poseidon_mds_matrix.hpp
Go to the documentation of this file.
1 //---------------------------------------------------------------------------//
2 // Copyright (c) 2020 Ilias Khairullin <ilias@nil.foundation>
3 // Copyright (c) 2020 Mikhail Komarov <nemo@nil.foundation>
4 //
5 // Distributed under the Boost Software License, Version 1.0
6 // See accompanying file LICENSE_1_0.txt or copy at
7 // http://www.boost.org/LICENSE_1_0.txt
8 //---------------------------------------------------------------------------//
9 
10 #ifndef CRYPTO3_HASH_POSEIDON_MDS_MATRIX_HPP
11 #define CRYPTO3_HASH_POSEIDON_MDS_MATRIX_HPP
12 
13 #include <nil/crypto3/algebra/matrix/matrix.hpp>
14 #include <nil/crypto3/algebra/matrix/math.hpp>
15 #include <nil/crypto3/algebra/matrix/operators.hpp>
16 #include <nil/crypto3/algebra/vector/vector.hpp>
17 #include <nil/crypto3/algebra/vector/math.hpp>
18 #include <nil/crypto3/algebra/vector/operators.hpp>
19 
20 #include <nil/crypto3/hash/detail/poseidon/poseidon_policy.hpp>
21 
22 #include <boost/assert.hpp>
23 
24 namespace nil {
25  namespace crypto3 {
26  namespace hashes {
27  namespace detail {
28  template<typename FieldType, std::size_t Arity, std::size_t PartRounds>
29  struct poseidon_mds_matrix {
30  typedef poseidon_policy<FieldType, Arity, PartRounds> policy_type;
31  typedef typename FieldType::value_type element_type;
32 
33  constexpr static const std::size_t state_words = policy_type::state_words;
34  constexpr static const std::size_t half_full_rounds = policy_type::half_full_rounds;
35  constexpr static const std::size_t part_rounds = policy_type::part_rounds;
36 
37  typedef algebra::matrix<element_type, state_words, state_words> mds_matrix_type;
38  typedef algebra::vector<element_type, state_words> state_vector_type;
39  typedef algebra::vector<element_type, state_words - 1> substate_vector_type;
40  typedef algebra::matrix<element_type, state_words - 1, state_words - 1> mds_submatrix_type;
41 
42  inline void product_with_mds_matrix(state_vector_type &A_vector) const {
43  A_vector = algebra::vectmatmul(A_vector, mds_matrix);
44  }
45 
46  constexpr void product_with_inverse_mds_matrix_noalias(const state_vector_type &A_vector_in,
47  state_vector_type &A_vector_out) const {
48  A_vector_out = algebra::vectmatmul(A_vector_in, mds_matrix_inverse);
49  }
50 
51  inline void product_with_equivalent_mds_matrix_init(state_vector_type &A_vector,
52  std::size_t round_number) const {
53  BOOST_ASSERT_MSG(round_number == half_full_rounds,
54  "wrong using: product_with_equivalent_mds_matrix_init");
55  A_vector = algebra::vectmatmul(A_vector, get_M_i());
56  }
57 
58  inline void product_with_equivalent_mds_matrix(state_vector_type &A_vector,
59  std::size_t round_number) const {
60  BOOST_ASSERT_MSG(round_number >= half_full_rounds &&
61  round_number < half_full_rounds + part_rounds,
62  "wrong using: product_with_equivalent_mds_matrix");
63  const std::size_t matrix_number_base = part_rounds - (round_number - half_full_rounds) - 1;
64  const substate_vector_type &v = get_v(matrix_number_base);
65  state_vector_type temp_vector;
66  element_type A_0 = A_vector[0];
67  temp_vector[0] = get_M_0_0();
68  for (std::size_t i = 1; i < state_words; i++) {
69  temp_vector[i] = get_w_hat(matrix_number_base)[i - 1];
70  }
71  A_vector[0] = algebra::dot(A_vector, temp_vector);
72  for (std::size_t i = 1; i < state_words; i++) {
73  A_vector[i] = A_0 * v[i - 1] + A_vector[i];
74  }
75  }
76 
77  // private:
78 #ifdef CRYPTO3_HASH_POSEIDON_COMPILE_TIME
79  constexpr
80 #endif
81  inline mds_matrix_type generate_mds_matrix() {
82  mds_matrix_type new_mds_matrix;
83  for (std::size_t i = 0; i < state_words; i++) {
84  for (std::size_t j = 0; j < state_words; j++) {
85  new_mds_matrix[i][j] = element_type(i + j + state_words).inversed();
86  }
87  }
88  return new_mds_matrix;
89  }
90 
91  struct equivalent_mds_matrix_type {
92  typedef std::array<substate_vector_type, part_rounds> subvectors_array;
93 
94 #ifdef CRYPTO3_HASH_POSEIDON_COMPILE_TIME
95  constexpr
96 #endif
97  equivalent_mds_matrix_type(const mds_matrix_type &mds_matrix) :
98  M_i(algebra::get_identity<element_type, state_words>()), w_hat_list(), v_list(), M_0_0() {
99  mds_matrix_type M_mul(mds_matrix);
100  mds_submatrix_type M_hat_inverse;
101  substate_vector_type M_mul_column_slice;
102 
103  for (std::size_t i = 0; i < part_rounds; i++) {
104  M_hat_inverse =
105  algebra::inverse(algebra::submat<state_words - 1, state_words - 1>(M_mul, 1, 1));
106  w_hat_list[i] = algebra::matvectmul(
107  M_hat_inverse, algebra::slice<state_words - 1>(M_mul.column(0), 1));
108  v_list[i] = algebra::slice<state_words - 1>(M_mul.row(0), 1);
109  for (std::size_t j = 1; j < state_words; j++) {
110  for (std::size_t k = 1; k < state_words; k++) {
111  M_i[j][k] = M_mul[j][k];
112  }
113  }
114  M_mul = algebra::matmul(mds_matrix, M_i);
115  }
116  M_0_0 = mds_matrix[0][0];
117  }
118 
119  mds_matrix_type M_i;
120  subvectors_array w_hat_list;
121  subvectors_array v_list;
122  element_type M_0_0;
123  };
124 
125  inline const substate_vector_type &get_w_hat(std::size_t w_hat_number) const {
126  return equivalent_mds_matrix.w_hat_list[w_hat_number];
127  }
128  inline const substate_vector_type &get_v(std::size_t v_number) const {
129  return equivalent_mds_matrix.v_list[v_number];
130  }
131  inline const element_type &get_M_0_0() const {
132  return equivalent_mds_matrix.M_0_0;
133  }
134  inline const mds_matrix_type &get_M_i() const {
135  return equivalent_mds_matrix.M_i;
136  }
137 
138 #ifdef CRYPTO3_HASH_POSEIDON_COMPILE_TIME
139  constexpr
140 #endif
141  poseidon_mds_matrix() :
142  mds_matrix(generate_mds_matrix()), mds_matrix_inverse(algebra::inverse(mds_matrix)),
143  equivalent_mds_matrix(mds_matrix) {
144  }
145 
146  mds_matrix_type mds_matrix;
147  mds_matrix_type mds_matrix_inverse;
148  equivalent_mds_matrix_type equivalent_mds_matrix;
149  };
150  } // namespace detail
151  } // namespace hashes
152  } // namespace crypto3
153 } // namespace nil
154 
155 #endif // CRYPTO3_HASH_POSEIDON_MDS_MATRIX_HPP
nil::crypto3::algebra::inverse
constexpr matrix< T, M, M > inverse(const matrix< T, M, M > &m)
computes the matrix inverse
Definition: algebra/include/nil/crypto3/algebra/matrix/math.hpp:312
nil::crypto3::algebra::matmul
constexpr matrix< T, M, P > matmul(const matrix< T, M, N > &a, const matrix< T, N, P > &b)
computes the matrix product
Definition: algebra/include/nil/crypto3/algebra/matrix/math.hpp:118
nil::crypto3::algebra::get_identity
constexpr matrix< T, N, N > get_identity()
Definition: matrix/utility.hpp:116
nil::crypto3::algebra::matvectmul
constexpr vector< T, M > matvectmul(const matrix< T, M, N > &m, const vector< T, N > &v)
computes the product of matrix and vector
Definition: algebra/include/nil/crypto3/algebra/matrix/math.hpp:140
nil::crypto3::algebra::vectmatmul
constexpr vector< T, N > vectmatmul(const vector< T, M > &v, const matrix< T, M, N > &m)
computes the product of vector and matrix
Definition: algebra/include/nil/crypto3/algebra/matrix/math.hpp:129
nil::crypto3::algebra::dot
constexpr T dot(const vector< T, N > &a, const vector< T, N > &b)
computes the dot product
Definition: algebra/include/nil/crypto3/algebra/vector/math.hpp:110
nil::crypto3::algebra::slice
constexpr vector< T, M > slice(vector< T, N > v, std::size_t start=0)
slices a vector into a subvector
Definition: vector/utility.hpp:170
nil
Definition: pair.hpp:31
poseidon_policy.hpp
nil::crypto3::algebra::matrix::column
constexpr vector< T, N > column(std::size_t i) const
access specified column
Definition: matrix.hpp:82
nil::crypto3::algebra::matrix::row
constexpr vector< T, M > row(std::size_t i) const
access specified row
Definition: matrix.hpp:70
nil::crypto3::algebra::vector
A container representing a vector.
Definition: vector.hpp:50
nil::crypto3::hashes::detail::poseidon_mds_matrix::equivalent_mds_matrix_type
Definition: poseidon_mds_matrix.hpp:91
nil::crypto3::hashes::detail::poseidon_mds_matrix::equivalent_mds_matrix_type::M_i
mds_matrix_type M_i
Definition: poseidon_mds_matrix.hpp:119
nil::crypto3::hashes::detail::poseidon_mds_matrix::equivalent_mds_matrix_type::equivalent_mds_matrix_type
equivalent_mds_matrix_type(const mds_matrix_type &mds_matrix)
Definition: poseidon_mds_matrix.hpp:97
nil::crypto3::hashes::detail::poseidon_mds_matrix::equivalent_mds_matrix_type::subvectors_array
std::array< substate_vector_type, part_rounds > subvectors_array
Definition: poseidon_mds_matrix.hpp:92
nil::crypto3::hashes::detail::poseidon_mds_matrix::equivalent_mds_matrix_type::w_hat_list
subvectors_array w_hat_list
Definition: poseidon_mds_matrix.hpp:120
nil::crypto3::hashes::detail::poseidon_mds_matrix::equivalent_mds_matrix_type::v_list
subvectors_array v_list
Definition: poseidon_mds_matrix.hpp:121
nil::crypto3::hashes::detail::poseidon_mds_matrix::equivalent_mds_matrix_type::M_0_0
element_type M_0_0
Definition: poseidon_mds_matrix.hpp:122
nil::crypto3::hashes::detail::poseidon_mds_matrix
Definition: poseidon_mds_matrix.hpp:29
nil::crypto3::hashes::detail::poseidon_mds_matrix::substate_vector_type
algebra::vector< element_type, state_words - 1 > substate_vector_type
Definition: poseidon_mds_matrix.hpp:39
nil::crypto3::hashes::detail::poseidon_mds_matrix::product_with_mds_matrix
void product_with_mds_matrix(state_vector_type &A_vector) const
Definition: poseidon_mds_matrix.hpp:42
nil::crypto3::hashes::detail::poseidon_mds_matrix::product_with_equivalent_mds_matrix_init
void product_with_equivalent_mds_matrix_init(state_vector_type &A_vector, std::size_t round_number) const
Definition: poseidon_mds_matrix.hpp:51
nil::crypto3::hashes::detail::poseidon_mds_matrix::get_M_i
const mds_matrix_type & get_M_i() const
Definition: poseidon_mds_matrix.hpp:134
nil::crypto3::hashes::detail::poseidon_mds_matrix::mds_submatrix_type
algebra::matrix< element_type, state_words - 1, state_words - 1 > mds_submatrix_type
Definition: poseidon_mds_matrix.hpp:40
nil::crypto3::hashes::detail::poseidon_mds_matrix::equivalent_mds_matrix
equivalent_mds_matrix_type equivalent_mds_matrix
Definition: poseidon_mds_matrix.hpp:148
nil::crypto3::hashes::detail::poseidon_mds_matrix::mds_matrix_type
algebra::matrix< element_type, state_words, state_words > mds_matrix_type
Definition: poseidon_mds_matrix.hpp:37
nil::crypto3::hashes::detail::poseidon_mds_matrix::mds_matrix_inverse
mds_matrix_type mds_matrix_inverse
Definition: poseidon_mds_matrix.hpp:147
nil::crypto3::hashes::detail::poseidon_mds_matrix::mds_matrix
mds_matrix_type mds_matrix
Definition: poseidon_mds_matrix.hpp:146
nil::crypto3::hashes::detail::poseidon_mds_matrix::policy_type
poseidon_policy< FieldType, Arity, PartRounds > policy_type
Definition: poseidon_mds_matrix.hpp:30
nil::crypto3::hashes::detail::poseidon_mds_matrix::generate_mds_matrix
mds_matrix_type generate_mds_matrix()
Definition: poseidon_mds_matrix.hpp:81
nil::crypto3::hashes::detail::poseidon_mds_matrix::half_full_rounds
constexpr static const std::size_t half_full_rounds
Definition: poseidon_mds_matrix.hpp:34
nil::crypto3::hashes::detail::poseidon_mds_matrix::poseidon_mds_matrix
poseidon_mds_matrix()
Definition: poseidon_mds_matrix.hpp:141
nil::crypto3::hashes::detail::poseidon_mds_matrix::get_v
const substate_vector_type & get_v(std::size_t v_number) const
Definition: poseidon_mds_matrix.hpp:128
nil::crypto3::hashes::detail::poseidon_mds_matrix::product_with_inverse_mds_matrix_noalias
constexpr void product_with_inverse_mds_matrix_noalias(const state_vector_type &A_vector_in, state_vector_type &A_vector_out) const
Definition: poseidon_mds_matrix.hpp:46
nil::crypto3::hashes::detail::poseidon_mds_matrix::part_rounds
constexpr static const std::size_t part_rounds
Definition: poseidon_mds_matrix.hpp:35
nil::crypto3::hashes::detail::poseidon_mds_matrix::state_vector_type
algebra::vector< element_type, state_words > state_vector_type
Definition: poseidon_mds_matrix.hpp:38
nil::crypto3::hashes::detail::poseidon_mds_matrix::product_with_equivalent_mds_matrix
void product_with_equivalent_mds_matrix(state_vector_type &A_vector, std::size_t round_number) const
Definition: poseidon_mds_matrix.hpp:58
nil::crypto3::hashes::detail::poseidon_mds_matrix::get_w_hat
const substate_vector_type & get_w_hat(std::size_t w_hat_number) const
Definition: poseidon_mds_matrix.hpp:125
nil::crypto3::hashes::detail::poseidon_mds_matrix::state_words
constexpr static const std::size_t state_words
Definition: poseidon_mds_matrix.hpp:33
nil::crypto3::hashes::detail::poseidon_mds_matrix::element_type
FieldType::value_type element_type
Definition: poseidon_mds_matrix.hpp:31
nil::crypto3::hashes::detail::poseidon_mds_matrix::get_M_0_0
const element_type & get_M_0_0() const
Definition: poseidon_mds_matrix.hpp:131
nil::crypto3::hashes::detail::poseidon_policy
Definition: poseidon_policy.hpp:65