Skip to content

Commit

Permalink
fix: bug in Falcon secret key basis order (#305)
Browse files Browse the repository at this point in the history
  • Loading branch information
@Al-Kindi-0 @bobbinth
Al-Kindi-0 authored and bobbinth committed Apr 21, 2024
1 parent 2a0ae70 commit bb42388
Show file tree
Hide file tree
Showing 3 changed files with 8 additions and 7 deletions.
3 changes: 2 additions & 1 deletion src/dsa/rpo_falcon512/keys/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,8 @@ mod tests {
// test secret key serialization/deserialization
let mut buffer = vec![];
sk.write_into(&mut buffer);
let sk = SecretKey::read_from_bytes(&buffer).unwrap();
let sk_deserialized = SecretKey::read_from_bytes(&buffer).unwrap();
assert_eq!(sk.short_lattice_basis(), sk_deserialized.short_lattice_basis());

// sign a random message
let message: Word = [ONE; 4];
Expand Down
8 changes: 4 additions & 4 deletions src/dsa/rpo_falcon512/keys/secret_key.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -210,22 +210,22 @@ impl Serializable for SecretKey {
let l = n.checked_ilog2().unwrap() as u8;
let header: u8 = (5 << 4) | l;

let f = &basis[1];
let neg_f = &basis[1];
let g = &basis[0];
let capital_f = &basis[3];
let neg_big_f = &basis[3];

let mut buffer = Vec::with_capacity(1281);
buffer.push(header);

let f_i8: Vec<i8> = f.coefficients.iter().map(|&a| -a as i8).collect();
let f_i8: Vec<i8> = neg_f.coefficients.iter().map(|&a| -a as i8).collect();
let f_i8_encoded = encode_i8(&f_i8, WIDTH_SMALL_POLY_COEFFICIENT).unwrap();
buffer.extend_from_slice(&f_i8_encoded);

let g_i8: Vec<i8> = g.coefficients.iter().map(|&a| a as i8).collect();
let g_i8_encoded = encode_i8(&g_i8, WIDTH_SMALL_POLY_COEFFICIENT).unwrap();
buffer.extend_from_slice(&g_i8_encoded);

let big_f_i8: Vec<i8> = capital_f.coefficients.iter().map(|&a| -a as i8).collect();
let big_f_i8: Vec<i8> = neg_big_f.coefficients.iter().map(|&a| -a as i8).collect();
let big_f_i8_encoded = encode_i8(&big_f_i8, WIDTH_BIG_POLY_COEFFICIENT).unwrap();
buffer.extend_from_slice(&big_f_i8_encoded);
target.write_bytes(&buffer);
Expand Down
4 changes: 2 additions & 2 deletions src/dsa/rpo_falcon512/math/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,10 +96,10 @@ pub(crate) fn ntru_gen<R: Rng>(n: usize, rng: &mut R) -> [Polynomial<i16>; 4] {
ntru_solve(&f.map(|&i| i.into()), &g.map(|&i| i.into()))
{
return [
f,
g,
capital_f.map(|i| i.try_into().unwrap()),
-f,
capital_g.map(|i| i.try_into().unwrap()),
-capital_f.map(|i| i.try_into().unwrap()),
];
}
}
Expand Down

0 comments on commit bb42388

Please sign in to comment.