Module Permutation.Anemoi

Implementation of the permutation Anemoi and the mode of operation Jive over the scalar field of BLS12-381.

The state of the permutation Anemoi is m, where m is a multiple of 2. It is commonly refered by l such that m = 2l.

module Parameters : sig ... end

Set of parameters for BLS12-381, and parameters for specific instantiations given in the reference paper

type parameters = Parameters.t

Parameters for a specific instance

type ctxt

Context of the permutation

val allocate_ctxt : parameters -> ctxt

allocate_ctxt parameters. Allocate a context for a specific instance of the permutation.

val get_state : ctxt -> Mavryk_bls12_381.Fr.t array

Return the current state of the context

val get_state_size : ctxt -> int

Return the state size of the context

val set_state : ctxt -> Mavryk_bls12_381.Fr.t array -> unit

set_state ctxt state. Set the context state to the given value. The value state must be of the same size than the expecting state

val apply_permutation : ctxt -> unit

Apply a permutation on the current state of the context

val apply_linear_layer : ctxt -> unit

apply_linear_layer ctxt applies the linear layer on the state. The context is modified

val apply_flystel : ctxt -> unit

apply_flystel ctxt applies the Flystel construction on the context. The context is modified

val apply_constants_addition : ctxt -> int -> unit

apply_constants_addition ctxt round applies the constant addition for the round round. The context is modified

val apply_one_round : ctxt -> int -> unit

apply_one_round ctxt round applies the round round on the state. The context is modified

jive128_1 x y calls the permutation Anemoi for l = 1 with the state S = (x, y) and apply Jive on the output. Expected security is 128 bits

jive141_1 x y calls the permutation Anemoi for l = 1 with the state S = (x, y) and apply Jive on the output. Expected security is 141 bits