Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

impl multiplication for polyval #55

Merged
merged 23 commits into from
Sep 13, 2024
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
23 commits
Select commit Hold shift + click to select a range
3698750
impl bmul multiplication subroutine
thor314 Aug 20, 2024
0c4fd52
impl gfmul (mostly)
thor314 Aug 21, 2024
b706432
implement rest of mul
thor314 Sep 4, 2024
e9e4495
notes on rev64 added, renamed mul64 -> wrappingMul64 for clarity
thor314 Sep 5, 2024
b839880
wrapping mul partial impl 1 - testing in progress
thor314 Sep 5, 2024
02a1830
wrapping mul tests correctly running, not passing
thor314 Sep 5, 2024
8980c89
rm component
thor314 Sep 9, 2024
bed8b7a
debug wrapping mul - pause - tests for wrapping mul failing
thor314 Sep 9, 2024
09a7674
impl LE wrapping mul, tests pass
thor314 Sep 11, 2024
ec817c8
parse int le/be
thor314 Sep 12, 2024
35549ee
Switched suite name from Wrapping_LE to Wrapping_BE
KaiGeffen Sep 12, 2024
c6e57c5
Merge https://github.com/pluto/aes-proof into impl-polymul
KaiGeffen Sep 12, 2024
8a18505
wrapping mul moved
thor314 Sep 12, 2024
0176062
Merge branch 'impl-polymul' of https://github.com/pluto/aes-proof int…
KaiGeffen Sep 12, 2024
dcc42ae
Removed unused test impl / resolved test todos
KaiGeffen Sep 12, 2024
0fb4b23
Added wrap_mul test, fixed minor scope smell
KaiGeffen Sep 12, 2024
177658b
tests written for bmul
thor314 Sep 12, 2024
f8fe80b
bugfix: indexing error in BMUL
thor314 Sep 13, 2024
42fe433
tests for gfmul
thor314 Sep 13, 2024
3046074
annotate gfmul empty bits issue
thor314 Sep 13, 2024
a37608c
gfmul debugged
thor314 Sep 13, 2024
c585377
adjusted expected values in gfmul tests; circomkit still only capturi…
thor314 Sep 13, 2024
b11e9be
gfmul tests fixed
thor314 Sep 13, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions circuits/aes-gcm/component
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this file needed?

Original file line number Diff line number Diff line change
@@ -0,0 +1 @@

53 changes: 48 additions & 5 deletions circuits/aes-gcm/gfmul.circom
Original file line number Diff line number Diff line change
Expand Up @@ -139,12 +139,55 @@ template MUL() {
signal _v1[64];
signal _v3[64];
signal __v2[64];
component XorMultiples_v[4];
component LeftShifts_v[6];
component RightShifts_v[6];
component RS_v[6];
component LS_v[6];

out <== [__v2, _v3];
component XorMultiples_R[2];
component XorMultiples_L[2];
for (var i=0; i<2; i++) {
XorMultiples_R[i] = XorMultiple(5, 64);
XorMultiples_L[i] = XorMultiple(4, 64);
}

RS_v[0] = BitwiseRightShift(64, 1);
RS_v[0].in <== v[0];
RS_v[1] = BitwiseRightShift(64, 2);
RS_v[1].in <== v[0];
RS_v[2] = BitwiseRightShift(64, 7);
RS_v[2].in <== v[0];

LS_v[0] = BitwiseLeftShift(64, 63);
LS_v[0].in <== v[0];
LS_v[1] = BitwiseLeftShift(64, 62);
LS_v[1].in <== v[0];
LS_v[2] = BitwiseLeftShift(64, 57);
LS_v[2].in <== v[0];

XorMultiples_R[0].inputs <== [v[2], v[0], RS_v[0].out, RS_v[1].out, RS_v[2].out];
_v2 <== XorMultiples_R[0].out;
XorMultiples_L[0].inputs <== [v[1], LS_v[0].out, LS_v[1].out, LS_v[2].out];
_v1 <== XorMultiples_L[0].out;

RS_v[3] = BitwiseRightShift(64, 1);
RS_v[3].in <== _v1;
RS_v[4] = BitwiseRightShift(64, 2);
RS_v[4].in <== _v1;
RS_v[5] = BitwiseRightShift(64, 7);
RS_v[5].in <== _v1;

LS_v[3] = BitwiseLeftShift(64, 63);
LS_v[3].in <== _v1;
LS_v[4] = BitwiseLeftShift(64, 62);
LS_v[4].in <== _v1;
LS_v[5] = BitwiseLeftShift(64, 57);
LS_v[5].in <== _v1;

XorMultiples_R[1].inputs <== [v[3], _v1, RS_v[3].out, RS_v[4].out, RS_v[5].out];
_v3 <== XorMultiples_R[1].out;
XorMultiples_L[1].inputs <== [_v2, LS_v[0].out, LS_v[1].out, LS_v[2].out];
__v2 <== XorMultiples_L[1].out;

out <== [__v2, _v3];
}

// Multiplication in GF(2)[X], truncated to the low 64-bits, with “holes”
Expand Down Expand Up @@ -228,4 +271,4 @@ template REV64(){
for (var i = 0; i < 64; i++) {
out[i] <== in[63 - i];
}
}
}
2 changes: 1 addition & 1 deletion circuits/aes-gcm/mul.circom
Original file line number Diff line number Diff line change
Expand Up @@ -86,4 +86,4 @@ template Mul()
}
}

}
}