From 69e73ffa3ebdd064df4181fac39d99a39aba735a Mon Sep 17 00:00:00 2001 From: Otsar <122266060+Otsar-Raikou@users.noreply.github.com> Date: Sun, 16 Jun 2024 11:42:46 +0300 Subject: [PATCH 1/3] Update poseidon.md Fixed image quality --- docs/docs/icicle/primitives/poseidon.md | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/docs/docs/icicle/primitives/poseidon.md b/docs/docs/icicle/primitives/poseidon.md index d3eb72898..3a193691a 100644 --- a/docs/docs/icicle/primitives/poseidon.md +++ b/docs/docs/icicle/primitives/poseidon.md @@ -16,7 +16,9 @@ Poseidon starts with the initialization of its internal state, which is composed This is done to prevent collisions and to prevent certain cryptographic attacks by ensuring that the internal state is sufficiently mixed and unpredictable. -![Alt text](image.png) +![First Board - 1redone](https://github.com/ingonyama-zk/icicle/assets/122266060/52257f5d-6097-47c4-8f17-7b6449b9d162) + + ## Applying full and partial rounds @@ -26,7 +28,8 @@ To generate a secure hash output, the algorithm goes through a series of "full r ### Full rounds -![Alt text](image-1.png) +![First Board - 2redone](https://github.com/ingonyama-zk/icicle/assets/122266060/72b54275-d5c5-4b69-b91a-820eed9990a5) + **Uniform Application of S-box:** In full rounds, the S-box (a non-linear transformation) is applied uniformly to every element of the hash function's internal state. This ensures a high degree of mixing and diffusion, contributing to the hash function's security. The functions S-box involves raising each element of the state to a certain power denoted by `α` a member of the finite field defined by the prime `p`; `α` can be different depending on the implementation and user configuration. @@ -42,7 +45,8 @@ To generate a secure hash output, the algorithm goes through a series of "full r The user of Poseidon can often choose how many partial or full rounds he wishes to apply; more full rounds will increase security but degrade performance. The choice and balance is highly dependent on the use case. -![Alt text](image-2.png) +![First Board - 3redone](https://github.com/ingonyama-zk/icicle/assets/122266060/e8c198b4-7aa4-4b4d-9ec4-604e39e07692) + ## Using Poseidon From 37c22e81e7c4c48a9a4db3f750c4faf071684da3 Mon Sep 17 00:00:00 2001 From: Otsar <122266060+Otsar-Raikou@users.noreply.github.com> Date: Sun, 16 Jun 2024 15:01:12 +0300 Subject: [PATCH 2/3] Update poseidon.md fixed - added arrows --- docs/docs/icicle/primitives/poseidon.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/docs/icicle/primitives/poseidon.md b/docs/docs/icicle/primitives/poseidon.md index 3a193691a..ea974ee22 100644 --- a/docs/docs/icicle/primitives/poseidon.md +++ b/docs/docs/icicle/primitives/poseidon.md @@ -28,7 +28,8 @@ To generate a secure hash output, the algorithm goes through a series of "full r ### Full rounds -![First Board - 2redone](https://github.com/ingonyama-zk/icicle/assets/122266060/72b54275-d5c5-4b69-b91a-820eed9990a5) +![First Board - 2redone](https://github.com/ingonyama-zk/icicle/assets/122266060/e4ce0e98-b90b-4261-b83e-3cd8cce069cb) + **Uniform Application of S-box:** In full rounds, the S-box (a non-linear transformation) is applied uniformly to every element of the hash function's internal state. This ensures a high degree of mixing and diffusion, contributing to the hash function's security. The functions S-box involves raising each element of the state to a certain power denoted by `α` a member of the finite field defined by the prime `p`; `α` can be different depending on the implementation and user configuration. From 3e551762c09b9f940a2f1ec6fcf93008dae7dd00 Mon Sep 17 00:00:00 2001 From: Jeremy Felder Date: Sun, 16 Jun 2024 18:35:42 +0300 Subject: [PATCH 3/3] Updated alt text for images and fixed broken link --- docs/docs/icicle/primitives/poseidon.md | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) diff --git a/docs/docs/icicle/primitives/poseidon.md b/docs/docs/icicle/primitives/poseidon.md index ea974ee22..f434bdc91 100644 --- a/docs/docs/icicle/primitives/poseidon.md +++ b/docs/docs/icicle/primitives/poseidon.md @@ -16,9 +16,7 @@ Poseidon starts with the initialization of its internal state, which is composed This is done to prevent collisions and to prevent certain cryptographic attacks by ensuring that the internal state is sufficiently mixed and unpredictable. -![First Board - 1redone](https://github.com/ingonyama-zk/icicle/assets/122266060/52257f5d-6097-47c4-8f17-7b6449b9d162) - - +![Poseidon initialization of internal state added with pre-generated round constants](https://github.com/ingonyama-zk/icicle/assets/122266060/52257f5d-6097-47c4-8f17-7b6449b9d162) ## Applying full and partial rounds @@ -28,9 +26,7 @@ To generate a secure hash output, the algorithm goes through a series of "full r ### Full rounds -![First Board - 2redone](https://github.com/ingonyama-zk/icicle/assets/122266060/e4ce0e98-b90b-4261-b83e-3cd8cce069cb) - - +![Full round iterations consisting of S box operations, adding round constants, and a Full MDS matrix multiplication](https://github.com/ingonyama-zk/icicle/assets/122266060/e4ce0e98-b90b-4261-b83e-3cd8cce069cb) **Uniform Application of S-box:** In full rounds, the S-box (a non-linear transformation) is applied uniformly to every element of the hash function's internal state. This ensures a high degree of mixing and diffusion, contributing to the hash function's security. The functions S-box involves raising each element of the state to a certain power denoted by `α` a member of the finite field defined by the prime `p`; `α` can be different depending on the implementation and user configuration. @@ -40,15 +36,14 @@ To generate a secure hash output, the algorithm goes through a series of "full r ### Partial Rounds +![Partial round iterations consisting of selective S box operation, adding a round constant and performing an MDS multiplication with a sparse matrix](https://github.com/ingonyama-zk/icicle/assets/122266060/e8c198b4-7aa4-4b4d-9ec4-604e39e07692) + **Selective Application of S-Box:** Partial rounds apply the S-box transformation to only one element of the internal state per round, rather than to all elements. This selective application significantly reduces the computational complexity of the hash function without compromising its security. The choice of which element to apply the S-box to can follow a specific pattern or be fixed, depending on the design of the hash function. **Linear Transformation and Round Constants:** A linear transformation is performed and round constants are added. The linear transformation in partial rounds can be designed to be less computationally intensive (this is done by using a sparse matrix) than in full rounds, further optimizing the function's efficiency. The user of Poseidon can often choose how many partial or full rounds he wishes to apply; more full rounds will increase security but degrade performance. The choice and balance is highly dependent on the use case. -![First Board - 3redone](https://github.com/ingonyama-zk/icicle/assets/122266060/e8c198b4-7aa4-4b4d-9ec4-604e39e07692) - - ## Using Poseidon ICICLE Poseidon is implemented for GPU and parallelization is performed for each element of the state rather than for each state. @@ -64,7 +59,7 @@ So for Poseidon of arity 2 and input of size 1024 * 2, we would expect 1024 elem Poseidon is extremely customizable and using different constants will produce different hashes, security levels and performance results. -We support pre-calculated and optimized constants for each of the [supported curves](#supported-curves).The constants can be found [here](https://github.com/ingonyama-zk/icicle/tree/main/icicle/include/poseidon/constants) and are labeled clearly per curve `_poseidon.h`. +We support pre-calculated and optimized constants for each of the [supported curves](../core.md#supported-curves-and-operations).The constants can be found [here](https://github.com/ingonyama-zk/icicle/tree/main/icicle/include/poseidon/constants) and are labeled clearly per curve `_poseidon.h`. If you wish to generate your own constants you can use our python script which can be found [here](https://github.com/ingonyama-zk/icicle/tree/main/icicle/include/poseidon/constants/generate_parameters.py).