NameError: name 'k' is not defined
ambiso opened this issue · 1 comments
Running the estimator I get the following output:
$ python estimate_code_based_nist_schemes.py
Estimating McEliece
Unrestricted estimates
Parameter Set 1
Computing estimates |################################| 6/6
Computing BJMM-dw estimate...done!
Parameter Set 2
Computing estimates |################################| 6/6
Computing BJMM-dw estimate...done!
Parameter Set 3
Computing estimates |################################| 6/6
Computing BJMM-dw estimate...done!
Parameter Set 4
Computing estimates |################################| 6/6
Computing BJMM-dw estimate...done!
Parameter Set 5
Computing estimates |################################| 6/6
Computing BJMM-dw estimate...done!
Memory < 2^60 bit
Parameter Set 1
Computing estimates |################################| 6/6
Computing BJMM-dw estimate...done!
Parameter Set 2
Computing estimates |################################| 6/6
Computing BJMM-dw estimate...done!
Parameter Set 3
Computing estimates |################################| 6/6
Computing BJMM-dw estimate...done!
Parameter Set 4
Computing estimates |################################| 6/6
Computing BJMM-dw estimate...done!
Parameter Set 5
Computing estimates |################################| 6/6
Computing BJMM-dw estimate...done!
Traceback (most recent call last):
File "/home/user/syndrome_decoding_estimator/estimate_code_based_nist_schemes.py", line 263, in <module>
args.compute()
File "/home/user/syndrome_decoding_estimator/estimate_code_based_nist_schemes.py", line 151, in estimate_mceliece
add_mem_restricted_estimate_to_tables(McEliece_tbls, McEliece_params, 60, [[4, 11] for i in range(5)])
File "/home/user/syndrome_decoding_estimator/estimate_code_based_nist_schemes.py", line 117, in add_mem_restricted_estimate_to_tables
time = min([estimates[i][j]["time"] for j in estimates[i].keys()])-key_sec*log2(k)-quasi_cyclic*log2(k)/2
^
NameError: name 'k' is not defined
Reverting commit 1ea21a65bd10b6cb7d8d2d366611292b4af9b41e as a workaround fixed the issue (it no longer crashes), but the commit message states fixed cyclicity speedup in case of memory-access cost, so this may not be the correct thing to do.
Should the k be from the respective parameter set?
If so, then I believe the following would fix the issue:
diff --git a/estimate_code_based_nist_schemes.py b/estimate_code_based_nist_schemes.py
index 55f544e..c4d7ff2 100644
--- a/estimate_code_based_nist_schemes.py
+++ b/estimate_code_based_nist_schemes.py
@@ -114,10 +114,12 @@ def add_mem_restricted_estimate_to_tables(tbls, params, mem, p_range=0,memory_ac
best_algs = []
for i in range(len(estimates)):
- time = min([estimates[i][j]["time"] for j in estimates[i].keys()])-key_sec*log2(k)-quasi_cyclic*log2(k)/2
+ time = min([estimates[i][j]["time"] for j in estimates[i].keys()])
+ k = params[i]['k']
+ corrected_time = time-key_sec*log2(k)-quasi_cyclic*log2(k)/2
memory = estimates[i][[j for j in estimates[i].keys() if estimates[i][j]["time"] == time][0]]["memory"]
best_algs.append([j for j in estimates[i].keys() if estimates[i][j]["time"] == time][0])
- tbls[i + 1].add_row([cr(time), cr(memory)])
+ tbls[i + 1].add_row([cr(corrected_time), cr(memory)])
print(best_algs)Note the newly introduced k = params[i]['k'] and the corrected_time variable. The latter is necessary because previously the list expressions for memory and best_algs were searching for the corrected time (which never appeared in the estimates).
With this change the script runs through on my machine and the outputs seem to match the numbers reported in the paper (at least as far as I manually checked them).
Thank you for reporting that issue.
I reviewed and implemented your changes as suggested.
Also let me point out that there is a more recent repo maintained more actively that incorporates the syndrome decoding estimator source code (with some improvements as well as other estimators), this project is available at: https://github.com/Crypto-TII/CryptographicEstimators and is actively looking for contributers.