This repository contains the reference implementation and auxiliary scripts for Polocolo, a ZK-friendly hash function based on power residue S-boxes. This work was presented at Eurocrypt 2025.
The full paper is available at eprint 2025/926.
This repository is organized as follows:
-
param_gen.sage: A SageMath script for generating the round constants and the permutation$\sigma$ . -
MDS_generator.sage: A SageMath script for generating efficient MDS matrices using Algorithm 1. This script includes several optimizations for performance. -
plain/: A directory containing the pure Rust implementation of the Polocolo primitive. -
GB/: A directory containing implementations of Gröbner Basis attacks for security evaluation.
This repository is intended for research and experimental verification purposes only**. The code provided here has not undergone a professional security audit and is not guaranteed to be secure.
The authors and contributors assume no liability for any damages or security breaches resulting from the use of this code. Use at your own risk.