Merge pull request #671 from cryspen/jonas/invntt-butterfly

More efficient butterfly in inverse NTT layers 0-2

libcrux-intrinsics/src/avx2.rs

@@ -549,8 +549,8 @@ pub fn mm256_set_epi64x(input3: i64, input2: i64, input1: i64, input0: i64) -> V
 }
 
 #[inline(always)]
-pub fn mm256_unpacklo_epi64(a: Vec256, b: Vec256) -> Vec256 {
-    unsafe { _mm256_unpacklo_epi64(a, b) }
+pub fn mm256_unpacklo_epi64(lhs: Vec256, rhs: Vec256) -> Vec256 {
+    unsafe { _mm256_unpacklo_epi64(lhs, rhs) }
 }
 
 #[inline(always)]

libcrux-ml-dsa/proofs/fstar/extraction/Libcrux_ml_dsa.Ntt.fsti

@@ -9,73 +9,7 @@ let _ =
   let open Libcrux_ml_dsa.Simd.Traits in
   ()
 
-let invert_ntt_at_layer_3___STEP: usize = sz 8
-
-let invert_ntt_at_layer_3___STEP_BY: usize = sz 1
-
-let invert_ntt_at_layer_4___STEP: usize = sz 16
-
-let invert_ntt_at_layer_4___STEP_BY: usize = sz 2
-
-let invert_ntt_at_layer_5___STEP: usize = sz 32
-
-let invert_ntt_at_layer_5___STEP_BY: usize = sz 4
-
-let invert_ntt_at_layer_6___STEP: usize = sz 64
-
-let invert_ntt_at_layer_6___STEP_BY: usize = sz 8
-
-let invert_ntt_at_layer_7___STEP: usize = sz 128
-
-let invert_ntt_at_layer_7___STEP_BY: usize = sz 16
-
-val invert_ntt_at_layer_0___round
-      (#v_SIMDUnit: Type0)
-      {| i1: Libcrux_ml_dsa.Simd.Traits.t_Operations v_SIMDUnit |}
-      (re: Libcrux_ml_dsa.Polynomial.t_PolynomialRingElement v_SIMDUnit)
-      (index: usize)
-      (zeta_0_ zeta_1_ zeta_2_ zeta_3_: i32)
-    : Prims.Pure (Libcrux_ml_dsa.Polynomial.t_PolynomialRingElement v_SIMDUnit)
-      Prims.l_True
-      (fun _ -> Prims.l_True)
-
-val invert_ntt_at_layer_0_
-      (#v_SIMDUnit: Type0)
-      {| i1: Libcrux_ml_dsa.Simd.Traits.t_Operations v_SIMDUnit |}
-      (re: Libcrux_ml_dsa.Polynomial.t_PolynomialRingElement v_SIMDUnit)
-    : Prims.Pure (Libcrux_ml_dsa.Polynomial.t_PolynomialRingElement v_SIMDUnit)
-      Prims.l_True
-      (fun _ -> Prims.l_True)
-
-val invert_ntt_at_layer_1___round
-      (#v_SIMDUnit: Type0)
-      {| i1: Libcrux_ml_dsa.Simd.Traits.t_Operations v_SIMDUnit |}
-      (re: Libcrux_ml_dsa.Polynomial.t_PolynomialRingElement v_SIMDUnit)
-      (index: usize)
-      (zeta_0_ zeta_1_: i32)
-    : Prims.Pure (Libcrux_ml_dsa.Polynomial.t_PolynomialRingElement v_SIMDUnit)
-      Prims.l_True
-      (fun _ -> Prims.l_True)
-
-val invert_ntt_at_layer_1_
-      (#v_SIMDUnit: Type0)
-      {| i1: Libcrux_ml_dsa.Simd.Traits.t_Operations v_SIMDUnit |}
-      (re: Libcrux_ml_dsa.Polynomial.t_PolynomialRingElement v_SIMDUnit)
-    : Prims.Pure (Libcrux_ml_dsa.Polynomial.t_PolynomialRingElement v_SIMDUnit)
-      Prims.l_True
-      (fun _ -> Prims.l_True)
-
-val invert_ntt_at_layer_2___round
-      (#v_SIMDUnit: Type0)
-      {| i1: Libcrux_ml_dsa.Simd.Traits.t_Operations v_SIMDUnit |}
-      (re: Libcrux_ml_dsa.Polynomial.t_PolynomialRingElement v_SIMDUnit)
-      (index: usize)
-      (zeta: i32)
-    : Prims.Pure (Libcrux_ml_dsa.Polynomial.t_PolynomialRingElement v_SIMDUnit)
-      Prims.l_True
-      (fun _ -> Prims.l_True)
-
-val invert_ntt_at_layer_2_
+val invert_ntt_montgomery
       (#v_SIMDUnit: Type0)
       {| i1: Libcrux_ml_dsa.Simd.Traits.t_Operations v_SIMDUnit |}
       (re: Libcrux_ml_dsa.Polynomial.t_PolynomialRingElement v_SIMDUnit)
@@ -91,64 +25,6 @@ val ntt
       Prims.l_True
       (fun _ -> Prims.l_True)
 
-val outer_3_plus
-      (#v_SIMDUnit: Type0)
-      (v_OFFSET v_STEP_BY: usize)
-      (v_ZETA: i32)
-      {| i1: Libcrux_ml_dsa.Simd.Traits.t_Operations v_SIMDUnit |}
-      (re: Libcrux_ml_dsa.Polynomial.t_PolynomialRingElement v_SIMDUnit)
-    : Prims.Pure (Libcrux_ml_dsa.Polynomial.t_PolynomialRingElement v_SIMDUnit)
-      Prims.l_True
-      (fun _ -> Prims.l_True)
-
-val invert_ntt_at_layer_3_
-      (#v_SIMDUnit: Type0)
-      {| i1: Libcrux_ml_dsa.Simd.Traits.t_Operations v_SIMDUnit |}
-      (re: Libcrux_ml_dsa.Polynomial.t_PolynomialRingElement v_SIMDUnit)
-    : Prims.Pure (Libcrux_ml_dsa.Polynomial.t_PolynomialRingElement v_SIMDUnit)
-      Prims.l_True
-      (fun _ -> Prims.l_True)
-
-val invert_ntt_at_layer_4_
-      (#v_SIMDUnit: Type0)
-      {| i1: Libcrux_ml_dsa.Simd.Traits.t_Operations v_SIMDUnit |}
-      (re: Libcrux_ml_dsa.Polynomial.t_PolynomialRingElement v_SIMDUnit)
-    : Prims.Pure (Libcrux_ml_dsa.Polynomial.t_PolynomialRingElement v_SIMDUnit)
-      Prims.l_True
-      (fun _ -> Prims.l_True)
-
-val invert_ntt_at_layer_5_
-      (#v_SIMDUnit: Type0)
-      {| i1: Libcrux_ml_dsa.Simd.Traits.t_Operations v_SIMDUnit |}
-      (re: Libcrux_ml_dsa.Polynomial.t_PolynomialRingElement v_SIMDUnit)
-    : Prims.Pure (Libcrux_ml_dsa.Polynomial.t_PolynomialRingElement v_SIMDUnit)
-      Prims.l_True
-      (fun _ -> Prims.l_True)
-
-val invert_ntt_at_layer_6_
-      (#v_SIMDUnit: Type0)
-      {| i1: Libcrux_ml_dsa.Simd.Traits.t_Operations v_SIMDUnit |}
-      (re: Libcrux_ml_dsa.Polynomial.t_PolynomialRingElement v_SIMDUnit)
-    : Prims.Pure (Libcrux_ml_dsa.Polynomial.t_PolynomialRingElement v_SIMDUnit)
-      Prims.l_True
-      (fun _ -> Prims.l_True)
-
-val invert_ntt_at_layer_7_
-      (#v_SIMDUnit: Type0)
-      {| i1: Libcrux_ml_dsa.Simd.Traits.t_Operations v_SIMDUnit |}
-      (re: Libcrux_ml_dsa.Polynomial.t_PolynomialRingElement v_SIMDUnit)
-    : Prims.Pure (Libcrux_ml_dsa.Polynomial.t_PolynomialRingElement v_SIMDUnit)
-      Prims.l_True
-      (fun _ -> Prims.l_True)
-
-val invert_ntt_montgomery
-      (#v_SIMDUnit: Type0)
-      {| i1: Libcrux_ml_dsa.Simd.Traits.t_Operations v_SIMDUnit |}
-      (re: Libcrux_ml_dsa.Polynomial.t_PolynomialRingElement v_SIMDUnit)
-    : Prims.Pure (Libcrux_ml_dsa.Polynomial.t_PolynomialRingElement v_SIMDUnit)
-      Prims.l_True
-      (fun _ -> Prims.l_True)
-
 val ntt_multiply_montgomery
       (#v_SIMDUnit: Type0)
       {| i1: Libcrux_ml_dsa.Simd.Traits.t_Operations v_SIMDUnit |}