diff options
| -rw-r--r-- | python/constant.py | 32 | ||||
| -rw-r--r-- | python/lilliput.py | 108 | ||||
| -rw-r--r-- | python/lilliput_ae_1.py | 284 | ||||
| -rw-r--r-- | python/lilliput_ae_2.py | 277 | ||||
| -rw-r--r-- | python/lilliput_tbc.py | 275 | ||||
| -rw-r--r-- | python/multiplications.py | 175 | ||||
| -rw-r--r-- | python/parameters_i_128.py | 6 | ||||
| -rw-r--r-- | python/parameters_i_192.py | 6 | ||||
| -rw-r--r-- | python/parameters_i_256.py | 6 | ||||
| -rw-r--r-- | python/parameters_ii_128.py | 6 | ||||
| -rw-r--r-- | python/parameters_ii_192.py | 6 | ||||
| -rw-r--r-- | python/parameters_ii_256.py | 6 |
12 files changed, 1187 insertions, 0 deletions
diff --git a/python/constant.py b/python/constant.py new file mode 100644 index 0000000..1bc208c --- /dev/null +++ b/python/constant.py @@ -0,0 +1,32 @@ +Sbox = [32, 0, 178, 133, 59, 53, 166, 164,
+ 48, 228, 106, 44, 255, 89, 226, 14,
+ 248, 30, 122, 128, 21, 189, 62, 177,
+ 232, 243, 162, 194, 218, 81, 42, 16,
+ 33, 1, 35, 120, 92, 36, 39, 181,
+ 55, 199, 43, 31, 174, 10, 119, 95,
+ 111, 9, 157, 129, 4, 90, 41, 220,
+ 57, 156, 5, 87, 151, 116, 121, 23,
+ 68, 198, 230, 233, 221, 65, 242, 138,
+ 84, 202, 110, 74, 225, 173, 182, 136,
+ 28, 152, 126, 206, 99, 73, 58, 93,
+ 12, 239, 246, 52, 86, 37, 46, 214,
+ 103, 117, 85, 118, 184, 210, 97, 217,
+ 113, 139, 205, 11, 114, 108, 49, 75,
+ 105, 253, 123, 109, 96, 60, 47, 98,
+ 63, 34, 115, 19, 201, 130, 127, 83,
+ 50, 18, 160, 124, 2, 135, 132, 134,
+ 147, 78, 104, 70, 141, 195, 219, 236,
+ 155, 183, 137, 146, 167, 190, 61, 216,
+ 234, 80, 145, 241, 51, 56, 224, 169,
+ 163, 131, 161, 27, 207, 6, 149, 7,
+ 158, 237, 185, 245, 76, 192, 244, 45,
+ 22, 250, 180, 3, 38, 179, 144, 79,
+ 171, 101, 252, 254, 20, 247, 227, 148,
+ 238, 172, 140, 26, 222, 203, 40, 64,
+ 125, 200, 196, 72, 107, 223, 165, 82,
+ 229, 251, 215, 100, 249, 240, 211, 94,
+ 102, 150, 143, 29, 69, 54, 204, 197,
+ 77, 159, 191, 15, 209, 8, 235, 67,
+ 66, 25, 231, 153, 168, 142, 88, 193,
+ 154, 212, 24, 71, 170, 175, 188, 91,
+ 213, 17, 208, 176, 112, 187, 13, 186]
diff --git a/python/lilliput.py b/python/lilliput.py new file mode 100644 index 0000000..e090a10 --- /dev/null +++ b/python/lilliput.py @@ -0,0 +1,108 @@ +import lilliput_ae_1 +import lilliput_ae_2 + +import parameters_i_128 as i_128 +import parameters_i_192 as i_192 +import parameters_i_256 as i_256 +import parameters_ii_128 as ii_128 +import parameters_ii_192 as ii_192 +import parameters_ii_256 as ii_256 + +BLOCK_BYTES = 16 +N_BYTES = 15 + +def GetParameters(mode = 1, length = 128) : + if(mode == 1 and length == 128) : + return (i_128.KEY_BITS, i_128.TWEAK_BITS, i_128.ROUNDS) + + if(mode == 1 and length == 192) : + return (i_192.KEY_BITS, i_192.TWEAK_BITS, i_192.ROUNDS) + + if(mode == 1 and length == 256) : + return (i_256.KEY_BITS, i_256.TWEAK_BITS, i_256.ROUNDS) + + if(mode == 2 and length == 128) : + return (ii_128.KEY_BITS, ii_128.TWEAK_BITS, ii_128.ROUNDS) + + if(mode == 2 and length == 192) : + return (ii_192.KEY_BITS, ii_192.TWEAK_BITS, ii_192.ROUNDS) + + if(mode == 2 and length == 256) : + return (ii_256.KEY_BITS, ii_256.TWEAK_BITS, ii_256.ROUNDS) + +def ArrayToBlockbytesMatrix(array) : + length = len(array) + pad = 0 + if(length % BLOCK_BYTES == 0) : + number_blocks = int(length / BLOCK_BYTES) + else : + number_blocks = int((length + (BLOCK_BYTES - (length % BLOCK_BYTES))) / BLOCK_BYTES) + pad = 1 + + matrix = [[0] * BLOCK_BYTES for block in range(0, number_blocks - pad)] + if(pad == 1) : + matrix.append([0] * (length % BLOCK_BYTES)) + + for byte in range(0, length) : + matrix[int(byte / BLOCK_BYTES)][byte % BLOCK_BYTES] = array[byte] + + return matrix + +############################################ + +def mainEnc(mode = 1, length = 128) : + + (key_bits, tweak_bits, rounds) = GetParameters(mode, length) + + + A = [byte for byte in range(0, 16)] + M = [byte for byte in range(0, 17)] + N = [0 for byte in range(0, N_BYTES)] + key = [byte for byte in range(0, int(key_bits/8))] + + A_BITS = 8 * len(A) + M_BITS = 8 * len(M) + + A = ArrayToBlockbytesMatrix(A) + M = ArrayToBlockbytesMatrix(M) + + + if(mode == 1) : + (C, tag) = lilliput_ae_1.OCB3Enc(A, M, N, A_BITS, M_BITS, key, key_bits, tweak_bits, rounds) + if(mode == 2) : + (C, tag) = lilliput_ae_2.SCT2Enc(A, M, N, A_BITS, M_BITS, key, key_bits, tweak_bits, rounds) + for block in range(0,len(C)) : + for byte in C[block] : + print("%02x "%(byte), end="") + for byte in tag : + print("%02x "%(byte), end="") + print() + + +def mainDec(mode = 1, length = 128) : + + (key_bits, tweak_bits, rounds) = GetParameters(mode, length) + + + A = [byte for byte in range(0, 16)] + C = [byte for byte in range(0, 16)] + N = [0 for byte in range(0, N_BYTES)] + key = [byte for byte in range(0, int(key_bits/8))] + tag = [] + + + M_BITS = 8 * len(C) + A_BITS = 8 * len(A) + + A = ArrayToBlockbytesMatrix(A) + C = ArrayToBlockbytesMatrix(C) + + + if(mode == 1) : + M = lilliput_ae_1.OCB3Dec(A, C, N, tag, A_BITS, M_BITS, key, key_bits, tweak_bits, rounds) + if(mode == 2) : + M = lilliput_ae_2.SCT2Dec(A, C, N, tag, A_BITS, M_BITS, key, key_bits, tweak_bits, rounds) + for block in range(0,len(M)) : + for byte in M[block] : + print("%02x "%(byte), end="") + print() diff --git a/python/lilliput_ae_1.py b/python/lilliput_ae_1.py new file mode 100644 index 0000000..4884518 --- /dev/null +++ b/python/lilliput_ae_1.py @@ -0,0 +1,284 @@ +""" + OCB 3 for lilliput ae i +""" + +import lilliput_tbc as ltbc + +BLOCK_BITS = 128 +KEY_BITS = 128 +TWEAK_BITS = 192 +TWEAKEY_BITS = KEY_BITS + TWEAK_BITS +LANE_BITS = 64 +LANES = int((TWEAKEY_BITS) / LANE_BITS) +ROUNDS = 32 + +BLOCK_BYTES = int(BLOCK_BITS / 8) +KEY_BYTES = int(KEY_BITS / 8) +TWEAK_BYTES = int(TWEAK_BITS / 8) +TWEAKEY_BYTES = int(TWEAKEY_BITS / 8) + +A_BITS = BLOCK_BITS +M_BITS = BLOCK_BITS +N_BITS = 120 +N_BYTES = int(N_BITS / 8) + +def InitParameters(key_bits = 128, tweak_bits = 192, rounds = 32) : + global KEY_BITS + global KEY_BYTES + global TWEAK_BITS + global TWEAK_BYTES + global TWEAKEY_BITS + global TWEAKEY_BYTES + global LANES + global ROUNDS + + KEY_BITS = key_bits + TWEAK_BITS = tweak_bits + TWEAKEY_BITS = KEY_BITS + TWEAK_BITS + LANES = int((TWEAKEY_BITS) / LANE_BITS) + ROUNDS = rounds + KEY_BYTES = int(KEY_BITS / 8) + TWEAK_BYTES = int(TWEAK_BITS / 8) + TWEAKEY_BYTES = int(TWEAKEY_BITS / 8) + + +############################################################################### + +def XorState(state1, state2) : + state_output = [state1[byte] ^ state2[byte] for byte in range(0, len(state1))] + return state_output + + +def Padding10LSB(array, number_bits) : + shifted = 0 + for byte in range(0, len(array)) : + shifted |= (array[byte] << (8 * byte)) + shifted = (shifted << (BLOCK_BITS - number_bits)) & 0xffffffffffffffffffffffffffffffff + + padded = shifted | (0x1 << (BLOCK_BITS - number_bits - 1)) + + array_padded = [0 for byte in range(0, BLOCK_BYTES)] + for byte in range(0, BLOCK_BYTES) : + array_padded[byte] = (padded & (0xff << (8 * byte))) >> (8 * byte) + + return array_padded + + +def LowPart(array, number_bits) : + shifted = 0 + for byte in range(0, len(array)) : + shifted |= (array[byte] << (8 * byte)) + + mask = 0 + for bit in range(0, number_bits) : + mask |= (0x1 << bit) + + lower_part = shifted & mask + + will_padd = 0 + if (number_bits % 8) != 0 : + will_padd = 1 + + lower_part_byte = [0 for byte in range(0, int(number_bits / 8) + will_padd)] + for byte in range(0, int(number_bits / 8) + will_padd) : + lower_part_byte[byte] = lower_part & 0xff + lower_part = lower_part >> 8 + + return lower_part_byte + +############################################################################### + +def TweakAssociatedData(i, padded = 0) : + tweak = [0 for byte in range(0, TWEAK_BYTES)] + + mask = 0xff + for byte in range(0, TWEAK_BYTES - 1) : + tweak[byte] = (i & mask) >> (byte * 8) + mask = mask << 8 + + mask = (0xf << (8 * (TWEAK_BYTES - 1))) + tweak[TWEAK_BYTES - 1] = (i & mask) >> ((TWEAK_BYTES - 1) * 8) + if padded == 0 : + tweak[TWEAK_BYTES - 1] |= 0x20 + else : + tweak[TWEAK_BYTES - 1] |= 0x60 + return tweak + + +def BuildAuth(A, key) : + Auth = [0 for byte in range(0, BLOCK_BYTES)] + l_a = int(A_BITS / BLOCK_BITS) + if int(A_BITS % BLOCK_BITS) > 0 : + will_padd = 1 + else : + will_padd = 0 + + for i in range(0, l_a) : + tweak = TweakAssociatedData(i, padded = 0) + enc = ltbc.LilliputTBCEnc(tweak, key, A[i]) + Auth = XorState(Auth, enc) + + if (A_BITS % BLOCK_BITS) == 0 : + return Auth + + tweak = TweakAssociatedData(l_a, padded = 1) + ad_padded = Padding10LSB(A[l_a], (A_BITS % BLOCK_BITS)) + enc = ltbc.LilliputTBCEnc(tweak, key, ad_padded) + Auth = XorState(Auth, enc) + + return Auth + +################################################################################ + +def TweakMessage(N, j, null = 0, padded = 0, final_padded = 0) : + tweak = [0 for byte in range(0, TWEAK_BYTES)] + for byte in range(N_BYTES - 1, -1, -1) : + tweak[byte + (TWEAK_BYTES - N_BYTES)] |= (N[byte] & 0xf0) >> 4 + tweak[byte + (TWEAK_BYTES - N_BYTES - 1)] |= (N[byte] & 0x0f) << 4 + + tweak[TWEAK_BYTES - N_BYTES - 1] |= ((j >> 64) & 0xf) + for byte in range(TWEAK_BYTES - N_BYTES - 2, -1, -1) : + tweak[byte] = (j >> (8 * byte)) & 0xff + + if null == 1 : + tweak[TWEAK_BYTES - 1] |= 0x10 + if padded == 1 : + tweak[TWEAK_BYTES - 1] |= 0x40 + if final_padded == 1 : + tweak[TWEAK_BYTES - 1] |= 0x50 + + return tweak + + +def TreatMessageEnc(M, N, key) : + checksum = [0 for byte in range(0, BLOCK_BYTES)] + + l = int(M_BITS / BLOCK_BITS) + if int(M_BITS % BLOCK_BITS) > 0 : + will_padd = 1 + else : + will_padd = 0 + + C = [[0 for byte in range(0, BLOCK_BYTES)] for j in range(0, l + will_padd)] + + for j in range(0, l) : + checksum = XorState(checksum, M[j]) + tweak = TweakMessage(N, j, padded = 0) + C[j] = ltbc.LilliputTBCEnc(tweak, key, M[j]) + + if will_padd == 0 : + tweak = TweakMessage(N, l - 1, null = 1) + Final = ltbc.LilliputTBCEnc(tweak, key, checksum) + + else : + m_padded = Padding10LSB(M[l], M_BITS % BLOCK_BITS) + checksum = XorState(checksum, m_padded) + tweak = TweakMessage(N, l, padded = 1) + pad = ltbc.LilliputTBCEnc(tweak, key, [0 for byte in range(0, BLOCK_BYTES)]) + lower_part = LowPart(pad, M_BITS % BLOCK_BITS) + C[l] = XorState(M[l], lower_part) + tweak_final = TweakMessage(N, l, final_padded = 1) + Final = ltbc.LilliputTBCEnc(tweak_final, key, checksum) + + return (Final, C) + + +def TreatMessageDec(C, N, key) : + checksum = [0 for byte in range(0, BLOCK_BYTES)] + + l = int(M_BITS / BLOCK_BITS) + if int(M_BITS % BLOCK_BITS) > 0 : + will_padd = 1 + else : + will_padd = 0 + + M = [[0 for byte in range(0, BLOCK_BYTES)] for j in range(0, l + will_padd)] + + for j in range(0, l) : + tweak = TweakMessage(N, j, padded = 0) + M[j] = ltbc.LilliputTBCDec(tweak, key, C[j]) + checksum = XorState(checksum, M[j]) + + + if will_padd == 0 : + tweak = TweakMessage(N, l - 1, null = 1) + Final = ltbc.LilliputTBCEnc(tweak, key, checksum) + + else : + tweak = TweakMessage(N, l, padded = 1) + pad = ltbc.LilliputTBCEnc(tweak, key, [0 for byte in range(0, BLOCK_BYTES)]) + lower_part = LowPart(pad, M_BITS % BLOCK_BITS) + M[l] = XorState(C[l], lower_part) + m_padded = Padding10LSB(M[l], M_BITS % BLOCK_BITS) + checksum = XorState(checksum, m_padded) + tweak_final = TweakMessage(N, l, final_padded = 1) + Final = ltbc.LilliputTBCEnc(tweak_final, key, checksum) + + return (Final, M) + + + +################################################################################ +def OCB3Enc(A, M, N, associated_data_length_bit, message_length_bit, key, key_bits, tweak_bits, rounds) : + InitParameters(key_bits, tweak_bits, rounds) + + global A_BITS + global M_BITS + + A_BITS = associated_data_length_bit + M_BITS = message_length_bit + + ltbc.KEY_BITS = KEY_BITS + ltbc.ROUNDS = ROUNDS + ltbc.TWEAK_BITS = TWEAK_BITS + ltbc.LANES = LANES + + ltbc.TWEAKEY_BITS = TWEAKEY_BITS + ltbc.KEY_BYTES = KEY_BYTES + ltbc.TWEAK_BYTES = TWEAK_BYTES + ltbc.TWEAKEY_BYTES = TWEAKEY_BYTES + + ltbc.TKs = [[0 for byte in range(0, TWEAKEY_BYTES)] for round in range(0, ROUNDS)] + ltbc.RTKs = [[0 for byte in range(0, 8)] for round in range(0, ROUNDS)] + ltbc.States = [[0 for byte in range(0, BLOCK_BYTES)] for round in range(0, ROUNDS)] + + + Auth = BuildAuth(A, key) + (Final, C) = TreatMessageEnc(M, N, key) + tag = XorState(Auth, Final) + + return (C, tag) + + +def OCB3Dec(A, C, N, tag, associated_data_length_bit, message_length_bit, key, key_bits, tweak_bits, rounds) : + InitParameters(key_bits, tweak_bits, rounds) + + global A_BITS + global M_BITS + + A_BITS = associated_data_length_bit + M_BITS = message_length_bit + + ltbc.KEY_BITS = KEY_BITS + ltbc.ROUNDS = ROUNDS + ltbc.TWEAK_BITS = TWEAK_BITS + ltbc.LANES = LANES + + ltbc.TWEAKEY_BITS = TWEAKEY_BITS + ltbc.KEY_BYTES = KEY_BYTES + ltbc.TWEAK_BYTES = TWEAK_BYTES + ltbc.TWEAKEY_BYTES = TWEAKEY_BYTES + + ltbc.TKs = [[0 for byte in range(0, TWEAKEY_BYTES)] for round in range(0, ROUNDS)] + ltbc.RTKs = [[0 for byte in range(0, 8)] for round in range(0, ROUNDS)] + ltbc.States = [[0 for byte in range(0, BLOCK_BYTES)] for round in range(0, ROUNDS)] + + Auth = BuildAuth(A, key) + (Final, M) = TreatMessageDec(C, N, key) + tag2 = XorState(Auth, Final) + + print(M) + print(tag2) + + if(tag == tag2) : + return M diff --git a/python/lilliput_ae_2.py b/python/lilliput_ae_2.py new file mode 100644 index 0000000..40ee485 --- /dev/null +++ b/python/lilliput_ae_2.py @@ -0,0 +1,277 @@ +""" + SCT 2 for lilliput ae 2 +""" + +import lilliput_tbc as ltbc + +BLOCK_BITS = 128 +KEY_BITS = 128 +TWEAK_BITS = 128 +TWEAKEY_BITS = KEY_BITS + TWEAK_BITS +LANE_BITS = 64 +LANES = int((TWEAKEY_BITS) / LANE_BITS) +ROUNDS = 32 + +BLOCK_BYTES = int(BLOCK_BITS / 8) +KEY_BYTES = int(KEY_BITS / 8) +TWEAK_BYTES = int(TWEAK_BITS / 8) +TWEAKEY_BYTES = int(TWEAKEY_BITS / 8) + +A_BITS = BLOCK_BITS +M_BITS = BLOCK_BITS +N_BITS = 120 +N_BYTES = int(N_BITS / 8) + + +def InitParameters(key_bits = 128, tweak_bits = 128, rounds = 32) : + global KEY_BITS + global KEY_BYTES + global TWEAK_BITS + global TWEAK_BYTES + global TWEAKEY_BITS + global TWEAKEY_BYTES + global LANES + global ROUNDS + + KEY_BITS = key_bits + TWEAK_BITS = tweak_bits + TWEAKEY_BITS = KEY_BITS + TWEAK_BITS + LANES = int((TWEAKEY_BITS) / LANE_BITS) + ROUNDS = rounds + KEY_BYTES = int(KEY_BITS / 8) + TWEAK_BYTES = int(TWEAK_BITS / 8) + TWEAKEY_BYTES = int(TWEAKEY_BITS / 8) + + +############################################################################### + +def XorState(state1, state2) : + state_output = [state1[byte] ^ state2[byte] for byte in range(0, len(state1))] + return state_output + +def Padding10LSB(array, number_bits) : + shifted = 0 + for byte in range(0, len(array)) : + shifted |= (array[byte] << (8 * byte)) + shifted = (shifted << (BLOCK_BITS - number_bits)) & 0xffffffffffffffffffffffffffffffff + + padded = shifted | (0x1 << (BLOCK_BITS - number_bits - 1)) + + array_padded = [0 for byte in range(0, BLOCK_BYTES)] + for byte in range(0, BLOCK_BYTES) : + array_padded[byte] = (padded & (0xff << (8 * byte))) >> (8 * byte) + + return array_padded + + +def LowPart(array, number_bits) : + shifted = 0 + for byte in range(0, len(array)) : + shifted |= (array[byte] << (8 * byte)) + + mask = 0 + for bit in range(0, number_bits) : + mask |= (0x1 << bit) + + lower_part = shifted & mask + + will_padd = 0 + if (number_bits % 8) != 0 : + will_padd = 1 + + lower_part_byte = [0 for byte in range(0, int(number_bits / 8) + will_padd)] + for byte in range(0, int(number_bits / 8) + will_padd) : + lower_part_byte[byte] = lower_part & 0xff + lower_part = lower_part >> 8 + + return lower_part_byte + +############################################################################### + +def TweakAssociatedData(i, padded = 0) : + tweak = [0 for byte in range(0, TWEAK_BYTES)] + + mask = 0xff + for byte in range(0, TWEAK_BYTES - 1) : + tweak[byte] = (i & mask) >> (byte * 8) + mask = mask << 8 + + mask = (0xf << (8 * (TWEAK_BYTES - 1))) + tweak[TWEAK_BYTES - 1] = (i & mask) >> ((TWEAK_BYTES - 1) * 8) + if padded == 0 : + tweak[TWEAK_BYTES - 1] |= 0x20 + else : + tweak[TWEAK_BYTES - 1] |= 0x60 + return tweak + + +def BuildAuth(A, key) : + Auth = [0 for byte in range(0, BLOCK_BYTES)] + l_a = int(A_BITS / BLOCK_BITS) + if int(A_BITS % BLOCK_BITS) > 0 : + will_padd = 1 + else : + will_padd = 0 + + for i in range(0, l_a) : + tweak = TweakAssociatedData(i, padded = 0) + enc = ltbc.LilliputTBCEnc(tweak, key, A[i]) + Auth = XorState(Auth, enc) + + if (A_BITS % BLOCK_BITS) == 0 : + return Auth + + tweak = TweakAssociatedData(l_a, padded = 1) + ad_padded = Padding10LSB(A[l_a], (A_BITS % BLOCK_BITS)) + enc = ltbc.LilliputTBCEnc(tweak, key, ad_padded) + Auth = XorState(Auth, enc) + + return Auth + +################################################################################ + +def TweakTag(j, padded = 0) : + tweak = [0 for byte in range(0, TWEAK_BYTES)] + + tweak[TWEAK_BYTES - 1] |= ((j >> 120) & 0xf) + for byte in range(TWEAK_BYTES - 2, -1, -1) : + tweak[byte] = (j >> (8 * byte)) & 0xff + + if padded == 1 : + tweak[TWEAK_BYTES - 1] |= 0x40 + + return tweak + +def TweakTagEnd(N) : + tweak = [0 for byte in range(0, TWEAK_BYTES)] + + for byte in range(0, TWEAK_BYTES - 1) : + tweak[byte] = N[byte] + tweak[TWEAK_BYTES - 1] = 0x10 + + return tweak + + +def AddTagJ(tag, j) : + array_j = [0 for byte in range(0, TWEAK_BYTES)] + for byte in range(0, TWEAK_BYTES) : + array_j[byte] = (j >> (byte * 8)) + + xorr = XorState(tag, array_j) + + xorr[TWEAK_BYTES - 1] |= 0x80 + + return xorr + + +def MesssageAuthTag(M, N, Auth, key) : + l = int(M_BITS / BLOCK_BITS) + if int(M_BITS % BLOCK_BITS) > 0 : + will_padd = 1 + else : + will_padd = 0 + + tag = list(Auth) + + for j in range(0, l) : + tweak = TweakTag(j, padded = 0) + encryption = ltbc.LilliputTBCEnc(tweak, key, M[j]) + tag = XorState(tag, encryption) + + if will_padd == 1 : + tweak = TweakTag(l, padded = 1) + m_padded = Padding10LSB(M[l], M_BITS % BLOCK_BITS) + encryption = ltbc.LilliputTBCEnc(tweak, key, m_padded) + tag = XorState(tag, encryption) + + tweak = TweakTagEnd(N) + encryption = ltbc.LilliputTBCEnc(tweak, key, tag) + tag = encryption + + return tag + + +def MessageEncryption(M, N, tag, key) : + l = int(M_BITS / BLOCK_BITS) + if int(M_BITS % BLOCK_BITS) > 0 : + will_padd = 1 + else : + will_padd = 0 + + C = [[0 for byte in range(0, 16)] for j in range(0, l + will_padd)] + + for j in range(0, l) : + tweak = AddTagJ(tag, j) + padded_nounce = list(N) + [0x00] + encryption = ltbc.LilliputTBCEnc(tweak, key, padded_nounce) + C[j] = XorState(M[j], encryption) + + if will_padd : + tweak = AddTagJ(tag, l) + padded_nounce = list(N) + [0x00] + encryption = ltbc.LilliputTBCEnc(tweak, key, padded_nounce) + C[l] = XorState(M[l], encryption) + + return C + +################################################################################ +def SCT2Enc(A, M, N, associated_data_length_bit, message_length_bit, key, key_bits, tweak_bits, rounds) : + InitParameters(key_bits, tweak_bits, rounds) + + global A_BITS + global M_BITS + + A_BITS = associated_data_length_bit + M_BITS = message_length_bit + + ltbc.KEY_BITS = KEY_BITS + ltbc.ROUNDS = ROUNDS + ltbc.TWEAK_BITS = TWEAK_BITS + ltbc.LANES = LANES + + ltbc.TWEAKEY_BITS = TWEAKEY_BITS + ltbc.KEY_BYTES = KEY_BYTES + ltbc.TWEAK_BYTES = TWEAK_BYTES + ltbc.TWEAKEY_BYTES = TWEAKEY_BYTES + + ltbc.TKs = [[0 for byte in range(0, TWEAKEY_BYTES)] for round in range(0, ROUNDS)] + ltbc.RTKs = [[0 for byte in range(0, 8)] for round in range(0, ROUNDS)] + ltbc.States = [[0 for byte in range(0, BLOCK_BYTES)] for round in range(0, ROUNDS)] + + + Auth = BuildAuth(A, key) + tag = MesssageAuthTag(M, N, Auth, key) + C = MessageEncryption(M, N, tag, key) + + return (C, tag) + +def SCT2Dec(A, C, N, tag, associated_data_length_bit, message_length_bit, key, key_bits, tweak_bits, rounds) : + InitParameters(key_bits, tweak_bits, rounds) + + global A_BITS + global M_BITS + + A_BITS = associated_data_length_bit + M_BITS = message_length_bit + + ltbc.KEY_BITS = KEY_BITS + ltbc.ROUNDS = ROUNDS + ltbc.TWEAK_BITS = TWEAK_BITS + ltbc.LANES = LANES + + ltbc.TWEAKEY_BITS = TWEAKEY_BITS + ltbc.KEY_BYTES = KEY_BYTES + ltbc.TWEAK_BYTES = TWEAK_BYTES + ltbc.TWEAKEY_BYTES = TWEAKEY_BYTES + + ltbc.TKs = [[0 for byte in range(0, TWEAKEY_BYTES)] for round in range(0, ROUNDS)] + ltbc.RTKs = [[0 for byte in range(0, 8)] for round in range(0, ROUNDS)] + ltbc.States = [[0 for byte in range(0, BLOCK_BYTES)] for round in range(0, ROUNDS)] + + + M = MessageEncryption(C, N, tag, key) + Auth = BuildAuth(A, key) + tag2 = MesssageAuthTag(M, N, Auth, key) + + if(tag == tag2) : + return M diff --git a/python/lilliput_tbc.py b/python/lilliput_tbc.py new file mode 100644 index 0000000..540d956 --- /dev/null +++ b/python/lilliput_tbc.py @@ -0,0 +1,275 @@ +""" + Lilliput TBC +""" +import random +import constant +import multiplications + +BLOCK_BITS = 128 +KEY_BITS = 128 +TWEAK_BITS = 192 +LANE_BITS = 64 +LANE_BYTES = LANE_BITS / 8 +LANES = int((TWEAK_BITS+KEY_BITS) / LANE_BITS) +ROUNDS = 32 + +BLOCK_BYTES = int(BLOCK_BITS / 8) +TWEAKEY_BITS = KEY_BITS + TWEAK_BITS +KEY_BYTES = int(KEY_BITS / 8) +TWEAK_BYTES = int(TWEAK_BITS / 8) +TWEAKEY_BYTES = int(TWEAKEY_BITS / 8) + +Sbox = constant.Sbox +MultiplyM = multiplications.MultiplyM +MultiplyM2 = multiplications.MultiplyM2 +MultiplyM3 = multiplications.MultiplyM3 +MultiplyMR = multiplications.MultiplyMR +MultiplyMR2 = multiplications.MultiplyMR2 +MultiplyMR3 = multiplications.MultiplyMR3 + +permutation = [14, 11, 12, 10, 8, 9, 13, 15, 3, 1, 4, 5, 6, 0, 2, 7] +permutationInv = [13, 9, 14, 8, 10, 11, 12, 15, 4, 5, 3, 1, 2, 6 ,0 ,7] + +# Personnal global variables to check better +TKs = [[0 for byte in range(0, TWEAKEY_BYTES)] for round in range(0, ROUNDS)] +RTKs = [[0 for byte in range(0, 8)] for round in range(0, ROUNDS)] +States = [[0 for byte in range(0, BLOCK_BYTES)] for round in range(0, ROUNDS)] + + +################################################################################ + +def BuildTweakey(tweak, key) : + + tweakey = [0 for byte in range(0, TWEAKEY_BYTES)] + for byte in range(0, TWEAK_BYTES) : + tweakey[byte] = tweak[byte] + + for byte in range(0, KEY_BYTES) : + tweakey[byte + TWEAK_BYTES] = key[byte] + + return tweakey + +############################# + +def RoundTweakeySchedule(tweakey) : + + # Multiplication + lanes = [tweakey[word * 8:(word+1) * 8] for word in range(0, LANES)] + tweakey_multiplied = [] + for word in range(0, LANES) : + if word == 0 : + tweakey_multiplied += list(lanes[0]) + elif word == 1 : + tweakey_multiplied += MultiplyM(lanes[1]) + elif word == 2 : + tweakey_multiplied += MultiplyM2(lanes[2]) + elif word == 3 : + tweakey_multiplied += MultiplyM3(lanes[3]) + elif word == 4 : + tweakey_multiplied += MultiplyMR(lanes[4]) + elif word == 5 : + tweakey_multiplied += MultiplyMR2(lanes[5]) + elif word == 6 : + tweakey_multiplied += MultiplyMR3(lanes[6]) + + return tweakey_multiplied ; + + +def SubTweakeyExtract(tweakey, round) : + subtweakey = [0 for byte in range(0, 8)] + + for byte in range(0, TWEAKEY_BYTES) : + subtweakey[byte % 8] ^= tweakey[byte] + + subtweakey[0] ^= round + + return subtweakey + + +def TweakeyScheduleWhole(tweakey) : + # store main tweakey in TKs[0] + # and corresponding RTKs[0] + TKs[0] = tweakey + RTKs[0] = SubTweakeyExtract(TKs[0], 0) + + for round in range(1, ROUNDS) : + TKs[round] = RoundTweakeySchedule(TKs[round - 1]) + RTKs[round] = SubTweakeyExtract(TKs[round], round) + +################################################################################ + +def NonLinearLayer(state, subtweakey) : + + variables_xored = [0 for byte in range(0, 8)] + for byte in range(0,8) : + variables_xored[byte] = state[byte] ^ subtweakey[byte] + + variables_sboxed = [0 for byte in range(0, 8)] + for byte in range(0, 8) : + variables_sboxed[byte] = Sbox[variables_xored[byte]] + + state_output = [0 for byte in range(0, BLOCK_BYTES)] + for byte in range(0,BLOCK_BYTES) : + state_output[byte] = state[byte] + for byte in range(0, 8) : + state_output[15 - byte] ^= variables_sboxed[byte] + + return state_output + + +def LinearLayer(state) : + state_output = [0 for byte in range(0, BLOCK_BYTES)] + for byte in range(0, BLOCK_BYTES) : + state_output[byte] = state[byte] + + for byte in range(1, 8) : + state_output[15] ^= state[byte] + + for byte in range(9, 15) : + state_output[byte] ^= state[7] + + return state_output + + +def PermutationLayerEnc(state) : + state_output = [0 for byte in range(0, BLOCK_BYTES)] + for byte in range(0, BLOCK_BYTES) : + state_output[byte] = state[permutation[byte]] + + return state_output + +def PermutationLayerDec(state) : + state_output = [0 for byte in range(0, BLOCK_BYTES)] + for byte in range(0, BLOCK_BYTES) : + state_output[byte] = state[permutationInv[byte]] + + return state_output + + +def OneRoundEGFNEnc(state, subtweakey, round) : + state_non_linear = NonLinearLayer(state, subtweakey) + state_linear = LinearLayer(state_non_linear) + state_permutation = PermutationLayerEnc(state_linear) + + return state_permutation + +def LastRoundEGFN(state, subtweakey, round) : + state_non_linear = NonLinearLayer(state, subtweakey) + state_linear = LinearLayer(state_non_linear) + + return state_linear + + +def OneRoundEGFNDec(state, subtweakey, round) : + state_non_linear = NonLinearLayer(state, subtweakey) + state_linear = LinearLayer(state_non_linear) + state_permutation = PermutationLayerDec(state_linear) + + return state_permutation + + +################################################################################ +# Lilliput TBC + +def LilliputTBCEnc(tweak, key, message) : + + global TKs + global RTKs + global states + TKs = [[0 for byte in range(0, TWEAKEY_BYTES)] for round in range(0, ROUNDS)] + RTKs = [[0 for byte in range(0, 8)] for round in range(0, ROUNDS)] + States = [[0 for byte in range(0, BLOCK_BYTES)] for round in range(0, ROUNDS)] + + tweakey = BuildTweakey(tweak, key) + TweakeyScheduleWhole(tweakey) + + state = [0 for byte in range(0, BLOCK_BYTES)] + for byte in range(0, BLOCK_BYTES) : + state[byte] = message[byte] + + for round in range(0, ROUNDS - 1) : + state_output = OneRoundEGFNEnc(state, RTKs[round], round = round) + + for byte in range(0, BLOCK_BYTES) : + state[byte] = state_output[byte] + + state_output = LastRoundEGFN(state, RTKs[ROUNDS - 1], round = ROUNDS - 1) + + return state_output + + +def LilliputTBCDec(tweak, key, cipher) : + + global TKs + global RTKs + global states + TKs = [[0 for byte in range(0, TWEAKEY_BYTES)] for round in range(0, ROUNDS)] + RTKs = [[0 for byte in range(0, 8)] for round in range(0, ROUNDS)] + States = [[0 for byte in range(0, BLOCK_BYTES)] for round in range(0, ROUNDS)] + + tweakey = BuildTweakey(tweak, key) + TweakeyScheduleWhole(tweakey) + + state = [0 for byte in range(0, BLOCK_BYTES)] + for byte in range(0, BLOCK_BYTES) : + state[byte] = cipher[byte] + + for round in range(0, ROUNDS - 1) : + state_output = OneRoundEGFNDec(state, RTKs[ROUNDS - round - 1], round = round) + + for byte in range(0, BLOCK_BYTES) : + state[byte] = state_output[byte] + + state_output = LastRoundEGFN(state, RTKs[0], round = ROUNDS - 1) + + return state_output + +################################################################################ + + +# def main() : +# +# """tweak = [random.randint(0,255) for byte in range(0, number_bytes_tweak)] +# key = [random.randint(0,255) for byte in range(0, number_bytes_key)] +# message = [random.randint(0,255) for byte in range(0, 16)]""" +# #cipher = [204, 93, 118, 73, 153, 116, 241, 228, 56, 160, 234, 207, 42, 199, 19, 147] # null +# #cipher = [104, 79, 113, 74, 255, 166, 160, 78, 195, 74, 93, 105, 73, 157, 113, 228] # order +# #message = [188, 215, 240, 41, 132, 182, 200, 249, 156, 157, 29, 189, 13, 48, 148, 11] +# #cipher = [245, 195, 174, 174, 35, 1, 31, 176, 201, 93, 83, 38, 103, 211, 216, 223] +# #tweak = [168, 67, 243, 16, 129, 17, 28, 132, 223, 248, 46, 250, 144, 144, 38, 33, 125, 141, 67, 18, 42, 179, 210, 77] +# #key = [193, 150, 198, 10, 2, 115, 145, 104, 127, 244, 35, 77, 61, 213, 249, 155] +# global KEY_BITS +# global TWEAK_BITS +# global LANES +# global ROUNDS +# global TWEAKEY_BITS +# global KEY_BYTES +# global TWEAK_BYTES +# global TWEAKEY_BYTES +# KEY_BITS = 256 +# TWEAK_BITS = 128 +# TWEAKEY_BITS = KEY_BITS + TWEAK_BITS +# LANES = int((TWEAKEY_BITS) / LANE_BITS) +# ROUNDS = 42 +# KEY_BYTES = int(KEY_BITS / 8) +# TWEAK_BYTES = int(TWEAK_BITS / 8) +# TWEAKEY_BYTES = int(TWEAKEY_BITS / 8) +# +# tweak = [byte for byte in range(0, TWEAK_BYTES)] +# key = [byte for byte in range(0, KEY_BYTES)] +# message = [byte for byte in range(0, BLOCK_BYTES)] +# +# +# +# cipher = LilliputTBCEnc(tweak, key, message) +# print(message) +# print(cipher) +# print(tweak) +# print(key) +# for index,byte in enumerate(cipher) : +# print("%02x "%(cipher[15-index]), end="") +# print() +# #deciphered = LilliputTBCDec(tweak, key, cipher, verbose = 0) +# #print(deciphered) +# +# #main() diff --git a/python/multiplications.py b/python/multiplications.py new file mode 100644 index 0000000..e753c68 --- /dev/null +++ b/python/multiplications.py @@ -0,0 +1,175 @@ + +# Multiply by matrix M +def MultiplyM(lane) : + multiplied_lane = [lane[(byte-1) % 8] for byte in range(0, 8)] + + multiplied_lane[2] ^= ((lane[6] << 2) & 0xff) + multiplied_lane[4] ^= ((lane[4] >> 3) & 0xff) + multiplied_lane[5] ^= ((lane[5] << 3) & 0xff) + + return multiplied_lane + +def MultiplyM2(lane) : + multiplied_lane = [lane[(byte-2) % 8] for byte in range(0, 8)] + + multiplied_lane[2] ^= ((lane[5] << 2) & 0xff) + multiplied_lane[3] ^= ((lane[6] << 2) & 0xff) + multiplied_lane[4] ^= ((lane[3] >> 3) & 0xff) ^ ((lane[4] >> 6) & 0xff) + multiplied_lane[5] ^= ((lane[5] << 6) & 0xff) + multiplied_lane[6] ^= ((lane[5] << 3) & 0xff) + + # binary matrix M1 + multi_mat_l4_m1 = 0 + l4 = lane[4] + multi_mat_l4_m1 ^= ((l4 & 0x8) >> 3) + multi_mat_l4_m1 ^= ((l4 & 0x10) >> 3) + multi_mat_l4_m1 ^= ((l4 & 0x20) >> 3) + multi_mat_l4_m1 ^= ((l4 & 0x40) >> 3) ^ ((l4 & 0x1) << 3) + multi_mat_l4_m1 ^= ((l4 & 0x80) >> 3) ^ ((l4 & 0x2) << 3) + multi_mat_l4_m1 ^= ((l4 & 0x04) << 3) + multi_mat_l4_m1 ^= ((l4 & 0x08) << 3) + multi_mat_l4_m1 ^= ((l4 & 0x10) << 3) + + multiplied_lane[5] ^= multi_mat_l4_m1 + + return multiplied_lane + + +def MultiplyM3(lane) : + multiplied_lane = [lane[(byte-3) % 8] for byte in range(0, 8)] + + multiplied_lane[2] ^= ((lane[4] << 2) & 0xff) ^ ((lane[5] << 5) & 0xff) + multiplied_lane[3] ^= ((lane[5] << 2) & 0xff) + multiplied_lane[4] ^= ((lane[2] >> 3) & 0xff) ^ ((lane[3] >> 6) & 0xff) ^ ((lane[6] << 2) & 0xff) + multiplied_lane[6] ^= ((lane[5] << 6) & 0xff) + multiplied_lane[7] ^= ((lane[5] << 3) & 0xff) + + # binary matrix M1 + multi_mat_l3_m1 = 0 + l3 = lane[3] + multi_mat_l3_m1 ^= ((l3 & 0x8) >> 3) + multi_mat_l3_m1 ^= ((l3 & 0x10) >> 3) + multi_mat_l3_m1 ^= ((l3 & 0x20) >> 3) + multi_mat_l3_m1 ^= ((l3 & 0x40) >> 3) ^ ((l3 & 0x1) << 3) + multi_mat_l3_m1 ^= ((l3 & 0x80) >> 3) ^ ((l3 & 0x2) << 3) + multi_mat_l3_m1 ^= ((l3 & 0x04) << 3) + multi_mat_l3_m1 ^= ((l3 & 0x08) << 3) + multi_mat_l3_m1 ^= ((l3 & 0x10) << 3) + + # binary matrix M1 + multi_mat_l4_m1 = 0 + l4 = lane[4] + multi_mat_l4_m1 ^= ((l4 & 0x8) >> 3) + multi_mat_l4_m1 ^= ((l4 & 0x10) >> 3) + multi_mat_l4_m1 ^= ((l4 & 0x20) >> 3) + multi_mat_l4_m1 ^= ((l4 & 0x40) >> 3) ^ ((l4 & 0x1) << 3) + multi_mat_l4_m1 ^= ((l4 & 0x80) >> 3) ^ ((l4 & 0x2) << 3) + multi_mat_l4_m1 ^= ((l4 & 0x04) << 3) + multi_mat_l4_m1 ^= ((l4 & 0x08) << 3) + multi_mat_l4_m1 ^= ((l4 & 0x10) << 3) + + # binary matrix M2 + multi_mat_l4_m2 = 0 + l4 = lane[4] + multi_mat_l4_m2 ^= ((l4 & 0x40) >> 6) + multi_mat_l4_m2 ^= ((l4 & 0x80) >> 6) + multi_mat_l4_m2 ^= (l4 & 0x08) + multi_mat_l4_m2 ^= (l4 & 0x10) + multi_mat_l4_m2 ^= (l4 & 0x20) + multi_mat_l4_m2 ^= (l4 & 0x40) ^ ((l4 & 0x1) << 6) + multi_mat_l4_m2 ^= (l4 & 0x80) ^ ((l4 & 0x2) << 6) + + + multiplied_lane[5] ^= multi_mat_l3_m1 ^ multi_mat_l4_m2 + multiplied_lane[6] ^= multi_mat_l4_m1 + + return multiplied_lane + + +def MultiplyMR(lane) : + multiplied_lane = [lane[(byte+1) % 8] for byte in range(0, 8)] + + multiplied_lane[2] ^= ((lane[4] >> 3) & 0xff) + multiplied_lane[4] ^= ((lane[6] << 3) & 0xff) + multiplied_lane[5] ^= ((lane[3] << 2) & 0xff) + + return multiplied_lane + + +def MultiplyMR2(lane) : + multiplied_lane = [lane[(byte+2) % 8] for byte in range(0, 8)] + + multiplied_lane[1] ^= ((lane[4] >> 3) & 0xff) + multiplied_lane[2] ^= ((lane[5] >> 3) & 0xff) + multiplied_lane[3] ^= ((lane[6] << 3) & 0xff) + multiplied_lane[4] ^= ((lane[3] << 2) & 0xff) ^ ((lane[7] << 3) & 0xff) + multiplied_lane[5] ^= ((lane[4] << 2) & 0xff) + + + # binary matrix m3 + multi_mat_l6_m3 = 0 + l6 = lane[6] + multi_mat_l6_m3 ^= (l6 & 0x1) + multi_mat_l6_m3 ^= (l6 & 0x2) + multi_mat_l6_m3 ^= (l6 & 0x4) + multi_mat_l6_m3 ^= (l6 & 0x8) + multi_mat_l6_m3 ^= (l6 & 0x10) + + + multiplied_lane[2] ^= multi_mat_l6_m3 + + return multiplied_lane + +def MultiplyMR3(lane) : + multiplied_lane = [lane[(byte+3) % 8] for byte in range(0, 8)] + + multiplied_lane[0] ^= ((lane[4] >> 3) & 0xff) + multiplied_lane[1] ^= ((lane[5] >> 3) & 0xff) + multiplied_lane[3] ^= ((lane[3] << 2) & 0xff) ^ ((lane[7] << 3) & 0xff) + multiplied_lane[4] ^= ((lane[0] << 3) & 0xff) ^ ((lane[4] << 2) & 0xff) + multiplied_lane[5] ^= ((lane[5] << 2) & 0xff) ^ ((lane[6] << 5) & 0xff) + + # binary matrix m3 + multi_mat_l6_m3 = 0 + l6 = lane[6] + multi_mat_l6_m3 ^= (l6 & 0x1) + multi_mat_l6_m3 ^= (l6 & 0x2) + multi_mat_l6_m3 ^= (l6 & 0x4) + multi_mat_l6_m3 ^= (l6 & 0x8) + multi_mat_l6_m3 ^= (l6 & 0x10) + + # binary matrix m3 + multi_mat_l7_m3 = 0 + l7 = lane[7] + multi_mat_l7_m3 ^= (l7 & 0x1) + multi_mat_l7_m3 ^= (l7 & 0x2) + multi_mat_l7_m3 ^= (l7 & 0x4) + multi_mat_l7_m3 ^= (l7 & 0x8) + multi_mat_l7_m3 ^= (l7 & 0x10) + + # binary matrix m4 + multi_mat_l3_m4 = 0 + l3 = lane[3] + multi_mat_l3_m4 ^= ((l3 & 0x2) >> 1) + multi_mat_l3_m4 ^= ((l3 & 0x4) >> 1) + multi_mat_l3_m4 ^= ((l3 & 0x8) >> 1) + multi_mat_l3_m4 ^= ((l3 & 0x10) >> 1) + multi_mat_l3_m4 ^= ((l3 & 0x20) >> 1) + + # binary matrix m1 for MR + multi_mat_l6_m1 = 0 + l6 = lane[6] + multi_mat_l6_m1 ^= ((l6 & 0x8) >> 3) + multi_mat_l6_m1 ^= ((l6 & 0x10) >> 3) + multi_mat_l6_m1 ^= ((l6 & 0x20) >> 3) + multi_mat_l6_m1 ^= ((l6 & 0x40) >> 3) ^ ((l6 & 0x1) << 3) + multi_mat_l6_m1 ^= ((l6 & 0x80) >> 3) ^ ((l6 & 0x2) << 3) + multi_mat_l6_m1 ^= ((l6 & 0x4) << 3) + multi_mat_l6_m1 ^= ((l6 & 0x8) << 3) + multi_mat_l6_m1 ^= ((l6 & 0x10) << 3) + + + multiplied_lane[1] ^= multi_mat_l6_m3 + multiplied_lane[2] ^= multi_mat_l3_m4 ^ multi_mat_l6_m1 ^ multi_mat_l7_m3 + + return multiplied_lane diff --git a/python/parameters_i_128.py b/python/parameters_i_128.py new file mode 100644 index 0000000..7f0675a --- /dev/null +++ b/python/parameters_i_128.py @@ -0,0 +1,6 @@ +""" + Lilliput ae i 128 +""" +KEY_BITS = 128 +TWEAK_BITS = 192 +ROUNDS = 32 diff --git a/python/parameters_i_192.py b/python/parameters_i_192.py new file mode 100644 index 0000000..c513331 --- /dev/null +++ b/python/parameters_i_192.py @@ -0,0 +1,6 @@ +""" + Lilliput ae i 128 +""" +KEY_BITS = 192 +TWEAK_BITS = 192 +ROUNDS = 36 diff --git a/python/parameters_i_256.py b/python/parameters_i_256.py new file mode 100644 index 0000000..ab81130 --- /dev/null +++ b/python/parameters_i_256.py @@ -0,0 +1,6 @@ +""" + Lilliput ae i 128 +""" +KEY_BITS = 256 +TWEAK_BITS = 192 +ROUNDS = 42 diff --git a/python/parameters_ii_128.py b/python/parameters_ii_128.py new file mode 100644 index 0000000..8647a66 --- /dev/null +++ b/python/parameters_ii_128.py @@ -0,0 +1,6 @@ +""" + Lilliput ae i 128 +""" +KEY_BITS = 128 +TWEAK_BITS = 128 +ROUNDS = 32 diff --git a/python/parameters_ii_192.py b/python/parameters_ii_192.py new file mode 100644 index 0000000..d17d6ec --- /dev/null +++ b/python/parameters_ii_192.py @@ -0,0 +1,6 @@ +""" + Lilliput ae i 128 +""" +KEY_BITS = 192 +TWEAK_BITS = 128 +ROUNDS = 36 diff --git a/python/parameters_ii_256.py b/python/parameters_ii_256.py new file mode 100644 index 0000000..159c78f --- /dev/null +++ b/python/parameters_ii_256.py @@ -0,0 +1,6 @@ +""" + Lilliput ae i 128 +""" +KEY_BITS = 256 +TWEAK_BITS = 128 +ROUNDS = 42 |