tweakey.c (1887B)
1 /* 2 Implementation of the Lilliput-AE tweakable block cipher. 3 4 Authors, hereby denoted as "the implementer": 5 Kévin Le Gouguec, 6 2019. 7 8 For more information, feedback or questions, refer to our website: 9 https://paclido.fr/lilliput-ae 10 11 To the extent possible under law, the implementer has waived all copyright 12 and related or neighboring rights to the source code in this file. 13 http://creativecommons.org/publicdomain/zero/1.0/ 14 15 --- 16 17 This file provides the implementation of Lilliput-TBC's tweakey schedule. 18 */ 19 20 #include <stdint.h> 21 #include <string.h> 22 23 #include "constants.h" 24 #include "multiplications.h" 25 #include "tweakey.h" 26 27 28 #define LANES_NB (TWEAKEY_BYTES/LANE_BYTES) 29 30 31 void tweakey_state_init( 32 uint8_t TK[TWEAKEY_BYTES], 33 const uint8_t key[KEY_BYTES], 34 const uint8_t tweak[TWEAK_BYTES] 35 ) 36 { 37 memcpy(TK, tweak, TWEAK_BYTES); 38 memcpy(TK+TWEAK_BYTES, key, KEY_BYTES); 39 } 40 41 42 void tweakey_state_extract( 43 const uint8_t TK[TWEAKEY_BYTES], 44 uint8_t round_constant, 45 uint8_t round_tweakey[ROUND_TWEAKEY_BYTES] 46 ) 47 { 48 memset(round_tweakey, 0, ROUND_TWEAKEY_BYTES); 49 50 for (size_t j=0; j<LANES_NB; j++) 51 { 52 const uint8_t *TKj = TK + j*LANE_BYTES; 53 54 for (size_t k=0; k<LANE_BYTES; k++) 55 { 56 round_tweakey[k] ^= TKj[k]; 57 } 58 } 59 60 round_tweakey[0] ^= round_constant; 61 } 62 63 64 typedef void (*matrix_multiplication)(const uint8_t x[LANE_BYTES], uint8_t y[LANE_BYTES]); 65 66 static const matrix_multiplication ALPHAS[7] = { 67 _multiply_M, 68 _multiply_M2, 69 _multiply_M3, 70 _multiply_M4, 71 _multiply_MR, 72 _multiply_MR2, 73 _multiply_MR3 74 }; 75 76 77 void tweakey_state_update(uint8_t TK[TWEAKEY_BYTES]) 78 { 79 for (size_t j=0; j<LANES_NB; j++) 80 { 81 uint8_t *TKj = TK + j*LANE_BYTES; 82 83 uint8_t TKj_old[LANE_BYTES]; 84 memcpy(TKj_old, TKj, LANE_BYTES); 85 86 ALPHAS[j](TKj_old, TKj); 87 } 88 }