1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
|
/*
Implementation of the Lilliput-AE tweakable block cipher.
Authors, hereby denoted as "the implementer":
Kévin Le Gouguec,
2019.
For more information, feedback or questions, refer to our website:
https://paclido.fr/lilliput-ae
To the extent possible under law, the implementer has waived all copyright
and related or neighboring rights to the source code in this file.
http://creativecommons.org/publicdomain/zero/1.0/
---
This file implements the alpha-multiplications used in Lilliput-TBC's
tweakey schedule, where each matrix M and M_R to the power n are
implemented in distinct functions with shifts and XORs.
*/
#ifndef MULTIPLICATIONS_H
#define MULTIPLICATIONS_H
#include <stdint.h>
#include "constants.h"
static void _multiply_M(const uint8_t x[LANE_BYTES], uint8_t y[LANE_BYTES])
{
y[7] = x[6];
y[6] = x[5];
y[5] = x[5]<<3 ^ x[4];
y[4] = x[4]>>3 ^ x[3];
y[3] = x[2];
y[2] = x[6]<<2 ^ x[1];
y[1] = x[0];
y[0] = x[7];
}
static void _multiply_M2(const uint8_t x[LANE_BYTES], uint8_t y[LANE_BYTES])
{
uint8_t x_M_5 = x[5]<<3 ^ x[4];
uint8_t x_M_4 = x[4]>>3 ^ x[3];
y[7] = x[5];
y[6] = x_M_5;
y[5] = x_M_5<<3 ^ x_M_4;
y[4] = x_M_4>>3 ^ x[2];
y[3] = x[6]<<2 ^ x[1];
y[2] = x[5]<<2 ^ x[0];
y[1] = x[7];
y[0] = x[6];
}
static void _multiply_M3(const uint8_t x[LANE_BYTES], uint8_t y[LANE_BYTES])
{
uint8_t x_M_5 = x[5]<<3 ^ x[4];
uint8_t x_M_4 = x[4]>>3 ^ x[3];
uint8_t x_M2_5 = x_M_5<<3 ^ x_M_4;
uint8_t x_M2_4 = x_M_4>>3 ^ x[2];
y[7] = x_M_5;
y[6] = x_M2_5;
y[5] = x_M2_5<<3 ^ x_M2_4;
y[4] = x_M2_4>>3 ^ x[6]<<2 ^ x[1];
y[3] = x[5]<<2 ^ x[0];
y[2] = x_M_5<<2 ^ x[7];
y[1] = x[6];
y[0] = x[5];
}
static void _multiply_MR(const uint8_t x[LANE_BYTES], uint8_t y[LANE_BYTES])
{
y[0] = x[1];
y[1] = x[2];
y[2] = x[3] ^ x[4]>>3;
y[3] = x[4];
y[4] = x[5] ^ x[6]<<3;
y[5] = x[3]<<2 ^ x[6];
y[6] = x[7];
y[7] = x[0];
}
static void _multiply_MR2(const uint8_t x[LANE_BYTES], uint8_t y[LANE_BYTES])
{
uint8_t x_MR_4 = x[5] ^ x[6]<<3;
y[0] = x[2];
y[1] = x[3] ^ x[4]>>3;
y[2] = x[4] ^ x_MR_4>>3;
y[3] = x_MR_4;
y[4] = x[3]<<2 ^ x[6] ^ x[7]<<3;
y[5] = x[4]<<2 ^ x[7];
y[6] = x[0];
y[7] = x[1];
}
static void _multiply_MR3(const uint8_t x[LANE_BYTES], uint8_t y[LANE_BYTES])
{
uint8_t x_MR_4 = x[5] ^ x[6]<<3;
uint8_t x_MR2_4 = x[3]<<2 ^ x[6] ^ x[7]<<3;
y[0] = x[3] ^ x[4]>>3;
y[1] = x[4] ^ x_MR_4>>3;
y[2] = x_MR_4 ^ x_MR2_4>>3;
y[3] = x_MR2_4;
y[4] = x[0]<<3 ^ x[4]<<2 ^ x[7];
y[5] = x_MR_4<<2 ^ x[0];
y[6] = x[1];
y[7] = x[2];
}
#endif /* MULTIPLICATIONS_H */
|
