forked from o1-labs/proof-systems
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsponge_cost.sage
More file actions
25 lines (18 loc) · 805 Bytes
/
sponge_cost.sage
File metadata and controls
25 lines (18 loc) · 805 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
import math
def grobner_complexity(state_size, alpha, rounds_full, rounds_partial):
num_vars = (state_size - 1) * rounds_full + rounds_partial
num_equations = num_vars
d_reg = (1 + num_equations * (alpha - 1)) // 2
return math.log(binomial(num_vars + d_reg, d_reg) ** 2, 2)
security = 128
def interpolation_rounds_lower_bound(state_size, alpha):
return 1 + security * math.log(2, alpha) + math.log(state_size, alpha)
rounds_full = 8
rounds_partial = 30
# security margin
rounds_full = int(rounds_full / 1.25)
rounds_partial = int(rounds_partial / 1.075)
state_size = 3 # the state size
alpha = 17
assert (rounds_full + rounds_partial >= interpolation_rounds_lower_bound(state_size, alpha))
assert (security <= grobner_complexity(state_size, alpha, rounds_full, rounds_partial))