Bas Westerbaan

> mostly ready You want a review?

@thomwiggers Can you do before/after benchmarks? I’ll take a closer look this week. (I have some more time now :). )

You add a lot of dead code, eg. sha3_384. I'm not so sure that the benchmarks show it doesn't have any impact. Let me double check.

There seems to be a small but significant difference for signing and keygen with shake. ``` sphincs-shake-128f simple using ref Verifying old: [12577888, 12668944, 12147936, 12112128, 12000800, 12747280, 14791232, 11850624,...

I'm not quite sure where the difference comes from. For the `ref` this isn't too bad though. Let me check some of the optimized implementations.

Yup, also some small but significant slowdowns: ``` sphincs-sha2-128s simple using sha2-avx2 Signing 1.130% difference with p=0.00018 old: [1067314720, 1066514816, 1066383520, 1066477008, 1066873056, 1066228848, 1076929952, 1067130848, 1069597024, 1066460864] new: [1079695824,...

> Can you share the script you wrote to generate those statistical comparisons? https://gist.github.com/bwesterb/db8083608aeb4161021a60eeeb84fe71 Pipe the output of `benchmark.py` to `old` and `new` after applying this patch: ``` diff --git...

@thomwiggers Any suggestions how to advance this? (Given you are facing the same troubles with Kyber & Dilithium.)

This purpose of this repo is to be the reference implementation that goes along with the NIST submission. As such it will change, as the submission changes. I think the...

Closing due to inactivity.