Module ivc::poseidon_55_0_7_3_7
source · Expand description
Poseidon hash function with 55 full rounds, 0 partial rounds, sbox 7, a state of 3 elements and constraints of degree 7
Modules
- The column layout will be as follow, supposing a state size of 3 elements: | C1 | C2 | C3 | C4 | C5 | C6 | … | C_(k) | C_(k + 1) | C_(k + 2) | |— |––|––|—–|—–|—–|—–|—––|———–|———–| | x | y | z | x’ | y’ | z’ | … | x’’ | y’’ | z’’ | | MDS \circ SBOX | | MDS \circ SBOX | |—————–| |—————————––| where (x’, y’, z’) = MDS(x^7, y^7, z^7), i.e. the result of the linear layer We will have, for N full rounds:
- Implement an interpreter for a specific instance of the Poseidon inner permutation. The Poseidon construction is defined in the paper “Poseidon: A New Hash Function”. The Poseidon instance works on a state of size
STATE_SIZEand is designed to work only with full rounds. As a reminder, the Poseidon permutation is a mapping fromF^STATE_SIZEtoF^STATE_SIZE. The user is responsible to provide the correct number of full rounds for the given field and the state. Also, it is hard-coded that the substitution is7. The user must verify that7is coprime withp - 1wherepis the order the field. The constants and matrix can be generated the fileposeidon/src/pasta/params.sage