anemoi/vesta/anemoi_2_1/
mod.rs

1//! Implementation of the Anemoi permutation
2
3use super::{sbox, Felt, MontFp};
4use crate::{Anemoi, Jive, Sponge};
5use ark_ff::{One, Zero};
6/// Digest for Anemoi
7mod digest;
8/// Sponge for Anemoi
9mod hasher;
10/// Round constants for Anemoi
11mod round_constants;
12
13pub use digest::AnemoiDigest;
14
15// ANEMOI CONSTANTS
16// ================================================================================================
17
18/// Function state is set to 2 field elements or 64 bytes.
19/// 1 element of the state is reserved for capacity.
20pub const STATE_WIDTH: usize = 2;
21/// 1 element of the state is reserved for rate.
22pub const RATE_WIDTH: usize = 1;
23
24/// The state is divided into two even-length rows.
25pub const NUM_COLUMNS: usize = 1;
26
27/// One element (32-bytes) is returned as digest.
28pub const DIGEST_SIZE: usize = RATE_WIDTH;
29
30/// The number of rounds is set to 21 to provide 128-bit security level.
31pub const NUM_HASH_ROUNDS: usize = 21;
32
33// ANEMOI INSTANTIATION
34// ================================================================================================
35
36/// An Anemoi instantiation over Vesta basefield with 1 column and rate 1.
37#[derive(Debug, Clone)]
38pub struct AnemoiVesta_2_1;
39
40impl<'a> Anemoi<'a, Felt> for AnemoiVesta_2_1 {
41    const NUM_COLUMNS: usize = NUM_COLUMNS;
42    const NUM_ROUNDS: usize = NUM_HASH_ROUNDS;
43
44    const WIDTH: usize = STATE_WIDTH;
45    const RATE: usize = RATE_WIDTH;
46    const OUTPUT_SIZE: usize = DIGEST_SIZE;
47
48    const ARK_C: &'a [Felt] = &round_constants::C;
49    const ARK_D: &'a [Felt] = &round_constants::D;
50
51    const GROUP_GENERATOR: u32 = sbox::BETA;
52
53    const ALPHA: u32 = sbox::ALPHA;
54    const INV_ALPHA: Felt = sbox::INV_ALPHA;
55    const BETA: u32 = sbox::BETA;
56    const DELTA: Felt = sbox::DELTA;
57
58    fn exp_by_inv_alpha(x: Felt) -> Felt {
59        sbox::exp_by_inv_alpha(&x)
60    }
61}
62
63#[cfg(test)]
64mod tests {
65    use super::*;
66
67    #[test]
68    fn test_sbox() {
69        // Generated from https://github.com/anemoi-hash/anemoi-hash/
70        let mut input = [
71            [Felt::zero(), Felt::zero()],
72            [Felt::one(), Felt::one()],
73            [Felt::zero(), Felt::one()],
74            [Felt::one(), Felt::zero()],
75            [
76                MontFp!(
77                    "10403685622187338496676844159192081731060984895047267868970314023677138575474"
78                ),
79                MontFp!(
80                    "26692143025703589755822959174689724204213429494558130968834356051832228783321"
81                ),
82            ],
83            [
84                MontFp!(
85                    "11083269342651266673921643458883891120042506350625929791622832610969208196607"
86                ),
87                MontFp!(
88                    "1953573848928623793843704414666375386174461809928685924317395735306133465181"
89                ),
90            ],
91            [
92                MontFp!(
93                    "15301123091319757024370296695504172236894218806603968176307001943856977747722"
94                ),
95                MontFp!(
96                    "18494761567018646279105628665220627411445922785270663034324810380054915599812"
97                ),
98            ],
99            [
100                MontFp!(
101                    "11016756002634006512514914914257673803148200338799253823972231973739990986302"
102                ),
103                MontFp!(
104                    "6587924741283998615064635959232428707221544326700215326966307885941351335897"
105                ),
106            ],
107            [
108                MontFp!(
109                    "1989621086890026999537167291360304582470029001443043660249560541178644694627"
110                ),
111                MontFp!(
112                    "2201628511959366116857902819637154838057028847501245429346761337311313529725"
113                ),
114            ],
115            [
116                MontFp!(
117                    "17001537352177538606843893918074436419403991546928777655566016185819020620076"
118                ),
119                MontFp!(
120                    "21769394458064296524596890686754956680992668837455600264453508465453114300499"
121                ),
122            ],
123        ];
124
125        let output = [
126            [
127                MontFp!(
128                    "11579208923731619542357098500868790785345222592776658951871897099357345179239"
129                ),
130                Felt::zero(),
131            ],
132            [
133                MontFp!(
134                    "13565375592455225805458964934459476225912655788084948267498268443578124721632"
135                ),
136                MontFp!(
137                    "9688406656496048098325282220348971925838074278218514686842913989361614061362"
138                ),
139            ],
140            [
141                MontFp!(
142                    "2367797382831619836622158180640631392193461256316785256748737102603438284997"
143                ),
144                MontFp!(
145                    "22890698294176523999447614696141668677027690702028879487883356180097137464994"
146                ),
147            ],
148            [
149                MontFp!(
150                    "11579208923731619542357098500868790785345222592776658951871897099357345179245"
151                ),
152                MontFp!(
153                    "28948022309329048855892746252171976963363056481941647379679742748393362948096"
154                ),
155            ],
156            [
157                MontFp!(
158                    "7229165017443906767622585884374304684130765951831734347430899601571384172106"
159                ),
160                MontFp!(
161                    "17186571240634805451677777319828211309724314161534779729178855075911507518178"
162                ),
163            ],
164            [
165                MontFp!(
166                    "22094751406364599327979467485502691604741323090648163195126472214015255051094"
167                ),
168                MontFp!(
169                    "24672861152559669484078819529785630354683262341488703570100793223767652751073"
170                ),
171            ],
172            [
173                MontFp!(
174                    "18153986297592575843739235907025865820788018110394974879950689484566885917283"
175                ),
176                MontFp!(
177                    "8761887547072102502715179527981546024180136743223516992337525037544415823723"
178                ),
179            ],
180            [
181                MontFp!(
182                    "6504823060778863709590368534937957138596774245307615204135830506019587424463"
183                ),
184                MontFp!(
185                    "17360335234679575475171190819808925556523201605131000602748421173274342922620"
186                ),
187            ],
188            [
189                MontFp!(
190                    "2861027999303393362309602332662059778984051102542167942577428341133728259315"
191                ),
192                MontFp!(
193                    "7633524261411210393878411081927866791992057233891693448302180714099458275436"
194                ),
195            ],
196            [
197                MontFp!(
198                    "24047861915305283538782525601995635272644343236727145730243967615034082789254"
199                ),
200                MontFp!(
201                    "13139339885763663718126681299471742859020269584204894915009934034197139502359"
202                ),
203            ],
204        ];
205
206        for i in input.iter_mut() {
207            AnemoiVesta_2_1::sbox_layer(i);
208        }
209
210        for (&i, o) in input.iter().zip(output) {
211            assert_eq!(i, o);
212        }
213    }
214}
anemoi/vesta/anemoi_2_1/mod.rs

anemoi/vesta/anemoi_2_1/
mod.rs
