def setupPresentRound(self, stp_file, s_in, p, s_out, w, wordsize): """ Model for differential behaviour of one round PRESENT """ command = "" #Permutation Layer for i in range(16): command += "ASSERT({0}[{1}:{1}] = {2}[{3}:{3}]);\n".format(p, i*4+0, s_out, i) command += "ASSERT({0}[{1}:{1}] = {2}[{3}:{3}]);\n".format(p, i*4+1, s_out, i+16) command += "ASSERT({0}[{1}:{1}] = {2}[{3}:{3}]);\n".format(p, i*4+2, s_out, i+32) command += "ASSERT({0}[{1}:{1}] = {2}[{3}:{3}]);\n".format(p, i*4+3, s_out, i+48) # Substitution Layer present_sbox = [0xc, 5, 6, 0xb, 9, 0, 0xa, 0xd, 3, 0xe, 0xf, 8, 4, 7, 1, 2] for i in range(16): variables = ["{0}[{1}:{1}]".format(s_in, 4*i + 3), "{0}[{1}:{1}]".format(s_in, 4*i + 2), "{0}[{1}:{1}]".format(s_in, 4*i + 1), "{0}[{1}:{1}]".format(s_in, 4*i + 0), "{0}[{1}:{1}]".format(p, 4*i + 3), "{0}[{1}:{1}]".format(p, 4*i + 2), "{0}[{1}:{1}]".format(p, 4*i + 1), "{0}[{1}:{1}]".format(p, 4*i + 0), "{0}[{1}:{1}]".format(w, 4*i + 3), "{0}[{1}:{1}]".format(w, 4*i + 2), "{0}[{1}:{1}]".format(w, 4*i + 1), "{0}[{1}:{1}]".format(w, 4*i + 0)] command += stpcommands.add4bitSbox(present_sbox, variables) stp_file.write(command) return
def setupCraftRound(self, stp_file, x_in, y, z, x_out, w, wordsize): """ Model for single tweak differential behaviour of CRAFT """ command = "" """ MixColumn note that in CVC language when you use x[i:j], i must always be equal or greater than j I' = MC(I) I[i, j] = I[4*i + j] I[0] = nibble 0 I[15] = nibble 15 I'[j] = I[j] xor I[j + 8] xor I[12 + j] for j = [0, 3] I'[4 + j] = I[4 + j] xor I[12 + j] for j = [0, 3] I'[8 + j] = I[8 + j] for j = [0, 7] I[j] = xr[4*j + 3:4*j] I'[j] = yr[4*j + 3:4j] """ for j in range(4): command += "ASSERT(" + y + "[%d:%d]" % (4*j + 3, 4*j) + " = " command += "BVXOR(" command += "BVXOR(" + x_in + "[%d:%d]" % (4*(8 + j) + 3, 4*(8 + j)) +\ "," + x_in + "[%d:%d]" % (4*(12 + j) + 3, 4*(12 + j)) + ")," command += x_in + "[%d:%d]" % (4*j + 3, 4*j) + "));\n" command += "ASSERT(" + y + \ "[%d:%d]" % (4*(4 + j) + 3, 4*(4 + j)) + " = " command += "BVXOR(" + x_in + "[%d:%d]" % (4*(4 + j) + 3, 4*(4 + j)) +\ "," + x_in + "[%d:%d]" % (4*(12 + j) + 3, 4*(12 + j)) + "));\n" command += "ASSERT(" + y + "[63:32]" + \ " = " + x_in + "[63:32]" + ");\n" # PermuteNibbles Layer # zr = PermuteNibbles(xr) # zr[i] = xr[PN[i]] for i in range(16): command += "ASSERT(" + z + "[%d:%d]" % (4*i + 3, 4*i) + \ " = " + y + "[%d:%d]" % (4*self.PN[i] + 3, 4*self.PN[i]) + ");\n" # Sbox layer for i in range(16): variables = ["{0}[{1}:{1}]".format(z, 4*i + 3), "{0}[{1}:{1}]".format(z, 4*i + 2), "{0}[{1}:{1}]".format(z, 4*i + 1), "{0}[{1}:{1}]".format(z, 4*i + 0), "{0}[{1}:{1}]".format(x_out, 4*i + 3), "{0}[{1}:{1}]".format(x_out, 4*i + 2), "{0}[{1}:{1}]".format(x_out, 4*i + 1), "{0}[{1}:{1}]".format(x_out, 4*i + 0), "{0}[{1}:{1}]".format(w, 4*i + 3), "{0}[{1}:{1}]".format(w, 4*i + 2), "{0}[{1}:{1}]".format(w, 4*i + 1), "{0}[{1}:{1}]".format(w, 4*i + 0)] # print(variables) command += stpcommands.add4bitSbox(self.craft_sbox, variables) stp_file.write(command) return
def setupCraftRound(self, stp_file, x_in, y, z, x_out, w, wordsize): """ Model for single tweak differential behaviour of CRAFT """ command = "" """ MixColumn note that in CVC language when you use x[i:j], i must always be equal or greater than j I' = MC(I) I[i, j] = I[4*i + j] I[0] = nibble 0 I[15] = nibble 15 I'[j] = I[j] xor I[j + 8] xor I[12 + j] for j = [0, 3] I'[4 + j] = I[4 + j] xor I[12 + j] for j = [0, 3] I'[8 + j] = I[8 + j] for j = [0, 7] I[j] = xr[4*j + 3:4*j] I'[j] = yr[4*j + 3:4j] """ for j in range(4): command += "ASSERT(" + y + "[%d:%d]" % (4 * j + 3, 4 * j) + " = " command += "BVXOR(" command += "BVXOR(" + x_in + "[%d:%d]" % (4*(8 + j) + 3, 4*(8 + j)) +\ "," + x_in + "[%d:%d]" % (4*(12 + j) + 3, 4*(12 + j)) + ")," command += x_in + "[%d:%d]" % (4 * j + 3, 4 * j) + "));\n" command += "ASSERT(" + y + \ "[%d:%d]" % (4*(4 + j) + 3, 4*(4 + j)) + " = " command += "BVXOR(" + x_in + "[%d:%d]" % (4*(4 + j) + 3, 4*(4 + j)) +\ "," + x_in + "[%d:%d]" % (4*(12 + j) + 3, 4*(12 + j)) + "));\n" command += "ASSERT(" + y + "[63:32]" + \ " = " + x_in + "[63:32]" + ");\n" # PermuteNibbles Layer # zr = PermuteNibbles(xr) # zr[i] = xr[PN[i]] for i in range(16): command += "ASSERT(" + z + "[%d:%d]" % (4*i + 3, 4*i) + \ " = " + y + "[%d:%d]" % (4*self.PN[i] + 3, 4*self.PN[i]) + ");\n" # Sbox layer for i in range(16): variables = [ "{0}[{1}:{1}]".format(z, 4 * i + 3), "{0}[{1}:{1}]".format( z, 4 * i + 2), "{0}[{1}:{1}]".format(z, 4 * i + 1), "{0}[{1}:{1}]".format(z, 4 * i + 0), "{0}[{1}:{1}]".format( x_out, 4 * i + 3), "{0}[{1}:{1}]".format(x_out, 4 * i + 2), "{0}[{1}:{1}]".format(x_out, 4 * i + 1), "{0}[{1}:{1}]".format( x_out, 4 * i + 0), "{0}[{1}:{1}]".format(w, 4 * i + 3), "{0}[{1}:{1}]".format(w, 4 * i + 2), "{0}[{1}:{1}]".format(w, 4 * i + 1), "{0}[{1}:{1}]".format(w, 4 * i + 0) ] # print(variables) command += stpcommands.add4bitSbox(self.craft_sbox, variables) stp_file.write(command) return
def setupSkinnyRound(self, stp_file, sc_in, sr, mc, sc_out, w, blocksize): """ Model for differential behaviour of one round Skinny """ command = "" # SubBytes skinny_sbox = [0xc, 0x6, 0x9, 0x0, 0x1, 0xa, 0x2, 0xb, 0x3, 0x8, 0x5, 0xd, 0x4, 0xe, 0x7, 0xf] for i in range(16): variables = ["{0}[{1}:{1}]".format(sc_in, 4*i + 3), "{0}[{1}:{1}]".format(sc_in, 4*i + 2), "{0}[{1}:{1}]".format(sc_in, 4*i + 1), "{0}[{1}:{1}]".format(sc_in, 4*i + 0), "{0}[{1}:{1}]".format(sr, 4*i + 3), "{0}[{1}:{1}]".format(sr, 4*i + 2), "{0}[{1}:{1}]".format(sr, 4*i + 1), "{0}[{1}:{1}]".format(sr, 4*i + 0), "{0}[{1}:{1}]".format(w, 4*i + 3), "{0}[{1}:{1}]".format(w, 4*i + 2), "{0}[{1}:{1}]".format(w, 4*i + 1), "{0}[{1}:{1}]".format(w, 4*i + 0)] command += stpcommands.add4bitSbox(skinny_sbox, variables) # ShiftRows command += "ASSERT({0}[15:0] = {1}[15:0]);\n".format(sr, mc) command += "ASSERT({0}[31:20] = {1}[27:16]);\n".format(sr, mc) command += "ASSERT({0}[19:16] = {1}[31:28]);\n".format(sr, mc) command += "ASSERT({0}[39:32] = {1}[47:40]);\n".format(sr, mc) command += "ASSERT({0}[47:40] = {1}[39:32]);\n".format(sr, mc) command += "ASSERT({0}[63:60] = {1}[51:48]);\n".format(sr, mc) command += "ASSERT({0}[59:48] = {1}[63:52]);\n".format(sr, mc) # MixColumns command += "ASSERT(" command += "{0}[15:0] = {1}[31:16]".format(mc, sc_out); command += ");\n" command += "ASSERT(" command += "BVXOR({0}[31:16], {0}[47:32]) = {1}[47:32]".format(mc, sc_out); command += ");\n" command += "ASSERT(" command += "BVXOR({0}[47:32], {0}[15:0]) = {1}[63:48]".format(mc, sc_out); command += ");\n" command += "ASSERT(" command += "BVXOR({0}[63:48], {1}[63:48]) = {1}[15:0]".format(mc, sc_out); command += ");\n" stp_file.write(command) return
def setupRectangleRound(self, stp_file, sc_in, sr, sc_out, w, blocksize): """ Model for differential behaviour of one round Rectangle """ command = "" #SubColumn rectangle_sbox = [ 0x6, 0x5, 0xC, 0xA, 0x1, 0xE, 0x7, 0x9, 0xB, 0x0, 0x3, 0xD, 0x8, 0xF, 0x4, 0x2 ] for i in range(16): variables = [ "{0}[{1}:{1}]".format(sc_in, i + 48), "{0}[{1}:{1}]".format( sc_in, i + 32), "{0}[{1}:{1}]".format(sc_in, i + 16), "{0}[{1}:{1}]".format(sc_in, i + 0), "{0}[{1}:{1}]".format( sr, i + 48), "{0}[{1}:{1}]".format(sr, i + 32), "{0}[{1}:{1}]".format(sr, i + 16), "{0}[{1}:{1}]".format(sr, i + 0), "{0}[{1}:{1}]".format(w, i + 48), "{0}[{1}:{1}]".format(w, i + 32), "{0}[{1}:{1}]".format(w, i + 16), "{0}[{1}:{1}]".format(w, i + 0) ] command += stpcommands.add4bitSbox(rectangle_sbox, variables) #ShiftRows # row 0 <<< 0 command += "ASSERT({0}[15:0] = {1}[15:0]);\n".format(sr, sc_out) # row 1 <<< 1 command += "ASSERT({0}[30:16] = {1}[31:17]);\n".format(sr, sc_out) command += "ASSERT({0}[31:31] = {1}[16:16]);\n".format(sr, sc_out) # row 2 <<< 12 command += "ASSERT({0}[47:36] = {1}[43:32]);\n".format(sr, sc_out) command += "ASSERT({0}[35:32] = {1}[47:44]);\n".format(sr, sc_out) # row 3 <<< 13 command += "ASSERT({0}[50:48] = {1}[63:61]);\n".format(sr, sc_out) command += "ASSERT({0}[63:51] = {1}[60:48]);\n".format(sr, sc_out) stp_file.write(command) return
def setupGiftRound(self, stp_file, s_in, p, s_out, w, wordsize): """ Model for differential behaviour of one round GIFT """ command = "" #Permutation Layer if wordsize == 64: command += "ASSERT({0}[0:0] = {1}[0:0]);\n".format(s_out, p) #0 command += "ASSERT({0}[17:17] = {1}[1:1]);\n".format(s_out, p) #1 command += "ASSERT({0}[34:34] = {1}[2:2]);\n".format(s_out, p) #2 command += "ASSERT({0}[51:51] = {1}[3:3]);\n".format(s_out, p) #3 command += "ASSERT({0}[48:48] = {1}[4:4]);\n".format(s_out, p) #4 command += "ASSERT({0}[1:1] = {1}[5:5]);\n".format(s_out, p) #5 command += "ASSERT({0}[18:18] = {1}[6:6]);\n".format(s_out, p) #6 command += "ASSERT({0}[35:35] = {1}[7:7]);\n".format(s_out, p) #7 command += "ASSERT({0}[32:32] = {1}[8:8]);\n".format(s_out, p) #8 command += "ASSERT({0}[49:49] = {1}[9:9]);\n".format(s_out, p) #9 command += "ASSERT({0}[2:2] = {1}[10:10]);\n".format(s_out, p) #10 command += "ASSERT({0}[19:19] = {1}[11:11]);\n".format(s_out, p) #11 command += "ASSERT({0}[16:16] = {1}[12:12]);\n".format(s_out, p) #12 command += "ASSERT({0}[33:33] = {1}[13:13]);\n".format(s_out, p) #13 command += "ASSERT({0}[50:50] = {1}[14:14]);\n".format(s_out, p) #14 command += "ASSERT({0}[3:3] = {1}[15:15]);\n".format(s_out, p) #15 command += "ASSERT({0}[4:4] = {1}[16:16]);\n".format(s_out, p) #16 command += "ASSERT({0}[21:21] = {1}[17:17]);\n".format(s_out, p) #17 command += "ASSERT({0}[38:38] = {1}[18:18]);\n".format(s_out, p) #18 command += "ASSERT({0}[55:55] = {1}[19:19]);\n".format(s_out, p) #19 command += "ASSERT({0}[52:52] = {1}[20:20]);\n".format(s_out, p) #20 command += "ASSERT({0}[5:5] = {1}[21:21]);\n".format(s_out, p) #21 command += "ASSERT({0}[22:22] = {1}[22:22]);\n".format(s_out, p) #22 command += "ASSERT({0}[39:39] = {1}[23:23]);\n".format(s_out, p) #23 command += "ASSERT({0}[36:36] = {1}[24:24]);\n".format(s_out, p) #24 command += "ASSERT({0}[53:53] = {1}[25:25]);\n".format(s_out, p) #25 command += "ASSERT({0}[6:6] = {1}[26:26]);\n".format(s_out, p) #26 command += "ASSERT({0}[23:23] = {1}[27:27]);\n".format(s_out, p) #27 command += "ASSERT({0}[20:20] = {1}[28:28]);\n".format(s_out, p) #28 command += "ASSERT({0}[37:37] = {1}[29:29]);\n".format(s_out, p) #29 command += "ASSERT({0}[54:54] = {1}[30:30]);\n".format(s_out, p) #30 command += "ASSERT({0}[7:7] = {1}[31:31]);\n".format(s_out, p) #31 command += "ASSERT({0}[8:8] = {1}[32:32]);\n".format(s_out, p) #32 command += "ASSERT({0}[25:25] = {1}[33:33]);\n".format(s_out, p) #33 command += "ASSERT({0}[42:42] = {1}[34:34]);\n".format(s_out, p) #34 command += "ASSERT({0}[59:59] = {1}[35:35]);\n".format(s_out, p) #35 command += "ASSERT({0}[56:56] = {1}[36:36]);\n".format(s_out, p) #36 command += "ASSERT({0}[9:9] = {1}[37:37]);\n".format(s_out, p) #37 command += "ASSERT({0}[26:26] = {1}[38:38]);\n".format(s_out, p) #38 command += "ASSERT({0}[43:43] = {1}[39:39]);\n".format(s_out, p) #39 command += "ASSERT({0}[40:40] = {1}[40:40]);\n".format(s_out, p) #40 command += "ASSERT({0}[57:57] = {1}[41:41]);\n".format(s_out, p) #41 command += "ASSERT({0}[10:10] = {1}[42:42]);\n".format(s_out, p) #42 command += "ASSERT({0}[27:27] = {1}[43:43]);\n".format(s_out, p) #43 command += "ASSERT({0}[24:24] = {1}[44:44]);\n".format(s_out, p) #44 command += "ASSERT({0}[41:41] = {1}[45:45]);\n".format(s_out, p) #45 command += "ASSERT({0}[58:58] = {1}[46:46]);\n".format(s_out, p) #46 command += "ASSERT({0}[11:11] = {1}[47:47]);\n".format(s_out, p) #47 command += "ASSERT({0}[12:12] = {1}[48:48]);\n".format(s_out, p) #48 command += "ASSERT({0}[29:29] = {1}[49:49]);\n".format(s_out, p) #49 command += "ASSERT({0}[46:46] = {1}[50:50]);\n".format(s_out, p) #50 command += "ASSERT({0}[63:63] = {1}[51:51]);\n".format(s_out, p) #51 command += "ASSERT({0}[60:60] = {1}[52:52]);\n".format(s_out, p) #52 command += "ASSERT({0}[13:13] = {1}[53:53]);\n".format(s_out, p) #53 command += "ASSERT({0}[30:30] = {1}[54:54]);\n".format(s_out, p) #54 command += "ASSERT({0}[47:47] = {1}[55:55]);\n".format(s_out, p) #55 command += "ASSERT({0}[44:44] = {1}[56:56]);\n".format(s_out, p) #56 command += "ASSERT({0}[61:61] = {1}[57:57]);\n".format(s_out, p) #57 command += "ASSERT({0}[14:14] = {1}[58:58]);\n".format(s_out, p) #58 command += "ASSERT({0}[31:31] = {1}[59:59]);\n".format(s_out, p) #59 command += "ASSERT({0}[28:28] = {1}[60:60]);\n".format(s_out, p) #60 command += "ASSERT({0}[45:45] = {1}[61:61]);\n".format(s_out, p) #61 command += "ASSERT({0}[62:62] = {1}[62:62]);\n".format(s_out, p) #62 command += "ASSERT({0}[15:15] = {1}[63:63]);\n".format(s_out, p) #63 elif wordsize == 128: command += "ASSERT({0}[0:0] = {1}[0:0]);\n".format(s_out, p) #0 command += "ASSERT({0}[33:33] = {1}[1:1]);\n".format(s_out, p) #1 command += "ASSERT({0}[66:66] = {1}[2:2]);\n".format(s_out, p) #2 command += "ASSERT({0}[99:99] = {1}[3:3]);\n".format(s_out, p) #3 command += "ASSERT({0}[96:96] = {1}[4:4]);\n".format(s_out, p) #4 command += "ASSERT({0}[1:1] = {1}[5:5]);\n".format(s_out, p) #5 command += "ASSERT({0}[34:34] = {1}[6:6]);\n".format(s_out, p) #6 command += "ASSERT({0}[67:67] = {1}[7:7]);\n".format(s_out, p) #7 command += "ASSERT({0}[64:64] = {1}[8:8]);\n".format(s_out, p) #8 command += "ASSERT({0}[97:97] = {1}[9:9]);\n".format(s_out, p) #9 command += "ASSERT({0}[2:2] = {1}[10:10]);\n".format(s_out, p) #10 command += "ASSERT({0}[35:35] = {1}[11:11]);\n".format(s_out, p) #11 command += "ASSERT({0}[32:32] = {1}[12:12]);\n".format(s_out, p) #12 command += "ASSERT({0}[65:65] = {1}[13:13]);\n".format(s_out, p) #13 command += "ASSERT({0}[98:98] = {1}[14:14]);\n".format(s_out, p) #14 command += "ASSERT({0}[3:3] = {1}[15:15]);\n".format(s_out, p) #15 command += "ASSERT({0}[4:4] = {1}[16:16]);\n".format(s_out, p) #16 command += "ASSERT({0}[37:37] = {1}[17:17]);\n".format(s_out, p) #17 command += "ASSERT({0}[70:70] = {1}[18:18]);\n".format(s_out, p) #18 command += "ASSERT({0}[103:103] = {1}[19:19]);\n".format(s_out, p) #19 command += "ASSERT({0}[100:100] = {1}[20:20]);\n".format(s_out, p) #20 command += "ASSERT({0}[5:5] = {1}[21:21]);\n".format(s_out, p) #21 command += "ASSERT({0}[38:38] = {1}[22:22]);\n".format(s_out, p) #22 command += "ASSERT({0}[71:71] = {1}[23:23]);\n".format(s_out, p) #23 command += "ASSERT({0}[68:68] = {1}[24:24]);\n".format(s_out, p) #24 command += "ASSERT({0}[101:101] = {1}[25:25]);\n".format(s_out, p) #25 command += "ASSERT({0}[6:6] = {1}[26:26]);\n".format(s_out, p) #26 command += "ASSERT({0}[39:39] = {1}[27:27]);\n".format(s_out, p) #27 command += "ASSERT({0}[36:36] = {1}[28:28]);\n".format(s_out, p) #28 command += "ASSERT({0}[69:69] = {1}[29:29]);\n".format(s_out, p) #29 command += "ASSERT({0}[102:102] = {1}[30:30]);\n".format(s_out, p) #30 command += "ASSERT({0}[7:7] = {1}[31:31]);\n".format(s_out, p) #31 command += "ASSERT({0}[8:8] = {1}[32:32]);\n".format(s_out, p) #32 command += "ASSERT({0}[41:41] = {1}[33:33]);\n".format(s_out, p) #33 command += "ASSERT({0}[74:74] = {1}[34:34]);\n".format(s_out, p) #34 command += "ASSERT({0}[107:107] = {1}[35:35]);\n".format(s_out, p) #35 command += "ASSERT({0}[104:104] = {1}[36:36]);\n".format(s_out, p) #36 command += "ASSERT({0}[9:9] = {1}[37:37]);\n".format(s_out, p) #37 command += "ASSERT({0}[42:42] = {1}[38:38]);\n".format(s_out, p) #38 command += "ASSERT({0}[75:75] = {1}[39:39]);\n".format(s_out, p) #39 command += "ASSERT({0}[72:72] = {1}[40:40]);\n".format(s_out, p) #40 command += "ASSERT({0}[105:105] = {1}[41:41]);\n".format(s_out, p) #41 command += "ASSERT({0}[10:10] = {1}[42:42]);\n".format(s_out, p) #42 command += "ASSERT({0}[43:43] = {1}[43:43]);\n".format(s_out, p) #43 command += "ASSERT({0}[40:40] = {1}[44:44]);\n".format(s_out, p) #44 command += "ASSERT({0}[73:73] = {1}[45:45]);\n".format(s_out, p) #45 command += "ASSERT({0}[106:106] = {1}[46:46]);\n".format(s_out, p) #46 command += "ASSERT({0}[11:11] = {1}[47:47]);\n".format(s_out, p) #47 command += "ASSERT({0}[12:12] = {1}[48:48]);\n".format(s_out, p) #48 command += "ASSERT({0}[45:45] = {1}[49:49]);\n".format(s_out, p) #49 command += "ASSERT({0}[78:78] = {1}[50:50]);\n".format(s_out, p) #50 command += "ASSERT({0}[111:111] = {1}[51:51]);\n".format(s_out, p) #51 command += "ASSERT({0}[108:108] = {1}[52:52]);\n".format(s_out, p) #52 command += "ASSERT({0}[13:13] = {1}[53:53]);\n".format(s_out, p) #53 command += "ASSERT({0}[46:46] = {1}[54:54]);\n".format(s_out, p) #54 command += "ASSERT({0}[79:79] = {1}[55:55]);\n".format(s_out, p) #55 command += "ASSERT({0}[76:76] = {1}[56:56]);\n".format(s_out, p) #56 command += "ASSERT({0}[109:109] = {1}[57:57]);\n".format(s_out, p) #57 command += "ASSERT({0}[14:14] = {1}[58:58]);\n".format(s_out, p) #58 command += "ASSERT({0}[47:47] = {1}[59:59]);\n".format(s_out, p) #59 command += "ASSERT({0}[44:44] = {1}[60:60]);\n".format(s_out, p) #60 command += "ASSERT({0}[77:77] = {1}[61:61]);\n".format(s_out, p) #61 command += "ASSERT({0}[110:110] = {1}[62:62]);\n".format(s_out, p) #62 command += "ASSERT({0}[15:15] = {1}[63:63]);\n".format(s_out, p) #63 command += "ASSERT({0}[16:16] = {1}[64:64]);\n".format(s_out, p) #64 command += "ASSERT({0}[49:49] = {1}[65:65]);\n".format(s_out, p) #65 command += "ASSERT({0}[82:82] = {1}[66:66]);\n".format(s_out, p) #66 command += "ASSERT({0}[115:115] = {1}[67:67]);\n".format(s_out, p) #67 command += "ASSERT({0}[112:112] = {1}[68:68]);\n".format(s_out, p) #68 command += "ASSERT({0}[17:17] = {1}[69:69]);\n".format(s_out, p) #69 command += "ASSERT({0}[50:50] = {1}[70:70]);\n".format(s_out, p) #70 command += "ASSERT({0}[83:83] = {1}[71:71]);\n".format(s_out, p) #71 command += "ASSERT({0}[80:80] = {1}[72:72]);\n".format(s_out, p) #72 command += "ASSERT({0}[113:113] = {1}[73:73]);\n".format(s_out, p) #73 command += "ASSERT({0}[18:18] = {1}[74:74]);\n".format(s_out, p) #74 command += "ASSERT({0}[51:51] = {1}[75:75]);\n".format(s_out, p) #75 command += "ASSERT({0}[48:48] = {1}[76:76]);\n".format(s_out, p) #76 command += "ASSERT({0}[81:81] = {1}[77:77]);\n".format(s_out, p) #77 command += "ASSERT({0}[114:114] = {1}[78:78]);\n".format(s_out, p) #78 command += "ASSERT({0}[19:19] = {1}[79:79]);\n".format(s_out, p) #79 command += "ASSERT({0}[20:20] = {1}[80:80]);\n".format(s_out, p) #80 command += "ASSERT({0}[53:53] = {1}[81:81]);\n".format(s_out, p) #81 command += "ASSERT({0}[86:86] = {1}[82:82]);\n".format(s_out, p) #82 command += "ASSERT({0}[119:119] = {1}[83:83]);\n".format(s_out, p) #83 command += "ASSERT({0}[116:116] = {1}[84:84]);\n".format(s_out, p) #84 command += "ASSERT({0}[21:21] = {1}[85:85]);\n".format(s_out, p) #85 command += "ASSERT({0}[54:54] = {1}[86:86]);\n".format(s_out, p) #86 command += "ASSERT({0}[87:87] = {1}[87:87]);\n".format(s_out, p) #87 command += "ASSERT({0}[84:84] = {1}[88:88]);\n".format(s_out, p) #88 command += "ASSERT({0}[117:117] = {1}[89:89]);\n".format(s_out, p) #89 command += "ASSERT({0}[22:22] = {1}[90:90]);\n".format(s_out, p) #90 command += "ASSERT({0}[55:55] = {1}[91:91]);\n".format(s_out, p) #91 command += "ASSERT({0}[52:52] = {1}[92:92]);\n".format(s_out, p) #92 command += "ASSERT({0}[85:85] = {1}[93:93]);\n".format(s_out, p) #93 command += "ASSERT({0}[118:118] = {1}[94:94]);\n".format(s_out, p) #94 command += "ASSERT({0}[23:23] = {1}[95:95]);\n".format(s_out, p) #95 command += "ASSERT({0}[24:24] = {1}[96:96]);\n".format(s_out, p) #96 command += "ASSERT({0}[57:57] = {1}[97:97]);\n".format(s_out, p) #97 command += "ASSERT({0}[90:90] = {1}[98:98]);\n".format(s_out, p) #98 command += "ASSERT({0}[123:123] = {1}[99:99]);\n".format(s_out, p) #99 command += "ASSERT({0}[120:120] = {1}[100:100]);\n".format( s_out, p) #100 command += "ASSERT({0}[25:25] = {1}[101:101]);\n".format(s_out, p) #101 command += "ASSERT({0}[58:58] = {1}[102:102]);\n".format(s_out, p) #102 command += "ASSERT({0}[91:91] = {1}[103:103]);\n".format(s_out, p) #103 command += "ASSERT({0}[88:88] = {1}[104:104]);\n".format(s_out, p) #104 command += "ASSERT({0}[121:121] = {1}[105:105]);\n".format( s_out, p) #105 command += "ASSERT({0}[26:26] = {1}[106:106]);\n".format(s_out, p) #106 command += "ASSERT({0}[59:59] = {1}[107:107]);\n".format(s_out, p) #107 command += "ASSERT({0}[56:56] = {1}[108:108]);\n".format(s_out, p) #108 command += "ASSERT({0}[89:89] = {1}[109:109]);\n".format(s_out, p) #109 command += "ASSERT({0}[122:122] = {1}[110:110]);\n".format( s_out, p) #110 command += "ASSERT({0}[27:27] = {1}[111:111]);\n".format(s_out, p) #111 command += "ASSERT({0}[28:28] = {1}[112:112]);\n".format(s_out, p) #112 command += "ASSERT({0}[61:61] = {1}[113:113]);\n".format(s_out, p) #113 command += "ASSERT({0}[94:94] = {1}[114:114]);\n".format(s_out, p) #114 command += "ASSERT({0}[127:127] = {1}[115:115]);\n".format( s_out, p) #115 command += "ASSERT({0}[124:124] = {1}[116:116]);\n".format( s_out, p) #116 command += "ASSERT({0}[29:29] = {1}[117:117]);\n".format(s_out, p) #117 command += "ASSERT({0}[62:62] = {1}[118:118]);\n".format(s_out, p) #118 command += "ASSERT({0}[95:95] = {1}[119:119]);\n".format(s_out, p) #119 command += "ASSERT({0}[92:92] = {1}[120:120]);\n".format(s_out, p) #120 command += "ASSERT({0}[125:125] = {1}[121:121]);\n".format( s_out, p) #121 command += "ASSERT({0}[30:30] = {1}[122:122]);\n".format(s_out, p) #122 command += "ASSERT({0}[63:63] = {1}[123:123]);\n".format(s_out, p) #123 command += "ASSERT({0}[60:60] = {1}[124:124]);\n".format(s_out, p) #124 command += "ASSERT({0}[93:93] = {1}[125:125]);\n".format(s_out, p) #125 command += "ASSERT({0}[126:126] = {1}[126:126]);\n".format( s_out, p) #126 command += "ASSERT({0}[31:31] = {1}[127:127]);\n".format(s_out, p) #127 else: print("Only wordsize 64/128 bit supported!") exit(1) # Substitution Layer gift_sbox = [ 0x1, 0xa, 0x4, 0xc, 0x6, 0xf, 0x3, 0x9, 0x2, 0xd, 0xb, 0x7, 0x5, 0x0, 0x8, 0xe ] nrOfSboxes = 0 if wordsize == 64: nrOfSboxes = 16 elif wordsize == 128: nrOfSboxes = 32 else: print("Only wordsize 64/128 bit supported!") exit(1) for i in range(nrOfSboxes): variables = [ "{0}[{1}:{1}]".format(s_in, 4 * i + 3), "{0}[{1}:{1}]".format( s_in, 4 * i + 2), "{0}[{1}:{1}]".format(s_in, 4 * i + 1), "{0}[{1}:{1}]".format(s_in, 4 * i + 0), "{0}[{1}:{1}]".format( p, 4 * i + 3), "{0}[{1}:{1}]".format(p, 4 * i + 2), "{0}[{1}:{1}]".format(p, 4 * i + 1), "{0}[{1}:{1}]".format( p, 4 * i + 0), "{0}[{1}:{1}]".format(w, 4 * i + 3), "{0}[{1}:{1}]".format(w, 4 * i + 2), "{0}[{1}:{1}]".format(w, 4 * i + 1), "{0}[{1}:{1}]".format(w, 4 * i + 0) ] command += stpcommands.add4bitSbox(gift_sbox, variables) stp_file.write(command) return
def setupSkinnyRound(self, stp_file, sc_in, atk, sr, mc, sc_out, w, blocksize, nrOfTK, tk1=None, tk2=None, tk3=None): """ Model for differential behaviour of one round Skinny """ command = "" #Add S-box transitions #for i in range(16): # command += self.addSbox(sc_in, sr, 4*i) #AddRoundTweakey #add round tweakeys to first two rows of the state if nrOfTK == 1: tk = tk1 elif nrOfTK == 2: tk = "BVXOR({}[31:0], {}[31:0])".format(tk1, tk2) elif nrOfTK == 3: tk = "BVXOR({}[31:0], BVXOR({}[31:0], {}[31:0]))".format( tk1, tk2, tk3) command += "ASSERT({}[31:0] = BVXOR({}[31:0], {}));\n".format( sr, atk, tk) #ShiftRows command += "ASSERT({0}[15:0] = {1}[15:0]);\n".format(sr, mc) command += "ASSERT({0}[31:20] = {1}[27:16]);\n".format(sr, mc) command += "ASSERT({0}[19:16] = {1}[31:28]);\n".format(sr, mc) command += "ASSERT({0}[39:32] = {1}[47:40]);\n".format(sr, mc) command += "ASSERT({0}[47:40] = {1}[39:32]);\n".format(sr, mc) command += "ASSERT({0}[63:60] = {1}[51:48]);\n".format(sr, mc) command += "ASSERT({0}[59:48] = {1}[63:52]);\n".format(sr, mc) #MixColumns command += "ASSERT(" command += "{0}[15:0] = {1}[31:16]".format(mc, sc_out) command += ");\n" command += "ASSERT(" command += "BVXOR({0}[31:16], {0}[47:32]) = {1}[47:32]".format( mc, sc_out) command += ");\n" command += "ASSERT(" command += "BVXOR({0}[47:32], {0}[15:0]) = {1}[63:48]".format( mc, sc_out) command += ");\n" command += "ASSERT(" command += "BVXOR({0}[63:48], {1}[63:48]) = {1}[15:0]".format( mc, sc_out) command += ");\n" # TODO: correctly compute weight # For now just take the Hamming weight skinny_sbox = [ 0xc, 6, 9, 0, 1, 0xa, 2, 0xb, 3, 8, 5, 0xd, 4, 0xe, 7, 0xf ] for i in range(16): variables = [ "{0}[{1}:{1}]".format(sc_in, 4 * i + 3), "{0}[{1}:{1}]".format( sc_in, 4 * i + 2), "{0}[{1}:{1}]".format(sc_in, 4 * i + 1), "{0}[{1}:{1}]".format(sc_in, 4 * i + 0), "{0}[{1}:{1}]".format( atk, 4 * i + 3), "{0}[{1}:{1}]".format(atk, 4 * i + 2), "{0}[{1}:{1}]".format(atk, 4 * i + 1), "{0}[{1}:{1}]".format( atk, 4 * i + 0), "{0}[{1}:{1}]".format(w, 4 * i + 3), "{0}[{1}:{1}]".format(w, 4 * i + 2), "{0}[{1}:{1}]".format(w, 4 * i + 1), "{0}[{1}:{1}]".format(w, 4 * i + 0) ] command += stpcommands.add4bitSbox(skinny_sbox, variables) stp_file.write(command) return
def setupTwineRound(self, stp_file, x_in, s, p, x_out, w, wordsize): """ Model for differential behaviour of one round TWINE """ command = "" # Substitution Layer twine_sbox = [ 0xC, 0, 0xF, 0xA, 2, 0xB, 9, 5, 8, 3, 0xD, 7, 1, 0xE, 6, 4 ] for i in range(8): variables = [ "{0}[{1}:{1}]".format(x_in, 8 * i + 3), "{0}[{1}:{1}]".format( x_in, 8 * i + 2), "{0}[{1}:{1}]".format(x_in, 8 * i + 1), "{0}[{1}:{1}]".format(x_in, 8 * i + 0), "{0}[{1}:{1}]".format( s, 4 * i + 3), "{0}[{1}:{1}]".format(s, 4 * i + 2), "{0}[{1}:{1}]".format(s, 4 * i + 1), "{0}[{1}:{1}]".format( s, 4 * i + 0), "{0}[{1}:{1}]".format(w, 4 * i + 3), "{0}[{1}:{1}]".format(w, 4 * i + 2), "{0}[{1}:{1}]".format(w, 4 * i + 1), "{0}[{1}:{1}]".format(w, 4 * i + 0) ] command += stpcommands.add4bitSbox(twine_sbox, variables) #Feistel structure command += "ASSERT({0}[3:0] = {1}[3:0]);\n".format(x_in, p) command += "ASSERT({0}[11:8] = {1}[11:8]);\n".format(x_in, p) command += "ASSERT({0}[19:16] = {1}[19:16]);\n".format(x_in, p) command += "ASSERT({0}[27:24] = {1}[27:24]);\n".format(x_in, p) command += "ASSERT({0}[35:32] = {1}[35:32]);\n".format(x_in, p) command += "ASSERT({0}[43:40] = {1}[43:40]);\n".format(x_in, p) command += "ASSERT({0}[51:48] = {1}[51:48]);\n".format(x_in, p) command += "ASSERT({0}[59:56] = {1}[59:56]);\n".format(x_in, p) command += "ASSERT({0}[7:4] = BVXOR({1}[7:4],{2}[3:0]));\n".format( p, x_in, s) command += "ASSERT({0}[15:12] = BVXOR({1}[15:12],{2}[7:4]));\n".format( p, x_in, s) command += "ASSERT({0}[23:20] = BVXOR({1}[23:20],{2}[11:8]));\n".format( p, x_in, s) command += "ASSERT({0}[31:28] = BVXOR({1}[31:28],{2}[15:12]));\n".format( p, x_in, s) command += "ASSERT({0}[39:36] = BVXOR({1}[39:36],{2}[19:16]));\n".format( p, x_in, s) command += "ASSERT({0}[47:44] = BVXOR({1}[47:44],{2}[23:20]));\n".format( p, x_in, s) command += "ASSERT({0}[55:52] = BVXOR({1}[55:52],{2}[27:24]));\n".format( p, x_in, s) command += "ASSERT({0}[63:60] = BVXOR({1}[63:60],{2}[31:28]));\n".format( p, x_in, s) command += "ASSERT(0x00000000 = {0}[63:32]);\n".format(s) command += "ASSERT(0x00000000 = {0}[63:32]);\n".format(w) #Permutation Layer # pi = [5, 0, 1, 4, 7, 0xC, 3, 8, 0xD, 6, 9, 2, 0xF, 0xA, 0xB, 0xE] # 1 word = 4 bit command += "ASSERT({0}[3:0] = {1}[23:20]);\n".format(p, x_out) #0 -> 5 command += "ASSERT({0}[7:4] = {1}[3:0]);\n".format(p, x_out) #1 -> 0 command += "ASSERT({0}[11:8] = {1}[7:4]);\n".format(p, x_out) #2 -> 1 command += "ASSERT({0}[15:12] = {1}[19:16]);\n".format(p, x_out) #3 -> 4 command += "ASSERT({0}[19:16] = {1}[31:28]);\n".format(p, x_out) #4 -> 7 command += "ASSERT({0}[23:20] = {1}[51:48]);\n".format(p, x_out) #5 -> 12 command += "ASSERT({0}[27:24] = {1}[15:12]);\n".format(p, x_out) #6 -> 3 command += "ASSERT({0}[31:28] = {1}[35:32]);\n".format(p, x_out) #7 -> 8 command += "ASSERT({0}[35:32] = {1}[55:52]);\n".format(p, x_out) #8 -> 13 command += "ASSERT({0}[39:36] = {1}[27:24]);\n".format(p, x_out) #9 -> 6 command += "ASSERT({0}[43:40] = {1}[39:36]);\n".format(p, x_out) #10 -> 9 command += "ASSERT({0}[47:44] = {1}[11:8]);\n".format(p, x_out) #11 -> 2 command += "ASSERT({0}[51:48] = {1}[63:60]);\n".format( p, x_out) #12 -> 15 command += "ASSERT({0}[55:52] = {1}[43:40]);\n".format( p, x_out) #13 -> 10 command += "ASSERT({0}[59:56] = {1}[47:44]);\n".format( p, x_out) #14 -> 11 command += "ASSERT({0}[63:60] = {1}[59:56]);\n".format( p, x_out) #15 -> 14 stp_file.write(command) return
def setupMidoriRound(self, stp_file, sb_in, sc, mc, sb_out, w, wordsize): """ Model for differential behaviour of one round MIDORI """ command = "" #Permutation Layer #ShuffleCells # 0 4 8 c 0 e 9 7 # 1 5 9 d a 4 3 d # 2 6 a e 5 b c 2 # 3 7 b f f 1 6 8 permutation = [ 0x0, 0xa, 0x5, 0xf, 0xe, 0x4, 0xb, 0x1, 0x9, 0x3, 0xc, 0x6, 0x7, 0xd, 0x2, 0x8 ] for idx, val in enumerate(permutation): command += "ASSERT({0}[{1}:{2}] = {3}[{4}:{5}]);\n".format( sc, 4 * val + 3, 4 * val, mc, 4 * idx + 3, 4 * idx) #MixColumns # 0 1 1 1 x0 x1 + x2 + x3 # 1 0 1 1 x1 -> x0 + x2 + x3 # 1 1 0 1 x2 x0 + x1 + x3 # 1 1 1 0 x3 x0 + x1 + x2 for col in range(4): for bit in range(4): offset0 = col * 16 + 0 + bit offset1 = col * 16 + 4 + bit offset2 = col * 16 + 8 + bit offset3 = col * 16 + 12 + bit command += "ASSERT(BVXOR(BVXOR({4}[{1}:{1}], {4}[{2}:{2}]), {4}[{3}:{3}]) \ = {5}[{0}:{0}]);\n".format( offset0, offset1, offset2, offset3, mc, sb_out) command += "ASSERT(BVXOR(BVXOR({4}[{0}:{0}], {4}[{2}:{2}]), {4}[{3}:{3}]) \ = {5}[{1}:{1}]);\n".format( offset0, offset1, offset2, offset3, mc, sb_out) command += "ASSERT(BVXOR(BVXOR({4}[{0}:{0}], {4}[{1}:{1}]), {4}[{3}:{3}]) \ = {5}[{2}:{2}]);\n".format( offset0, offset1, offset2, offset3, mc, sb_out) command += "ASSERT(BVXOR(BVXOR({4}[{0}:{0}], {4}[{1}:{1}]), {4}[{2}:{2}]) \ = {5}[{3}:{3}]);\n".format( offset0, offset1, offset2, offset3, mc, sb_out) # Substitution Layer midori_sbox = [ 0xc, 0xa, 0xd, 3, 0xe, 0xb, 0xf, 7, 8, 9, 1, 5, 0, 2, 4, 6 ] for i in range(16): variables = [ "{0}[{1}:{1}]".format(sb_in, 4 * i + 3), "{0}[{1}:{1}]".format( sb_in, 4 * i + 2), "{0}[{1}:{1}]".format(sb_in, 4 * i + 1), "{0}[{1}:{1}]".format(sb_in, 4 * i + 0), "{0}[{1}:{1}]".format( sc, 4 * i + 3), "{0}[{1}:{1}]".format(sc, 4 * i + 2), "{0}[{1}:{1}]".format(sc, 4 * i + 1), "{0}[{1}:{1}]".format( sc, 4 * i + 0), "{0}[{1}:{1}]".format(w, 4 * i + 3), "{0}[{1}:{1}]".format(w, 4 * i + 2), "{0}[{1}:{1}]".format(w, 4 * i + 1), "{0}[{1}:{1}]".format(w, 4 * i + 0) ] command += stpcommands.add4bitSbox(midori_sbox, variables) stp_file.write(command) return
def gamma(self, in0, in1, in2, in3, out0, out1, out2, out3, w): """ Model for the Gamma function in NOEKEON - represents the Sbox layer """ command = "" noekeon_sbox = [ 7, 0xA, 2, 0xC, 4, 8, 0xF, 0, 5, 9, 1, 0xE, 3, 0xD, 0xB, 6 ] for i in range(32): variables = [ "{0}[{1}:{1}]".format(in3, i), "{0}[{1}:{1}]".format(in2, i), "{0}[{1}:{1}]".format(in1, i), "{0}[{1}:{1}]".format(in0, i), "{0}[{1}:{1}]".format(out3, i), "{0}[{1}:{1}]".format(out2, i), "{0}[{1}:{1}]".format(out1, i), "{0}[{1}:{1}]".format(out0, i), "{0}[{1}:{1}]".format(w, 4 * i + 3), "{0}[{1}:{1}]".format( w, 4 * i + 2), "{0}[{1}:{1}]".format(w, 4 * i + 1), "{0}[{1}:{1}]".format(w, 4 * i + 0) ] command += stpcommands.add4bitSbox(noekeon_sbox, variables) # for i in range(8): # variables = ["{0}[{1}:{1}]".format(in0, 4*i + 3), # "{0}[{1}:{1}]".format(in0, 4*i + 2), # "{0}[{1}:{1}]".format(in0, 4*i + 1), # "{0}[{1}:{1}]".format(in0, 4*i + 0), # "{0}[{1}:{1}]".format(out0, 4*i + 3), # "{0}[{1}:{1}]".format(out0, 4*i + 2), # "{0}[{1}:{1}]".format(out0, 4*i + 1), # "{0}[{1}:{1}]".format(out0, 4*i + 0), # "{0}[{1}:{1}]".format(w, 4*i + 3), # "{0}[{1}:{1}]".format(w, 4*i + 2), # "{0}[{1}:{1}]".format(w, 4*i + 1), # "{0}[{1}:{1}]".format(w, 4*i + 0)] # command += stpcommands.add4bitSbox(noekeon_sbox, variables) # # for i in range(8): # variables = ["{0}[{1}:{1}]".format(in1, 4*i + 3), # "{0}[{1}:{1}]".format(in1, 4*i + 2), # "{0}[{1}:{1}]".format(in1, 4*i + 1), # "{0}[{1}:{1}]".format(in1, 4*i + 0), # "{0}[{1}:{1}]".format(out1, 4*i + 3), # "{0}[{1}:{1}]".format(out1, 4*i + 2), # "{0}[{1}:{1}]".format(out1, 4*i + 1), # "{0}[{1}:{1}]".format(out1, 4*i + 0), # "{0}[{1}:{1}]".format(w, 4*i + 3 + 32), # "{0}[{1}:{1}]".format(w, 4*i + 2 + 32), # "{0}[{1}:{1}]".format(w, 4*i + 1 + 32), # "{0}[{1}:{1}]".format(w, 4*i + 0 + 32)] # command += stpcommands.add4bitSbox(noekeon_sbox, variables) # # for i in range(8): # variables = ["{0}[{1}:{1}]".format(in2, 4*i + 3), # "{0}[{1}:{1}]".format(in2, 4*i + 2), # "{0}[{1}:{1}]".format(in2, 4*i + 1), # "{0}[{1}:{1}]".format(in2, 4*i + 0), # "{0}[{1}:{1}]".format(out2, 4*i + 3), # "{0}[{1}:{1}]".format(out2, 4*i + 2), # "{0}[{1}:{1}]".format(out2, 4*i + 1), # "{0}[{1}:{1}]".format(out2, 4*i + 0), # "{0}[{1}:{1}]".format(w, 4*i + 3 + 64), # "{0}[{1}:{1}]".format(w, 4*i + 2 + 64), # "{0}[{1}:{1}]".format(w, 4*i + 1 + 64), # "{0}[{1}:{1}]".format(w, 4*i + 0 + 64)] # command += stpcommands.add4bitSbox(noekeon_sbox, variables) # # for i in range(8): # variables = ["{0}[{1}:{1}]".format(in3, 4*i + 3), # "{0}[{1}:{1}]".format(in3, 4*i + 2), # "{0}[{1}:{1}]".format(in3, 4*i + 1), # "{0}[{1}:{1}]".format(in3, 4*i + 0), # "{0}[{1}:{1}]".format(out3, 4*i + 3), # "{0}[{1}:{1}]".format(out3, 4*i + 2), # "{0}[{1}:{1}]".format(out3, 4*i + 1), # "{0}[{1}:{1}]".format(out3, 4*i + 0), # "{0}[{1}:{1}]".format(w, 4*i + 3 + 96), # "{0}[{1}:{1}]".format(w, 4*i + 2 + 96), # "{0}[{1}:{1}]".format(w, 4*i + 1 + 96), # "{0}[{1}:{1}]".format(w, 4*i + 0 + 96)] # command += stpcommands.add4bitSbox(noekeon_sbox, variables) return command
def setupFlyRound(self, stp_file, s_in, p, sbox1, s_out, w1, w2, w3, wordsize): """ Model for differential behaviour of one round FLY """ command = "" # Substitution Layer fly_sbox = [0, 0xa, 4, 0xf, 0xc, 7, 2, 8, 0xd, 0xe, 9 , 0xb, 5, 6, 3, 1] for i in range(8): hixorlo = "BVXOR({0}[{1}:{2}], {0}[{3}:{4}])".format(s_in, 8*i+3, 8*i+0, 8*i+7, 8*i+4) #Sbox 1 - center variables = ["{0}[{1}:{1}]".format(hixorlo, 4*i + 3), "{0}[{1}:{1}]".format(hixorlo, 4*i + 2), "{0}[{1}:{1}]".format(hixorlo, 4*i + 1), "{0}[{1}:{1}]".format(hixorlo, 4*i + 0), "{0}[{1}:{1}]".format(sbox1, 4*i + 3), "{0}[{1}:{1}]".format(sbox1, 4*i + 2), "{0}[{1}:{1}]".format(sbox1, 4*i + 1), "{0}[{1}:{1}]".format(sbox1, 4*i + 0), "{0}[{1}:{1}]".format(w1, 4*i + 3), "{0}[{1}:{1}]".format(w1, 4*i + 2), "{0}[{1}:{1}]".format(w1, 4*i + 1), "{0}[{1}:{1}]".format(w1, 4*i + 0)] command += stpcommands.add4bitSbox(fly_sbox, variables) #sbox2 = "BVXOR({0}[{2}:{3}], {1}[{4}:{5}])".format(s_in, sbox1, 8*i+3, 8*i+0, 4*i + 3, 4*i + 0) #sbox3 = "BVXOR({0}[{2}:{3}], {1}[{4}:{5}])".format(s_in, sbox1, 8*i+7, 8*i+4, 4*i + 3, 4*i + 0) command += "ASSERT({6}[{2}:{3}] = BVXOR({0}[{2}:{3}], {1}[{4}:{5}]));\n".format(s_in, sbox1, 8*i+3, 8*i+0, 4*i + 3, 4*i + 0, p) command += "ASSERT({6}[{2}:{3}] = BVXOR({0}[{2}:{3}], {1}[{4}:{5}]));\n".format(s_in, sbox1, 8*i+7, 8*i+4, 4*i + 3, 4*i + 0, p) """ #Sbox 2 - left variables = ["{0}[{1}:{1}]".format(sbox2, 4*i + 3), "{0}[{1}:{1}]".format(sbox2, 4*i + 2), "{0}[{1}:{1}]".format(sbox2, 4*i + 1), "{0}[{1}:{1}]".format(sbox2, 4*i + 0), "{0}[{1}:{1}]".format(p, 8*i + 3), "{0}[{1}:{1}]".format(p, 8*i + 2), "{0}[{1}:{1}]".format(p, 8*i + 1), "{0}[{1}:{1}]".format(p, 8*i + 0), "{0}[{1}:{1}]".format(w2, 4*i + 3), "{0}[{1}:{1}]".format(w2, 4*i + 2), "{0}[{1}:{1}]".format(w2, 4*i + 1), "{0}[{1}:{1}]".format(w2, 4*i + 0)] command += stpcommands.add4bitSbox(fly_sbox, variables) #Sbox 3 - right variables = ["{0}[{1}:{1}]".format(sbox3, 4*i + 3), "{0}[{1}:{1}]".format(sbox3, 4*i + 2), "{0}[{1}:{1}]".format(sbox3, 4*i + 1), "{0}[{1}:{1}]".format(sbox3, 4*i + 0), "{0}[{1}:{1}]".format(p, 8*i + 7), "{0}[{1}:{1}]".format(p, 8*i + 6), "{0}[{1}:{1}]".format(p, 8*i + 5), "{0}[{1}:{1}]".format(p, 8*i + 4), "{0}[{1}:{1}]".format(w3, 4*i + 3), "{0}[{1}:{1}]".format(w3, 4*i + 2), "{0}[{1}:{1}]".format(w3, 4*i + 1), "{0}[{1}:{1}]".format(w3, 4*i + 0)] command += stpcommands.add4bitSbox(fly_sbox, variables) """ #Permutation Layer #Rot(.) = (i+8*(i mod 8)) mod 64 for i in range(64): command += "ASSERT({0}[{1}:{1}] = {2}[{3}:{3}]);\n".format(p, i, s_out, (i+8*(i%8))%64) stp_file.write(command) return
def setupMidoriRound(self, stp_file, sb_in, sc, mc, sb_out, w, wordsize): """ Model for differential behaviour of one round MIDORI """ command = "" #Permutation Layer #ShuffleCells # 0 4 8 c 0 e 9 7 # 1 5 9 d a 4 3 d # 2 6 a e 5 b c 2 # 3 7 b f f 1 6 8 permutation = [0x0, 0xa, 0x5, 0xf, 0xe, 0x4, 0xb, 0x1, 0x9, 0x3, 0xc, 0x6, 0x7, 0xd, 0x2, 0x8] for idx, val in enumerate(permutation): command += "ASSERT({0}[{1}:{2}] = {3}[{4}:{5}]);\n".format( sc, 8*idx + 7, 8*idx, mc, 8*val + 7, 8*val) #MixColumns # 0 1 1 1 x0 x1 + x2 + x3 # 1 0 1 1 x1 -> x0 + x2 + x3 # 1 1 0 1 x2 x0 + x1 + x3 # 1 1 1 0 x3 x0 + x1 + x2 for col in range(4): for bit in range(8): offset0 = col*32 + 0 + bit offset1 = col*32 + 8 + bit offset2 = col*32 + 16 + bit offset3 = col*32 + 24 + bit command += "ASSERT(BVXOR(BVXOR({4}[{1}:{1}], {4}[{2}:{2}]), {4}[{3}:{3}]) \ = {5}[{0}:{0}]);\n".format(offset0, offset1, offset2, offset3, mc, sb_out) command += "ASSERT(BVXOR(BVXOR({4}[{0}:{0}], {4}[{2}:{2}]), {4}[{3}:{3}]) \ = {5}[{1}:{1}]);\n".format(offset0, offset1, offset2, offset3, mc, sb_out) command += "ASSERT(BVXOR(BVXOR({4}[{0}:{0}], {4}[{1}:{1}]), {4}[{3}:{3}]) \ = {5}[{2}:{2}]);\n".format(offset0, offset1, offset2, offset3, mc, sb_out) command += "ASSERT(BVXOR(BVXOR({4}[{0}:{0}], {4}[{1}:{1}]), {4}[{2}:{2}]) \ = {5}[{3}:{3}]);\n".format(offset0, offset1, offset2, offset3, mc, sb_out) # Substitution Layer midori_sbox_sb1 = [1, 0, 5, 3, 0xe, 2, 0xf, 7, 0xd, 0xa, 9, 0xb, 0xc, 8, 4, 6] for i in range(16): if i % 4 == 0: #SSB0 #x[7,6,5,4,3,2,1,0]=y[4,1,6,3,0,5,2,7] variables_sbox1 = ["{0}[{1}:{1}]".format(sb_in, 8*i + 3), #msb # 0 "{0}[{1}:{1}]".format(sb_in, 8*i + 6), # 1 "{0}[{1}:{1}]".format(sb_in, 8*i + 1), # 2 "{0}[{1}:{1}]".format(sb_in, 8*i + 4), #lsb # 3 "{0}[{1}:{1}]".format(sc, 8*i + 3), # 0 "{0}[{1}:{1}]".format(sc, 8*i + 6), # 1 "{0}[{1}:{1}]".format(sc, 8*i + 1), # 2 "{0}[{1}:{1}]".format(sc, 8*i + 4), # 3 "{0}[{1}:{1}]".format(w, 8*i + 3), "{0}[{1}:{1}]".format(w, 8*i + 2), "{0}[{1}:{1}]".format(w, 8*i + 1), "{0}[{1}:{1}]".format(w, 8*i + 0)] variables_sbox2 = ["{0}[{1}:{1}]".format(sb_in, 8*i + 7), #msb # 4 "{0}[{1}:{1}]".format(sb_in, 8*i + 2), # 5 "{0}[{1}:{1}]".format(sb_in, 8*i + 5), # 6 "{0}[{1}:{1}]".format(sb_in, 8*i + 0), #lsb # 7 "{0}[{1}:{1}]".format(sc, 8*i + 7), # 4 "{0}[{1}:{1}]".format(sc, 8*i + 2), # 5 "{0}[{1}:{1}]".format(sc, 8*i + 5), # 6 "{0}[{1}:{1}]".format(sc, 8*i + 0), # 7 "{0}[{1}:{1}]".format(w, 8*i + 7), "{0}[{1}:{1}]".format(w, 8*i + 6), "{0}[{1}:{1}]".format(w, 8*i + 5), "{0}[{1}:{1}]".format(w, 8*i + 4)] command += stpcommands.add4bitSbox(midori_sbox_sb1, variables_sbox1) command += stpcommands.add4bitSbox(midori_sbox_sb1, variables_sbox2) elif i % 4 == 1: #SSB1 #y[7,6,5,4,3,2,1,0]=x[3,0,5,6,7,4,1,2] variables_sbox1 = ["{0}[{1}:{1}]".format(sb_in, 8*i + 6), #msb # 0 "{0}[{1}:{1}]".format(sb_in, 8*i + 1), # 1 "{0}[{1}:{1}]".format(sb_in, 8*i + 0), # 2 "{0}[{1}:{1}]".format(sb_in, 8*i + 7), #lsb # 3 "{0}[{1}:{1}]".format(sc, 8*i + 6), # 0 "{0}[{1}:{1}]".format(sc, 8*i + 1), # 1 "{0}[{1}:{1}]".format(sc, 8*i + 0), # 2 "{0}[{1}:{1}]".format(sc, 8*i + 7), # 3 "{0}[{1}:{1}]".format(w, 8*i + 3), "{0}[{1}:{1}]".format(w, 8*i + 2), "{0}[{1}:{1}]".format(w, 8*i + 1), "{0}[{1}:{1}]".format(w, 8*i + 0)] variables_sbox2 = ["{0}[{1}:{1}]".format(sb_in, 8*i + 2), #msb # 4 "{0}[{1}:{1}]".format(sb_in, 8*i + 5), # 5 "{0}[{1}:{1}]".format(sb_in, 8*i + 4), # 6 "{0}[{1}:{1}]".format(sb_in, 8*i + 3), #lsb # 7 "{0}[{1}:{1}]".format(sc, 8*i + 2), # 4 "{0}[{1}:{1}]".format(sc, 8*i + 5), # 5 "{0}[{1}:{1}]".format(sc, 8*i + 4), # 6 "{0}[{1}:{1}]".format(sc, 8*i + 3), # 7 "{0}[{1}:{1}]".format(w, 8*i + 7), "{0}[{1}:{1}]".format(w, 8*i + 6), "{0}[{1}:{1}]".format(w, 8*i + 5), "{0}[{1}:{1}]".format(w, 8*i + 4)] command += stpcommands.add4bitSbox(midori_sbox_sb1, variables_sbox1) command += stpcommands.add4bitSbox(midori_sbox_sb1, variables_sbox2) elif i % 4 == 2: #SSB2 #y[7,6,5,4,3,2,1,0]=x[6,3,0,1,2,7,4,5] variables_sbox1 = ["{0}[{1}:{1}]".format(sb_in, 8*i + 5), #msb # 0 "{0}[{1}:{1}]".format(sb_in, 8*i + 4), # 1 "{0}[{1}:{1}]".format(sb_in, 8*i + 3), # 2 "{0}[{1}:{1}]".format(sb_in, 8*i + 6), #lsb # 3 "{0}[{1}:{1}]".format(sc, 8*i + 5), # 0 "{0}[{1}:{1}]".format(sc, 8*i + 4), # 1 "{0}[{1}:{1}]".format(sc, 8*i + 3), # 2 "{0}[{1}:{1}]".format(sc, 8*i + 6), # 3 "{0}[{1}:{1}]".format(w, 8*i + 3), "{0}[{1}:{1}]".format(w, 8*i + 2), "{0}[{1}:{1}]".format(w, 8*i + 1), "{0}[{1}:{1}]".format(w, 8*i + 0)] variables_sbox2 = ["{0}[{1}:{1}]".format(sb_in, 8*i + 1), #msb # 4 "{0}[{1}:{1}]".format(sb_in, 8*i + 0), # 5 "{0}[{1}:{1}]".format(sb_in, 8*i + 7), # 6 "{0}[{1}:{1}]".format(sb_in, 8*i + 2), #lsb # 7 "{0}[{1}:{1}]".format(sc, 8*i + 1), # 4 "{0}[{1}:{1}]".format(sc, 8*i + 0), # 5 "{0}[{1}:{1}]".format(sc, 8*i + 7), # 6 "{0}[{1}:{1}]".format(sc, 8*i + 2), # 7 "{0}[{1}:{1}]".format(w, 8*i + 7), "{0}[{1}:{1}]".format(w, 8*i + 6), "{0}[{1}:{1}]".format(w, 8*i + 5), "{0}[{1}:{1}]".format(w, 8*i + 4)] command += stpcommands.add4bitSbox(midori_sbox_sb1, variables_sbox1) command += stpcommands.add4bitSbox(midori_sbox_sb1, variables_sbox2) elif i % 4 == 3: #SSB3 #y[7,6,5,4,3,2,1,0]=x[5,2,3,4,1,6,7,0] variables_sbox1 = ["{0}[{1}:{1}]".format(sb_in, 8*i + 0), #msb # 0 "{0}[{1}:{1}]".format(sb_in, 8*i + 3), # 1 "{0}[{1}:{1}]".format(sb_in, 8*i + 6), # 2 "{0}[{1}:{1}]".format(sb_in, 8*i + 5), #lsb # 3 "{0}[{1}:{1}]".format(sc, 8*i + 0), # 0 "{0}[{1}:{1}]".format(sc, 8*i + 3), # 1 "{0}[{1}:{1}]".format(sc, 8*i + 6), # 2 "{0}[{1}:{1}]".format(sc, 8*i + 5), # 3 "{0}[{1}:{1}]".format(w, 8*i + 3), "{0}[{1}:{1}]".format(w, 8*i + 2), "{0}[{1}:{1}]".format(w, 8*i + 1), "{0}[{1}:{1}]".format(w, 8*i + 0)] variables_sbox2 = ["{0}[{1}:{1}]".format(sb_in, 8*i + 4), #msb # 4 "{0}[{1}:{1}]".format(sb_in, 8*i + 7), # 5 "{0}[{1}:{1}]".format(sb_in, 8*i + 2), # 6 "{0}[{1}:{1}]".format(sb_in, 8*i + 1), #lsb # 7 "{0}[{1}:{1}]".format(sc, 8*i + 4), # 4 "{0}[{1}:{1}]".format(sc, 8*i + 7), # 5 "{0}[{1}:{1}]".format(sc, 8*i + 2), # 6 "{0}[{1}:{1}]".format(sc, 8*i + 1), # 7 "{0}[{1}:{1}]".format(w, 8*i + 7), "{0}[{1}:{1}]".format(w, 8*i + 6), "{0}[{1}:{1}]".format(w, 8*i + 5), "{0}[{1}:{1}]".format(w, 8*i + 4)] command += stpcommands.add4bitSbox(midori_sbox_sb1, variables_sbox1) command += stpcommands.add4bitSbox(midori_sbox_sb1, variables_sbox2) else: #something is seriously wrong! print("Error with modulo!") return stp_file.write(command) return
def F(self, f_in, s_out, f_out, w): """ Model for the F function used in LBlock """ command = "" # Substitution Layer s0 = [0xE, 9, 0xF, 0, 0xD, 4, 0xA, 0xB, 1, 2, 8, 3, 7, 6, 0xC, 5] s1 = [4, 0xB, 0xE, 9, 0xF, 0xD, 0, 0xA, 7, 0xC, 5, 6, 2, 8, 1, 3] s2 = [1, 0xE, 7, 0xC, 0xF, 0xD, 0, 6, 0xB, 5, 9, 3, 2, 4, 8, 0xA] s3 = [7, 6, 8, 0xB, 0, 0xF, 3, 0xE, 9, 0xA, 0xC, 0xD, 5, 2, 4, 1] s4 = [0xE, 5, 0xF, 0, 7, 2, 0xC, 0xD, 1, 8, 4, 9, 0xB, 0xA, 6, 3] s5 = [2, 0xD, 0xB, 0xC, 0xF, 0xE, 0, 9, 7, 0xA, 6, 3, 1, 8, 4, 5] s6 = [0xB, 9, 4, 0xE, 0, 0xF, 0xA, 0xD, 6, 0xC, 5, 7, 3, 8, 1, 2] s7 = [0xD, 0xA, 0xF, 0, 0xE, 4, 9, 0xB, 2, 1, 8, 3, 7, 5, 0xC, 6] #s0 variables = ["{0}[{1}:{1}]".format(f_in, 3), "{0}[{1}:{1}]".format(f_in, 2), "{0}[{1}:{1}]".format(f_in, 1), "{0}[{1}:{1}]".format(f_in, 0), "{0}[{1}:{1}]".format(s_out, 3), "{0}[{1}:{1}]".format(s_out, 2), "{0}[{1}:{1}]".format(s_out, 1), "{0}[{1}:{1}]".format(s_out, 0), "{0}[{1}:{1}]".format(w, 3), "{0}[{1}:{1}]".format(w, 2), "{0}[{1}:{1}]".format(w, 1), "{0}[{1}:{1}]".format(w, 0)] command += stpcommands.add4bitSbox(s0, variables) #s1 variables = ["{0}[{1}:{1}]".format(f_in, 7), "{0}[{1}:{1}]".format(f_in, 6), "{0}[{1}:{1}]".format(f_in, 5), "{0}[{1}:{1}]".format(f_in, 4), "{0}[{1}:{1}]".format(s_out, 7), "{0}[{1}:{1}]".format(s_out, 6), "{0}[{1}:{1}]".format(s_out, 5), "{0}[{1}:{1}]".format(s_out, 4), "{0}[{1}:{1}]".format(w, 7), "{0}[{1}:{1}]".format(w, 6), "{0}[{1}:{1}]".format(w, 5), "{0}[{1}:{1}]".format(w, 4)] command += stpcommands.add4bitSbox(s1, variables) #s2 variables = ["{0}[{1}:{1}]".format(f_in, 11), "{0}[{1}:{1}]".format(f_in, 10), "{0}[{1}:{1}]".format(f_in, 9), "{0}[{1}:{1}]".format(f_in, 8), "{0}[{1}:{1}]".format(s_out, 11), "{0}[{1}:{1}]".format(s_out, 10), "{0}[{1}:{1}]".format(s_out, 9), "{0}[{1}:{1}]".format(s_out, 8), "{0}[{1}:{1}]".format(w, 11), "{0}[{1}:{1}]".format(w, 10), "{0}[{1}:{1}]".format(w, 9), "{0}[{1}:{1}]".format(w, 8)] command += stpcommands.add4bitSbox(s2, variables) #s3 variables = ["{0}[{1}:{1}]".format(f_in, 15), "{0}[{1}:{1}]".format(f_in, 14), "{0}[{1}:{1}]".format(f_in, 13), "{0}[{1}:{1}]".format(f_in, 12), "{0}[{1}:{1}]".format(s_out, 15), "{0}[{1}:{1}]".format(s_out, 14), "{0}[{1}:{1}]".format(s_out, 13), "{0}[{1}:{1}]".format(s_out, 12), "{0}[{1}:{1}]".format(w, 15), "{0}[{1}:{1}]".format(w, 14), "{0}[{1}:{1}]".format(w, 13), "{0}[{1}:{1}]".format(w, 12)] command += stpcommands.add4bitSbox(s3, variables) #s4 variables = ["{0}[{1}:{1}]".format(f_in, 19), "{0}[{1}:{1}]".format(f_in, 18), "{0}[{1}:{1}]".format(f_in, 17), "{0}[{1}:{1}]".format(f_in, 16), "{0}[{1}:{1}]".format(s_out, 19), "{0}[{1}:{1}]".format(s_out, 18), "{0}[{1}:{1}]".format(s_out, 17), "{0}[{1}:{1}]".format(s_out, 16), "{0}[{1}:{1}]".format(w, 19), "{0}[{1}:{1}]".format(w, 18), "{0}[{1}:{1}]".format(w, 17), "{0}[{1}:{1}]".format(w, 16)] command += stpcommands.add4bitSbox(s4, variables) #s5 variables = ["{0}[{1}:{1}]".format(f_in, 23), "{0}[{1}:{1}]".format(f_in, 22), "{0}[{1}:{1}]".format(f_in, 21), "{0}[{1}:{1}]".format(f_in, 20), "{0}[{1}:{1}]".format(s_out, 23), "{0}[{1}:{1}]".format(s_out, 22), "{0}[{1}:{1}]".format(s_out, 21), "{0}[{1}:{1}]".format(s_out, 20), "{0}[{1}:{1}]".format(w, 23), "{0}[{1}:{1}]".format(w, 22), "{0}[{1}:{1}]".format(w, 21), "{0}[{1}:{1}]".format(w, 20)] command += stpcommands.add4bitSbox(s5, variables) #s6 variables = ["{0}[{1}:{1}]".format(f_in, 27), "{0}[{1}:{1}]".format(f_in, 26), "{0}[{1}:{1}]".format(f_in, 25), "{0}[{1}:{1}]".format(f_in, 24), "{0}[{1}:{1}]".format(s_out, 27), "{0}[{1}:{1}]".format(s_out, 26), "{0}[{1}:{1}]".format(s_out, 25), "{0}[{1}:{1}]".format(s_out, 24), "{0}[{1}:{1}]".format(w, 27), "{0}[{1}:{1}]".format(w, 26), "{0}[{1}:{1}]".format(w, 25), "{0}[{1}:{1}]".format(w, 24)] command += stpcommands.add4bitSbox(s6, variables) #s7 variables = ["{0}[{1}:{1}]".format(f_in, 31), "{0}[{1}:{1}]".format(f_in, 30), "{0}[{1}:{1}]".format(f_in, 29), "{0}[{1}:{1}]".format(f_in, 28), "{0}[{1}:{1}]".format(s_out, 31), "{0}[{1}:{1}]".format(s_out, 30), "{0}[{1}:{1}]".format(s_out, 29), "{0}[{1}:{1}]".format(s_out, 28), "{0}[{1}:{1}]".format(w, 31), "{0}[{1}:{1}]".format(w, 30), "{0}[{1}:{1}]".format(w, 29), "{0}[{1}:{1}]".format(w, 28)] command += stpcommands.add4bitSbox(s7, variables) # Permutation Layer command += "ASSERT({0}[7:4] = {1}[3:0]);\n".format(s_out, f_out) command += "ASSERT({0}[15:12] = {1}[7:4]);\n".format(s_out, f_out) command += "ASSERT({0}[3:0] = {1}[11:8]);\n".format(s_out, f_out) command += "ASSERT({0}[11:8] = {1}[15:12]);\n".format(s_out, f_out) command += "ASSERT({0}[23:20] = {1}[19:16]);\n".format(s_out, f_out) command += "ASSERT({0}[31:28] = {1}[23:20]);\n".format(s_out, f_out) command += "ASSERT({0}[19:16] = {1}[27:24]);\n".format(s_out, f_out) command += "ASSERT({0}[27:24] = {1}[31:28]);\n".format(s_out, f_out) return command