pqlattice 0.1.2__py3-none-any.whl

pqlattice/integer/_modring.py

@@ -0,0 +1,165 @@
+from typing import overload
+
+from ..typing import Array
+from ._integer import eea
+
+
+@overload
+def mod(a: int, modulus: int) -> int: ...
+
+
+@overload
+def mod(a: Array, modulus: int) -> Array: ...
+
+
+def mod(a: int | Array, modulus: int) -> int | Array:
+    """_summary_
+
+    Parameters
+    ----------
+    a : int | Array
+        _description_
+    modulus : int
+        _description_
+
+    Returns
+    -------
+    int | Array
+        _description_
+    """
+    return a % abs(modulus)
+
+
+@overload
+def cmodl(a: int, modulus: int) -> int: ...
+
+
+@overload
+def cmodl(a: Array, modulus: int) -> Array: ...
+
+
+def cmodl(a: int | Array, modulus: int) -> int | Array:
+    """_summary_
+
+    Parameters
+    ----------
+    a : int | Array
+        _description_
+    modulus : int
+        _description_
+
+    Returns
+    -------
+    int | Array
+        _description_
+    """
+    return mod(a, modulus) - modulus // 2
+
+
+@overload
+def cmodr(a: int, modulus: int) -> int: ...
+
+
+@overload
+def cmodr(a: Array, modulus: int) -> Array: ...
+
+
+def cmodr(a: int | Array, modulus: int) -> int | Array:
+    """_summary_
+
+    Parameters
+    ----------
+    a : int | Array
+        _description_
+    modulus : int
+        _description_
+
+    Returns
+    -------
+    int | Array
+        _description_
+    """
+    return mod(a, modulus) - int(modulus / 2 - 0.1)
+
+
+@overload
+def modinv(a: int, modulus: int) -> int: ...
+
+
+@overload
+def modinv(a: Array, modulus: int) -> Array: ...
+
+
+def modinv(a: int | Array, modulus: int) -> int | Array:
+    """_summary_
+
+    Parameters
+    ----------
+    a : int | Array
+        _description_
+    modulus : int
+        _description_
+
+    Returns
+    -------
+    int | Array
+        _description_
+
+    Raises
+    ------
+    ValueError
+        _description_
+    ValueError
+        _description_
+    """
+    if isinstance(a, int):
+        if mod(a, modulus) == 0:
+            raise ValueError(f"{a} mod {modulus} is zero; Modular inverse does not exist")
+        gcd, a_inv, _ = eea(a, modulus)
+        if gcd != 1:
+            raise ValueError(f"Modular inverse of {a} mod {modulus} does not exist; gcd is equal to {gcd}")
+    else:
+        if (mod(a, modulus) == 0).all():
+            raise ValueError(f"{a} mod {modulus} is zero; Modular inverse does not exist")
+        gcd, a_inv, _ = eea(a, modulus)
+        if (gcd != 1).any():
+            raise ValueError(f"Modular inverse of {a} mod {modulus} does not exist; gcd is equal to {gcd}")
+
+    return mod(a_inv, modulus)
+
+
+@overload
+def modpow(a: Array, r: int, modulus: int) -> Array: ...
+
+
+@overload
+def modpow(a: int, r: int, modulus: int) -> int: ...
+
+
+def modpow(a: int | Array, r: int, modulus: int) -> int | Array:
+    """_summary_
+
+    Parameters
+    ----------
+    a : int | Array
+        _description_
+    r : int
+        _description_
+    modulus : int
+        _description_
+
+    Returns
+    -------
+    int | Array
+        _description_
+    """
+    if r < 0:
+        return modpow(modinv(a, modulus), -r, modulus)
+
+    y, z = 1, a
+    while r != 0:
+        if r % 2 == 1:
+            y = mod(y * z, modulus)
+        r //= 2
+        z = mod(z * z, modulus)
+    return y

pqlattice/integer/_primality.py

@@ -0,0 +1,78 @@
+import logging
+import random
+from collections.abc import Callable
+
+from . import _modring as mr  # type: ignore
+from . import _primes as primes
+
+logger = logging.getLogger(__name__)
+
+
+def fermat_primality_test(p: int, s: int, int_gen: Callable[[int, int], int] | None = None) -> bool:
+    if p <= 1:
+        return False
+
+    if int_gen is None:
+        int_gen = lambda a, b: random.randint(a, b - 1)
+
+    for _ in range(s):
+        a = int_gen(2, p - 2)
+        if mr.modpow(a, p - 1, p) == 1:
+            return False
+    return True
+
+
+def miller_rabin_primality_test(n: int, s: int, int_gen: Callable[[int, int], int] | None = None) -> bool:
+    if int_gen is None:
+        int_gen = lambda a, b: random.randint(a, b)
+
+    # n - 1 = r * 2 ** u
+    u = 0
+    r = n - 1
+    while r % 2 == 0:
+        u += 1
+        r //= 2
+
+    # assert n - 1 == r * 2 ** u, f"{n - 1=}, {r=}, {u=}, {2**u=}, {r * 2 ** u=}"
+
+    for _ in range(s):
+        a = int_gen(2, n - 2)
+        z = mr.modpow(a, r, n)
+        for _ in range(u):
+            y = mr.mod(z * z, n)
+            if y == 1 and z != 1 and z != n - 1:
+                # composite
+                return False
+            z = y
+        if z != 1:
+            # composite
+            return False
+
+    # likely prime
+    return True
+
+
+def is_prime(p: int) -> bool:
+    """_summary_
+
+    Parameters
+    ----------
+    p : int
+        _description_
+
+    Returns
+    -------
+    bool
+        _description_
+    """
+    if p <= 1:
+        return False
+
+    for prime in primes.SMALL_PRIMES:
+        if p == prime:
+            return True
+
+        if p % prime == 0:
+            return False
+
+    return miller_rabin_primality_test(p, 20)

pqlattice/integer/_primes.py

@@ -0,0 +1,57 @@
+# All primes less than 256
+SMALL_PRIMES = (
+    2,
+    3,
+    5,
+    7,
+    11,
+    13,
+    17,
+    19,
+    23,
+    29,
+    31,
+    37,
+    41,
+    43,
+    47,
+    53,
+    59,
+    61,
+    67,
+    71,
+    73,
+    79,
+    83,
+    89,
+    97,
+    101,
+    103,
+    107,
+    109,
+    113,
+    127,
+    131,
+    137,
+    139,
+    149,
+    151,
+    157,
+    163,
+    167,
+    173,
+    179,
+    181,
+    191,
+    193,
+    197,
+    199,
+    211,
+    223,
+    227,
+    229,
+    233,
+    239,
+    241,
+    251,
+)

pqlattice/lattice/__init__.py

@@ -0,0 +1,44 @@
+from .. import settings
+from ..typing import SquareMatrix, Vector
+from . import embeddings
+from ._cvp import babai_closest_vector, babai_nearest_plane, closest_vector
+from ._gso import gso
+from ._lattice import discriminant, gaussian_heuristic, glr_2dim, hadamard_ratio, rank, volume
+from ._lll import is_lll_reduced, is_size_reduced
+
+
+def lll(lattice_basis: SquareMatrix, delta: float = 0.99) -> SquareMatrix:
+    return settings.get_backend().lll(lattice_basis, delta)
+
+
+def bkz(lattice_basis: SquareMatrix, block_size: int = 10, delta: float = 0.99) -> SquareMatrix:
+    return settings.get_backend().bkz(lattice_basis, block_size, delta)
+
+
+def hkz(lattice_basis: SquareMatrix, delta: float = 0.99) -> SquareMatrix:
+    return settings.get_backend().hkz(lattice_basis, delta)
+
+
+def shortest_vector(lattice_basis: SquareMatrix) -> Vector:
+    return settings.get_backend().shortest_vector(lattice_basis)
+
+
+__all__ = [
+    "volume",
+    "rank",
+    "hadamard_ratio",
+    "discriminant",
+    "gaussian_heuristic",
+    "glr_2dim",
+    "gso",
+    "lll",
+    "is_lll_reduced",
+    "is_size_reduced",
+    "bkz",
+    "hkz",
+    "shortest_vector",
+    "closest_vector",
+    "babai_closest_vector",
+    "babai_nearest_plane",
+    "embeddings",
+]

pqlattice/lattice/_bkz.py

@@ -0,0 +1,87 @@
+import logging
+
+from .._utils import as_integer, as_rational
+from ..typing import Matrix, SquareMatrix, Vector, validate_aliases
+from ._gso import gso
+from ._lll import lll
+from ._svp import schnorr_euchner_svp
+
+logger = logging.getLogger("BKZ")
+
+
+@validate_aliases
+def update_block(lattice_basis: SquareMatrix, new_vector: Vector, start_index: int, block_size: int) -> SquareMatrix:
+    B = as_integer(lattice_basis)
+    local_basis = as_integer([new_vector] + B[start_index : start_index + block_size].tolist())
+    reduced_local = lll(local_basis)
+
+    zero_vec = reduced_local[0]
+    if any(s != 0 for s in zero_vec):
+        raise ValueError("block update failed")
+
+    cleaned_basis = as_integer(reduced_local[1:])
+
+    for i in range(block_size):
+        B[start_index + i] = cleaned_basis[i]
+
+    return B
+
+
+@validate_aliases
+def bkz(lattice_basis: SquareMatrix, block_size: int = 10) -> SquareMatrix:
+    """_summary_
+
+    Parameters
+    ----------
+    lattice_basis : SquareMatrix
+        _description_
+    block_size : int, optional
+        _description_, by default 10
+
+    Returns
+    -------
+    SquareMatrix
+        _description_
+    """
+    n, m = lattice_basis.shape
+
+    B = lll(lattice_basis)
+
+    is_changed = True
+    # iteration = 0
+    # logger.info("starting bkz loop")
+    while is_changed:
+        is_changed = False
+        # iteration += 1
+        # logger.info(f"iter {iteration}")
+        for k in range(n - 1):
+            h = min(block_size, n - k)
+            local_basis: Matrix = B[k : k + h]
+            # logger.info(f"block {local_basis}")
+            B_star, U = gso(local_basis)
+            B_norms2 = as_rational([sum(x * x for x in v) for v in B_star])
+            mu = U.T
+            coeffs = schnorr_euchner_svp(mu, B_norms2)
+
+            is_trivial = True
+            if abs(coeffs[0]) == 1:
+                is_trivial = all(c == 0 for c in coeffs[1:])
+            elif coeffs[0] == 0:
+                is_trivial = False
+            else:
+                is_trivial = False
+
+            if is_trivial:
+                continue
+
+            # logger.info(f"shortest vector in block norm: {norm(coeffs @ local_basis)}")
+            new_vector = as_integer([0] * m)
+            for i in range(h):
+                if coeffs[i] == 0:
+                    continue
+                for d in range(m):
+                    new_vector[d] += coeffs[i] * local_basis[i][d]
+
+                B = update_block(B, new_vector, k, h)
+                is_changed = True
+    return B

pqlattice/lattice/_cvp.py

@@ -0,0 +1,62 @@
+import numpy as np
+
+from .._utils import as_integer, as_rational
+from ..typing import SquareMatrix, Vector, validate_aliases
+from ._gso import gso, project_coeffs
+from ._lll import lll
+
+
+@validate_aliases
+def schnorr_euchner_cvp(mu: SquareMatrix, B: Vector, target_coeffs: Vector) -> Vector:
+    raise NotImplementedError()
+
+
+@validate_aliases
+def closest_vector(lattice_basis: SquareMatrix, target_vector: Vector) -> Vector:
+    raise NotImplementedError()
+
+
+@validate_aliases
+def babai_nearest_plane(lattice_basis: SquareMatrix, target_vector: Vector) -> Vector:
+    """_summary_
+
+    Parameters
+    ----------
+    lattice_basis : SquareMatrix
+        _description_
+    target_vector : Vector
+        _description_
+
+    Returns
+    -------
+    Vector
+        _description_
+    """
+    n, _ = lattice_basis.shape
+    B = lll(lattice_basis)
+    b = as_rational(target_vector)
+    for j in range(n - 1, -1, -1):
+        B_star, _ = gso(B)
+        cj = round(project_coeffs(B_star[j], b))
+        b -= cj * B[j]
+
+    return as_integer(as_rational(target_vector) - b)
+
+
+@validate_aliases
+def babai_closest_vector(lattice_basis: SquareMatrix, target_vector: Vector) -> Vector:
+    """_summary_
+
+    Parameters
+    ----------
+    lattice_basis : SquareMatrix
+        _description_
+    target_vector : Vector
+        _description_
+
+    Returns
+    -------
+    Vector
+        _description_
+    """
+    return as_integer(np.rint(target_vector.astype(float) @ np.linalg.inv(lattice_basis.astype(float))))

pqlattice/lattice/_embeddings.py

@@ -0,0 +1,149 @@
+import numpy as np
+
+from .._utils import as_integer, zeros_mat
+from ..linalg import hnf
+from ..typing import Matrix, SquareMatrix, Vector, validate_aliases
+
+
+def lwe_basis(A: Matrix, q: int) -> SquareMatrix:
+    """
+    _summary_
+
+    Parameters
+    ----------
+    A : Matrix
+        _description_
+    q : int
+        _description_
+
+    Returns
+    -------
+    SquareMatrix
+        _description_
+    """
+    # lattice: L = { x | Ax = 0 mod q }
+    m, _ = A.shape
+    Im = q * as_integer(np.identity(m))
+    G = np.vstack((A.T, Im))
+    H, _ = hnf(G)
+
+    return H[:m]
+
+
+def sis_basis(A: Matrix, q: int) -> SquareMatrix:
+    """
+    _summary_
+
+    Parameters
+    ----------
+    A : Matrix
+        _description_
+    q : int
+        _description_
+
+    Returns
+    -------
+    SquareMatrix
+        _description_
+    """
+    # lattice: L = { y | y = xA mod q }
+    B_p = lwe_basis(A, q)
+    B_inv = np.linalg.inv(B_p.astype(float))
+    B_dual = np.round(q * B_inv.T).astype(int)
+    return B_dual
+
+
+@validate_aliases
+def kannan(A: Matrix, b: Vector, q: int) -> SquareMatrix:
+    """
+    _summary_
+
+    Parameters
+    ----------
+    A : Matrix
+        _description_
+    b : Vector
+        _description_
+    q : int
+        _description_
+
+    Returns
+    -------
+    SquareMatrix
+        _description_
+    """
+    return bai_galbraith(A, b, q, 1)
+
+
+@validate_aliases
+def bai_galbraith(A: Matrix, b: Vector, q: int, M: int) -> SquareMatrix:
+    """
+    _summary_
+
+    Parameters
+    ----------
+    A : Matrix
+        _description_
+    b : Vector
+        _description_
+    q : int
+        _description_
+    M : int
+        _description_
+
+    Returns
+    -------
+    SquareMatrix
+        _description_
+    """
+    m, n = A.shape
+
+    Im = as_integer(np.identity(m))
+    In = as_integer(np.identity(n))
+
+    Zmxn = zeros_mat(m, n)
+    Zmx1 = zeros_mat(m, 1)
+    Znx1 = zeros_mat(n, 1)
+    Z1xn = zeros_mat(1, n)
+
+    bT = b.reshape(1, -1)
+    IM = M * (zeros_mat(1, 1) + 1)
+
+    return np.block(
+        [
+            [q * Im, Zmxn, Zmx1],
+            [A.T, In, Znx1],
+            [-bT, Z1xn, IM],
+        ]
+    )
+
+
+@validate_aliases
+def subset_sum(sequence: Vector, S: int) -> SquareMatrix:
+    """
+    _summary_
+
+    Parameters
+    ----------
+    sequence : Vector
+        _description_
+    S : int
+        _description_
+
+    Returns
+    -------
+    SquareMatrix
+        _description_
+    """
+    n = len(sequence)
+    A = as_integer(np.identity(n + 1) * 2)
+    A[-1] = 1
+    A[:-1, -1] = sequence
+    A[-1, -1] = S
+
+    return A
+
+
+@validate_aliases
+def ntru() -> SquareMatrix:
+    raise NotImplementedError()

pqlattice/lattice/_gso.py

@@ -0,0 +1,43 @@
+from fractions import Fraction
+
+import numpy as np
+
+from .._utils import as_rational
+from ..typing import Matrix, SquareMatrix, Vector, validate_aliases
+
+
+@validate_aliases
+def project_coeffs(q: Vector, b: Vector) -> Fraction:
+    if np.dot(q, q) == 0:
+        return Fraction(0, 1)
+
+    return np.dot(b, q) / np.dot(q, q)
+
+
+@validate_aliases
+def gso(B: Matrix) -> tuple[Matrix, SquareMatrix]:
+    """_summary_
+
+    Parameters
+    ----------
+    B : Matrix
+        _description_
+
+    Returns
+    -------
+    tuple[Matrix, SquareMatrix]
+        _description_
+    """
+    rows, _ = B.shape
+
+    B_star: Matrix = as_rational(B)
+    U: SquareMatrix = as_rational(np.identity(rows))
+
+    for j in range(1, rows):
+        b: Vector = B_star[j].copy()
+        for i in range(j):
+            U[i, j] = project_coeffs(B_star[i], b)
+            B_star[j] -= U[i][j] * B_star[i]
+
+    # B = U.T @ B_star
+    return B_star, U

pqlattice/lattice/_hkz.py

@@ -0,0 +1,20 @@
+from ..typing import SquareMatrix, validate_aliases
+from ._bkz import bkz
+from ._lattice import rank
+
+
+@validate_aliases
+def hkz(lattice_basis: SquareMatrix) -> SquareMatrix:
+    """_summary_
+
+    Parameters
+    ----------
+    lattice_basis : SquareMatrix
+        _description_
+
+    Returns
+    -------
+    SquareMatrix
+        _description_
+    """
+    return bkz(lattice_basis, rank(lattice_basis))