diff options
Diffstat (limited to 'traces/add_threshold')
| -rw-r--r-- | traces/add_threshold/traces-tbc.patch | 31 |
1 files changed, 15 insertions, 16 deletions
diff --git a/traces/add_threshold/traces-tbc.patch b/traces/add_threshold/traces-tbc.patch index f1d897d..ac239fa 100644 --- a/traces/add_threshold/traces-tbc.patch +++ b/traces/add_threshold/traces-tbc.patch @@ -240,7 +240,7 @@ index a966a8e..8d5f2cc 100644 + out[i] = i; } diff --git a/SOUMISSION_NIST/REFERENCE_IMPLEMENTATION/src/add_threshold/tweakey.c b/SOUMISSION_NIST/REFERENCE_IMPLEMENTATION/src/add_threshold/tweakey.c -index e228a69..b1aadc6 100644 +index 7822564..e1abbb6 100644 --- a/SOUMISSION_NIST/REFERENCE_IMPLEMENTATION/src/add_threshold/tweakey.c +++ b/SOUMISSION_NIST/REFERENCE_IMPLEMENTATION/src/add_threshold/tweakey.c @@ -20,6 +20,8 @@ This file provides a first-order threshold implementation of Lilliput-TBC's @@ -252,7 +252,7 @@ index e228a69..b1aadc6 100644 #include <stdint.h> #include <string.h> -@@ -42,6 +44,7 @@ void tweakey_state_init( +@@ -43,6 +45,7 @@ void tweakey_state_init( { uint8_t SHARES_0[KEY_BYTES]; randombytes(sizeof(SHARES_0), SHARES_0); @@ -260,7 +260,7 @@ index e228a69..b1aadc6 100644 memcpy(TK_Y, SHARES_0, KEY_BYTES); memcpy(TK_X, tweak, TWEAK_BYTES); -@@ -67,10 +70,16 @@ void tweakey_state_extract( +@@ -68,20 +71,32 @@ void tweakey_state_extract( { const uint8_t *TKj_X = TK_X + j*LANE_BYTES; @@ -276,8 +276,7 @@ index e228a69..b1aadc6 100644 + debug_dump_buffer("=> RTK_X", ROUND_TWEAKEY_BYTES, round_tweakey_X, 12); } - -@@ -78,10 +87,16 @@ void tweakey_state_extract( + for (size_t j=0; j<KEY_LANES_NB; j++) { const uint8_t *TKj_Y = TK_Y + j*LANE_BYTES; @@ -294,34 +293,34 @@ index e228a69..b1aadc6 100644 } round_tweakey_X[0] ^= round_constant; -@@ -184,6 +199,10 @@ static const matrix_multiplication ALPHAS[6] = { +@@ -100,6 +115,10 @@ static const matrix_multiplication ALPHAS[7] = { _multiply_MR3 }; -+static char const * const ALPHAS_STR[6] = { -+ "M", "M²", "M³", "MR", "MR²", "MR³" ++static char const * const ALPHAS_STR[7] = { ++ "M", "M²", "M³", "M⁴", "MR", "MR²", "MR³" +}; + void tweakey_state_update(uint8_t TK_X[TWEAKEY_BYTES], uint8_t TK_Y[KEY_BYTES]) { -@@ -197,6 +216,10 @@ void tweakey_state_update(uint8_t TK_X[TWEAKEY_BYTES], uint8_t TK_Y[KEY_BYTES]) +@@ -111,6 +130,10 @@ void tweakey_state_update(uint8_t TK_X[TWEAKEY_BYTES], uint8_t TK_Y[KEY_BYTES]) memcpy(TKj_old_X, TKj_X, LANE_BYTES); - ALPHAS[j-1](TKj_old_X, TKj_X); + ALPHAS[j](TKj_old_X, TKj_X); + -+ fprintf(DUMP, " multiplying lane %zu/%zu by %s\n", 1+j, (size_t)LANES_NB, ALPHAS_STR[j-1]); ++ fprintf(DUMP, " multiplying lane %zu/%zu by %s\n", 1+j, (size_t)LANES_NB, ALPHAS_STR[j]); + debug_dump_buffer("TK_j_X^i-1", LANE_BYTES, TKj_old_X, 12); + debug_dump_buffer("TK_j_X^i", LANE_BYTES, TKj_X, 12); } - for (size_t j=0; j<(KEY_BYTES/LANE_BYTES); j++) -@@ -211,5 +234,11 @@ void tweakey_state_update(uint8_t TK_X[TWEAKEY_BYTES], uint8_t TK_Y[KEY_BYTES]) + for (size_t j=0; j<KEY_LANES_NB; j++) +@@ -125,5 +148,11 @@ void tweakey_state_update(uint8_t TK_X[TWEAKEY_BYTES], uint8_t TK_Y[KEY_BYTES]) - ALPHAS[j-1 + (TWEAK_BYTES/LANE_BYTES)](TKj_X_old, TKj_X); - ALPHAS[j-1 + (TWEAK_BYTES/LANE_BYTES)](TKj_Y_old, TKj_Y); + ALPHAS[j + TWEAK_LANES_NB](TKj_X_old, TKj_X); + ALPHAS[j + TWEAK_LANES_NB](TKj_Y_old, TKj_Y); + -+ fprintf(DUMP, " multiplying lane %zu/%zu by %s\n", 1+j + (TWEAK_BYTES/LANE_BYTES), (size_t)LANES_NB, ALPHAS_STR[j-1 + (TWEAK_BYTES/LANE_BYTES)]); ++ fprintf(DUMP, " multiplying lane %zu/%zu by %s\n", 1+j + TWEAK_LANES_NB, (size_t)LANES_NB, ALPHAS_STR[j + TWEAK_LANES_NB]); + debug_dump_buffer("TK_j_X^i-1", LANE_BYTES, TKj_X_old, 12); + debug_dump_buffer("TK_j_X^i", LANE_BYTES, TKj_X, 12); + debug_dump_buffer("TK_j_Y^i-1", LANE_BYTES, TKj_Y_old, 12); |