Keccak256 in Miden Assembly

[itzmeanjan]

Progress

• θ; see here
• ρ; see here
• π; see here
• χ; see here
• ι; see here
• round; see here
• keccak-p[1600, 24]; see here
• keccak256 hash function; see here

[itzmeanjan]

VM cycle count when applying keccak-p[1600, 24]: 134,355

[itzmeanjan]

VM cycle count for computing keccak256 2-to-1 hash: 149,370

[itzmeanjan]

For understanding bit interleaving technique, which is leveraged in this implementation so that using only 32 -bit bitwise operations keccak256 hash can be computed, I suggest you read section 2.1 of https://keccak.team/files/Keccak-implementation-3.2.pdf

[bobbinth]

Thank you! Looks great! One small thing:

I'm assuming testing this would take quite a bit of time. Could we add the ignore attribute for the test so that it is run only when we want to run it explicitly? We can remove this attribute later once we improve script compilation times.

Also, some optimization thoughts for the future:

1. Once we have u64 module fully implemented in stdlib we might simplify the code a bit.
2. I noticed that pattern of popw followed by pushw is used quite frequently. We could reduce the number of cycles by using storew followed by loadw instead.
3. In some cases, it might make sense to use load and store (for single elements) rather the variants for full words followed by stack manipulations.

[itzmeanjan]

Thanks for reviewing !

I'm assuming testing this would take quite a bit of time. Could we add the ignore attribute for the test so that it is run only when we want to run it explicitly? We can remove this attribute later once we improve script compilation times.

Fixed here 4bf82a9

Also, some optimization thoughts for the future:

Noted down, I'll apply them when I revisit the problem.

[bobbinth]

All looks good! thank you!