Skip to content

Commit f90f8c9

Browse files
mhchiamhchia
committed
fix ntt and added falcon test case
1 parent 735132d commit f90f8c9

1 file changed

Lines changed: 74 additions & 19 deletions

File tree

src/ntt.rs

Lines changed: 74 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -50,23 +50,21 @@ pub fn find_primitive_2d_root_of_unity<const Q: u64>(d: u64) -> Zq<Q> {
5050
}
5151

5252

53-
/// NTT: here we assume coeffs can be split *completely* for simplicity and efficiency
54-
/// in the split fields.
53+
5554
/// This is implemented according to this great article https://electricdusk.com/ntt.html
56-
/// This requires {d} to be a power of two.
57-
pub fn ntt<const Q: u64>(coeffs: Vec<Zq<Q>>, psi: Zq<Q>, psi_power: u64) -> Vec<Zq<Q>> {
55+
/// zeta means current level is Z_q[X]/(X^d - \psi^{zeta_exp})
56+
pub fn _ntt<const Q: u64, const D: u64>(coeffs: Vec<Zq<Q>>, psi: Zq<Q>, zeta_exp: u64) -> Vec<Zq<Q>> {
5857
let d = coeffs.len();
59-
assert!(d.is_power_of_two(), "d should be power of two to split completely: d={d}");
6058
assert!((Q-1).is_multiple_of(2*d as u64));
6159

6260
// Terminal condition: when d = 1, it's the last split. Just returns
6361
// the constant term.
6462
if d == 1 {
6563
return vec![coeffs[0]];
6664
}
67-
65+
// psi_power = d/2 first.
6866
// E.g. d=256, root here is \psi^{128} since X^{256}+1 = (X^{128} - 1)(X^{128} + 1)
69-
let root= psi.pow(psi_power);
67+
let root= psi.pow(zeta_exp / 2);
7068
// Here is the "butterfly" part
7169
// E.g. we're at a \in Z_q[X] / (X^256+1) and we're gonna split to
7270
// a_l \in Z_q[X]/(X^128 - \psi^128), a_r \in Z_q[X]/(X^128 + \psi^128).
@@ -88,11 +86,47 @@ pub fn ntt<const Q: u64>(coeffs: Vec<Zq<Q>>, psi: Zq<Q>, psi_power: u64) -> Vec<
8886
}
8987

9088
// Split the left/right poly all the way down and get the results.
91-
let a_l_coeffs = ntt(a_l, psi, psi_power / 2);
92-
let a_r_coeffs = ntt(a_r, psi, psi_power / 2 + (d/2) as u64);
89+
// We split X^{256} + 1 to
90+
// left: X^{128} - \psi^{128}
91+
// right: X^{128} + \psi = X^{128} - (-\psi^{128})
92+
// = X^{128} - \psi^{128+D}, where D=256 and \psi^D = -1.
93+
// TODO: we can actually derive the correct root with a precalculated table \psi...\psi^{511}
94+
let a_l_coeffs = _ntt::<Q, D>(a_l, psi, zeta_exp / 2);
95+
let a_r_coeffs = _ntt::<Q, D>(a_r, psi, zeta_exp / 2 + D as u64);
9396
a_l_coeffs.into_iter().chain(a_r_coeffs).collect()
9497
}
9598

99+
100+
// TODO: finish bit reverse
101+
// /// Reverse order of the result.
102+
// /// Since the result of our NTT would be (w^1, w^5, w^3, w^7) for d=4,
103+
// /// but we expect it to be (w^1, w^3, w^5, w^7).
104+
// fn _bit_reverse_permutation<T>(v: &mut [T]) {
105+
// let n = v.len();
106+
// let log_n = n.trailing_zeros();
107+
// for i in 0..n {
108+
// let j = i.reverse_bits() >> (usize::BITS - log_n);
109+
// if i < j {
110+
// v.swap(i, j);
111+
// }
112+
// }
113+
// }
114+
115+
116+
/// NTT: split polynomials X^d+1 into irreducibles. For negacyclic (X^d+1), to fully split the
117+
/// polynomial, we need {d} to be a power of two. Otherwise the last layer wouldn't be degree 1 poly, might be
118+
/// degree 2 or something else.
119+
/// Here we only deal with the ones can be split *completely* for simplicity and efficiency
120+
/// in the split fields.
121+
pub fn ntt<const Q: u64, const D: u64>(coeffs: Vec<Zq<Q>>, psi: Zq<Q>) -> Vec<Zq<Q>> {
122+
assert!(D.is_power_of_two(), "d should be power of two to split completely: d={D}");
123+
assert!((Q-1).is_multiple_of(2*D as u64));
124+
125+
let mut result = _ntt::<Q,D>(coeffs, psi, D);
126+
// _bit_reverse_permutation(&mut result);
127+
result
128+
}
129+
96130
pub fn intt<const Q: u64>(evals: Vec<Zq<Q>>) -> Vec<Zq<Q>> {
97131
todo!()
98132
}
@@ -122,19 +156,22 @@ mod tests {
122156
// Sage test vectors: q=17, d=4, negacyclic NTT (X^d+1)
123157
// coeffs [16, 3, 0, 14] <-> evals [15, 0, 0, 15]
124158
#[test]
125-
fn test_ntt_forward() {
159+
fn test_ntt_forward_small() {
126160
let psi = setup();
127-
let d = 4;
128-
let coeffs = vec![F::new(16), F::new(3), F::new(0), F::new(14)];
129-
let expected_evals = vec![F::new(15), F::new(0), F::new(0), F::new(15)];
161+
// q = 17, d=4
162+
let coeffs = vec![F::new(10), F::new(4), F::new(8), F::new(0)];
163+
// let expected_evals = vec![F::new(15), F::new(0), F::new(0), F::new(15)];
164+
165+
let get_evals = || {
130166

131-
let odd_powers: Vec<_> = (0..d).map(|k| psi.pow(2*k as u64 + 1)).collect();
132-
println!("roots: {:?}", odd_powers);
167+
let odd_powers: Vec<_> = (0..D).map(|k| psi.pow(2*k as u64 + 1)).collect();
133168

134-
let a = Poly::new(coeffs.clone());
135-
let evals: Vec<_> = odd_powers.iter().map(|w| a.clone().eval(w.value())).collect();
136-
println!("evals: {:?}", evals);
137-
assert_eq!(ntt::<Q>(coeffs, psi, d/2), expected_evals);
169+
let a = Poly::new(coeffs.clone());
170+
let evals: Vec<_> = odd_powers.iter().map(|w| a.clone().eval(w.value())).collect();
171+
evals
172+
};
173+
let evals = get_evals();
174+
assert_eq!(ntt::<Q, D>(coeffs, psi), evals);
138175
}
139176

140177

@@ -153,4 +190,22 @@ mod tests {
153190
let coeffs = vec![F::new(16), F::new(3), F::new(0), F::new(14)];
154191
// assert_eq!(intt::<Q>(ntt::<Q>(coeffs, psi, d)), coeffs);
155192
}
193+
194+
// ─── q=12289, d=1024 (Falcon params) ───
195+
196+
const Q2: u64 = 12289;
197+
const D2: u64 = 1024;
198+
type F2 = Zq<Q2>;
199+
200+
#[test]
201+
fn test_ntt_forward_falcon() {
202+
let psi = find_primitive_2d_root_of_unity::<Q2>(D2);
203+
let coeffs_raw: [u64; 1024] = [8633, 1504, 11298, 8147, 6951, 5539, 3291, 334, 7732, 376, 3099, 4879, 9978, 7512, 3274, 6114, 4942, 8255, 8730, 758, 1334, 5361, 3507, 10969, 5079, 9882, 6516, 4586, 1065, 8785, 7004, 1862, 9009, 3056, 8567, 9320, 10060, 11102, 8500, 6825, 11371, 8969, 6803, 9167, 5102, 7353, 3645, 5857, 4803, 4926, 31, 9882, 1629, 7896, 9482, 11918, 11814, 9292, 3349, 7552, 10062, 2207, 10602, 10028, 9477, 4478, 779, 4661, 3806, 5018, 11988, 5964, 1116, 6667, 7390, 11978, 6572, 6650, 995, 5272, 9795, 7900, 243, 7127, 8028, 8116, 5088, 11664, 8701, 8643, 11561, 1085, 4006, 4509, 5942, 4193, 3742, 5894, 3280, 1991, 4774, 12034, 8936, 11409, 11196, 7562, 7697, 4110, 2175, 7539, 971, 4172, 11566, 7773, 2207, 462, 399, 10611, 2829, 10365, 3380, 8206, 2637, 11674, 10176, 4501, 5942, 9091, 10305, 5401, 8032, 6735, 9440, 6451, 7694, 9949, 9982, 9574, 10511, 11769, 5833, 5562, 1727, 4530, 3759, 9434, 8589, 10659, 3135, 11892, 593, 8111, 9614, 589, 7442, 7766, 3055, 11502, 10424, 2408, 9151, 3319, 10302, 5540, 3607, 1665, 6033, 11028, 10274, 2507, 9906, 3124, 7231, 11770, 11154, 8616, 7150, 1498, 11129, 9886, 10204, 4574, 5823, 3155, 11978, 11485, 5724, 5320, 6184, 4291, 3991, 7459, 1676, 8510, 8243, 9770, 10757, 11398, 11699, 1909, 8183, 1845, 5400, 7280, 6336, 6670, 2293, 271, 5852, 1794, 7898, 6881, 1159, 12226, 963, 12144, 6309, 5347, 4688, 6188, 9009, 8218, 7494, 10259, 7838, 8182, 11600, 4375, 10218, 3015, 105, 3806, 5685, 953, 9541, 6973, 7315, 11895, 12004, 10430, 1719, 2083, 9940, 6838, 11341, 544, 11516, 11554, 5238, 6365, 8449, 3485, 8105, 9332, 9186, 6129, 1900, 710, 7831, 7301, 2145, 133, 11804, 5400, 7005, 9624, 2121, 4441, 3137, 370, 13, 1034, 3097, 9243, 9257, 5900, 6285, 5140, 2583, 10830, 8110, 4627, 3348, 2656, 2045, 4936, 1831, 2658, 9762, 3350, 10022, 4663, 5445, 5459, 1622, 1107, 9744, 7169, 8423, 1628, 8441, 311, 4111, 9401, 6955, 7614, 8648, 5518, 12212, 5961, 11142, 1696, 3886, 5712, 4359, 12137, 10659, 1653, 5995, 7541, 11107, 6721, 8051, 2276, 4893, 1899, 4137, 9679, 1566, 2319, 2476, 3052, 4485, 10754, 4161, 4806, 8727, 2706, 9906, 3150, 2597, 3501, 10371, 4388, 1884, 3504, 8179, 4911, 6310, 8160, 11119, 782, 7186, 4980, 2140, 7542, 7186, 2728, 8077, 10595, 2751, 11561, 2198, 2547, 246, 7921, 767, 3269, 7818, 8884, 2065, 9058, 713, 9549, 1558, 11253, 4638, 3825, 10444, 4493, 4857, 12158, 914, 1118, 8790, 6034, 1336, 3574, 5075, 11131, 4502, 6943, 3366, 10963, 4603, 5015, 10189, 8893, 1910, 7955, 78, 4496, 10935, 6171, 5757, 2653, 9637, 11255, 8249, 3618, 11349, 32, 1421, 11701, 3580, 5618, 4296, 7191, 8374, 8083, 3250, 475, 3574, 4002, 9478, 2704, 53, 6247, 11169, 3599, 3900, 11197, 11437, 1362, 11720, 2314, 12064, 8417, 253, 1772, 6891, 3932, 11778, 8279, 8516, 3993, 10810, 8360, 7941, 979, 9228, 11927, 2621, 6959, 8159, 2943, 4727, 7448, 6361, 5463, 1053, 6933, 2965, 7561, 3991, 6456, 3509, 5526, 8425, 9859, 5408, 10766, 3034, 1334, 238, 1858, 3789, 2024, 9618, 10824, 486, 7701, 12152, 1566, 11760, 310, 12163, 1501, 5646, 467, 11111, 4689, 830, 5629, 4115, 9139, 925, 11278, 3986, 2644, 8917, 5500, 973, 7957, 11451, 4034, 5382, 6186, 2592, 4135, 9356, 12063, 3928, 3946, 8176, 6301, 4293, 2336, 10316, 5421, 10495, 11767, 1080, 5443, 7456, 201, 7654, 5498, 4970, 3614, 11407, 4927, 9669, 8867, 383, 11422, 8998, 7785, 9604, 9688, 11881, 756, 1803, 10058, 6599, 3098, 7637, 1254, 5026, 11490, 12077, 706, 8077, 4302, 10878, 10849, 6360, 7546, 8339, 4444, 3767, 714, 6782, 10288, 8393, 3683, 8254, 5442, 8289, 11340, 8302, 10933, 4977, 2732, 549, 3910, 3787, 6113, 3935, 8973, 7779, 1562, 5205, 11939, 5262, 4850, 1409, 4034, 8257, 11719, 4539, 10194, 1657, 9680, 11077, 9464, 7238, 5684, 6624, 10497, 189, 957, 9623, 9707, 6943, 10749, 568, 11309, 4591, 10007, 10001, 9118, 8712, 8089, 9315, 1516, 8726, 4661, 515, 3708, 6356, 3951, 343, 10792, 1292, 2814, 8629, 4212, 1590, 6817, 11156, 4933, 7154, 9092, 4982, 4838, 965, 7190, 9333, 1109, 2640, 12051, 8379, 11146, 10543, 9997, 9020, 1792, 11186, 9180, 12240, 10149, 2833, 12127, 10812, 9849, 9203, 5418, 10886, 355, 4147, 9690, 3912, 6803, 4027, 9825, 5990, 1966, 11465, 1012, 1309, 9231, 8690, 9834, 5323, 11982, 1397, 11359, 6786, 3367, 9358, 3169, 496, 10707, 10079, 5584, 3007, 9667, 8875, 7481, 109, 8012, 2118, 4846, 1259, 218, 3195, 9232, 5053, 3293, 2988, 12002, 9429, 9123, 11850, 5311, 3489, 11159, 253, 3707, 3627, 8323, 9872, 5998, 9624, 6551, 7544, 417, 11528, 11807, 1981, 11615, 6532, 6575, 1369, 2802, 7024, 1726, 2229, 8831, 9809, 5669, 6431, 1586, 7898, 8289, 11938, 10071, 7282, 6639, 8353, 8294, 8359, 1056, 10708, 9085, 5668, 9508, 8306, 5091, 8627, 358, 10897, 8684, 8756, 9859, 2754, 6773, 12161, 6180, 3625, 1814, 3162, 6190, 6504, 931, 7932, 452, 243, 3414, 8415, 4460, 5180, 11665, 9555, 6003, 7864, 1263, 4778, 4829, 4916, 383, 6454, 6498, 38, 9474, 10584, 6916, 10561, 3158, 7530, 8604, 11352, 4352, 579, 9983, 6131, 7383, 11860, 10700, 11631, 2752, 3142, 1052, 3559, 6446, 3533, 2488, 9766, 9087, 5183, 2612, 141, 1689, 3406, 4688, 5208, 4787, 4246, 420, 11740, 9541, 5928, 9149, 96, 413, 2384, 3877, 8279, 2236, 5746, 5971, 2653, 3436, 5234, 12262, 5769, 3116, 4147, 447, 10956, 6300, 4800, 1866, 11025, 6099, 6894, 2640, 10917, 11514, 8730, 1490, 4674, 2738, 9760, 8903, 11333, 3653, 1512, 5692, 4071, 5902, 1937, 9693, 6360, 7977, 7456, 10122, 1533, 1948, 6412, 9252, 1872, 8057, 11933, 11357, 7497, 4826, 2143, 8372, 6447, 9946, 6249, 5613, 10571, 6538, 6694, 4938, 6122, 11748, 7229, 9923, 4953, 11363, 5595, 9201, 984, 2708, 8946, 7315, 1873, 10106, 10252, 8434, 10233, 5614, 1621, 7111, 6581, 11116, 10033, 3526, 4907, 4094, 10788, 12207, 10001, 1937, 1362, 11468, 12034, 8424, 11310, 9094, 6757, 4234, 511, 3376, 318, 786, 6065, 4177, 9327, 1244, 7562, 9413, 6144, 2621, 2041, 12047, 8644, 10784, 11803, 9096, 1504, 11597, 958, 7367, 7284, 10109, 12230, 12222, 4916, 1182, 9011, 6536, 61, 9774, 1887, 1813, 6490, 4633, 4242, 6253, 10767, 319, 4050, 8793, 10533, 4872, 9734, 1809, 9619, 149, 6300, 2175, 12062, 1303, 9013, 79, 7599, 2887, 6223, 1750, 4508, 211, 4246, 10669, 9386, 9196, 10170, 417, 8956, 11240, 3254, 10332, 8240, 542, 11703, 5760, 401, 3208, 5938, 4713, 10281, 10535, 8839, 1612, 11339, 8198, 2911, 26, 11762, 2405, 935, 5648, 6415, 6397, 10547, 5080, 11072, 5132, 10349, 1604];
204+
let evals_raw: [u64; 1024] = [803, 3624, 11973, 11609, 10518, 11858, 4113, 1383, 9817, 11529, 8810, 4170, 2533, 4624, 4735, 6461, 3896, 9051, 10479, 12266, 1212, 8953, 6309, 8409, 6752, 10259, 5408, 435, 11980, 1799, 2501, 235, 5288, 1874, 6547, 11562, 4688, 6599, 8381, 492, 2316, 430, 4728, 5969, 145, 8738, 9461, 9490, 7231, 11298, 4476, 10215, 9428, 8621, 5273, 7443, 11931, 5599, 9249, 2478, 7507, 7121, 11598, 8643, 4847, 2965, 11973, 8917, 2771, 8018, 75, 1605, 1501, 8557, 10716, 894, 2019, 6035, 3585, 3397, 5384, 8685, 8092, 11252, 10797, 1306, 360, 5578, 10910, 5699, 10317, 11616, 11693, 11599, 3783, 12266, 8536, 3522, 11617, 3830, 4771, 776, 1111, 5000, 4867, 4008, 7348, 7566, 11787, 2936, 12077, 3008, 11130, 1530, 2688, 12114, 10065, 1067, 9914, 3556, 5410, 1306, 9702, 7463, 3502, 9803, 5346, 966, 3883, 6701, 2303, 799, 1998, 3906, 5597, 2608, 9722, 9519, 6564, 6535, 2053, 4029, 3839, 11187, 9095, 224, 9897, 11648, 9046, 3509, 2809, 2497, 6863, 2027, 10235, 9096, 2227, 4711, 6709, 10317, 9549, 534, 8856, 5803, 100, 7682, 1075, 6694, 9519, 2067, 2063, 5059, 6866, 4630, 9892, 5093, 2258, 5739, 3037, 11944, 1150, 1141, 9135, 3538, 9677, 7060, 11439, 10875, 5833, 2002, 4335, 10318, 3344, 2656, 5517, 10519, 11281, 11979, 10598, 11736, 9611, 8133, 10473, 6975, 3507, 8401, 629, 1358, 8241, 2048, 416, 7693, 7061, 1434, 6208, 4929, 9586, 3192, 7888, 4509, 11306, 7244, 2685, 552, 3271, 7786, 6041, 2417, 2218, 7632, 8026, 11985, 2751, 5689, 6536, 8533, 989, 4242, 3733, 10184, 3207, 4107, 5210, 3105, 4048, 2847, 1184, 4037, 3986, 5925, 11183, 104, 11376, 6355, 7577, 11191, 883, 2006, 4056, 1568, 751, 11401, 10126, 6150, 9205, 9249, 4560, 1566, 9715, 6691, 8636, 4507, 4718, 6080, 654, 10145, 2215, 554, 9112, 1357, 12081, 6146, 3310, 1863, 5607, 7057, 8531, 1116, 7712, 7001, 10926, 9313, 1804, 3855, 207, 4553, 8579, 9168, 4247, 2993, 6233, 3630, 3508, 4560, 11558, 10732, 7219, 2236, 5268, 5437, 9173, 11367, 7389, 5158, 1552, 5607, 4409, 5173, 8237, 102, 3638, 8703, 7616, 5312, 7399, 3861, 3539, 5707, 682, 9761, 6401, 4396, 650, 5614, 4279, 11771, 3140, 6759, 4020, 2507, 10725, 250, 2552, 10589, 633, 1789, 11594, 11898, 681, 33, 104, 10882, 6313, 1557, 5014, 496, 9158, 11573, 5355, 8633, 28, 1448, 11290, 9437, 7075, 11027, 7451, 721, 7418, 2094, 9045, 9484, 11001, 10819, 3706, 10849, 4594, 8870, 2965, 7558, 1338, 6190, 11216, 11640, 1341, 8950, 9907, 7297, 6177, 1398, 9700, 843, 9367, 10361, 10104, 11996, 4662, 9675, 11044, 4209, 3685, 3982, 7620, 10946, 2838, 4211, 11603, 10617, 1240, 11943, 4433, 6843, 8620, 4514, 11591, 8537, 3643, 890, 1658, 1404, 9459, 10519, 1647, 7351, 11045, 768, 2717, 9861, 4121, 3107, 4644, 724, 5476, 6115, 562, 6687, 7782, 6673, 2723, 2733, 9200, 3893, 7842, 2447, 11611, 5689, 7822, 7452, 1316, 1044, 6149, 3097, 2649, 12183, 1781, 3235, 11913, 2495, 3394, 9646, 4398, 5807, 2163, 8449, 11960, 6454, 3882, 604, 7132, 618, 6165, 282, 1472, 858, 9431, 9506, 5350, 7541, 6019, 8411, 829, 4831, 1059, 827, 4259, 477, 8017, 7658, 349, 3369, 4196, 7310, 11413, 10540, 12147, 11531, 3446, 382, 5785, 3287, 6163, 4003, 12117, 11788, 851, 8987, 8607, 11683, 8588, 8158, 213, 1506, 11186, 6243, 2124, 5977, 835, 7493, 1085, 4109, 3312, 1798, 9199, 2870, 9014, 5480, 1517, 11672, 8639, 5060, 7497, 9635, 12156, 6586, 5043, 10205, 11696, 4890, 11580, 11817, 9079, 9692, 9383, 9085, 11625, 4453, 1645, 10641, 3248, 7669, 7438, 9960, 878, 7937, 4252, 4214, 10683, 4372, 8739, 9856, 2358, 934, 6781, 10699, 1918, 9740, 3464, 6834, 7096, 4853, 12131, 2998, 4530, 8054, 4696, 6126, 1010, 5474, 5794, 4557, 332, 8095, 4063, 1480, 1757, 363, 929, 598, 2118, 2614, 7557, 9520, 11121, 3112, 4516, 1484, 8403, 11294, 7615, 4969, 7392, 7587, 1159, 225, 9010, 3050, 3617, 7392, 11415, 4474, 7320, 277, 12076, 9197, 8234, 8186, 12076, 10343, 5594, 9917, 7890, 7975, 11455, 3333, 11801, 7842, 5338, 6427, 8948, 1663, 919, 7309, 336, 8262, 10472, 12239, 8414, 1887, 2571, 10316, 1163, 3829, 10454, 8478, 6820, 11238, 7177, 12105, 2703, 2597, 5393, 5300, 6895, 4098, 7169, 2992, 239, 396, 1256, 10317, 8366, 5848, 8053, 9440, 8803, 10347, 4038, 9070, 3531, 4574, 5347, 8674, 9035, 11057, 3355, 5775, 2173, 942, 8795, 6032, 4407, 6128, 1259, 3905, 7084, 9329, 10957, 297, 1064, 2204, 10294, 7888, 1408, 5884, 11514, 9, 8219, 11555, 2435, 4009, 8212, 9155, 6573, 1634, 8303, 3867, 82, 3288, 5440, 4758, 12102, 6126, 8247, 333, 6393, 7756, 8594, 7508, 10423, 2596, 10852, 6832, 8728, 4979, 4108, 6431, 3286, 10461, 4701, 6111, 6630, 10311, 9965, 4675, 5019, 1798, 6828, 3511, 11452, 443, 7728, 4056, 12044, 9195, 7305, 5124, 1092, 625, 8523, 11000, 8526, 4067, 3279, 9055, 6048, 9990, 152, 4893, 4618, 11521, 848, 7849, 809, 990, 11449, 3012, 6363, 3487, 6354, 9974, 7255, 3437, 4055, 9376, 5790, 4837, 4595, 2103, 5252, 5838, 6423, 8239, 8913, 1006, 3381, 9678, 12065, 7589, 4674, 1035, 1884, 9140, 4739, 11762, 11845, 6415, 4020, 9479, 11043, 2318, 10646, 11718, 5157, 8194, 10936, 5738, 4454, 4662, 8062, 6957, 9964, 5215, 5079, 5002, 6782, 4628, 11334, 3377, 11174, 5800, 6908, 11800, 5068, 5035, 10991, 2410, 11372, 855, 9721, 9734, 10158, 3319, 442, 3600, 3419, 2932, 373, 12069, 5780, 1155, 10792, 3743, 5108, 1811, 9923, 2987, 6983, 5629, 1351, 2729, 1701, 10567, 8678, 2951, 10669, 9053, 6858, 523, 7768, 11689, 5184, 10917, 11033, 3791, 1295, 2492, 819, 5702, 6392, 8454, 7624, 4541, 5694, 6333, 7282, 7496, 9423, 4191, 6694, 3707, 7548, 3933, 2262, 9528, 3578, 1192, 343, 4065, 6561, 600, 1921, 3716, 9232, 7818, 11838, 4669, 2912, 1516, 3682, 8037, 1668, 1508, 6690, 7907, 5345, 5072, 9626, 7110, 10981, 11125, 6793, 2555, 1371, 2011, 619, 2572, 12151, 2012, 5128, 8379, 5925, 2601, 5508, 10008, 4586, 8292, 3494, 4662, 1821, 3902, 10846, 11219, 8341, 7740, 11799, 4993, 9921, 11029, 4332, 2567, 308, 955, 3915, 6637, 916, 3742, 2154, 7413, 3331, 6356, 2414, 4610, 2302, 7336, 2871, 290, 1342, 6103, 1607, 442, 5277, 6926, 6894, 2047, 6258, 7207, 2075, 4042, 491, 2616, 10548, 1149, 11948, 3357, 6218, 8549, 1498, 628, 9722, 6434, 3888, 823, 8637, 6846, 10315, 2420, 9883, 9587, 4368, 11312, 5890, 1103, 7522, 673, 5679, 881, 2743, 3260, 3218, 1357, 10211, 2156, 317, 5195, 772, 7304, 10280, 8742, 883, 6866, 6629, 4416, 9412, 6504, 707, 9635, 5613, 5966, 27, 88, 3873, 6762, 9537, 5468];
205+
206+
let coeffs: Vec<F2> = coeffs_raw.iter().map(|&c| F2::new(c)).collect();
207+
let expected_evals: Vec<F2> = evals_raw.iter().map(|&e| F2::new(e)).collect();
208+
209+
assert_eq!(ntt::<Q2, D2>(coeffs, psi), expected_evals);
210+
}
156211
}

0 commit comments

Comments
 (0)