tfeneuil
/
LeakLWE2

#!/usr/bin/sage -python
# -*- coding: latin-1 -*-

load("../framework/instance_gen.sage")

verbosity = 0
report_every = None

"""  Example
Uncomment the following to get the detailed computation
"""
# verbosity = 2
# report_every = 20

for params in ['R5ND_{1}KEM_0d', 'R5ND_{3}KEM_0d', 'R5ND_{5}KEM_0d']:

    logging("Set of parameters: " + params)
    if params == 'R5ND_{1}KEM_0d':
        n = 618
        m = 618
        q = 2 ** 11
        p = 2 ** 8
        h = 104

    elif params == 'R5ND_{3}KEM_0d':
        n = 786
        m = 786
        q = 2 ** 13
        p = 2 ** 9
        h = 384

    elif params == 'R5ND_{5}KEM_0d':
        n = 1018
        m = 1018
        q = 2 ** 14
        p = 2 ** 9
        h = 428

    D_s = {-1: RR(h / 2 / n), 0: RR((n - h) / n), 1: RR(h / 2 / n)}
    D_e = build_uniform_law(q / p)


    # Assessement of the attack without hints

    A, b, dbdd = initialize_round5_instance(DBDD_predict_diag, n,
                                            q, p, h, m, D_e, D_s,
                                            verbosity=verbosity)
    if report_every is not None:
        dbdd.integrate_q_vectors(q, indices=range(0, n + m),
                                 report_every=report_every)
    else:
        dbdd.integrate_q_vectors(q, indices=range(0, n + m))
    (beta, _) = dbdd.estimate_attack()
    logging("Attack without hints:  %3.2f bikz" % beta, style="HEADER")

    # Assessement of the attack with hints

    A, b, dbdd = initialize_round5_instance(DBDD_predict, n,
                                            q, p, h, m, D_e, D_s,
                                            verbosity=verbosity)

    v = vec([0 if i < m else 1 for i in range(m + n)])
    dbdd.integrate_perfect_hint(v, 0)

    if report_every is not None:
      dbdd.integrate_q_vectors(q, indices=range(0, m), report_every=report_every)
    else:
      dbdd.integrate_q_vectors(q, indices=range(0, m))
    (beta, _) = dbdd.estimate_attack()
    logging("Attack without hints:  %3.2f bikz" % beta, style="HEADER")