lilliput-ae-reference-implementation

Implementations of Lilliput-AE submitted to the NIST LWC standardization process
git clone https://git.kevinlegouguec.net/lilliput-ae-reference-implementation
Log | Files | Refs | README
commit b36b15af3c8e8f1846b82da0ca1942e610666e2f
parent c1a5a0614b78a30405626847dd32e442f34b48ac
Author: Kévin Le Gouguec <kevin.legouguec@airbus.com>
Date:   Wed, 21 Nov 2018 14:18:25 +0100

Ébauche du code de la partie TBC

I.e. définition des fonctions de haut-niveau ; reste à implémenter les
fonctions en-dessous, et les sorties de debug.

Diffstat:

Mcrypto_aead/lilliputaei128v1/ref/Makefile | 11++++++++---


Acrypto_aead/lilliputaei128v1/ref/cipher.c | 103+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Acrypto_aead/lilliputaei128v1/ref/cipher.h | 27+++++++++++++++++++++++++++


Mcrypto_aead/lilliputaei128v1/ref/parameters.h | 2++


Mcrypto_aead/lilliputaei128v1/ref/test/helpers.h | 3---


Mcrypto_aead/lilliputaei128v1/ref/test/test-cipher.c | 2+-


6 files changed, 141 insertions(+), 7 deletions(-)

diff --git a/crypto_aead/lilliputaei128v1/ref/Makefile b/crypto_aead/lilliputaei128v1/ref/Makefile
@@ -1,5 +1,3 @@
-# TODO: should add order-only prerequisites to remove mkdirs inside recipes
-
 tests = test-tweakey test-cipher
 
 .PHONY: clean test $(tests)
@@ -29,10 +27,17 @@ $(tests): %: results/%
 	diff -ru test/$*-ref results/$@-output
 
 
+results/test-cipher: results/cipher.o results/tweakey.o results/constants.o | results
 results/test-tweakey: results/tweakey.o results/constants.o | results
 
-results/test-tweakey.o: tweakey.h parameters.h
+results/test-*.o: test/helpers.h parameters.h
+results/test-cipher.o: cipher.h
+results/test-tweakey.o: tweakey.h
+
+resutls/cipher.o: cipher.h tweakey.h constants.h parameters.h
 results/tweakey.o: tweakey.h constants.h parameters.h
 results/constants.o: constants.h
 
+# TODO: should add order-only prerequisites to remove mkdirs inside recipes
 # TODO: add valgrind, although it does not seem to play well with ASAN
+# TODO: should use gcc -M... to generate .o -> .h dependencies
diff --git a/crypto_aead/lilliputaei128v1/ref/cipher.c b/crypto_aead/lilliputaei128v1/ref/cipher.c
@@ -0,0 +1,103 @@
+#include <stdbool.h>
+#include <stdint.h>
+#include <stdio.h>              /* debug */
+#include <string.h>
+
+#include "cipher.h"
+#include "parameters.h"
+#include "tweakey.h"
+
+
+struct cipher_state
+{
+    uint8_t X[BLOCK_BYTES];
+    FILE* debug;
+};
+
+
+typedef struct cipher_state cipher_state;
+
+
+static void _state_init(cipher_state *X, const uint8_t message[BLOCK_BYTES], FILE* debug)
+{
+    memcpy(X->X, message, sizeof(X->X));
+    X->debug = debug;
+}
+
+
+static void _compute_round_tweakeys(
+    const uint8_t key[KEY_BYTES],
+    const uint8_t tweak[TWEAK_BYTES],
+    uint8_t RTK[ROUNDS][ROUND_TWEAKEY_BYTES]
+)
+{
+    tweakey_state TK;
+    tweakey_state_init(&TK, key, tweak, NULL);
+    tweakey_state_extract(&TK, RTK[0], 0);
+
+    for (uint8_t i=1; i<ROUNDS; i++)
+    {
+        tweakey_state_update(&TK);
+        tweakey_state_extract(&TK, RTK[i], i);
+    }
+}
+
+
+static void _nonlinear_layer(__attribute__((unused)) cipher_state *X, __attribute__((unused)) const uint8_t RTK[ROUND_TWEAKEY_BYTES])
+{
+
+}
+
+static void _linear_layer(__attribute__((unused)) cipher_state *X)
+{
+
+}
+
+static void _permutation_layer(__attribute__((unused)) cipher_state *X)
+{
+
+}
+
+static void _one_round_egfn(cipher_state *X, const uint8_t RTK[ROUND_TWEAKEY_BYTES], bool permute)
+{
+    _nonlinear_layer(X, RTK);
+    _linear_layer(X);
+    if (permute)
+    {
+        _permutation_layer(X);
+    }
+}
+
+
+void lilliput_tbc_encrypt(
+    const uint8_t key[KEY_BYTES],
+    const uint8_t tweak[TWEAK_BYTES],
+    const uint8_t message[BLOCK_BYTES],
+    uint8_t ciphertext[BLOCK_BYTES],
+    FILE *debug
+)
+{
+    cipher_state X;
+    _state_init(&X, message, debug);
+
+    uint8_t RTK[ROUNDS][ROUND_TWEAKEY_BYTES];
+    _compute_round_tweakeys(key, tweak, RTK);
+
+    for (uint8_t i=0; i<ROUNDS; i++)
+    {
+        _one_round_egfn(&X, RTK[i], i<ROUNDS-1);
+    }
+
+    memcpy(ciphertext, X.X, BLOCK_BYTES);
+}
+
+void lilliput_tbc_decrypt(
+    __attribute__((unused)) const uint8_t key[KEY_BYTES],
+    __attribute__((unused)) const uint8_t tweak[TWEAK_BYTES],
+    __attribute__((unused)) const uint8_t ciphertext[BLOCK_BYTES],
+    __attribute__((unused)) uint8_t message[BLOCK_BYTES],
+    __attribute__((unused)) FILE *debug
+)
+{
+
+}
diff --git a/crypto_aead/lilliputaei128v1/ref/cipher.h b/crypto_aead/lilliputaei128v1/ref/cipher.h
@@ -0,0 +1,27 @@
+#pragma once
+
+#include <stdio.h>              /* debug */
+#include <stdint.h>
+
+#include "parameters.h"
+
+
+#define BLOCK_LENGTH_BITS 128
+#define BLOCK_BYTES (BLOCK_LENGTH_BITS/8)
+
+
+void lilliput_tbc_encrypt(
+    const uint8_t key[KEY_BYTES],
+    const uint8_t tweak[TWEAK_BYTES],
+    const uint8_t message[BLOCK_BYTES],
+    uint8_t ciphertext[BLOCK_BYTES],
+    FILE *debug
+);
+
+void lilliput_tbc_decrypt(
+    const uint8_t key[KEY_BYTES],
+    const uint8_t tweak[TWEAK_BYTES],
+    const uint8_t ciphertext[BLOCK_BYTES],
+    uint8_t message[BLOCK_BYTES],
+    FILE *debug
+);
diff --git a/crypto_aead/lilliputaei128v1/ref/parameters.h b/crypto_aead/lilliputaei128v1/ref/parameters.h
@@ -12,3 +12,5 @@
 #define KEY_BYTES           (KEY_LENGTH_BITS/8)
 #define TWEAKEY_BYTES       (TWEAKEY_LENGTH_BITS/8)
 #define ROUND_TWEAKEY_BYTES (ROUND_TWEAKEY_LENGTH_BITS/8)
+
+#define ROUNDS 32
diff --git a/crypto_aead/lilliputaei128v1/ref/test/helpers.h b/crypto_aead/lilliputaei128v1/ref/test/helpers.h
@@ -10,9 +10,6 @@
 #define ARRAY_END(A) (A+ARRAY_NB(A))
 
 
-#define ROUNDS 32
-
-
 struct vector_input
 {
     char * name;
diff --git a/crypto_aead/lilliputaei128v1/ref/test/test-cipher.c b/crypto_aead/lilliputaei128v1/ref/test/test-cipher.c
@@ -1,7 +1,7 @@
 #include <inttypes.h>
 #include <stdio.h>
 
-#include "constants.h"
+#include "cipher.h"
 
 #include "helpers.h"