You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Unlike most other native routines which are a drop-in replacement for their C counterparts, native rej_uniform implementations can reject their input, in which case the caller calls back to the C implementation. This leads to a divergence of the frontend C code depending on the backend, which is not ideal:
#if !defined(MLKEM_USE_NATIVE_REJ_UNIFORM)
unsigned intrej_uniform(int16_t*r, unsigned inttarget, unsigned intoffset,
constuint8_t*buf, unsigned intbuflen)
{
returnrej_uniform_scalar(r, target, offset, buf, buflen);
}
#else/* MLKEM_USE_NATIVE_REJ_UNIFORM */unsigned intrej_uniform(int16_t*r, unsigned inttarget, unsigned intoffset,
constuint8_t*buf, unsigned intbuflen)
{
intret;
/* Sample from large buffer with full lane as much as possible. */ret=rej_uniform_native(r+offset, target-offset, buf, buflen);
if (ret!=-1)
returnoffset+ (unsigned)ret;
returnrej_uniform_scalar(r, target, offset, buf, buflen);
}
#endif/* MLKEM_USE_NATIVE_REJ_UNIFORM */
In particular, the CBMC proofs do not cover the fallback logic.
Task: Rewrite rej_uniform() so that the fallback logic is always exercised, but implement rej_uniform_native() as a no-op in case no native implementation is provided. In CBMC, specify rej_uniform_native and conduct the proof of rej_uniform against this spec.
The text was updated successfully, but these errors were encountered:
Unlike most other native routines which are a drop-in replacement for their C counterparts, native
rej_uniform
implementations can reject their input, in which case the caller calls back to the C implementation. This leads to a divergence of the frontend C code depending on the backend, which is not ideal:In particular, the CBMC proofs do not cover the fallback logic.
Task: Rewrite
rej_uniform()
so that the fallback logic is always exercised, but implementrej_uniform_native()
as a no-op in case no native implementation is provided. In CBMC, specifyrej_uniform_native
and conduct the proof ofrej_uniform
against this spec.The text was updated successfully, but these errors were encountered: