Add sha3 #1
Add sha3 #1
Conversation
|
We need #2 first. This should be a no-brainer |
Absolutely. I just wanted to get started on extracting and collection proofs, and couldn't make the PR draft for some reason. |
|
So, the main question is whether we want to keep the history. If so, all the sha3 commits should be rerooted under the sha3 directory. Currently, I cannot even rebase that PR on top of |
|
The SHA3 history can't rebase cleanly on an empty repo for some reason. This current version is a A final commit adds sha3 to the repo's CI and updates the test config (including prover selection for now). |
…me reason." This reverts commit 7e32f742fa318b19e41ab7d99d39496645304427.
the folder may have contained useful stuff. Check history if needed.
There's an unrestricted smt left in RP.ec, because of the goal:
d_ll: is_lossless dt
d_fu: support dt = predT
&m: memory <P.f>
h : exists (x : t), ! mem (rng P.m{m}) x
------------------------------------------------------------------------
mu dt (mem (rng P.m{m})) < 1%r
After a quick look, I'm not seeing what combination of distribution
lemmas says that if the support of a distribution d is all of a type t
and some element of t doesn't satisfy a predicate P, that mu d P
< 1.
Maybe the following lemma would be useful addition to EC Library, as it works well with dexcepted_ll? lemma mu_except ['a] (d : 'a distr, y : 'a, P : 'a -> bool) : is_lossless d => support d = predT => ! P y => mu d P < 1%r. (Francois just used this logic in IdealPRP.ec; as he says, maybe we should be using that instead of RP.ec.)
lemma mu_except ['a] (d : 'a distr, y : 'a, P : 'a -> bool) : in_supp y d => ! P y => mu d P < mu d predT. And simplified use of it.
syntax. I haven't updated the files in the "core" subdirectory, several of which are now failing to parse.
New and improved functor system really helped with debugging.
Drop '=' as notation for assignments
Issues remain with Jasmin standard libs
- Rewriting no longer performs head delta before matching - Rework of number libs and algebraic instances
Can't dive into prefix-based hell right now.
Tracking down an issue with pRHL producing ill-formed formulas
Use standard library find, map on finite maps.
|
History now replayed (and fiddled with in that one merge commit that git insisted on resolving using a different strategy) on top of |
|
Alright, @strub. This now checks SHA3 (with Alt-Ergo 2.4). I'm still not 100% sure I like the whole history being dropped in and (later) mingled into other proofs' histories, but if this is going to be the repo of reference for these proofs, then the history is good to keep. Perhaps a good halfway point would be to have one repo per proof with history, but with the folder structure we'd like to ultimately have in here (so the subtree is easy), and integrate proofs here as squashed subtrees via GitHub actions? |
This merges in the core proof and config files for the SHA3 security proof.
The proof currently fails with default config (but it should pass with Alt-Ergo 2.4.2) and the config file retains some jasmin-related gunk.
I can amend the folder structure while preserving history if desired, which we should discuss.