Closed jmcrawford45 closed 1 year ago
bwesterb
commented
1 year ago I've been wanting to throw together an implementation of Kyber for a while to learn a bit more about it, and this was the best resource I could find for it
Thank you very much!
bwesterb
commented
1 year ago unique inverse is used.
The link doesn't work for me. I assume you're talking about the definitions of InvNTT, Encode, DecodePoly and DecodeVec? With inverse I mean "inverse map".
So g is an inverse map of f if f(g(x)) = x and g(f(y)) = y for all x in the domain of g and y in the codomain of g.
Concretely InvNTT(NTT(x)) = x, NTT(InvNTT(y)) =y, Encode(Decode(a,w),w)=a, Decode(Encode(b,w),w)=b, etc.
The nice thing is that if a map has an inverse map, then this inverse map is unique. So I do not have to specify it explicitly. Maybe it's better to rephrase this, as this might be quite natural to me with a maths background, but not the intended audience. #32
bwesterb
commented
1 year ago as someone who was interested in both understanding Kyber and understanding a bit more about NTT, I found this section to be informative enough to not be clear on the implementation but not informative enough to leave with a solid understanding of NTT.
I know the section is somewhat dense. A different more gentle introduction can be found here. For you, which parts should I expand upon?
https://github.com/bwesterb/draft-schwabe-cfrg-kyber/pull/31/files#diff-40c79591f62fc77b9dd616aa8487466cdc02c99f9be91bf295cfb7f31d9e4885L315 this bit in particular took much longer to grok than most of the draft, but I don't have any specific recommendations on how to improve it.
The link doesn't work for me. What do you refer to?
https://github.com/bwesterb/draft-schwabe-cfrg-kyber/pull/31/files#diff-40c79591f62fc77b9dd616aa8487466cdc02c99f9be91bf295cfb7f31d9e4885L573 is a minor nit, but there's a blend of different style including UpperCamelCase, LowerCamelCase, and snake_case. If there's no particular reason for the distinction and there's a consensus on the preferred style, let me know and I can update.
I generally use upper camel for functions and lower camel for variables. I don't see snake_case?
Thank you for putting this draft together. I've been wanting to throw together an implementation of Kyber for a while to learn a bit more about it, and this was the best resource I could find for it. I'll also drop some comments on areas that were a bit tougher to grok to see if there are any additional recommended changes I should fold in.