matrix_shake.go

Documentation: github.com/cloudflare/circl/kem/frodo/frodo640shake

     1  package frodo640shake
     2  
     3  import (
     4  	"github.com/cloudflare/circl/internal/sha3"
     5  )
     6  
     7  func expandSeedIntoA(A *nByNU16, seed *[seedASize]byte, xof *sha3.State) {
     8  	var ARow [paramN * 2]byte
     9  	var seedSeparated [2 + seedASize]byte
    10  
    11  	copy(seedSeparated[2:], seed[:])
    12  
    13  	for i := 0; i < paramN; i++ {
    14  		seedSeparated[0] = byte(i)
    15  		seedSeparated[1] = byte(i >> 8)
    16  
    17  		xof.Reset()
    18  		_, _ = xof.Write(seedSeparated[:])
    19  		_, _ = xof.Read(ARow[:])
    20  
    21  		for j := 0; j < paramN; j++ {
    22  			// No need to reduce modulo 2^15, extra bits are removed
    23  			// later on via packing or explicit reduction.
    24  			A[(i*paramN)+j] = uint16(ARow[j*2]) | (uint16(ARow[(j*2)+1]) << 8)
    25  		}
    26  	}
    27  }
    28  
    29  func mulAddASPlusE(out *nByNbarU16, A *nByNU16, s *nByNbarU16, e *nByNbarU16) {
    30  	for i := 0; i < paramN; i++ {
    31  		for k := 0; k < paramNbar; k++ {
    32  			sum := e[i*paramNbar+k]
    33  			for j := 0; j < paramN; j++ {
    34  				sum += A[i*paramN+j] * s[k*paramN+j]
    35  			}
    36  			// No need to reduce modulo 2^15, extra bits are removed
    37  			// later on via packing or explicit reduction.
    38  			out[i*paramNbar+k] += sum
    39  		}
    40  	}
    41  }
    42  
    43  func mulAddSAPlusE(out *nbarByNU16, s []uint16, A *nByNU16, e []uint16) {
    44  	for i := 0; i < paramN; i++ {
    45  		for k := 0; k < paramNbar; k++ {
    46  			sum := e[k*paramN+i]
    47  			for j := 0; j < paramN; j++ {
    48  				sum += A[j*paramN+i] * s[k*paramN+j]
    49  			}
    50  			// No need to reduce modulo 2^15, extra bits are removed
    51  			// later on via packing or explicit reduction.
    52  			out[k*paramN+i] += sum
    53  		}
    54  	}
    55  }
    56
View as plain text