summaryrefslogtreecommitdiff
path: root/traces/traces-tbc.patch
diff options
context:
space:
mode:
Diffstat (limited to 'traces/traces-tbc.patch')
-rw-r--r--traces/traces-tbc.patch104
1 files changed, 52 insertions, 52 deletions
diff --git a/traces/traces-tbc.patch b/traces/traces-tbc.patch
index 49cb0f1..b24335c 100644
--- a/traces/traces-tbc.patch
+++ b/traces/traces-tbc.patch
@@ -1,5 +1,5 @@
diff --git a/SOUMISSION_NIST/REFERENCE_IMPLEMENTATION/src/cipher.c b/SOUMISSION_NIST/REFERENCE_IMPLEMENTATION/src/cipher.c
-index 7f1152a..caae858 100644
+index 4190359..822f374 100644
--- a/SOUMISSION_NIST/REFERENCE_IMPLEMENTATION/src/cipher.c
+++ b/SOUMISSION_NIST/REFERENCE_IMPLEMENTATION/src/cipher.c
@@ -1,3 +1,5 @@
@@ -8,15 +8,15 @@ index 7f1152a..caae858 100644
#include <stdint.h>
#include <string.h>
-@@ -47,40 +49,61 @@ static void _compute_round_tweakeys(
+@@ -38,40 +40,61 @@ static void _compute_round_tweakeys(
uint8_t RTK[ROUNDS][ROUND_TWEAKEY_BYTES]
)
{
+ fprintf(DUMP, "computing %zu round sub-tweakeys\n", (size_t)ROUNDS);
+
- tweakey_state TK;
- tweakey_state_init(&TK, key, tweak);
- tweakey_state_extract(&TK, RTK[0], 0);
+ uint8_t TK[TWEAKEY_BYTES];
+ tweakey_state_init(TK, key, tweak);
+ tweakey_state_extract(TK, 0, RTK[0]);
+ fprintf(DUMP, " 0\n");
+ debug_dump_buffer("RTK", ROUND_TWEAKEY_BYTES, RTK[0], 8);
@@ -25,29 +25,29 @@ index 7f1152a..caae858 100644
{
+ fprintf(DUMP, " %zu\n", (size_t)i);
+
- tweakey_state_update(&TK);
-+ debug_dump_buffer("TK", TWEAK_BYTES, TK.TK, 8);
- tweakey_state_extract(&TK, RTK[i], i);
+ tweakey_state_update(TK);
++ debug_dump_buffer("TK", TWEAK_BYTES, TK, 8);
+ tweakey_state_extract(TK, i, RTK[i]);
+ debug_dump_buffer("RTK", ROUND_TWEAKEY_BYTES, RTK[i], 8);
}
}
- static void _nonlinear_layer(cipher_state *X, const uint8_t RTK[ROUND_TWEAKEY_BYTES])
+ static void _nonlinear_layer(uint8_t X[BLOCK_BYTES], const uint8_t RTK[ROUND_TWEAKEY_BYTES])
{
+ fprintf(DUMP, " nonlinear layer\n");
+
-+ debug_dump_buffer("X", BLOCK_BYTES, X->X, 12);
++ debug_dump_buffer("X", BLOCK_BYTES, X, 12);
+
uint8_t F[ROUND_TWEAKEY_BYTES];
- for (size_t j=0; j<sizeof(F); j++)
+ for (size_t j=0; j<ROUND_TWEAKEY_BYTES; j++)
{
- F[j] = X->X[j] ^ RTK[j];
+ F[j] = X[j] ^ RTK[j];
}
+ debug_dump_buffer("Xj XOR RTKj", sizeof(F), F, 12);
+
- for (size_t j=0; j<sizeof(F); j++)
+ for (size_t j=0; j<ROUND_TWEAKEY_BYTES; j++)
{
F[j] = S[F[j]];
}
@@ -57,47 +57,47 @@ index 7f1152a..caae858 100644
for (size_t j=0; j<8; j++)
{
size_t dest_j = 15-j;
- X->X[dest_j] ^= F[j];
+ X[dest_j] ^= F[j];
}
+
-+ debug_dump_buffer("X (post-XOR)", BLOCK_BYTES, X->X, 12);
++ debug_dump_buffer("X (post-XOR)", BLOCK_BYTES, X, 12);
}
- static void _linear_layer(cipher_state *X)
+ static void _linear_layer(uint8_t X[BLOCK_BYTES])
{
+ fprintf(DUMP, " linear layer\n");
+
- X->X[15] ^= X->X[1];
- X->X[15] ^= X->X[2];
- X->X[15] ^= X->X[3];
-@@ -95,6 +118,8 @@ static void _linear_layer(cipher_state *X)
- X->X[11] ^= X->X[7];
- X->X[10] ^= X->X[7];
- X->X[9] ^= X->X[7];
+ X[15] ^= X[1];
+ X[15] ^= X[2];
+ X[15] ^= X[3];
+@@ -86,6 +109,8 @@ static void _linear_layer(uint8_t X[BLOCK_BYTES])
+ X[11] ^= X[7];
+ X[10] ^= X[7];
+ X[9] ^= X[7];
+
-+ debug_dump_buffer("X", BLOCK_BYTES, X->X, 12);
++ debug_dump_buffer("X", BLOCK_BYTES, X, 12);
}
- static void _permutation_layer(cipher_state *X, permutation p)
-@@ -104,6 +129,8 @@ static void _permutation_layer(cipher_state *X, permutation p)
+ static void _permutation_layer(uint8_t X[BLOCK_BYTES], permutation p)
+@@ -95,6 +120,8 @@ static void _permutation_layer(uint8_t X[BLOCK_BYTES], permutation p)
return;
}
+ fprintf(DUMP, " permutation layer\n");
+
uint8_t X_old[BLOCK_BYTES];
- memcpy(X_old, X, sizeof(X_old));
+ memcpy(X_old, X, BLOCK_BYTES);
-@@ -113,6 +140,8 @@ static void _permutation_layer(cipher_state *X, permutation p)
+@@ -104,6 +131,8 @@ static void _permutation_layer(uint8_t X[BLOCK_BYTES], permutation p)
{
- X->X[pi[j]] = X_old[j];
+ X[pi[j]] = X_old[j];
}
+
-+ debug_dump_buffer("X", BLOCK_BYTES, X->X, 12);
++ debug_dump_buffer("X", BLOCK_BYTES, X, 12);
}
- static void _one_round_egfn(cipher_state *X, const uint8_t RTK[ROUND_TWEAKEY_BYTES], permutation p)
-@@ -136,11 +165,15 @@ void lilliput_tbc_encrypt(
+ static void _one_round_egfn(uint8_t X[BLOCK_BYTES], const uint8_t RTK[ROUND_TWEAKEY_BYTES], permutation p)
+@@ -127,11 +156,15 @@ void lilliput_tbc_encrypt(
uint8_t RTK[ROUNDS][ROUND_TWEAKEY_BYTES];
_compute_round_tweakeys(key, tweak, RTK);
@@ -106,15 +106,15 @@ index 7f1152a..caae858 100644
for (uint8_t i=0; i<ROUNDS-1; i++)
{
+ fprintf(DUMP, " round %zu\n", (size_t)i);
- _one_round_egfn(&X, RTK[i], PERMUTATION_ENCRYPTION);
+ _one_round_egfn(X, RTK[i], PERMUTATION_ENCRYPTION);
}
+ fprintf(DUMP, " round %zu\n", (size_t)(ROUNDS-1));
- _one_round_egfn(&X, RTK[ROUNDS-1], PERMUTATION_NONE);
+ _one_round_egfn(X, RTK[ROUNDS-1], PERMUTATION_NONE);
- memcpy(ciphertext, X.X, BLOCK_BYTES);
+ memcpy(ciphertext, X, BLOCK_BYTES);
diff --git a/SOUMISSION_NIST/REFERENCE_IMPLEMENTATION/src/tweakey.c b/SOUMISSION_NIST/REFERENCE_IMPLEMENTATION/src/tweakey.c
-index da97019..cbff16a 100644
+index 761ec53..39251a7 100644
--- a/SOUMISSION_NIST/REFERENCE_IMPLEMENTATION/src/tweakey.c
+++ b/SOUMISSION_NIST/REFERENCE_IMPLEMENTATION/src/tweakey.c
@@ -1,3 +1,5 @@
@@ -125,9 +125,9 @@ index da97019..cbff16a 100644
@@ -32,10 +34,16 @@ void tweakey_state_extract(
- for (const uint8_t *lane=TK->TK; lane<TK->TK+TWEAKEY_BYTES; lane+=LANE_BYTES)
+ for (const uint8_t *lane=TK; lane<TK+TWEAKEY_BYTES; lane+=LANE_BYTES)
{
-+ fprintf(DUMP, " XORing lane %zu/%zu\n", 1+(size_t)((lane-TK->TK)/LANE_BYTES), (size_t)LANES_NB);
++ fprintf(DUMP, " XORing lane %zu/%zu\n", 1+(size_t)((lane-TK)/LANE_BYTES), (size_t)LANES_NB);
+ debug_dump_buffer("RTK", ROUND_TWEAKEY_BYTES, round_tweakey, 12);
+ debug_dump_buffer("lane[j]", LANE_BYTES, lane, 12);
+
@@ -139,42 +139,42 @@ index da97019..cbff16a 100644
+ debug_dump_buffer("=> RTK", ROUND_TWEAKEY_BYTES, round_tweakey, 12);
}
- round_tweakey[0] ^= i;
+ round_tweakey[0] ^= round_constant;
@@ -44,6 +52,8 @@ void tweakey_state_extract(
- static void _permute_state(tweakey_state *TK)
+ static void _permute_state(uint8_t TK[TWEAKEY_BYTES])
{
+ fprintf(DUMP, " permuting TK\n");
+
uint8_t TK_old[TWEAKEY_BYTES];
- memcpy(TK_old, TK->TK, sizeof(TK_old));
+ memcpy(TK_old, TK, TWEAKEY_BYTES);
-@@ -56,12 +66,19 @@ static void _permute_state(tweakey_state *TK)
- TK->TK[j+h[k]] = TK_old[j+k];
+@@ -54,12 +64,19 @@ static void _permute_state(uint8_t TK[TWEAKEY_BYTES])
+ TK[j+h[k]] = TK_old[j+k];
}
}
+
+ debug_dump_buffer("TKi-1", TWEAKEY_BYTES, TK_old, 12);
-+ debug_dump_buffer("TKi", TWEAKEY_BYTES, TK->TK, 12);
++ debug_dump_buffer("TKi", TWEAKEY_BYTES, TK, 12);
}
- static void _multiply_state(tweakey_state *TK)
+ static void _multiply_state(uint8_t TK[TWEAKEY_BYTES])
{
+ fprintf(DUMP, " multiplying TK\n");
+
/* Lane 0 is multiplied by Id; lane 1 by P_0, lane 2 by P_1... */
-+ debug_dump_buffer("TKi-1", TWEAKEY_BYTES, TK->TK, 12);
++ debug_dump_buffer("TKi-1", TWEAKEY_BYTES, TK, 12);
+
- for (size_t lane=1; lane<LANES_NB; lane++)
+ for (size_t j=1; j<LANES_NB; j++)
{
- const uint8_t* P_lane = P[lane-1];
-@@ -74,6 +91,8 @@ static void _multiply_state(tweakey_state *TK)
- TK->TK[offset] = P_lane[TK->TK[offset]];
+ const uint8_t *P_lane = P[j-1];
+@@ -70,6 +87,8 @@ static void _multiply_state(uint8_t TK[TWEAKEY_BYTES])
+ TK[offset] = P_lane[TK[offset]];
}
}
+
-+ debug_dump_buffer("TKi", TWEAKEY_BYTES, TK->TK, 12);
++ debug_dump_buffer("TKi", TWEAKEY_BYTES, TK, 12);
}
- void tweakey_state_update(tweakey_state *TK)
+ void tweakey_state_update(uint8_t TK[TWEAKEY_BYTES])
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-06 12:45:55 +0000