# Larkworks # Meeting notes 07-14-2013 - Kyber [engineering plan](https://hackmd.io/@alxiong/kyber-plan) - send invite for July 26th mid term report to EF - targets: - Underly math - lattice operations - Hash functions - SIS based - Vector Commitment - Merkle tree in Chipmunk - Kyber scheme - Chipmunk scheme - Alex will look at ZZ's PR and tell ZZ what part he is working on - Marcin will work on the Ring implementation - ZZ will port chipmunk code into Larkworks - Have a meeting on Tuesday July 25th # Meeting notes 06-23-2023 - done - zhenfei - implement ff's Field/PrimeField for u64 - implement FFTs for small domains (WIP) - sprint - zhenfei - implement Distributor struct (allows for gaussian/uniform/binomial) - implement Lattice strcut (only have additions now, may add more functions later) # Meeting notes 05-12-2023 - marcin - sage code [PR](https://github.com/larkworks/larkworks/pull/1/files) - zhenfei - rust code base for polynomial operations - used this code base for Chipmunk paper - Alex - EC sharing [notes](https://gist.github.com/alxiong/8d431224bc54d93901de373e1cf518a5) # Meeting notes 04-23-2023 - code base: - link: https://github.com/larkworks/larkworks - added polynomial module from ZZ's previous work - funding updates: - Got an approval from EF - No action needed for now - misc: - meet biweekly on Friday morning 9 am ET. - Progress update: - Alex: - spent some time reading [Decade in Lattice [Pei15]](https://eprint.iacr.org/2015/939) (currently finishing until Chapter 5.2.1 on CPA-secure scheme, precursors of Kyber's CPA-part), Micciancio's [lec notes](https://cseweb.ucsd.edu/classes/sp14/cse206A-a/) on some lattic basic and [harmonic analysis](https://cseweb.ucsd.edu/classes/fa21/cse206A-a/LecGaussian.pdf), helps me a great deal with necessary foundation. - Apologize that I haven't start implementing Kyber yet. I'm sure I will read Kyber spec more carefully and start my toy impl next week. - I'll be on CET for a month. todo: - ZZ: change the modulus of existing code to kyber modulus - ZZ: convert the polynomial code base ring arithmetics - Alex: present kyber overview as a hackmd doc - Marcin: finish sage code and integrate the test code - in the same repo as larkworks # Meeting notes 04-07-2023 ## Scope/proposal A library for lattice based cryptography, may include - basic polynomial and matrix arithmetics - various samplers such as GPV, MP12, Falcon - (optional) lwe/sis hardness estimator - PKI primitives: DualRegev, kyber, dilihtium, NTRU, Falcon - hash fucntions: Swifft - commitment schemes: BDLOP - verifiable random fucntions - lattice based SNARKs. ### Phase 1 - basic polynomial and matrix arithmetics (6 weeks) - accompanied with sage scripts for validity tests - allows for customized ring and field setting - implement butterfly FFTs - specs: NIST submission - various samplers such as Falcon (6 weeks) - (optional) lwe/sis hardness estimator - integrate lwe-estimator python script - PKI primitives: kyber (2 weeks), dilihtium (2 weeks), Falcon (2 weeks) - performance comparisons with NIST submissions - passes known answer tests (KAT) from NIST's specs ### Phase 2 - hash fucntions: Swifft - commitment schemes: BDLOP ### Phase 3 - Plonk with BDLOP commitment - Plonk with FRI + Swifft hash ### Bonus (not essential for ZKP but would be nice to have) - Squrriel with Larkworks backend - PKI primitives: DualRegev, NTRU - various samplers such as GPV, MP12 do we want to allow for FHEs, if so we need - RNS - large modulus todos: - larkwork monorepo renaming - ship some of existing code from ZZ - specs kyber - how to define polynomial trait (draft in 2 weeks) - build a PoC of kyber (in 4 weeks) - biweekly meeting same time Friday morning 9am ET - prepare the grant application and submit it - next meeting - chat about kyber spec - draft implementation of PrimeField, and perhaps a different definition of Polynomials # Spec ## Arithmetic - [x] Field - As defined in ff-0.13 - [x] PrimeField: Field - As defined in ff-0.13 - [ ] Polynomial<F:Field> - [x] First iteration https://github.com/larkworks/larkworks/blob/45178f7f186c4cf62a71186a57f8a6f70615e523/polynomial/src/lib.rs#L31 - Move samplers out to Samplers etc. - code need refactoring - add school book muls - [x] SparsePolynomial<F:Field> - From<Polynomial> and To<Polynomial> - [ ] Vector (Alex) - NTTVector: Vector<F: PrimeField> - convertsion from/to polynomials via NTTs - LatticeVector: Vector<F: PrimeField> (supporting generic lattices; low priority) - convertsion from/to polynomials via casting - F does not need to be NTT friendly - Do we need a seperate abstraction for prime field that is not NTT friendly? - [ ] Matrix<E> - E == Field => generic lattices - E == Ring => modular lattices - [ ] Ring(M) - Move addtion/multiplications to Ring - Define a new additon/multiplication over Z (seems not useful, low priority) - wrapper of polynomial, with addion/multiplications over the ring - [ ] Lattice - what are essential interfaces here? - instanciation is a wrapper of Matrix<Field> - [ ] IdealLattice: Lattice - instanciation is a wrapper of Ring - [ ] ModularLattice - instanciation is a wrapper of Matrix<R> - [ ] Distribution - hard code for Gaussian/uniform for now? - [ ] Sampler - a trait bound for Ring, Lattice, Vector?