Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Kupyna: implemented hashing function #621

Open
wants to merge 46 commits into
base: master
Choose a base branch
from

Conversation

AnarchistHoneybun
Copy link

function spec

Scrapped previous PR since it ran into a lot of problems. I'm aware that #601 exists, creating this one to check against the repo's test suite as I iterate on my implementation, and potentially make it the main pr for kupyna if the other one becomes inactive.

Currently the implementation does everything the paper describes (testing leaves a bit to be desired) so step one is to clean up any linter complaints, and then proceed to making it no-std compatible.

@AnarchistHoneybun
Copy link
Author

@newpavlov could you give me some idea on why the tests are failing right now? I don't think I've touched the Cargo.toml let alone the version of digest; checked and it's the same version as that present in some other toml's. Any idea why this could be happening?

kupyna/Cargo.toml Outdated Show resolved Hide resolved
kupyna/Cargo.toml Outdated Show resolved Hide resolved
kupyna/LICENSE Outdated Show resolved Hide resolved
kupyna/README.md Show resolved Hide resolved
kupyna/src/main.rs Outdated Show resolved Hide resolved
kupyna/.gitignore Outdated Show resolved Hide resolved
kupyna/Cargo.toml Outdated Show resolved Hide resolved
@AnarchistHoneybun
Copy link
Author

Might be a bit unrelated but when I try cargo run on my local it gives me this error:

error: failed to select a version for `digest`.
    ... required by package `kupyna v0.1.0 (/home/vrin/kupyna_hashes_contrib/kupyna)`
versions that meet the requirements `=0.11.0-pre.9` are: 0.11.0-pre.9

all possible versions conflict with previously selected packages.

  previously selected package `digest v0.11.0-pre.8`
    ... which satisfies dependency `digest = "=0.11.0-pre.8"` of package `ascon-hash v0.3.0-pre (/home/vrin/kupyna_hashes_contrib/ascon-hash)`

failed to select a version for `digest` which could resolve this conflict

now this worked fine before updating the toml. Post toml update the CI is fine, but the main function is failing. Is this expected behaviour?

@newpavlov
Copy link
Member

Try to rebase your branch to master.

@AnarchistHoneybun
Copy link
Author

I don't have a lot (read any) experience with rebasing, sadly. Could you explain a bit more?

@newpavlov
Copy link
Member

You should be able to rebase to this repos master using something like this (it accounts for the fact that you've forked from a fork):

git remote add upstream [email protected]:RustCrypto/hashes.git
git pull upstream
git checkout main_repo_contrib
git rebase upstream/master
git push --force

Note that I do not guarantee correctness of these commands since I wrote them from memory.

@AnarchistHoneybun
Copy link
Author

rebased and made the hex formatting changes. I was wondering if I should also format the mds and s-box matrices the same way, but i think it'd make me put hex-literal as a proper dependency instead of a dev dependency.
Any particular way you want me to approach this?

@AnarchistHoneybun
Copy link
Author

In the previous PR I was told to remove all heap allocations from the code. This is the code snippet that was flagged:

fn matrix_to_block(matrix: Matrix) -> Vec<u8> {
    let mut block = vec![0u8; ROWS * COLS];

This was when ROWS and COLS were constants, and the hash code length was fixed on 512. This has been made dynamic since, and looks something like this now:

fn matrix_to_block(matrix: Matrix) -> Vec<u8> {
    let rows = matrix.len();
    let cols = matrix[0].len();

    let mut block = vec![0u8; rows * cols];

where the matrix type doesn't have a predefined size. Is there a way to go around the heap allocations in this?

@newpavlov
Copy link
Member

It's probably worth to make the output size a type parameter (i.e. Kupyna<OutputSize: ArraySize>) and calculate ROWS and COLUMNS from it. Alternatively, you could allocate the biggest block size on stack and then slice it to a smaller block, it certainly will be more efficient than using heap allocations.

@AnarchistHoneybun
Copy link
Author

Could you explain the first approach a bit?

@newpavlov
Copy link
Member

newpavlov commented Oct 23, 2024

I took a look at the spec and I think that the best option will be to follow the groestl crate here, i.e. to define two structs KupynaShortVarCore and KupynaLongVarCore implementing the VariableOutputCore trait. You then can define type aliases for Kupyna256, Kupyna384, and Kupyna512 by using the appropriate wrappers. The compress function then can be implemented separately for l equal to 512 and 1024.

@newpavlov newpavlov mentioned this pull request Jan 3, 2025
@newpavlov
Copy link
Member

The CI failure is fixed in #637, so you need to rebase to master in addition to the requested changes.

@AnarchistHoneybun
Copy link
Author

yeah I'll do that asap. bit of an issue with the code where it's failing hashing tests for the smaller state size tests even though it passes all individual tests (padding, blocking, t_xor and t_plus transforms) and it has troubled me to no end. going through the paper again to see what I have got wrong.

@AnarchistHoneybun
Copy link
Author

hello @newpavlov could I get some guidance on how to emulate the padding mechanism of groestl? Like I have all other details ironed out more or less, figured out that aforementioned issue as well, but can't seem to get this

@newpavlov
Copy link
Member

What do you mean by "emulate the padding mechanism of groestl"? IIUC Kupyna uses a slightly different padding scheme (see Section 5 of the paper), i.e. instead of a 64 bit counter it uses 96 bits. You can take a look at how len64_padding_le is implemented in the block-buffer crate and implement the 96 bit padding similarly.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants