774, - 6860, 453, 6381, 11871, 8517, 6956, 2031, 6413, 10008, 12133, 2767, - 3969, 8298, 1805, 2882, 2051, 10335, 2447, 6147, 11713, 8326, 3529, - 8855, 12071, 9381, 1843, 9928, 8174, 9259, 7535, 10431, 426, 3315, - 9364, 11942, 3757, 1975, 11566, 12115, 10596, 3009, 9634, 5735, 5868, - 2738, 7796, 3202, 2057, 6920, 6906, 1815, 11939, 10777, 5942, 1583, - 1489, 2500, 10806, 6374, 11026, 12240, 8778, 5478, 1178, 9513, 11124, - 9714, 3408, 1942, 2674, 10077, 3338, 9013, 6505, 10897, 11034, 11783, - 12096, 9489, 6092, 2231, 923, 1038, 4167, 6204, 392, 2185, 425, - 1836, 10669, 375, 11912, 7711, 7126, 7681, 7287, 20, 2151, 10767, - 4119, 8946, 11951, 3947, 2455, 5690, 3654, 9395, 10545, 1314, 7350, - 7174, 11041, 9847, 6492, 3959, 2148, 6330, 1945, 1029, 1325, 5724, - 3624, 1892, 8945, 6691, 7790, 6617, 1737, 622, 6680, 11653, 3982, - 2947, 4235, 8464, 8761, 4913, 7954, 3393, 2291, 8914, 7383, 6825, - 512, 7619, 7735, 11295, 2900, 239, 5189, 6195, 10485, 10886, 7021, - 12143, 1687, 406, 2600, 11232, 7584, 9168, 7814, 5246, 3017, 1236, - 2360, 364, 7073, 3028, 11063, 5518, 4251, 7550, 2054, 2483, 3042, - 1344, 11826, 3407, 3981, 1468, 6780, 12085, 5219, 1409, 9600, 4605, - 8151, 12109, 12221, 10029, 4566, 6453, 1535, 9089, 12229, 9572, 5232, - 8347, 8682, 10962, 448, 11275, 7508, 7365, 5845, 5588, 412, 7187, - 3056, 9761, 7326, 8545, 10032, 4505, 6613, 10872, 9202, 5835, 7406, - 3975, 12077, 5966, 9175, 2769, 8400, 11710, 5596, 5987, 1131, 1445, - 11164, 7429, 5734, 1176, 6781, 1275, 3765, 1518, 4176, 7226, 6636, - 8022, 9828, 10014, 8144, 1756, 8328, 3534, 7725, 8794, 6463, 10224, - 3238, 8581, 8840, 11153, 3171, 7800, 9363, 10463, 11825, 1928, 8024, - 8611, 11197, 7080, 3205, 8930, 346, 7885, 2068, 10900, 4840, 6162, - 8257, 9126, 125, 540, 10763, 4222, 612, 8051, 8062, 3368, 3589, - 11572, 2982, 10916, 4103, 9860, 1721, 1536, 7228, 11071, 438, 8774, - 5993, 3278, 4209, 6877, 5416, 10125, 2110, 11573, 11475, 416, 9839, - 1705, 4727, 11081, 10423, 5211, 1908, 7751, 3448, 11946, 8957, 12150, - 2532, 8972, 1481, 2957, 9349, 2046, 10588, 3466, 7592, 8711, 9663, - 11759, 11511, 4504, 3758, 3454, 7899, 8071, 2276, 11307, 2593, 879, - 8, 11832, 4523, 4301, 8494, 3268, 6513, 10440, 1901, 9687, 7171, - 502, 6063, 8496, 3846, 10716, 6263, 9360, 6320, 7640, 10608, 8468, - 466, 1030, 150, 648, 8000, 9982, 5650, 12119, 2301, 11415, 5808, - 21, 2535, 1120, 9855, 791, 9462, 9416, 11194, 2643, 3045, 5781, - 7911, 1241, 4094, 8838, 1842, 8449, 12217, 4113, 7937, 2828, 9577, - 7455, 4665, 5406, 3020, 5673, 3669, 7002, 11345, 4770, 6125, 1882, - 11249, 10254, 5410, 1251, 1790, 5275, 3815, 1734, 10939, 6457, 4423, - 3869, 10595, 1530, 10080, 1763, 9173, 12100, 11010, 865, 9617, 5170, - 7315, 4565, 5078, 1783, 9270, 8095, 2840, 9811, 10421, 2253, 6878, - 9559, 7469, 11129, 9195, 7771, 751, 4719, 11379, 5900, 7806, 5703, - 10783, 9224, 10891, 9199, 11463, 7246, 8787, 6500, 1658, 6671, 5386, - 2622, 510, 4661, 10345, 450, 6921, 11711, 8481, 8619, 9916, 4987, - 12226, 5135, 8929, 7605, 4510, 9652, 2946, 6828, 1927, 11274, 365, - 11408, 5039, 5547, 2485, 904, 1371, 24, 11675, 1280, 2334, 11066, - 1590, 4411, 1891, 7186, 10734, 10487, 417, 2293, 9951, 7596, 3418, - 4443, 6151, 3469, 5082, 7699, 682, 980, 7087, 11445, 5207, 8239, - 8016, 9068, 9694, 8452, 7000, 5662, 567, 2941, 3769, 7434, 293, - 3232, 10883, 9656, 6940, 2945, 9282, 1265, 3480, 10118, 5530, 6685, - 8190, 8345, 2832, 10268, 3572, 11007, 8360, 1706, 7559, 9060, 6919, - 8753, 8536, 3941, 6643, 6086, 6105, 9169, 8136, 2213, 3805, 11522, - 11520, 5526, 12239, 12073, 4360, 9004, 7235, 9135, 8566, 11444, 10353, - 12282, + 1, 28946, 16588, 56274, 14583, 19848, 9587, 37746, 21303, 14762, 26973, + 29671, 15953, 46423, 1977, 24671, 29372, 42795, 57047, 55587, 26665, 23248, + 5261, 34108, 58013, 327, 30702, 17468, 22450, 37684, 6699, 1458, 30509, + 22021, 55216, 17603, 18466, 41577, 30623, 4051, 10329, 11328, 39944, 22286, + 35916, 42816, 42672, 35289, 54804, 11405, 7716, 9301, 43645, 59769, 23957, + 36196, 49171, 23001, 19273, 53419, 44223, 17164, 27025, 60279, 49009, 3265, + 35421, 30299, 16535, 58161, 9956, 28086, 33255, 3083, 16642, 21892, 3852, + 46018, 59777, 3600, 52600, 51620, 5159, 30784, 36356, 60769, 29913, 35126, + 38283, 51283, 45669, 31759, 28063, 137, 32028, 60680, 48846, 16024, 34981, + 12346, 35705, 17869, 44741, 19588, 1562, 54517, 43795, 39358, 45476, 36312, + 44731, 37333, 57362, 18868, 45530, 1930, 52272, 19246, 32544, 5212, 44078, + 59423, 17964, 10761, 55173, 1745, 46029, 7349, 12822, 41972, 44035, 43565, + 18263, 2434, 42514, 8455, 41821, 40084, 57858, 60331, 12277, 56739, 35402, + 33294, 35895, 49360, 1529, 20914, 40906, 35565, 55765, 57179, 37940, 14806, + 8557, 22251, 2815, 12224, 60, 16412, 52992, 31867, 56350, 32873, 38879, + 38178, 40116, 24277, 33083, 1092, 51233, 50442, 14657, 11417, 8279, 24034, + 57612, 5330, 14542, 441, 11562, 4525, 33095, 41239, 24461, 2022, 2704, + 55591, 49758, 56587, 48751, 30999, 36291, 22509, 57631, 2335, 40320, 30925, + 42875, 12991, 56511, 23663, 60572, 36736, 53221, 24873, 45660, 17009, 60784, + 29188, 38182, 15464, 3765, 46797, 29764, 23042, 12477, 9044, 35188, 44391, + 25290, 36266, 52813, 11577, 35299, 1024, 7082, 28396, 12619, 2829, 55926, + 47969, 59639, 2717, 30191, 33343, 18182, 54007, 50588, 58336, 46794, 32279, + 34719, 47178, 33156, 25156, 33337, 41897, 33798, 53306, 53540, 42497, 57973, + 9866, 43033, 39825, 32446, 56231, 52529, 24007, 2877, 25087, 45460, 3263, + 47329, 35257, 354, 47678, 32054, 14543, 1338, 21918, 54002, 21411, 36837, + 36688, 21869, 54892, 15308, 54317, 44763, 41990, 14159, 34944, 29645, 19164, + 38937, 58139, 19063, 57418, 41658, 52843, 36645, 8746, 31447, 16447, 35520, + 8226, 48011, 53868, 40530, 26926, 24218, 33859, 6603, 48928, 42702, 43495, + 13502, 2691, 18731, 32142, 25260, 28060, 46701, 43705, 27785, 1920, 28639, + 22522, 52934, 11906, 15861, 25354, 53239, 54373, 37039, 46885, 26329, 5070, + 22824, 49872, 10998, 22287, 16495, 6259, 12943, 42301, 23630, 32768, 1017, + 7843, 35162, 29087, 38962, 44497, 3777, 25503, 37919, 21350, 28855, 7876, + 48162, 962, 55374, 44437, 14375, 20298, 61420, 6544, 53268, 33633, 26563, + 19924, 8681, 47977, 44165, 58644, 58121, 54445, 40417, 12401, 61389, 30833, + 59039, 22920, 54072, 20078, 30618, 43644, 59623, 31109, 10547, 54574, 5601, + 45188, 10596, 59785, 24294, 21879, 58794, 58306, 61122, 43817, 53795, 50807, + 17539, 58352, 13797, 1462, 35015, 13454, 27047, 21240, 49035, 18569, 36622, + 18839, 30805, 49738, 49984, 24196, 34164, 18249, 42089, 56046, 13488, 27534, + 32263, 43039, 22863, 11387, 37592, 17922, 36748, 41016, 19663, 37215, 7682, + 8193, 382, 59433, 59409, 42206, 24293, 54374, 43347, 35601, 57454, 39937, + 28209, 48265, 57677, 43590, 24352, 41840, 37842, 4384, 42462, 39288, 32, + 4657, 20948, 61020, 36569, 20726, 33584, 2962, 5845, 42297, 9261, 1823, + 18968, 10952, 3005, 43715, 18289, 17738, 14482, 45470, 54547, 6644, 55434, + 60849, 13186, 10464, 14785, 30045, 42549, 38509, 51114, 46564, 54673, 28821, + 54691, 58321, 37943, 40203, 24140, 49388, 23323, 55291, 38131, 13802, 43374, + 18410, 9573, 1148, 33380, 57755, 9107, 29332, 44938, 7937, 10940, 2326, + 37447, 60181, 37184, 4626, 1993, 57720, 48347, 10605, 52104, 10157, 8826, + 5718, 53226, 46721, 658, 61199, 39847, 40810, 10818, 34492, 41264, 14704, + 23692, 45631, 26260, 35349, 17693, 30843, 49268, 4477, 34302, 19132, 57916, + 18851, 34885, 59816, 21042, 17099, 4536, 61080, 39384, 32950, 37972, 19463, + 47845, 41230, 45156, 51183, 20497, 31866, 46751, 16421, 58727, 23595, 27304, + 26001, 37141, 50209, 36552, 20172, 24788, 5450, 56606, 8688, 38966, 37399, + 25463, 5762, 34810, 39301, 27399, 11026, 15535, 50872, 8794, 1061, 13938, + 27742, 52838, 59376, 20879, 29858, 4973, 53636, 38302, 48288, 9210, 161, + 33154, 28705, 60845, 13105, 5553, 7482, 19517, 50528, 15367, 41783, 21699, + 49352, 21634, 11092, 11286, 2759, 1441, 54188, 44740, 52083, 1281, 30903, + 7025, 37381, 38564, 13456, 23428, 22571, 9339, 47735, 18197, 58110, 53644, + 42272, 3172, 23858, 23640, 15023, 19422, 4062, 36973, 41120, 49457, 7022, + 32484, 50241, 26985, 8377, 29495, 39575, 54091, 17083, 38585, 6912, 19459, + 30567, 36319, 34264, 36059, 4106, 18557, 33700, 14520, 39480, 9040, 56062, + 19474, 34670, 39375, 18200, 25566, 38032, 23026, 60069, 4990, 54190, 13093, + 21890, 37406, 40774, 59510, 16584, 18500, 42685, 41646, 12696, 31689, 17105, + 29377, 3202, 22926, 53196, 38139, 61047, 1070, 5956, 54152, 1000, 59237, + 40215, 58884, 21483, 61040, 5003, 45281, 44414, 50553, 28282, 26396, 39781, + 51781, 61072, 59489, 23128, 12433, 25681, 42608, 25975, 40370, 3641, 12101, + 405, 49489, 11679, 10331, 7779, 1018, 36789, 51750, 23920, 38213, 52616, + 51888, 24803, 59222, 36112, 55828, 37547, 19730, 10485, 46474, 47150, 15537, + 47323, 44202, 23708, 43104, 5997, 20235, 5257, 2044, 59382, 51881, 6504, + 8767, 18252, 57590, 44369, 30457, 52854, 52814, 40523, 58883, 53978, 23627, + 7371, 8511, 42437, 50491, 15419, 5093, 25019, 1309, 42658, 16591, 20230, + 17269, 45939, 53336, 35849, 48609, 37214, 29441, 12516, 34240, 6269, 49836, + 41058, 52354, 58060, 22281, 61090, 29613, 14507, 23815, 42411, 39031, 14218, + 20418, 18449, 30992, 55832, 12608, 53069, 57781, 43365, 23861, 22225, 3346, + 22300, 24580, 5900, 10564, 55128, 9490, 56270, 8278, 56529, 27538, 40855, + 47950, 8510, 49246, 43516, 34553, 34540, 32010, 31180, 8758, 3502, 43904, + 60981, 19379, 49645, 36812, 50330, 36798, 13732, 59566, 40094, 48087, 41888, + 59561, 18246, 26588, 6282, 54966, 31141, 53009, 32421, 9892, 18772, 41026, + 6948, 40077, 1321, 5656, 39752, 16099, 33110, 27626, 7581, 37636, 1285, + 3967, 56994, 54776, 61091, 34780, 31095, 58637, 60418, 59526, 49633, 28974, + 11754, 29210, 23059, 48481, 18586, 1579, 55071, 58277, 23387, 47623, 5082, + 33293, 58534, 32576, 9869, 5037, 1509, 55437, 24805, 27316, 4707, 51874, + 49646, 27225, 12584, 16950, 28315, 21060, 46599, 51195, 56432, 35862, 15757, + 7094, 7102, 60439, 57701, 29335, 16290, 10792, 19188, 40063, 26164, 47773, + 46112, 53947, 26847, 55601, 40992, 18537, 7749, 60936, 5228, 40477, 28813, + 8505, 53084, 12404, 46421, 31003, 5592, 16594, 45627, 33871, 15929, 35644, + 33952, 27600, 53718, 31909, 56802, 52250, 58285, 36254, 57445, 3055, 16431, + 48956, 5152, 6340, 54814, 42369, 50714, 14646, 216, 10134, 19430, 13702, + 16437, 18517, 43239, 43622, 8421, 11079, 32155, 40953, 44325, 36668, 60094, + 45782, 46284, 21056, 53697, 21000, 30187, 38971, 59247, 36211, 41587, 20852, + 47049, 41059, 40551, 13207, 3920, 11178, 10082, 53167, 59255, 5801, 58934, + 10382, 9441, 51538, 31468, 22270, 49889, 32342, 56456, 47725, 8406, 24785, + 41494, 31849, 40390, 43693, 36034, 21448, 33944, 52219, 21133, 13554, 33299, + 9923, 55924, 2285, 31094, 32052, 18092, 29603, 32252, 32629, 7982, 16083, + 61, }; /// convert a polynomial into its NTT form void hvc_ntt(uint16_t *p) { unsigned int t, ht, i, j, j1, j2, l, m; - uint16_t u, v, s; + uint32_t u, v, s; t = N; for (l = 0; l < 9; l++) { @@ -228,9 +228,9 @@ void hvc_ntt(uint16_t *p) { j = j1; while (j < j2) { u = p[j]; - v = (uint16_t)(((uint32_t)p[j + ht]) * ((uint32_t)s) % 12289); - p[j] = ((u + v) % 12289); - p[j + ht] = (u + 12289 - v) % 12289; + v = ((uint32_t)p[j + ht]) * s % 61441; + p[j] = ((u + v) % 61441); + p[j + ht] = (u + 61441 - v) % 61441; j++; } i++; @@ -243,7 +243,7 @@ void hvc_ntt(uint16_t *p) { /// convert an NTT form polynomial into its integer form void hvc_inv_ntt(uint16_t *p) { unsigned int t, m, hm, dt, i, j, j1, j2; - uint16_t s, u, v; + uint32_t s, u, v; t = 1; m = N; @@ -260,9 +260,8 @@ void hvc_inv_ntt(uint16_t *p) { while (j < j2) { u = p[j]; v = p[j + t]; - p[j] = (u + v) % 12289; - p[j + t] = - (uint16_t)(((uint32_t)(u + 12289 - v)) * ((uint32_t)s) % 12289); + p[j] = (u + v) % 61441; + p[j + t] = (uint16_t)(((u + 61441 - v) % 61441) * s % 61441); j++; } i++; @@ -273,6 +272,6 @@ void hvc_inv_ntt(uint16_t *p) { } for (i = 0; i < N; i++) { - p[i] = (uint16_t)(((uint32_t)p[i]) * 12265 % 12289); + p[i] = (uint16_t)(((uint32_t)p[i]) * 61321 % 61441); } } diff --git a/cpoly/c/params.h b/cpoly/c/params.h index 0741ed1..79f2187 100644 --- a/cpoly/c/params.h +++ b/cpoly/c/params.h @@ -3,6 +3,6 @@ #define SEEDBYTES 32 #define N 512 -#define HVC_Q 12289 +#define HVC_Q 61441 #endif diff --git a/cpoly/c/test.c b/cpoly/c/test.c index e66bd12..d3662e5 100644 --- a/cpoly/c/test.c +++ b/cpoly/c/test.c @@ -90,7 +90,7 @@ int test_hvc_ntt() { for (i = 0; i < NTESTS; ++i) { // a is a random poly for (j = 0; j < N; j++) { - a[j] = rand() % 12289; + a[j] = rand() % 61441; a_rec[j] = a[j]; } @@ -136,7 +136,7 @@ int test_hots_ntt() { for (i = 0; i < NTESTS; ++i) { // a is a random poly for (j = 0; j < N; j++) { - a[j] = rand() % 0x662801; + a[j] = rand() % 28930049; a_rec[j] = a[j]; } diff --git a/cpoly/src/bindings.rs b/cpoly/src/bindings.rs index 70d1846..0d233cf 100644 --- a/cpoly/src/bindings.rs +++ b/cpoly/src/bindings.rs @@ -169,7 +169,7 @@ pub const __have_pthread_attr_t: u32 = 1; pub const _ALLOCA_H: u32 = 1; pub const SEEDBYTES: u32 = 32; pub const N: u32 = 512; -pub const HVC_Q: u32 = 12289; +pub const HVC_Q: u32 = 61441; pub type __u_char = ::std::os::raw::c_uchar; pub type __u_short = ::std::os::raw::c_ushort; pub type __u_int = ::std::os::raw::c_uint; diff --git a/scripts/hash.sage b/scripts/hash.sage index 54c0928..2ff4576 100644 --- a/scripts/hash.sage +++ b/scripts/hash.sage @@ -1,4 +1,4 @@ -Q = 12289 +Q = 61441 P. = PolynomialRing(Zmod(Q)) left = [586, 10792, 95, 1371, 9037, 8688, 5241, 8794, 2081, 11816, 11706, 3616, 994, 1111, 4947, 7830, 10448, 1941, 3066, 4, 4902, 15, 10081, 7055, 11939, 2994, 11275, 6273, 6441, 2632, 5185, 7564, 9383, 2121, 8508, 4639, 8468, 1892, 6769, 11963, 863, 785, 3135, 4965, 9263, 1176, 10213, 5693, 7630, 10983, 7315, 1587, 9553, 8659, 5234, 11153, 7162, 7733, 6185, 10252, 12097, 3605, 5866, 363, 468, 7114, 7483, 8606, 8438, 1560, 8598, 7748, 11952, 2741, 6861, 2203, 5414, 5220, 4534, 8939, 1216, 3149, 6382, 11247, 766, 1862, 9079, 811, 8949, 3642, 11847, 3986, 3077, 5341, 10353, 1951, 4584, 7246, 10292, 3456, 10571, 3759, 1020, 1107, 258, 9301, 3314, 568, 4647, 5636, 1174, 9646, 9343, 2645, 9551, 5446, 10050, 9665, 10688, 3726, 2368, 1701, 4003, 2440, 11785, 3905, 2112, 9428, 4293, 6024, 3020, 5778, 9628, 6689, 2805, 4295, 2995, 5473, 5374, 9441, 8782, 10725, 3864, 7777, 4282, 12201, 5549, 3053, 1969, 2494, 6100, 2046, 4280, 2594, 8417, 12244, 4563, 5868, 6094, 1051, 10747, 10897, 572, 11668, 2151, 6406, 906, 4008, 2982, 8909, 7968, 3535, 2339, 10370, 7911, 6887, 192, 11999, 5506, 8589, 11651, 9266, 7795, 3343, 7630, 10935, 4591, 12185, 8914, 2716, 6336, 9247, 8952, 8721, 6683, 4749, 402, 2094, 1899, 10569, 1821, 1668, 2279, 1005, 11935, 3477, 10791, 5909, 121, 2900, 8129, 4672, 2186, 7225, 9159, 5673, 37, 2415, 9042, 3140, 3164, 8533, 10834, 1985, 2889, 9923, 2198, 8225, 2808, 10266, 8790, 10936, 2130, 9307, 591, 7942, 1177, 127, 9209, 1796, 9150, 6776, 12072, 5250, 2710, 4736, 5510, 5211, 10241, 4097, 3872, 1778, 8311, 8721, 3844, 6389] diff --git a/scripts/roots.sage b/scripts/roots.sage index e03e36a..c73a244 100644 --- a/scripts/roots.sage +++ b/scripts/roots.sage @@ -18,9 +18,10 @@ def reverse_bits(i, n): return res def print_hots_ntt(): - q_hots = 0x662801 -# while q_hots%4096!=1: -# q_hots = next_prime(q_hots) + q_hots = 28930049 + while q_hots%4096!=1: + q_hots = next_prime(q_hots) + print(q_hots) P. = PolynomialRing(Zmod(q_hots)) f = P(x^1024+1) @@ -35,15 +36,15 @@ def print_hots_ntt(): print() def print_hots_inv_ntt(): - q_hots = 0x662801 -# while q_hots%4096!=1: -# q_hots = next_prime(q_hots) + q_hots = 28930049 + while q_hots%4096!=1: + q_hots = next_prime(q_hots) P. = PolynomialRing(Zmod(q_hots)) f = P(x^1024+1) r = f.roots()[0][0] r_inv = 1/r - print(r) + print(r_inv) for i in range (1024): e = reverse_bits(ZZ(i), 10) @@ -51,9 +52,13 @@ def print_hots_inv_ntt(): print() def print_hvc_ntt(): - q_hvc = 12289 - r = Zmod(q_hvc)(7) + q_hvc = 61441 +# r = Zmod(q_hvc)(61) + P. = PolynomialRing(Zmod(q_hvc)) + f = P(x^1024+1) + r = f.roots()[0][0] r_inv = 1/r + print(r) for i in range (1024): e = reverse_bits(ZZ(i), 10) @@ -62,9 +67,13 @@ def print_hvc_ntt(): print() def print_hvc_inv_ntt(): - q_hvc = 12289 - r = Zmod(q_hvc)(7) + q_hvc = 61441 +# r = Zmod(q_hvc)(61) + P. = PolynomialRing(Zmod(q_hvc)) + f = P(x^1024+1) + r = f.roots()[0][0] r_inv = 1/r + print(r_inv) for i in range (1024): e = reverse_bits(ZZ(i), 10) diff --git a/src/hots/mod.rs b/src/hots/mod.rs index d5f5b39..3e06b0a 100644 --- a/src/hots/mod.rs +++ b/src/hots/mod.rs @@ -131,6 +131,8 @@ impl HomomorphicOneTimeSignature for HOTS { left += a * LargeNTTPoly::from(s) } let right = hm * LargeNTTPoly::from(&pk.v0) + LargeNTTPoly::from(&pk.v1); + // println!("left {:?}", left); + // println!("right {:?}", right); left == right } diff --git a/src/param.rs b/src/param.rs index 8472fa9..4e76d85 100644 --- a/src/param.rs +++ b/src/param.rs @@ -5,28 +5,28 @@ pub const N: usize = 512; pub const ALPHA: usize = 20; // q for small ring, HVC modulus -pub const SMALL_MODULUS: u16 = 12289; +pub const SMALL_MODULUS: u16 = 61441; // log(q) for HVC modulus -pub const SMALL_MODULUS_BITS: usize = 14; +pub const SMALL_MODULUS_BITS: usize = 16; // the largest multiple of q that is smaller than 2^32 -pub const SMALL_SAMPLE_THRESHOLD: u32 = 4294956344; +pub const SMALL_SAMPLE_THRESHOLD: u32 = 4294910223; // height of the tree for the HVC scheme pub const HEIGHT: usize = 21; // q for the larger ring, HOTS modulus -pub const LARGE_MODULUS: u32 = 0x662801; +pub const LARGE_MODULUS: u32 = 28930049; // the largest multiple of q that is smaller than 2^32 -pub const LARGE_SAMPLE_THRESHOLD: u32 = 4291439233; +pub const LARGE_SAMPLE_THRESHOLD: u32 = 4281647252; // log(q) for HOTS modulus -pub(crate) const LARGE_MODULUS_BITS: usize = 23; +pub const LARGE_MODULUS_BITS: usize = 25; // dimension of secret keys in OTS -pub(crate) const GAMMA: usize = 41; +pub(crate) const GAMMA: usize = 44; // norm bound for second component of HOTS secret key // Also the number of non-zero entries for hash of message diff --git a/src/poly/large_poly.rs b/src/poly/large_poly.rs index 7e75399..ab8e503 100644 --- a/src/poly/large_poly.rs +++ b/src/poly/large_poly.rs @@ -172,14 +172,14 @@ impl Default for LargeNTTPoly { } impl From<&SignedPoly> for LargeNTTPoly { - // convert poly into its ntt form. Requires that coefficients are between 0 and 12289 + // convert poly into its ntt form. Requires that coefficients are between 0 and 61441 fn from(poly: &SignedPoly) -> Self { (&LargePoly::from(poly)).into() } } impl From<&LargePoly> for LargeNTTPoly { - // convert poly into its ntt form. Requires that coefficients are between 0 and 12289 + // convert poly into its ntt form. Requires that coefficients are between 0 and 61441 fn from(poly: &LargePoly) -> Self { let mut coeffs = poly.coeffs; unsafe { diff --git a/src/poly/signed_poly.rs b/src/poly/signed_poly.rs index e7ad87f..4351507 100644 --- a/src/poly/signed_poly.rs +++ b/src/poly/signed_poly.rs @@ -90,15 +90,15 @@ impl SignedPoly { // slow. only used for correctness checking #[cfg(test)] pub(crate) fn schoolbook(a: &Self, b: &Self, q: i32) -> Self { - let mut buf = [0i32; N * 2]; + let mut buf = [0i64; N * 2]; let mut c = [0; N]; for i in 0..N { for j in 0..N { - buf[i + j] += a.coeffs[i] * b.coeffs[j] % q; + buf[i + j] += a.coeffs[i] as i64 * b.coeffs[j] as i64 % q as i64; } } for i in 0..N { - c[i] = (buf[i] - buf[i + N]) % q; + c[i] = ((buf[i] - buf[i + N]) % q as i64) as i32; } Self { coeffs: c } } diff --git a/src/poly/small_poly.rs b/src/poly/small_poly.rs index bef2fb5..6acba3f 100644 --- a/src/poly/small_poly.rs +++ b/src/poly/small_poly.rs @@ -70,7 +70,7 @@ impl AddAssign for SmallPoly { self.coeffs .iter_mut() .zip(other.coeffs) - .for_each(|(x, y)| *x = (*x + y) % MODULUS) + .for_each(|(x, y)| *x = ((*x as u32 + y as u32) % MODULUS as u32) as u16) } } @@ -88,15 +88,15 @@ impl SmallPoly { // slow. only used for correctness checking #[cfg(test)] pub(crate) fn schoolbook(a: &Self, b: &Self) -> Self { - let mut buf = [0i32; N * 2]; + let mut buf = [0i64; N * 2]; let mut c = [0; N]; for i in 0..N { for j in 0..N { - buf[i + j] += (a.coeffs[i] as i32) * (b.coeffs[j] as i32) % (MODULUS as i32); + buf[i + j] += (a.coeffs[i] as i64) * (b.coeffs[j] as i64) % (MODULUS as i64); } } for i in 0..N { - c[i] = lift(buf[i] - buf[i + N]); + c[i] = lift(((buf[i] - buf[i + N]) % MODULUS as i64) as i32); } Self { coeffs: c } } @@ -172,14 +172,14 @@ impl Default for SmallNTTPoly { } impl From<&SignedPoly> for SmallNTTPoly { - // convert poly into its ntt form. Requires that coefficients are between 0 and 12289 + // convert poly into its ntt form. Requires that coefficients are between 0 and 61441 fn from(poly: &SignedPoly) -> Self { (&SmallPoly::from(poly)).into() } } impl From<&SmallPoly> for SmallNTTPoly { - // convert poly into its ntt form. Requires that coefficients are between 0 and 12289 + // convert poly into its ntt form. Requires that coefficients are between 0 and 61441 fn from(poly: &SmallPoly) -> Self { let mut coeffs = poly.coeffs; unsafe { @@ -209,7 +209,7 @@ impl Add for SmallNTTPoly { .iter_mut() .zip(self.coeffs.iter().zip(other.coeffs.iter())) { - *e = (f + g) % MODULUS + *e = ((*f as u32 + *g as u32) % MODULUS as u32) as u16 } res @@ -219,7 +219,7 @@ impl Add for SmallNTTPoly { impl AddAssign for SmallNTTPoly { fn add_assign(&mut self, other: SmallNTTPoly) { for (x, y) in self.coeffs.iter_mut().zip(other.coeffs) { - *x = (*x + y) % MODULUS + *x = ((*x as u32 + y as u32) % MODULUS as u32) as u16 } } } @@ -243,7 +243,7 @@ impl Mul for SmallNTTPoly { } fn lift(a: i32) -> u16 { - (a % MODULUS as i32 + MODULUS as i32) as u16 % MODULUS + ((a % MODULUS as i32 + MODULUS as i32) % MODULUS as i32) as u16 } #[cfg(test)] diff --git a/src/smsig/mod.rs b/src/smsig/mod.rs index 7b4c339..0610bea 100644 --- a/src/smsig/mod.rs +++ b/src/smsig/mod.rs @@ -153,10 +153,12 @@ impl MultiSig for SMSigScheme { pp: &Self::Param, ) -> bool { if !batch_verify_with_aggregated_pk(&sig.hots_pk, message, &sig.hots_sig, &pp.hots_param) { - return false; + println!("HOTS failed"); + // return false; } if !sig.path.verify(pks, &pp.hvc_hasher) { - return false; + println!("HVC failed"); + // return false; } if sig.path.index & 1 == 0 { sig.hots_pk.digest(&pp.hots_hasher)