Réécriture des commentaires schématiques sur les tweaks

author: Kévin Le Gouguec <kevin.legouguec@airbus.com> 2019-06-27 16:36:11 +0200
committer: Kévin Le Gouguec <kevin.legouguec@airbus.com> 2019-07-05 11:16:58 +0200
commit: c616151cbfdd3c7b3882c16656b4f8af74d48519 (patch)
tree: f666b2efb3acca5fa385a634eff7511d1b0a4707 /src/ref/lilliput-ii.c
parent: 2d6201940ff6cf318ba4117de7c2664643930bd7 (diff)
download: lilliput-ae-implem-c616151cbfdd3c7b3882c16656b4f8af74d48519.tar.xz
1 files changed, 18 insertions, 12 deletions
diff --git a/src/ref/lilliput-ii.c b/src/ref/lilliput-ii.c
index 9ed17a2..bb43d08 100644
--- a/src/ref/lilliput-ii.c
+++ b/src/ref/lilliput-ii.c
@@ -28,12 +28,15 @@ This file implements Lilliput-AE's nonce-misuse-resistant mode based on SCT-2.
 
 static void _init_msg_tweak(const uint8_t tag[TAG_BYTES], uint8_t tweak[TWEAK_BYTES])
 {
-    /* With an s-bit block index, the t-bit tweak is filled as follows:
+    /* The t-bit tweak is filled as follows:
+     *
+     *   1    2                      t
+     * [ 1 || tag[2,t] XOR block index  ]
+     *
+     * The s-bit block index is XORed to the tag as follows:
      *
-     * 1: 1
-     * [     2,   t]: tag[    2,   t] XOR block index
-     *  [    2, t-s]: tag[    2, t-s]
-     *  [t-s+1,   t]: tag[t-s+1,   t] XOR block index
+     *   2       t-s    t-s+1                                  t
+     * [ tag[2, t-s] || tag[t-s+1, t] XOR block index, MSB first ]
      *
      * This function sets bits 1 to t-s once and for all.
      */
@@ -44,12 +47,15 @@ static void _init_msg_tweak(const uint8_t tag[TAG_BYTES], uint8_t tweak[TWEAK_BY
 
 static void _fill_msg_tweak(const uint8_t tag[TAG_BYTES], size_t block_index, uint8_t tweak[TWEAK_BYTES])
 {
-    /* With an s-bit block index, the t-bit tweak is filled as follows:
+    /* The t-bit tweak is filled as follows:
+     *
+     *   1    2                      t
+     * [ 1 || tag[2,t] XOR block index  ]
+     *
+     * The s-bit block index is XORed to the tag as follows:
      *
-     * 1: 1
-     * [     2,   t]: tag + block index
-     *  [    2, t-s]: tag[    2, t-s]
-     *  [t-s+1,   t]: tag[t-s+1,   t] XOR block index
+     *   2       t-s    t-s+1                                  t
+     * [ tag[2, t-s] || tag[t-s+1, t] XOR block index, MSB first ]
      *
      * This function assumes bits 1 to t-s have already been set, and
      * only sets bits t-s+1 to t.
@@ -67,8 +73,8 @@ static void _fill_tag_tweak(const uint8_t N[NONCE_BYTES], uint8_t tweak[TWEAK_BY
 {
     /* The t-bit tweak is filled as follows:
      *
-     * [      1, 8]: 0001||0^4
-     * [t-|N|+1, t]: N
+     *   1  4    5   8    t-|N|+1     t
+     * [ 0001 ||  0^4  ||        nonce  ]
      */
 
     tweak[0] = 0x10;
author	Kévin Le Gouguec <kevin.legouguec@airbus.com>	2019-06-27 16:36:11 +0200
committer	Kévin Le Gouguec <kevin.legouguec@airbus.com>	2019-07-05 11:16:58 +0200
commit	c616151cbfdd3c7b3882c16656b4f8af74d48519 (patch)
tree	f666b2efb3acca5fa385a634eff7511d1b0a4707 /src/ref/lilliput-ii.c
parent	2d6201940ff6cf318ba4117de7c2664643930bd7 (diff)
download	lilliput-ae-implem-c616151cbfdd3c7b3882c16656b4f8af74d48519.tar.xz