diff options
| author | Kévin Le Gouguec <kevin.legouguec@airbus.com> | 2018-11-21 10:29:44 +0100 |
|---|---|---|
| committer | Kévin Le Gouguec <kevin.legouguec@airbus.com> | 2018-11-21 10:29:44 +0100 |
| commit | 1b70dc0fdb7c445f526a51ced73e531ac31cf438 (patch) | |
| tree | 5667abd2324b77c15e4af958eca7aeeaf5960387 | |
| parent | 59369b8bfe208ba5a353c0985ad7c8d421cc9988 (diff) | |
| download | lilliput-ae-implem-1b70dc0fdb7c445f526a51ced73e531ac31cf438.tar.xz | |
Implémentation de la multiplication du tweakey
5 files changed, 230 insertions, 1 deletions
diff --git a/crypto_aead/lilliputaei128v1/ref/constants.c b/crypto_aead/lilliputaei128v1/ref/constants.c index ef9f1a7..48fc107 100644 --- a/crypto_aead/lilliputaei128v1/ref/constants.c +++ b/crypto_aead/lilliputaei128v1/ref/constants.c @@ -4,3 +4,210 @@ const uint8_t h[8] = { 4, 0, 1, 5, 2, 6, 3, 7 }; + +const uint8_t P[6][256] = { + [0] = { + 0, 2, 4, 6, 8, 10, 12, 14, + 16, 18, 20, 22, 24, 26, 28, 30, + 32, 34, 36, 38, 40, 42, 44, 46, + 48, 50, 52, 54, 56, 58, 60, 62, + 64, 66, 68, 70, 72, 74, 76, 78, + 80, 82, 84, 86, 88, 90, 92, 94, + 96, 98, 100, 102, 104, 106, 108, 110, + 112, 114, 116, 118, 120, 122, 124, 126, + 132, 134, 128, 130, 140, 142, 136, 138, + 148, 150, 144, 146, 156, 158, 152, 154, + 164, 166, 160, 162, 172, 174, 168, 170, + 180, 182, 176, 178, 188, 190, 184, 186, + 196, 198, 192, 194, 204, 206, 200, 202, + 212, 214, 208, 210, 220, 222, 216, 218, + 228, 230, 224, 226, 236, 238, 232, 234, + 244, 246, 240, 242, 252, 254, 248, 250, + 129, 131, 133, 135, 137, 139, 141, 143, + 145, 147, 149, 151, 153, 155, 157, 159, + 161, 163, 165, 167, 169, 171, 173, 175, + 177, 179, 181, 183, 185, 187, 189, 191, + 193, 195, 197, 199, 201, 203, 205, 207, + 209, 211, 213, 215, 217, 219, 221, 223, + 225, 227, 229, 231, 233, 235, 237, 239, + 241, 243, 245, 247, 249, 251, 253, 255, + 5, 7, 1, 3, 13, 15, 9, 11, + 21, 23, 17, 19, 29, 31, 25, 27, + 37, 39, 33, 35, 45, 47, 41, 43, + 53, 55, 49, 51, 61, 63, 57, 59, + 69, 71, 65, 67, 77, 79, 73, 75, + 85, 87, 81, 83, 93, 95, 89, 91, + 101, 103, 97, 99, 109, 111, 105, 107, + 117, 119, 113, 115, 125, 127, 121, 123 + }, + [1] = { + 0, 4, 8, 12, 16, 20, 24, 28, + 32, 36, 40, 44, 48, 52, 56, 60, + 64, 68, 72, 76, 80, 84, 88, 92, + 96, 100, 104, 108, 112, 116, 120, 124, + 132, 128, 140, 136, 148, 144, 156, 152, + 164, 160, 172, 168, 180, 176, 188, 184, + 196, 192, 204, 200, 212, 208, 220, 216, + 228, 224, 236, 232, 244, 240, 252, 248, + 137, 141, 129, 133, 153, 157, 145, 149, + 169, 173, 161, 165, 185, 189, 177, 181, + 201, 205, 193, 197, 217, 221, 209, 213, + 233, 237, 225, 229, 249, 253, 241, 245, + 13, 9, 5, 1, 29, 25, 21, 17, + 45, 41, 37, 33, 61, 57, 53, 49, + 77, 73, 69, 65, 93, 89, 85, 81, + 109, 105, 101, 97, 125, 121, 117, 113, + 131, 135, 139, 143, 147, 151, 155, 159, + 163, 167, 171, 175, 179, 183, 187, 191, + 195, 199, 203, 207, 211, 215, 219, 223, + 227, 231, 235, 239, 243, 247, 251, 255, + 7, 3, 15, 11, 23, 19, 31, 27, + 39, 35, 47, 43, 55, 51, 63, 59, + 71, 67, 79, 75, 87, 83, 95, 91, + 103, 99, 111, 107, 119, 115, 127, 123, + 10, 14, 2, 6, 26, 30, 18, 22, + 42, 46, 34, 38, 58, 62, 50, 54, + 74, 78, 66, 70, 90, 94, 82, 86, + 106, 110, 98, 102, 122, 126, 114, 118, + 142, 138, 134, 130, 158, 154, 150, 146, + 174, 170, 166, 162, 190, 186, 182, 178, + 206, 202, 198, 194, 222, 218, 214, 210, + 238, 234, 230, 226, 254, 250, 246, 242 + }, + [2] = { + 0, 8, 16, 24, 32, 40, 48, 56, + 64, 72, 80, 88, 96, 104, 112, 120, + 132, 140, 148, 156, 164, 172, 180, 188, + 196, 204, 212, 220, 228, 236, 244, 252, + 137, 129, 153, 145, 169, 161, 185, 177, + 201, 193, 217, 209, 233, 225, 249, 241, + 13, 5, 29, 21, 45, 37, 61, 53, + 77, 69, 93, 85, 109, 101, 125, 117, + 147, 155, 131, 139, 179, 187, 163, 171, + 211, 219, 195, 203, 243, 251, 227, 235, + 23, 31, 7, 15, 55, 63, 39, 47, + 87, 95, 71, 79, 119, 127, 103, 111, + 26, 18, 10, 2, 58, 50, 42, 34, + 90, 82, 74, 66, 122, 114, 106, 98, + 158, 150, 142, 134, 190, 182, 174, 166, + 222, 214, 206, 198, 254, 246, 238, 230, + 135, 143, 151, 159, 167, 175, 183, 191, + 199, 207, 215, 223, 231, 239, 247, 255, + 3, 11, 19, 27, 35, 43, 51, 59, + 67, 75, 83, 91, 99, 107, 115, 123, + 14, 6, 30, 22, 46, 38, 62, 54, + 78, 70, 94, 86, 110, 102, 126, 118, + 138, 130, 154, 146, 170, 162, 186, 178, + 202, 194, 218, 210, 234, 226, 250, 242, + 20, 28, 4, 12, 52, 60, 36, 44, + 84, 92, 68, 76, 116, 124, 100, 108, + 144, 152, 128, 136, 176, 184, 160, 168, + 208, 216, 192, 200, 240, 248, 224, 232, + 157, 149, 141, 133, 189, 181, 173, 165, + 221, 213, 205, 197, 253, 245, 237, 229, + 25, 17, 9, 1, 57, 49, 41, 33, + 89, 81, 73, 65, 121, 113, 105, 97 + }, + [3] = { + 0, 132, 1, 133, 3, 135, 2, 134, + 4, 128, 5, 129, 7, 131, 6, 130, + 8, 140, 9, 141, 11, 143, 10, 142, + 12, 136, 13, 137, 15, 139, 14, 138, + 16, 148, 17, 149, 19, 151, 18, 150, + 20, 144, 21, 145, 23, 147, 22, 146, + 24, 156, 25, 157, 27, 159, 26, 158, + 28, 152, 29, 153, 31, 155, 30, 154, + 32, 164, 33, 165, 35, 167, 34, 166, + 36, 160, 37, 161, 39, 163, 38, 162, + 40, 172, 41, 173, 43, 175, 42, 174, + 44, 168, 45, 169, 47, 171, 46, 170, + 48, 180, 49, 181, 51, 183, 50, 182, + 52, 176, 53, 177, 55, 179, 54, 178, + 56, 188, 57, 189, 59, 191, 58, 190, + 60, 184, 61, 185, 63, 187, 62, 186, + 64, 196, 65, 197, 67, 199, 66, 198, + 68, 192, 69, 193, 71, 195, 70, 194, + 72, 204, 73, 205, 75, 207, 74, 206, + 76, 200, 77, 201, 79, 203, 78, 202, + 80, 212, 81, 213, 83, 215, 82, 214, + 84, 208, 85, 209, 87, 211, 86, 210, + 88, 220, 89, 221, 91, 223, 90, 222, + 92, 216, 93, 217, 95, 219, 94, 218, + 96, 228, 97, 229, 99, 231, 98, 230, + 100, 224, 101, 225, 103, 227, 102, 226, + 104, 236, 105, 237, 107, 239, 106, 238, + 108, 232, 109, 233, 111, 235, 110, 234, + 112, 244, 113, 245, 115, 247, 114, 246, + 116, 240, 117, 241, 119, 243, 118, 242, + 120, 252, 121, 253, 123, 255, 122, 254, + 124, 248, 125, 249, 127, 251, 126, 250 + }, + [4] = { + 0, 165, 67, 230, 199, 98, 132, 33, + 133, 32, 198, 99, 66, 231, 1, 164, + 3, 166, 64, 229, 196, 97, 135, 34, + 134, 35, 197, 96, 65, 228, 2, 167, + 4, 161, 71, 226, 195, 102, 128, 37, + 129, 36, 194, 103, 70, 227, 5, 160, + 7, 162, 68, 225, 192, 101, 131, 38, + 130, 39, 193, 100, 69, 224, 6, 163, + 8, 173, 75, 238, 207, 106, 140, 41, + 141, 40, 206, 107, 74, 239, 9, 172, + 11, 174, 72, 237, 204, 105, 143, 42, + 142, 43, 205, 104, 73, 236, 10, 175, + 12, 169, 79, 234, 203, 110, 136, 45, + 137, 44, 202, 111, 78, 235, 13, 168, + 15, 170, 76, 233, 200, 109, 139, 46, + 138, 47, 201, 108, 77, 232, 14, 171, + 16, 181, 83, 246, 215, 114, 148, 49, + 149, 48, 214, 115, 82, 247, 17, 180, + 19, 182, 80, 245, 212, 113, 151, 50, + 150, 51, 213, 112, 81, 244, 18, 183, + 20, 177, 87, 242, 211, 118, 144, 53, + 145, 52, 210, 119, 86, 243, 21, 176, + 23, 178, 84, 241, 208, 117, 147, 54, + 146, 55, 209, 116, 85, 240, 22, 179, + 24, 189, 91, 254, 223, 122, 156, 57, + 157, 56, 222, 123, 90, 255, 25, 188, + 27, 190, 88, 253, 220, 121, 159, 58, + 158, 59, 221, 120, 89, 252, 26, 191, + 28, 185, 95, 250, 219, 126, 152, 61, + 153, 60, 218, 127, 94, 251, 29, 184, + 31, 186, 92, 249, 216, 125, 155, 62, + 154, 63, 217, 124, 93, 248, 30, 187 + }, + [5] = { + 0, 215, 165, 114, 230, 49, 67, 148, + 199, 16, 98, 181, 33, 246, 132, 83, + 133, 82, 32, 247, 99, 180, 198, 17, + 66, 149, 231, 48, 164, 115, 1, 214, + 3, 212, 166, 113, 229, 50, 64, 151, + 196, 19, 97, 182, 34, 245, 135, 80, + 134, 81, 35, 244, 96, 183, 197, 18, + 65, 150, 228, 51, 167, 112, 2, 213, + 4, 211, 161, 118, 226, 53, 71, 144, + 195, 20, 102, 177, 37, 242, 128, 87, + 129, 86, 36, 243, 103, 176, 194, 21, + 70, 145, 227, 52, 160, 119, 5, 210, + 7, 208, 162, 117, 225, 54, 68, 147, + 192, 23, 101, 178, 38, 241, 131, 84, + 130, 85, 39, 240, 100, 179, 193, 22, + 69, 146, 224, 55, 163, 116, 6, 209, + 8, 223, 173, 122, 238, 57, 75, 156, + 207, 24, 106, 189, 41, 254, 140, 91, + 141, 90, 40, 255, 107, 188, 206, 25, + 74, 157, 239, 56, 172, 123, 9, 222, + 11, 220, 174, 121, 237, 58, 72, 159, + 204, 27, 105, 190, 42, 253, 143, 88, + 142, 89, 43, 252, 104, 191, 205, 26, + 73, 158, 236, 59, 175, 120, 10, 221, + 12, 219, 169, 126, 234, 61, 79, 152, + 203, 28, 110, 185, 45, 250, 136, 95, + 137, 94, 44, 251, 111, 184, 202, 29, + 78, 153, 235, 60, 168, 127, 13, 218, + 15, 216, 170, 125, 233, 62, 76, 155, + 200, 31, 109, 186, 46, 249, 139, 92, + 138, 93, 47, 248, 108, 187, 201, 30, + 77, 154, 232, 63, 171, 124, 14, 217 + }, +}; diff --git a/crypto_aead/lilliputaei128v1/ref/constants.h b/crypto_aead/lilliputaei128v1/ref/constants.h index c329896..109f1c5 100644 --- a/crypto_aead/lilliputaei128v1/ref/constants.h +++ b/crypto_aead/lilliputaei128v1/ref/constants.h @@ -1,4 +1,9 @@ #include <stdint.h> +/* Tweakey permutation */ extern const uint8_t h[8]; + +/* Tweakey multiplication */ +extern const uint8_t P[6][256]; + diff --git a/crypto_aead/lilliputaei128v1/ref/test/tweakey-ref/tweakey_order.txt b/crypto_aead/lilliputaei128v1/ref/test/tweakey-ref/tweakey_order.txt index 2cf22ed..b727244 100644 --- a/crypto_aead/lilliputaei128v1/ref/test/tweakey-ref/tweakey_order.txt +++ b/crypto_aead/lilliputaei128v1/ref/test/tweakey-ref/tweakey_order.txt @@ -1017,3 +1017,4 @@ Tweakey Schedule Subtweakey : a7 8f ba ae 9b 86 92 ac + diff --git a/crypto_aead/lilliputaei128v1/ref/test/tweakey-ref/tweakey_random.txt b/crypto_aead/lilliputaei128v1/ref/test/tweakey-ref/tweakey_random.txt index f1d5243..529e39d 100644 --- a/crypto_aead/lilliputaei128v1/ref/test/tweakey-ref/tweakey_random.txt +++ b/crypto_aead/lilliputaei128v1/ref/test/tweakey-ref/tweakey_random.txt @@ -1017,3 +1017,4 @@ Tweakey Schedule Subtweakey : ac a6 f2 f1 39 5e e3 e6 + diff --git a/crypto_aead/lilliputaei128v1/ref/tweakey.c b/crypto_aead/lilliputaei128v1/ref/tweakey.c index d7a5805..71bc030 100644 --- a/crypto_aead/lilliputaei128v1/ref/tweakey.c +++ b/crypto_aead/lilliputaei128v1/ref/tweakey.c @@ -8,6 +8,7 @@ #define LANE_BITS 64 #define LANE_BYTES (LANE_BITS/8) +#define LANES_NB (TWEAKEY_BYTES/LANE_BYTES) static void _dump_buffer(FILE *output, size_t len, const uint8_t buf[len], int indent) @@ -90,8 +91,22 @@ static void _permute_state(tweakey_state *TK) } } -static void _multiply_state(__attribute__((unused)) tweakey_state *TK) +static void _multiply_state(tweakey_state *TK) { + /* Lane 0 is multiplied by Id; lane 1 by P_0, lane 2 by P_1... */ + + for (size_t lane=1; lane<LANES_NB; lane++) + { + const uint8_t* P_lane = P[lane-1]; + + /* TODO: homogenize indices; here b=byte */ + + for (size_t b=0; b<LANE_BYTES; b++) + { + size_t offset = lane*LANE_BYTES + b; + TK->TK[offset] = P_lane[TK->TK[offset]]; + } + } } void tweakey_state_update(tweakey_state *TK) |