blob: dcafdf6f6f4b943898a98f6aad4dbf4054117371 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
|
Reference implementation
========================
This folder contains the reference implementation for Lilliput-AE.
It is organized as follows:
`src`
-----
Contains parameter-independent code for the reference implementation:
- `lilliput-ae.h`: main API
- `lilliput-ae-i.c`: implementation of Lilliput-Ⅰ (ΘCB3-based)
- `lilliput-ae-i.c`: implementation of Lilliput-Ⅱ (SCT-2-based)
- `ae-common.h`: internal helper functions used by both AE schemes
- `tweakey.*`: implementation of Lilliput-TBC's tweakey schedule
- `cipher.*`: implementation of the tweakable block-cipher
Lilliput-TBC
- `constants.*`: tabulated data for
- the tweakey schedule's permutation h
- the tweakey schedule's multiplication sequences P~0~ to P~5~
- Lilliput-TBC's S-box
- `parameters.h`: byte sizes for inputs and outputs (depends on
parameter-dependent `_parameters.h` files)
Also contains some support files:
- `common.mk`: Makefile recipes to compile and test the implementation
- `debug.h`: helper functions to ease debugging and dump intermediate
values
`crypto_aead`
-------------
Contains parameter-dependent code. There is one subfolder per member
of the Lilliput-AE family, named according to NIST's requirements:
> The second-level directory name is a lowercase version of the name
> of the algorithm, including the version number and a family member
> identifier (if multiple family members in submission). […] Dashes,
> dots, slashes, and other punctuation marks are omitted; the
> directory name consists solely of digits (0123456789) and lowercase
> ASCII letters (acbdefghijklmnopqrstuvwxyz).
The subfolders are thus named `lilliputae${mode}${keybits}v1`:
- mode is either i (for ΘCB3) or ii (for SCT-2)
- keybits is either 128, 192 or 256.
Each subfolders contains:
- a `ref` directory, containing parameter-dependent code for the
reference implementation and tests for these specific parameters
- other directories with additional implementations, named `add_*`
TODO: the tests for a given family member should be moved up alongside
`ref` and `add_*` folders since they should apply to all
implementations. Also, the "parameter-dependent" code has been reduced
to a header with three constants; maybe the whole `crypto_aead` folder
could be removed.
`nist`
------
Contains code to
- generate the directory structure required by NIST
- compile each member of the Lilliput-AE family against NIST's
`genkat_aead.c`
- generate test vectors
- package code and test vectors together into `results/crypto_aead`
The code can be run with `make nist`.
`traces`
--------
Contains patches to add print statements for inputs, outputs and
intermediate values. `make traces` will
- apply the patches
- run the trace programs
- collect traces
- revert the patches
|
