Sample

Sample module

class fips.FIPS204.sample.SAMPLE(parameter)[source]

Bases: object

Algorithms for generating algebraic objects pseudorandomly from a seed rho, rho is a byte string whose length varies depending on the algorithm.

Parameters:

parameter (dict[str, int])

SampleInBall(rho)[source]

Algorithm 29

Samples a polynomial c belonging to R with coefficients from {-1, 0, 1} and Hamming weight tau <= 64.

Parameters:

rho (bytes) – a bytestring of length lambda / 4 bits.

Returns:

a list of integers representing the polynomial.

Return type:

list[int]

Raises:
  • ValueError – if length of rho is not lambda / 4 bits.

  • TypeError – if rho is not a bytestring.

RejNTTPoly(rho)[source]

Algorithm 30

Samples a polynomial belonging to Tq.

Parameters:

rho (bytes) – a bytestring of length 34.

Returns:

a list of integers representing the polynomial.

Return type:

list[int]

Raises:
  • TypeError – if rho is not a bytestring.

  • ValueError – if length of rho is not 34 bytes.

RejBoundedPoly(rho)[source]

Algorithm 31

Samples an element a belonging to R with coefficients in [-eta, eta] computed via rejection sampling from rho.

Parameters:

rho (bytes) – a bytestring of length 66.

Returns:

a list of integers representing the polynomial.

Return type:

list[int]

Raises:

TypeError – if rho is not a bytestring.

ExpandA(rho)[source]

Algorithm 32

samples a k x l matrix of elements of Tq.

Parameters:

rho (bytes) – a bytestring of length 32.

Returns:

a k x l matrix of polynomials.

Return type:

list[list[list[int]]]

Raises:

ValueError – if length of rho is not 32 bytes.

ExpandS(rho)[source]

Algorithm 33

Samples vector s1 belonging to R^l and s2 belonging to R^k, each with polynomial coordinates whose coefficients are in the interval [-eta, eta].

Parameters:

rho (bytes) – a bytestring of length 64.

Returns:

a list of l polynomials representing the vector s1. s2 (list): a list of k polynomials representing the vector s2.

Return type:

tuple[list[list[int]], list[list[int]]]

Raises:

ValueError – if length of rho is not 64 bytes.

ExpandMask(rho, mew)[source]

Algorithm 34

Samples a vector y R^l such that each polynomial y[r] has coefficients between -gamma1 + 1 and gamma1.

Parameters:
  • rho (bytes) – a bytestring of length 64.

  • mew (int) – an integer used in the sampling process.

Returns:

a list of polynomials representing the vector y.

Return type:

list[list[int]]

Raises:
  • ValueError – if length of rho is not 64 bytes.

  • TypeError – if mew is not an integer.

  • ValueError – if mew is a negative integer.