Skip to content

Commit

Permalink
exposing parse
Browse files Browse the repository at this point in the history
  • Loading branch information
mbbarbosa-lectures committed May 21, 2024
1 parent 2ddd4f9 commit f9afa4d
Showing 1 changed file with 19 additions and 1 deletion.
20 changes: 19 additions & 1 deletion proof/correctness/avx2/MLKEM_genmatrix_avx2.ec
Original file line number Diff line number Diff line change
Expand Up @@ -78,10 +78,29 @@ phoare nttunpack_corr a :
[ Jkem_avx2.M(Jkem_avx2.Syscall)._nttunpack : arg = a ==> res = nttunpack a] = 1%r.
admitted. (* proved in indcpa *)

timeout 1.

lemma sampleA_pos r c _sd b:
0 <= r < 3 =>
0 <= c < 3 =>
subarray256
(subarray768
(unlift_matrix (if b then sampleA _sd else sampleA _sd)) r) c =
unlift_poly ((if b then sampleA _sd else sampleA _sd).[r,c])%PolyMat.
admitted.

phoare sample_last _rho :
[ Jkem_avx2.M(Jkem_avx2.Syscall).__gen_matrix_sample_one_polynomial :
rho = _rho /\ rc = W16.of_int (2*256+2) ==>
res.`1 = subarray256 (subarray768 (unlift_matrix (sampleA _rho)) 2) 2 ] = 1%r.
have -> : subarray256 (subarray768 (unlift_matrix (sampleA _rho)) 2) 2 = unlift_poly (parse (SHAKE128_ABSORB_34 _rho ((of_int 2))%W8 ((W8.of_int 2)))).`1.
+ have //= -> := sampleA_pos 2 2 _rho false _ _ => //.
by rewrite /sampleA /=;congr; rewrite setmE getmE /= offunmE /#.
proc => /=.
do 3!(unroll ^while).
rcondt ^if;1: by wp;call(:true) => //.
rcondt ^if;1: by do 3!(wp;call(:true) => //).
rcondt ^if;1: by do 5!(wp;call(:true) => //).
admitted.

op subarray1024 ['a] (x : 'a Array2304.t) (i : int) : 'a Array1024.t =
Expand All @@ -95,7 +114,6 @@ lemma sample_four _sd _rc b :
res.`1 = subarray1024 (unlift_matrix (if b then trmx (sampleA _sd) else (sampleA _sd))) (_rc %% 3) ] = 1%r.
admitted.
timeout 1.
phoare _gen_matrix_avx2_sem _sd b :
[ Jkem_avx2.M(Jkem_avx2.Syscall)._gen_matrix_avx2 : arg.`2 = _sd /\ arg.`3 = W64.of_int (b2i b)
==> res = if b
Expand Down

0 comments on commit f9afa4d

Please sign in to comment.