def setupMantisMiddleRound(self, stp_file, sb_in, m_in, m_out, sb_out, wn, wn2, wordsize):
"""
Middle round of Mantis.
"""
command = ""
# SubBytes
mantis_sbox = [0xc, 0xa, 0xd, 0x3, 0xe, 0xb, 0xf, 0x7,
0x8, 0x9, 0x1, 0x5, 0x0, 0x2, 0x4, 0x6]
for sbox in range(16):
command += stpcommands.add4bitSboxNibbles(mantis_sbox, sb_in[sbox], m_in[sbox], wn[sbox])
# MixColumns
for col in range(4):
xorsum = stpcommands.getStringXORn(m_in[4*col:(4*(col + 1))]) # Get One column
for row in range(4):
command += "ASSERT({} = BVXOR({}, {}));\n".format(m_out[4*col + row],
m_in[4*col + row],
xorsum)
# SubBytes
for sbox in range(16):
command += stpcommands.add4bitSboxNibbles(mantis_sbox, m_out[sbox], sb_out[sbox], wn2[sbox])
stp_file.write(command)
return
def setupMantisBackwardRound(self, stp_file, sb_in, sr, mc, sb_out, wn, wordsize):
"""
Model for differential behaviour of one backward round Mantis.
"""
command = ""
# MixColumns
for col in range(4):
xorsum = stpcommands.getStringXORn(sb_in[4*col:(4*(col + 1))]) # Get One column
for row in range(4):
command += "ASSERT({} = BVXOR({}, {}));\n".format(sr[4*col + row],
sb_in[4*col + row],
xorsum)
# Permute Cells Inverse
permutation = [0, 7, 14, 9, 5, 2, 11, 12,
15, 8, 1, 6, 10, 13, 4, 3]
for nibble in range(16):
command += "ASSERT({} = {});\n".format(sr[nibble], mc[permutation[nibble]])
# Inverse SubBytes
mantis_sbox = [0xc, 0xa, 0xd, 0x3, 0xe, 0xb, 0xf, 0x7,
0x8, 0x9, 0x1, 0x5, 0x0, 0x2, 0x4, 0x6]
for sbox in range(16):
command += stpcommands.add4bitSboxNibbles(mantis_sbox, mc[sbox], sb_out[sbox], wn[sbox])
stp_file.write(command)
return
def setupQarmaForwardRound(self, stp_file, sb_in, sr, mc, sb_out, wn, wordsize):
"""
Model for differential behaviour of one forward round Qarma.
"""
command = ""
# Shuffle Cells - Midori cell permutation
# 0 4 8 c 0 e 9 7
# 1 5 9 d a 4 3 d
# 2 6 a e 5 b c 2
# 3 7 b f f 1 6 8
permutation = [0x0, 0xa, 0x5, 0xf, 0xe, 0x4, 0xb, 0x1,
0x9, 0x3, 0xc, 0x6, 0x7, 0xd, 0x2, 0x8]
for nibble in range(16):
command += "ASSERT({} = {});\n".format(sr[nibble], mc[permutation[nibble]])
# MixColumns
# M4,2 = Q4,2 = [0, 1, 2, 1,
# 1, 0, 1, 2,
# 2, 1, 0, 1,
# 1, 2, 1, 0]
# 0 1 1 1 x0 x1 + x2 + x3
# 1 0 1 1 x1 -> x0 + x2 + x3
# 1 1 0 1 x2 x0 + x1 + x3
# 1 1 1 0 x3 x0 + x1 + x2
#for col in range(4):
# for bit in range(4):
# offset0 = col*16 + 0 + bit
# offset1 = col*16 + 4 + bit
# offset2 = col*16 + 8 + bit
# offset3 = col*16 + 12 + bit
# command += "ASSERT(BVXOR(BVXOR({4}[{1}:{1}], {4}[{2}:{2}]), {4}[{3}:{3}]) \
# = {5}[{0}:{0}]);\n".format(offset0, offset1, offset2, offset3, mc, sb_out)
# command += "ASSERT(BVXOR(BVXOR({4}[{0}:{0}], {4}[{2}:{2}]), {4}[{3}:{3}]) \
# = {5}[{1}:{1}]);\n".format(offset0, offset1, offset2, offset3, mc, sb_out)
# command += "ASSERT(BVXOR(BVXOR({4}[{0}:{0}], {4}[{1}:{1}]), {4}[{3}:{3}]) \
# = {5}[{2}:{2}]);\n".format(offset0, offset1, offset2, offset3, mc, sb_out)
# command += "ASSERT(BVXOR(BVXOR({4}[{0}:{0}], {4}[{1}:{1}]), {4}[{2}:{2}]) \
# = {5}[{3}:{3}]);\n".format(offset0, offset1, offset2, offset3, mc, sb_out)
# SubCells
# Sboxes
# default sbox = sigma1
# qarma sigma0 = [0x0, 0xE, 0x2, 0xA, 0x9, 0xF, 0x8, 0xB, 0x6, 0x4, 0x3, 0x7, 0xD, 0xC, 0x1, 0x5]
# qarma sigma1 = [0xA, 0xD. 0xE, 0x6, 0xF, 0x7, 0x3, 0x5, 0x9, 0x8, 0x0, 0xC, 0xB, 0x1, 0x2, 0x4]
# qarma sigma2 = [0xB, 0x6, 0x8, 0xF, 0xC, 0x0, 0x9, 0xE, 0x3, 0x7, 0x4, 0x5, 0xD, 0x2, 0x1, 0xA]
# qarma sigma2_inv = [0x5, 0xE, 0xD, 0x8, 0xA, 0xB, 0x1, 0x9, 0x2, 0x6, 0xF, 0x0, 0x4, 0xC, 0x7, 0x3]
qarma_sbox_sigma_1 = [0xA, 0xD. 0xE, 0x6, 0xF, 0x7, 0x3, 0x5, 0x9, 0x8, 0x0, 0xC, 0xB, 0x1, 0x2, 0x4]
for sbox in range(16):
command += stpcommands.add4bitSboxNibbles(qarama_sbox_sigma_1, sb_in[sbox], sr[sbox], wn[sbox])
stp_file.write(command)
return
def setupPrinceMiddleRound(self, stp_file, sb_in, sr, mc, sb_out, wn, wn2,
wordsize):
"""
Middle round of PRINCE.
"""
command = ""
# SubBytes
prince_sbox = [
0xb, 0xf, 0x3, 0x2, 0xa, 0xc, 0x9, 0x1, 0x6, 0x7, 0x8, 0x0, 0xe,
0x5, 0xd, 0x4
]
for sbox in range(16):
command += stpcommands.add4bitSboxNibbles(prince_sbox, sb_in[sbox],
mc[sbox], wn[sbox])
# MixColumns
for col in range(4):
input_col = [
"{0}[{1}:{1}]".format(mc[4 * col + row], bit)
for row in range(4) for bit in range(4)
]
output_col = [
"{0}[{1}:{1}]".format(sr[4 * col + row], bit)
for row in range(4) for bit in range(4)
]
if col % 2 == 0:
command += self.princeM(input_col, output_col)
else:
command += self.princeMhat(input_col, output_col)
# Inverse SubBytes
prince_sbox_inv = [
0xb, 0x7, 0x3, 0x2, 0xf, 0xd, 0x8, 0x9, 0xa, 0x6, 0x4, 0x0, 0x5,
0xe, 0xc, 0x1
]
for sbox in range(16):
command += stpcommands.add4bitSboxNibbles(prince_sbox_inv,
sr[sbox], sb_out[sbox],
wn2[sbox])
stp_file.write(command)
return
def setupQarmaBackwardRound(self, stp_file, sb_in, sr, mc, sb_out, wn, wordsize):
"""
Model for differential behaviour of one backward round Qarma.
"""
command = ""
# SubCells
# Sboxes
# default sbox = sigma1
# qarma sigma0 = [0x0, 0xE, 0x2, 0xA, 0x9, 0xF, 0x8, 0xB, 0x6, 0x4, 0x3, 0x7, 0xD, 0xC, 0x1, 0x5]
# qarma sigma1 = [0xA, 0xD. 0xE, 0x6, 0xF, 0x7, 0x3, 0x5, 0x9, 0x8, 0x0, 0xC, 0xB, 0x1, 0x2, 0x4]
# qarma sigma2 = [0xB, 0x6, 0x8, 0xF, 0xC, 0x0, 0x9, 0xE, 0x3, 0x7, 0x4, 0x5, 0xD, 0x2, 0x1, 0xA]
# qarma sigma2_inv = [0x5, 0xE, 0xD, 0x8, 0xA, 0xB, 0x1, 0x9, 0x2, 0x6, 0xF, 0x0, 0x4, 0xC, 0x7, 0x3]
qarma_sbox_sigma_1 = [0xA, 0xD. 0xE, 0x6, 0xF, 0x7, 0x3, 0x5, 0x9, 0x8, 0x0, 0xC, 0xB, 0x1, 0x2, 0x4]
for sbox in range(16):
command += stpcommands.add4bitSboxNibbles(qarama_sbox_sigma_1, sb_in[sbox], sr[sbox], wn[sbox])
# MixColumns
# M4,2 = Q4,2 = [0, 1, 2, 1,
# 1, 0, 1, 2,
# 2, 1, 0, 1,
# 1, 2, 1, 0]
#TODO
#for col in range(4):
# xorsum = stpcommands.getStringXORn(sb_in[4*col:(4*(col + 1))]) # Get One column
# for row in range(4):
# command += "ASSERT({} = BVXOR({}, {}));\n".format(sr[4*col + row],
# sb_in[4*col + row],
# xorsum)
# ShuffleCells inverse - Midori cell permutation
# 0 4 8 c 0 5 f a
# 1 5 9 d 7 2 8 d
# 2 6 a e e b 1 4
# 3 7 b f 9 c 6 3
permutation = [0x0, 0x7, 0xe, 0x9, 0x5, 0x2, 0xb, 0xc,
0xf, 0x8, 0x1, 0x6, 0xa, 0xd, 0x4, 0x3]
for nibble in range(16):
command += "ASSERT({} = {});\n".format(sr[nibble], mc[permutation[nibble]])
stp_file.write(command)
return
def setupQarmaLastBackwardRound(self, stp_file, sb_in, sr, mc, sb_out, wn, wordsize):
"""
Model for differential behaviour of the last backward round Qarma.
"""
command = ""
# SubCells
# Sboxes
# default sbox = sigma1
# qarma sigma0 = [0x0, 0xE, 0x2, 0xA, 0x9, 0xF, 0x8, 0xB, 0x6, 0x4, 0x3, 0x7, 0xD, 0xC, 0x1, 0x5]
# qarma sigma1 = [0xA, 0xD. 0xE, 0x6, 0xF, 0x7, 0x3, 0x5, 0x9, 0x8, 0x0, 0xC, 0xB, 0x1, 0x2, 0x4]
# qarma sigma2 = [0xB, 0x6, 0x8, 0xF, 0xC, 0x0, 0x9, 0xE, 0x3, 0x7, 0x4, 0x5, 0xD, 0x2, 0x1, 0xA]
# qarma sigma2_inv = [0x5, 0xE, 0xD, 0x8, 0xA, 0xB, 0x1, 0x9, 0x2, 0x6, 0xF, 0x0, 0x4, 0xC, 0x7, 0x3]
qarma_sbox_sigma_1 = [0xA, 0xD. 0xE, 0x6, 0xF, 0x7, 0x3, 0x5, 0x9, 0x8, 0x0, 0xC, 0xB, 0x1, 0x2, 0x4]
for sbox in range(16):
command += stpcommands.add4bitSboxNibbles(qarama_sbox_sigma_1, sb_in[sbox], sr[sbox], wn[sbox])
stp_file.write(command)
return
def setupPrinceBackwardRound(self, stp_file, sb_in, sr, mc, sb_out, wn,
wordsize):
"""
Model for differential behaviour of one backward round PRINCE.
"""
command = ""
# ShiftRows
permutation = [0, 13, 10, 7, 4, 1, 14, 11, 8, 5, 2, 15, 12, 9, 6, 3]
for nibble in range(16):
command += "ASSERT({} = {});\n".format(sb_in[nibble],
sr[permutation[nibble]])
# MixColumns
for col in range(4):
input_col = [
"{0}[{1}:{1}]".format(sr[4 * col + row], bit)
for row in range(4) for bit in range(4)
]
output_col = [
"{0}[{1}:{1}]".format(mc[4 * col + row], bit)
for row in range(4) for bit in range(4)
]
if col % 2 == 0:
command += self.princeM(input_col, output_col)
else:
command += self.princeMhat(input_col, output_col)
# Inverse SubBytes
prince_sbox_inv = [
0xb, 0x7, 0x3, 0x2, 0xf, 0xd, 0x8, 0x9, 0xa, 0x6, 0x4, 0x0, 0x5,
0xe, 0xc, 0x1
]
for sbox in range(16):
command += stpcommands.add4bitSboxNibbles(prince_sbox_inv,
mc[sbox], sb_out[sbox],
wn[sbox])
stp_file.write(command)
return
def setupMantisForwardRound(self, stp_file, sb_in, sr, mc, sb_out, wn, wordsize):
"""
Model for differential behaviour of one forward round Mantis.
"""
command = ""
# SubBytes
mantis_sbox = [0xc, 0xa, 0xd, 0x3, 0xe, 0xb, 0xf, 0x7,
0x8, 0x9, 0x1, 0x5, 0x0, 0x2, 0x4, 0x6]
for sbox in range(16):
command += stpcommands.add4bitSboxNibbles(mantis_sbox, sb_in[sbox], sr[sbox], wn[sbox])
# Permute Cells
permutation = [0x0, 0xa, 0x5, 0xf, 0xe, 0x4, 0xb, 0x1,
0x9, 0x3, 0xc, 0x6, 0x7, 0xd, 0x2, 0x8]
for nibble in range(16):
command += "ASSERT({} = {});\n".format(sr[nibble], mc[permutation[nibble]])
#MixColumns
# 0 1 1 1 x0 x1 + x2 + x3
# 1 0 1 1 x1 -> x0 + x2 + x3
# 1 1 0 1 x2 x0 + x1 + x3
# 1 1 1 0 x3 x0 + x1 + x2
for col in range(4):
xorsum = stpcommands.getStringXORn(mc[4*col:(4*(col + 1))]) # Get One column
for row in range(4):
command += "ASSERT({} = BVXOR({}, {}));\n".format(sb_out[4*col + row],
mc[4*col + row],
xorsum)
stp_file.write(command)
return