Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

F compression function implementation for Blake2b #1

Merged
merged 10 commits into from
Jun 18, 2019
Merged

F compression function implementation for Blake2b #1

merged 10 commits into from
Jun 18, 2019

Conversation

pdyraga
Copy link
Member

@pdyraga pdyraga commented Jun 7, 2019
edited
Loading

Closes: #1

F is a compression function for Blake2. It takes as an argument the
state vector h, message block vector mb, offset counter t,
final block indicator flag f, and the number of rounds rounds to execute.
The state vector is modified in-place by the function.

The code has been borrowed from golang/crypto/blake2b and adjusted so
that this function can be safely exposed as public. Parameters have
been also adjusted to match those in RFC 7693

Test vectors were generated from those in golang/crypto/blake2b

@pdyraga
F compression function implementation for Blake2
ab3b95d 
F is a compression function for Blake2. It takes as an argument the
state vector h, message block vector blocks, 2-bit offset counter t,
final block indicator flag f, and the number of rounds to execute.
The state vector is modified in-place by the function. Number of rounds
can be anything from 0 to 12 (inclusive).

The code has been borrowed from golang/crypto/blake2b and adjusted so
that it can support any number of rounds between 0-12. Parameters have
been also adjusted to match those in RFC 7693

https://tools.ietf.org/html/rfc7693

Test vectors were generated from those in golang/crypto/blake2b.
The current test coverage is certainly not enough and we'll add some
additional test vectors in the future.
pdyraga
pdyraga commented Jun 7, 2019
View reviewed changes
f.go Outdated Show resolved Hide resolved
pdyraga
pdyraga commented Jun 7, 2019
View reviewed changes
f_test.go Outdated Show resolved Hide resolved
pdyraga
pdyraga commented Jun 7, 2019
View reviewed changes
f.go Show resolved Hide resolved
@mhluongo
Copy link
Member

mhluongo commented Jun 8, 2019
edited
Loading

The Zcash team has confirmed we're good on rounds and blocksize. I gave a shot at generating test vectors with pyblake2 but it doesn't expose F - maybe we should pull in the rest of the blake2 implementation and generate test vectors for that? If a robust blake2 suite works we can be fairly confident in F

@pdyraga
Added a bunch of F compression function test vectors
e0745b7 
Those test vectors were generated from golang.org/x/crypto/blake2b test
hashes in the testHashashes function before and after each F execution.
@pdyraga
Added information about KEEP SEZC modifications
0134bbd
mhluongo
mhluongo reviewed Jun 18, 2019
View reviewed changes
Copy link
Member

@mhluongo mhluongo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Interested in your thoughts on raising the round limit to make this more general @pdyraga

f.go Outdated Show resolved Hide resolved
@mhluongo
Copy link
Member

Looks like this will close #1 and #3 as well

@pdyraga
Allow for an arbitrary number of F compression rounds
b0f0b7c
@pdyraga
Accept last block flag f as boolean
68945c3 
Just like in the original RFC
(https://tools.ietf.org/html/rfc7693#section-3.2), f parameter is now
represented as boolean. If it is enabled, bits are inverted.
@pdyraga
Additional test vectors generated from TestHashes2X
02c450c 
We use test vectors generated from test functions in
golang.org/x/crypto/blake2b. Each unique call to hashBlocks has been
transformed into a test vector.

Here, we add test vectors from TestHashes2X test function.
We also moved test vectors generated from TestHashes test function into
a separate file so that test vectors generated from individual test
functions are stored separately.
@pdyraga
Fixed iterator bug - we should iterate over blocks, not by rounds
209d276 
I mistakenly changed it in one of the previous commits - fixing it now.
@pdyraga
Introduced testVector struct and simplified test cases
475f5b8 
Extracted common test code to a separate function.
@pdyraga
Ensure message block vector length is as expected
ccb7282 
Message block vector length has to match block size (128) so that we
don't blow up when evaluating m vector later. In the original
implementation, F was an internal function and other public functions
calling it were making sure the correct vector is passed. Here, after
making F public, we need to carve this requirement in the interface.
@pdyraga pdyraga changed the title F compression function implementation for Blake2 F compression function implementation for Blake2b Jun 18, 2019
@pdyraga
Copy link
Member Author

pdyraga commented Jun 18, 2019

@mhluongo All comments addressed, I am happy with what's here. It's ready for your review 👀.

@pdyraga
Copy link
Member Author

pdyraga commented Jun 18, 2019

#3 will be covered in go-ethereum PR - each contract has benchmarks there.

mhluongo
mhluongo reviewed Jun 18, 2019
View reviewed changes
f.go
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
//
// Modified by KEEP SEZC to expose F compression function.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Going to touch this up after this PR

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, I had no idea what to put here. Worth double-checking if we do not have to alter LICENSE as well.

mhluongo
mhluongo approved these changes Jun 18, 2019
View reviewed changes
Copy link
Member

@mhluongo mhluongo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚀 🚀 🚀

@mhluongo mhluongo merged commit 9cf6195 into master Jun 18, 2019
@pdyraga
Copy link
Member Author

pdyraga commented Jun 18, 2019

🎉

@mhluongo mhluongo mentioned this pull request Jun 19, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mhluongo mhluongo mhluongo approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@pdyraga @mhluongo