From 129b72c80e122a22a61f71b5d2b042770890ccee Mon Sep 17 00:00:00 2001 From: Bas Westerbaan Date: Tue, 2 May 2023 15:28:12 +0200 Subject: [PATCH] Decode FORS indices similarly to WOTS As proposed by NIST's David Cooper: https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/88tuvtb7nN4/m/DA1QCoJWBAAJ --- SHA256SUMS | 60 +++++++++++++++++++++++------------------------ ref/fors.c | 2 +- sha2-avx2/fors.c | 2 +- shake-a64/fors.c | 2 +- shake-avx2/fors.c | 2 +- 5 files changed, 34 insertions(+), 34 deletions(-) diff --git a/SHA256SUMS b/SHA256SUMS index e781c990..17470a14 100644 --- a/SHA256SUMS +++ b/SHA256SUMS @@ -1,36 +1,36 @@ -9e1b3168520c917b6de676caa7a5799ec972e55caa150090e8452c80c299545e sphincs-haraka-128f-robust -c6a28dcf0667bd91c7bb46814ac7408c0375727fe5fec7d41332149006d3f9d7 sphincs-haraka-128f-simple -f93f4a554322080545a70f85ce936a12acc2fe928a243e3d13546ffe87872a9e sphincs-haraka-128s-robust -3c9b181d3d96c066039b77e9accd926745fe1ecb010039d3579140b877da6f33 sphincs-haraka-128s-simple +94d5aeae4f0a6fd8c34348eb31c28f7a9c7772cdc3d2a5253990352ca62d7e82 sphincs-haraka-128f-robust +f519180300f52976f698fe88ee2ba365ac44e9c3c3e55e5ddcbe453172659a88 sphincs-haraka-128f-simple +f0bb550713d2618b71d6a44d032bf4ff4c49fee07b210de45806b36f6534c803 sphincs-haraka-128s-robust +530e12a851c6aa159179ef33f15eda277b796184a68606a2c0f4449bc85c9d71 sphincs-haraka-128s-simple 8876bfae8924983db27acfeaee6252d37cea86f05fcc4b16ea2c902d717e6a6e sphincs-haraka-192f-robust df26bd02796f5ad9d6ff412793960e79ec911cbf4521656814895e6ef5a1db83 sphincs-haraka-192f-simple -6cfde6cb5f9ce93eb3f7b0845e1149f661f92000f54e9d340c0bff504920ec7e sphincs-haraka-192s-robust -64037177e1524f2b2d3ea4a79fdaf9352eb39a3aa6e68bc9d3316b7c2b835820 sphincs-haraka-192s-simple -a838509fa6ec49ade2638efc35d9e29fdb56bd9b843d5e1f48210a2cab218332 sphincs-haraka-256f-robust -e1e3258be6b4467bcea81392363f657a58278a5b99fe240f29e388b0fe72f5da sphincs-haraka-256f-simple -b5c5cc535f03789c25c018c009615ac62ba5b64188e4db5e3ede5513e3704dcc sphincs-haraka-256s-robust -9428a566a2c2ee03665fc0eb2dbf208deb1b28716dc8c2d5e7c036a9f83d31da sphincs-haraka-256s-simple -b6c82007bbce794f9fd67de708cd4d959319c744b918ddb28795fd491b713aa9 sphincs-sha2-128f-robust -708f6ab77f8026361e975f7be7b9b5d1cd8aca56e4a3604c85ef3f9fe6618549 sphincs-sha2-128f-simple -f4c2f31082fc8ad15419edc4f24c34a83d909f75eb37ea5ffe53df0fb5ef5306 sphincs-sha2-128s-robust -65942fac8e225fde77dd277d297e68c94c2e25a2a4089f88be4b56fa92b18a84 sphincs-sha2-128s-simple +17fd58941bdb447927b598c94147461183e9ad42c73dd1825ac4199c0459a6f5 sphincs-haraka-192s-robust +014bdfdc5851fa2dc2937e5e39577eecdb9e03024adaaaa1a1e6a734376892b9 sphincs-haraka-192s-simple +82b542a4dabcf67ec65e82b315c64c7b2ed984481bb74d7b1c7bc6839471470c sphincs-haraka-256f-robust +b4f9eee005d054f84e03312beaea6b17d631bb83ae924b0877e07e00bfdfa9dc sphincs-haraka-256f-simple +e4d7f732e90b5159883fbf8c57deeb955710b9bd2e8bbd7aa2cc188895a67e18 sphincs-haraka-256s-robust +e75c2f9ff1503deacd2615e0f93b770b535fed9d5f19d81202f73435c161ad5a sphincs-haraka-256s-simple +2ae5fdc1e6ee40092775d13826d80308c05c57a691f9bb249f0b5512897a9eed sphincs-sha2-128f-robust +664a19493058178ad7ebb65037183e69e79b1e27668142f6ce684db304aff59a sphincs-sha2-128f-simple +92e1b8cf5fd006e489f6017a58660688b03d4500bd7c21fc0b88c5038699d4ca sphincs-sha2-128s-robust +b6197cc0b46b980560f9ed1f2d8610f7fa90f61089e76605718adf2f0ec93bc4 sphincs-sha2-128s-simple b8e617db2099e617dfc372ff732eead88872aea791e2fe82628568d75dd03c78 sphincs-sha2-192f-robust 84b1a342683bcad658efb6c65f7367c6b30623e74e3a24c2238d19eaf74722ab sphincs-sha2-192f-simple -50c4b94dc788446077b48af1d8fa0170dc2114b4cb72a19f1d8c7628f9dadfd6 sphincs-sha2-192s-robust -13efa67b9297afa051b9b30e2686266350c8b4000caa49aa432516e2a86d0b68 sphincs-sha2-192s-simple -dc3330f8f19c816f45ee9a1127bf2b8a8c900e05df9a964bb760f0adf8f9b1b3 sphincs-sha2-256f-robust -46e286dc1a20012789c1bf4793a8eb2043dd0c11df729fa36d9f96b0aeffdac6 sphincs-sha2-256f-simple -1f42b407e1e351861ba23e520b1974f399e349fcb66c614d727a38fb4e646634 sphincs-sha2-256s-robust -c816ca365a667e4d6564a95ac576bc9d7be0de7e66eff93e6f05dd4f134a183f sphincs-sha2-256s-simple -4be71430814589ce7c861030c7cdce0aa73f75885b693b41fdb7c34d8f32fa79 sphincs-shake-128f-robust -5167df2ce46f33b76ccf0688f7769217d91878bd7d9b431080a3032eba51da10 sphincs-shake-128f-simple -fbe6c99d6ccc42fc9af5babbac532f28288d4164b182515dffeb1cd47f351d12 sphincs-shake-128s-robust -e7d5caee1941be99b6dfe46a95fc4535a34792f429e61d1cdc7fd3bbafe9ff02 sphincs-shake-128s-simple +c0d8a1e0cdd7b6bb3a2a31e85ec3f26b74dfe9649a03f7b6c1b0bddbed9ff572 sphincs-sha2-192s-robust +622ab48aa8a77ea3a1a3f07ffcfae2d75311a789a9d7d858792f479ee5b3bec4 sphincs-sha2-192s-simple +d87bc5c2cde3968ee41610db677ef9ba11d48d0fc58069a39802c8f33ff4bc81 sphincs-sha2-256f-robust +9f648631e4a1aee1ee5e68800b6274418af81b56d8524841c6f28cc61f4ba02a sphincs-sha2-256f-simple +ce151a44a297b15079d1f8afd2dc10f49eaa2403ee1ac3434ec4615209d31086 sphincs-sha2-256s-robust +3cf8b72c3f7756e01fab3e634380f8f06f75f898dedc804884b3fee1652eacfe sphincs-sha2-256s-simple +6aeb3beaecbd2a7b3b6a19c94fddd8bfbb948df7b2b4743609b121a6b4fadb7d sphincs-shake-128f-robust +38e281107864e07ab78cfe6c9cbbb1c037a739dd5fee5d4f5a162cde8a3a0666 sphincs-shake-128f-simple +f5e3a6c6abb64f7608ccd8aba83cd778f371fe227799700130dc507dbf3e6bb6 sphincs-shake-128s-robust +3cce989c0b95c7005d5874adb62c4db35851f49d83aa1bf4ae05b5519d1d729a sphincs-shake-128s-simple 243d0e25de08fea547b0beae5f778a48bd55e56066435f9cdb9afc60a722699e sphincs-shake-192f-robust f204fd1cd5dce187441d104ae7159b64322b6a4afae708d48dc9966fe418ec4e sphincs-shake-192f-simple -cb13eaa2b1c074f53c87f1025e6bb1b356ad8de3bea9388b90a058a6460766bb sphincs-shake-192s-robust -4cc01c4a562d738ac54f5abfead35ecc4f46a1e2531fa12b4bc2819f4560c351 sphincs-shake-192s-simple -5a736aeba47f8d84e3ca47126715affcb4ce6cef13e3c9f6af220827973aa383 sphincs-shake-256f-robust -127f7ab83c740344546fe30777b221e8cb39f30fc4242d07d7608dc31a9835d4 sphincs-shake-256f-simple -4d2ca7d10f2206c3cb9a26c6b00a0361601a1fe2dddf102fbfd6d3dac0be10fe sphincs-shake-256s-robust -4ce4552e2e9b009a9016eb6dbcbefae3da2de151d61e2f392d4b9517eaeab91d sphincs-shake-256s-simple +2200a6cf88601d3ab1490d374fca4681d79db2ad03e4bf7459ba731ed7d77da0 sphincs-shake-192s-robust +1c9119416d0de54c316081e3850333ca1c385ab5625445a3a8e459a6f88a35c4 sphincs-shake-192s-simple +bf50306a3465866d0f77dd8354a1e10765bd21a0e870d0feca7e9983ea9adb9d sphincs-shake-256f-robust +d28c9bf208f0cd88700723b126c8110e3d390299d945beab1f74659fa176ef25 sphincs-shake-256f-simple +86ec3e2fb5a05c7137be8f4e6be833b2c272ba2b3958b048e8a07cd9a284202c sphincs-shake-256s-robust +065a5a0ee07ea3ab950f34f484b355af7e4050ca6f4eb73a6ddc39fe928a5312 sphincs-shake-256s-simple diff --git a/ref/fors.c b/ref/fors.c index e6aa4b43..70eb004f 100644 --- a/ref/fors.c +++ b/ref/fors.c @@ -56,7 +56,7 @@ static void message_to_indices(uint32_t *indices, const unsigned char *m) for (i = 0; i < SPX_FORS_TREES; i++) { indices[i] = 0; for (j = 0; j < SPX_FORS_HEIGHT; j++) { - indices[i] ^= ((m[offset >> 3] >> (offset & 0x7)) & 1u) << j; + indices[i] ^= ((m[offset >> 3] >> (~offset & 0x7)) & 1u) << (SPX_FORS_HEIGHT-1-j); offset++; } } diff --git a/sha2-avx2/fors.c b/sha2-avx2/fors.c index 67ad3228..4f505471 100644 --- a/sha2-avx2/fors.c +++ b/sha2-avx2/fors.c @@ -126,7 +126,7 @@ static void message_to_indices(uint32_t *indices, const unsigned char *m) for (i = 0; i < SPX_FORS_TREES; i++) { indices[i] = 0; for (j = 0; j < SPX_FORS_HEIGHT; j++) { - indices[i] ^= ((m[offset >> 3] >> (offset & 0x7)) & 0x1) << j; + indices[i] ^= ((m[offset >> 3] >> (~offset & 0x7)) & 0x1) << (SPX_FORS_HEIGHT-1-j); offset++; } } diff --git a/shake-a64/fors.c b/shake-a64/fors.c index a19fc7e5..0fcf3d21 100644 --- a/shake-a64/fors.c +++ b/shake-a64/fors.c @@ -91,7 +91,7 @@ static void message_to_indices(uint32_t *indices, const unsigned char *m) for (i = 0; i < SPX_FORS_TREES; i++) { indices[i] = 0; for (j = 0; j < SPX_FORS_HEIGHT; j++) { - indices[i] ^= ((m[offset >> 3] >> (offset & 0x7)) & 0x1) << j; + indices[i] ^= ((m[offset >> 3] >> (~offset & 0x7)) & 0x1) << (SPX_FORS_HEIGHT-1-j); offset++; } } diff --git a/shake-avx2/fors.c b/shake-avx2/fors.c index 8b634f4c..1ca46b74 100644 --- a/shake-avx2/fors.c +++ b/shake-avx2/fors.c @@ -102,7 +102,7 @@ static void message_to_indices(uint32_t *indices, const unsigned char *m) for (i = 0; i < SPX_FORS_TREES; i++) { indices[i] = 0; for (j = 0; j < SPX_FORS_HEIGHT; j++) { - indices[i] ^= ((m[offset >> 3] >> (offset & 0x7)) & 0x1) << j; + indices[i] ^= ((m[offset >> 3] >> (~offset & 0x7)) & 0x1) << (SPX_FORS_HEIGHT-1-j); offset++; } }