anemoi/jubjub/anemoi_2_1/
mod.rs

1//! Implementation of the Anemoi permutation
2
3use super::{sbox, Felt, MontFp};
4use crate::{Anemoi, Jive, Sponge};
5use ark_ff::{One, Zero};
6/// Digest for Anemoi
7mod digest;
8/// Sponge for Anemoi
9mod hasher;
10/// Round constants for Anemoi
11mod round_constants;
12
13pub use digest::AnemoiDigest;
14
15// ANEMOI CONSTANTS
16// ================================================================================================
17
18/// Function state is set to 2 field elements or 64 bytes.
19/// 1 element of the state is reserved for capacity.
20pub const STATE_WIDTH: usize = 2;
21/// 1 element of the state is reserved for rate.
22pub const RATE_WIDTH: usize = 1;
23
24/// The state is divided into two even-length rows.
25pub const NUM_COLUMNS: usize = 1;
26
27/// One element (32-bytes) is returned as digest.
28pub const DIGEST_SIZE: usize = RATE_WIDTH;
29
30/// The number of rounds is set to 21 to provide 128-bit security level.
31pub const NUM_HASH_ROUNDS: usize = 21;
32
33// ANEMOI INSTANTIATION
34// ================================================================================================
35
36/// An Anemoi instantiation over Jubjub basefield with 1 column and rate 1.
37#[derive(Debug, Clone)]
38pub struct AnemoiJubjub_2_1;
39
40impl<'a> Anemoi<'a, Felt> for AnemoiJubjub_2_1 {
41    const NUM_COLUMNS: usize = NUM_COLUMNS;
42    const NUM_ROUNDS: usize = NUM_HASH_ROUNDS;
43
44    const WIDTH: usize = STATE_WIDTH;
45    const RATE: usize = RATE_WIDTH;
46    const OUTPUT_SIZE: usize = DIGEST_SIZE;
47
48    const ARK_C: &'a [Felt] = &round_constants::C;
49    const ARK_D: &'a [Felt] = &round_constants::D;
50
51    const GROUP_GENERATOR: u32 = sbox::BETA;
52
53    const ALPHA: u32 = sbox::ALPHA;
54    const INV_ALPHA: Felt = sbox::INV_ALPHA;
55    const BETA: u32 = sbox::BETA;
56    const DELTA: Felt = sbox::DELTA;
57
58    fn exp_by_inv_alpha(x: Felt) -> Felt {
59        sbox::exp_by_inv_alpha(&x)
60    }
61}
62
63#[cfg(test)]
64mod tests {
65    use super::*;
66
67    #[test]
68    fn test_sbox() {
69        // Generated from https://github.com/anemoi-hash/anemoi-hash/
70        let mut input = [
71            [Felt::zero(), Felt::zero()],
72            [Felt::one(), Felt::one()],
73            [Felt::zero(), Felt::one()],
74            [Felt::one(), Felt::zero()],
75            [
76                MontFp!(
77                    "51687309537499687832787312941976599784064532977316092918533053386538748425642"
78                ),
79                MontFp!(
80                    "27245180385515469316683280807646167491575980832157009146585007068470321964262"
81                ),
82            ],
83            [
84                MontFp!(
85                    "52175830888449177420799525156647727456986450309407845803758865897364847179738"
86                ),
87                MontFp!(
88                    "39622503581685635500700621337279261352946169581417185398259207807755733091294"
89                ),
90            ],
91            [
92                MontFp!(
93                    "19470931668995937460604715897699377052859387353563090962192068868608557288654"
94                ),
95                MontFp!(
96                    "52428813015582117987474147227661578665291330159066236929548107648208211253768"
97                ),
98            ],
99            [
100                MontFp!(
101                    "34725136430734279097783693363635397852820298036356042278369044959187154401979"
102                ),
103                MontFp!(
104                    "9155944415537595472308318851850913269911307292288152885528758693209192915378"
105                ),
106            ],
107            [
108                MontFp!(
109                    "15324022610495839874774224308496671270390212773715628021233240921036882048186"
110                ),
111                MontFp!(
112                    "33157559832878686443229823975723354165092302139756182295381510740322578094918"
113                ),
114            ],
115            [
116                MontFp!(
117                    "24325650607472239761644712985779158601176705943089386019707973129364398463560"
118                ),
119                MontFp!(
120                    "36476596879636242194858777999278567147480546106023627833691137236169581850101"
121                ),
122            ],
123        ];
124
125        let output = [
126            [
127                MontFp!(
128                    "14981678621464625851270783002338847382197300714436467949315331057125308909861"
129                ),
130                Felt::zero(),
131            ],
132            [
133                MontFp!(
134                    "26465412774926089111718321100574595527540964126946526979500696246159200663557"
135                ),
136                MontFp!(
137                    "39248768654128688292658764022179785046913739642751806076985032101719802651189"
138                ),
139            ],
140            [
141                MontFp!(
142                    "12740277426642017153170591585468114140384764416905683044706614677794597857620"
143                ),
144                MontFp!(
145                    "14891594025153715433052427327081456214862500696375893038292967289916437753110"
146                ),
147            ],
148            [
149                MontFp!(
150                    "14981678621464625851270783002338847382197300714436467949315331057125308909869"
151                ),
152                MontFp!(
153                    "52435875175126190479447740508185965837690552500527637822603658699938581184512"
154                ),
155            ],
156            [
157                MontFp!(
158                    "30539342768044772785240858832987438746638686553106686724949418598999958516685"
159                ),
160                MontFp!(
161                    "20906572893529218028458150808451715646423977802151887706433959987398846705839"
162                ),
163            ],
164            [
165                MontFp!(
166                    "22346066152187674141760538567730885692050154791927920531163343236293067435424"
167                ),
168                MontFp!(
169                    "1456757276424856397682120883987169172441004806229947861007954668371527553243"
170                ),
171            ],
172            [
173                MontFp!(
174                    "51263975795335663516585515610761004054567796038636487381764356241385176767693"
175                ),
176                MontFp!(
177                    "47859076494749252787425002672564777642089326669133167948819513468280427613779"
178                ),
179            ],
180            [
181                MontFp!(
182                    "36157767113889104730581830280171322656039874429546786630559027084275883062577"
183                ),
184                MontFp!(
185                    "20664812872910031392220671031275616107468626814133329099881146874021905253695"
186                ),
187            ],
188            [
189                MontFp!(
190                    "44059093636116542838780832359223492731500879977663313687014137779330288888147"
191                ),
192                MontFp!(
193                    "9385016998954961867521296928435557987297037770801602747094261251148525113071"
194                ),
195            ],
196            [
197                MontFp!(
198                    "8506406649966831848758866184864510991904659426118219847758868610647732969620"
199                ),
200                MontFp!(
201                    "23128801098188204035035120131318699886048855401612657028783560188383728323528"
202                ),
203            ],
204        ];
205
206        for i in input.iter_mut() {
207            AnemoiJubjub_2_1::sbox_layer(i);
208        }
209
210        for (&i, o) in input.iter().zip(output) {
211            assert_eq!(i, o);
212        }
213    }
214}
anemoi/jubjub/anemoi_2_1/mod.rs

anemoi/jubjub/anemoi_2_1/
mod.rs
