p3_poseidon2/
lib.rs

1//! The Poseidon2 permutation.
2//!
3//! This implementation was based upon the following resources:
4//! - `<https://github.com/HorizenLabs/poseidon2/blob/main/plain_implementations/src/poseidon2/poseidon2.rs>`
5//! - `<https://eprint.iacr.org/2023/323.pdf>`
6
7#![no_std]
8
9extern crate alloc;
10
11mod external;
12mod generic;
13mod internal;
14mod round_numbers;
15use alloc::vec::Vec;
16use core::marker::PhantomData;
17
18pub use external::*;
19pub use generic::*;
20pub use internal::*;
21use p3_field::{Algebra, InjectiveMonomial, PrimeField, PrimeField64};
22use p3_symmetric::{CryptographicPermutation, Permutation};
23use rand::Rng;
24use rand::distr::{Distribution, StandardUniform};
25pub use round_numbers::poseidon2_round_numbers_128;
26
27const SUPPORTED_WIDTHS: [usize; 8] = [2, 3, 4, 8, 12, 16, 20, 24];
28
29/// The Poseidon2 permutation.
30#[derive(Clone, Debug)]
31pub struct Poseidon2<F, ExternalPerm, InternalPerm, const WIDTH: usize, const D: u64> {
32    /// The permutations used in External Rounds.
33    external_layer: ExternalPerm,
34
35    /// The permutation used in Internal Rounds.
36    internal_layer: InternalPerm,
37
38    _phantom: PhantomData<F>,
39}
40
41impl<F, ExternalPerm, InternalPerm, const WIDTH: usize, const D: u64>
42    Poseidon2<F, ExternalPerm, InternalPerm, WIDTH, D>
43where
44    F: PrimeField,
45    ExternalPerm: ExternalLayerConstructor<F, WIDTH>,
46    InternalPerm: InternalLayerConstructor<F>,
47{
48    /// Create a new Poseidon2 configuration.
49    /// This internally converts the given constants to the relevant packed versions.
50    pub fn new(
51        external_constants: ExternalLayerConstants<F, WIDTH>,
52        internal_constants: Vec<F>,
53    ) -> Self {
54        assert!(SUPPORTED_WIDTHS.contains(&WIDTH));
55        let external_layer = ExternalPerm::new_from_constants(external_constants);
56        let internal_layer = InternalPerm::new_from_constants(internal_constants);
57
58        Self {
59            external_layer,
60            internal_layer,
61            _phantom: PhantomData,
62        }
63    }
64
65    /// Create a new Poseidon2 configuration with random parameters.
66    pub fn new_from_rng<R: Rng>(rounds_f: usize, rounds_p: usize, rng: &mut R) -> Self
67    where
68        StandardUniform: Distribution<F> + Distribution<[F; WIDTH]>,
69    {
70        let external_constants = ExternalLayerConstants::new_from_rng(rounds_f, rng);
71        let internal_constants = rng.sample_iter(StandardUniform).take(rounds_p).collect();
72
73        Self::new(external_constants, internal_constants)
74    }
75}
76
77impl<F, ExternalPerm, InternalPerm, const WIDTH: usize, const D: u64>
78    Poseidon2<F, ExternalPerm, InternalPerm, WIDTH, D>
79where
80    F: PrimeField64,
81    ExternalPerm: ExternalLayerConstructor<F, WIDTH>,
82    InternalPerm: InternalLayerConstructor<F>,
83{
84    /// Create a new Poseidon2 configuration with 128 bit security and random rounds constants.
85    ///
86    /// # Panics
87    /// This will panic if D and F::ORDER_U64 - 1 are not relatively prime.
88    /// This will panic if the optimal parameters for the given field and width have not been computed.
89    pub fn new_from_rng_128<R: Rng>(rng: &mut R) -> Self
90    where
91        StandardUniform: Distribution<F> + Distribution<[F; WIDTH]>,
92    {
93        let round_numbers = poseidon2_round_numbers_128::<F>(WIDTH, D);
94        let (rounds_f, rounds_p) = round_numbers.unwrap_or_else(|e| panic!("{e}"));
95        Self::new_from_rng(rounds_f, rounds_p, rng)
96    }
97}
98
99impl<F, A, ExternalPerm, InternalPerm, const WIDTH: usize, const D: u64> Permutation<[A; WIDTH]>
100    for Poseidon2<F, ExternalPerm, InternalPerm, WIDTH, D>
101where
102    F: PrimeField + InjectiveMonomial<D>,
103    A: Algebra<F> + Sync + InjectiveMonomial<D>,
104    ExternalPerm: ExternalLayer<A, WIDTH, D>,
105    InternalPerm: InternalLayer<A, WIDTH, D>,
106{
107    fn permute_mut(&self, state: &mut [A; WIDTH]) {
108        self.external_layer.permute_state_initial(state);
109        self.internal_layer.permute_state(state);
110        self.external_layer.permute_state_terminal(state);
111    }
112}
113
114impl<F, A, ExternalPerm, InternalPerm, const WIDTH: usize, const D: u64>
115    CryptographicPermutation<[A; WIDTH]> for Poseidon2<F, ExternalPerm, InternalPerm, WIDTH, D>
116where
117    F: PrimeField + InjectiveMonomial<D>,
118    A: Algebra<F> + Sync + InjectiveMonomial<D>,
119    ExternalPerm: ExternalLayer<A, WIDTH, D>,
120    InternalPerm: InternalLayer<A, WIDTH, D>,
121{
122}
p3_poseidon2/lib.rs

p3_poseidon2/
lib.rs
