Use SHAKE-256 to hash FrodoKEM KAT elements

randombit · Oct 5, 2023 · 322b34e · 322b34e
1 parent e930064
commit 322b34e
Show file tree

Hide file tree

Showing 3 changed files with 919 additions and 913 deletions.
diff --git a/src/scripts/dev_tools/gen_frodo_kat.py b/src/scripts/dev_tools/gen_frodo_kat.py
@@ -59,20 +59,20 @@ def read_kats(self):
  yield kat
  kat = {}
 
-def sha3_256(v):
+def shake_256_16(v):
  # v is assumed to be hex
- h = hashlib.sha3_256()
+ h = hashlib.shake_256()
  h.update(binascii.unhexlify(v))
- return h.hexdigest()
+ return h.hexdigest(16)
 
 def compress_kat(kat):
  first = kat['count'] == 0
  del kat['count']
 
  # rename keys
- kat['pk'] = sha3_256(kat.pop('pk'))
- kat['sk'] = sha3_256(kat.pop('sk'))
- kat['ct'] = sha3_256(kat.pop('ct'))
+ kat['pk'] = shake_256_16(kat.pop('pk'))
+ kat['sk'] = shake_256_16(kat.pop('sk'))
+ kat['ct'] = shake_256_16(kat.pop('ct'))
 
  return kat
 
@@ -112,7 +112,7 @@ def main(args = None):
  print("# See src/scripts/dev_tools/gen_frodo_kat.py\n", file=output)
 
  for file in args[1:]:
- mode = map_mode(os.path.basename(os.path.splitext(file)[0]))
+ mode = map_mode(os.path.basename(os.path.splitext(file)[0]), is_ephemeral)
 
  reader = KatReader(open(file))