def setupMantisMiddleRound(self, stp_file, sb_in, m_in, m_out, sb_out, wn, wn2, wordsize): """ Middle round of Mantis. """ command = "" # SubBytes mantis_sbox = [0xc, 0xa, 0xd, 0x3, 0xe, 0xb, 0xf, 0x7, 0x8, 0x9, 0x1, 0x5, 0x0, 0x2, 0x4, 0x6] for sbox in range(16): command += stpcommands.add4bitSboxNibbles(mantis_sbox, sb_in[sbox], m_in[sbox], wn[sbox]) # MixColumns for col in range(4): xorsum = stpcommands.getStringXORn(m_in[4*col:(4*(col + 1))]) # Get One column for row in range(4): command += "ASSERT({} = BVXOR({}, {}));\n".format(m_out[4*col + row], m_in[4*col + row], xorsum) # SubBytes for sbox in range(16): command += stpcommands.add4bitSboxNibbles(mantis_sbox, m_out[sbox], sb_out[sbox], wn2[sbox]) stp_file.write(command) return
def setupMantisBackwardRound(self, stp_file, sb_in, sr, mc, sb_out, wn, wordsize): """ Model for differential behaviour of one backward round Mantis. """ command = "" # MixColumns for col in range(4): xorsum = stpcommands.getStringXORn(sb_in[4*col:(4*(col + 1))]) # Get One column for row in range(4): command += "ASSERT({} = BVXOR({}, {}));\n".format(sr[4*col + row], sb_in[4*col + row], xorsum) # Permute Cells Inverse permutation = [0, 7, 14, 9, 5, 2, 11, 12, 15, 8, 1, 6, 10, 13, 4, 3] for nibble in range(16): command += "ASSERT({} = {});\n".format(sr[nibble], mc[permutation[nibble]]) # Inverse SubBytes mantis_sbox = [0xc, 0xa, 0xd, 0x3, 0xe, 0xb, 0xf, 0x7, 0x8, 0x9, 0x1, 0x5, 0x0, 0x2, 0x4, 0x6] for sbox in range(16): command += stpcommands.add4bitSboxNibbles(mantis_sbox, mc[sbox], sb_out[sbox], wn[sbox]) stp_file.write(command) return
def setupQarmaForwardRound(self, stp_file, sb_in, sr, mc, sb_out, wn, wordsize): """ Model for differential behaviour of one forward round Qarma. """ command = "" # Shuffle Cells - Midori cell permutation # 0 4 8 c 0 e 9 7 # 1 5 9 d a 4 3 d # 2 6 a e 5 b c 2 # 3 7 b f f 1 6 8 permutation = [0x0, 0xa, 0x5, 0xf, 0xe, 0x4, 0xb, 0x1, 0x9, 0x3, 0xc, 0x6, 0x7, 0xd, 0x2, 0x8] for nibble in range(16): command += "ASSERT({} = {});\n".format(sr[nibble], mc[permutation[nibble]]) # MixColumns # M4,2 = Q4,2 = [0, 1, 2, 1, # 1, 0, 1, 2, # 2, 1, 0, 1, # 1, 2, 1, 0] # 0 1 1 1 x0 x1 + x2 + x3 # 1 0 1 1 x1 -> x0 + x2 + x3 # 1 1 0 1 x2 x0 + x1 + x3 # 1 1 1 0 x3 x0 + x1 + x2 #for col in range(4): # for bit in range(4): # offset0 = col*16 + 0 + bit # offset1 = col*16 + 4 + bit # offset2 = col*16 + 8 + bit # offset3 = col*16 + 12 + bit # command += "ASSERT(BVXOR(BVXOR({4}[{1}:{1}], {4}[{2}:{2}]), {4}[{3}:{3}]) \ # = {5}[{0}:{0}]);\n".format(offset0, offset1, offset2, offset3, mc, sb_out) # command += "ASSERT(BVXOR(BVXOR({4}[{0}:{0}], {4}[{2}:{2}]), {4}[{3}:{3}]) \ # = {5}[{1}:{1}]);\n".format(offset0, offset1, offset2, offset3, mc, sb_out) # command += "ASSERT(BVXOR(BVXOR({4}[{0}:{0}], {4}[{1}:{1}]), {4}[{3}:{3}]) \ # = {5}[{2}:{2}]);\n".format(offset0, offset1, offset2, offset3, mc, sb_out) # command += "ASSERT(BVXOR(BVXOR({4}[{0}:{0}], {4}[{1}:{1}]), {4}[{2}:{2}]) \ # = {5}[{3}:{3}]);\n".format(offset0, offset1, offset2, offset3, mc, sb_out) # SubCells # Sboxes # default sbox = sigma1 # qarma sigma0 = [0x0, 0xE, 0x2, 0xA, 0x9, 0xF, 0x8, 0xB, 0x6, 0x4, 0x3, 0x7, 0xD, 0xC, 0x1, 0x5] # qarma sigma1 = [0xA, 0xD. 0xE, 0x6, 0xF, 0x7, 0x3, 0x5, 0x9, 0x8, 0x0, 0xC, 0xB, 0x1, 0x2, 0x4] # qarma sigma2 = [0xB, 0x6, 0x8, 0xF, 0xC, 0x0, 0x9, 0xE, 0x3, 0x7, 0x4, 0x5, 0xD, 0x2, 0x1, 0xA] # qarma sigma2_inv = [0x5, 0xE, 0xD, 0x8, 0xA, 0xB, 0x1, 0x9, 0x2, 0x6, 0xF, 0x0, 0x4, 0xC, 0x7, 0x3] qarma_sbox_sigma_1 = [0xA, 0xD. 0xE, 0x6, 0xF, 0x7, 0x3, 0x5, 0x9, 0x8, 0x0, 0xC, 0xB, 0x1, 0x2, 0x4] for sbox in range(16): command += stpcommands.add4bitSboxNibbles(qarama_sbox_sigma_1, sb_in[sbox], sr[sbox], wn[sbox]) stp_file.write(command) return
def setupPrinceMiddleRound(self, stp_file, sb_in, sr, mc, sb_out, wn, wn2, wordsize): """ Middle round of PRINCE. """ command = "" # SubBytes prince_sbox = [ 0xb, 0xf, 0x3, 0x2, 0xa, 0xc, 0x9, 0x1, 0x6, 0x7, 0x8, 0x0, 0xe, 0x5, 0xd, 0x4 ] for sbox in range(16): command += stpcommands.add4bitSboxNibbles(prince_sbox, sb_in[sbox], mc[sbox], wn[sbox]) # MixColumns for col in range(4): input_col = [ "{0}[{1}:{1}]".format(mc[4 * col + row], bit) for row in range(4) for bit in range(4) ] output_col = [ "{0}[{1}:{1}]".format(sr[4 * col + row], bit) for row in range(4) for bit in range(4) ] if col % 2 == 0: command += self.princeM(input_col, output_col) else: command += self.princeMhat(input_col, output_col) # Inverse SubBytes prince_sbox_inv = [ 0xb, 0x7, 0x3, 0x2, 0xf, 0xd, 0x8, 0x9, 0xa, 0x6, 0x4, 0x0, 0x5, 0xe, 0xc, 0x1 ] for sbox in range(16): command += stpcommands.add4bitSboxNibbles(prince_sbox_inv, sr[sbox], sb_out[sbox], wn2[sbox]) stp_file.write(command) return
def setupQarmaBackwardRound(self, stp_file, sb_in, sr, mc, sb_out, wn, wordsize): """ Model for differential behaviour of one backward round Qarma. """ command = "" # SubCells # Sboxes # default sbox = sigma1 # qarma sigma0 = [0x0, 0xE, 0x2, 0xA, 0x9, 0xF, 0x8, 0xB, 0x6, 0x4, 0x3, 0x7, 0xD, 0xC, 0x1, 0x5] # qarma sigma1 = [0xA, 0xD. 0xE, 0x6, 0xF, 0x7, 0x3, 0x5, 0x9, 0x8, 0x0, 0xC, 0xB, 0x1, 0x2, 0x4] # qarma sigma2 = [0xB, 0x6, 0x8, 0xF, 0xC, 0x0, 0x9, 0xE, 0x3, 0x7, 0x4, 0x5, 0xD, 0x2, 0x1, 0xA] # qarma sigma2_inv = [0x5, 0xE, 0xD, 0x8, 0xA, 0xB, 0x1, 0x9, 0x2, 0x6, 0xF, 0x0, 0x4, 0xC, 0x7, 0x3] qarma_sbox_sigma_1 = [0xA, 0xD. 0xE, 0x6, 0xF, 0x7, 0x3, 0x5, 0x9, 0x8, 0x0, 0xC, 0xB, 0x1, 0x2, 0x4] for sbox in range(16): command += stpcommands.add4bitSboxNibbles(qarama_sbox_sigma_1, sb_in[sbox], sr[sbox], wn[sbox]) # MixColumns # M4,2 = Q4,2 = [0, 1, 2, 1, # 1, 0, 1, 2, # 2, 1, 0, 1, # 1, 2, 1, 0] #TODO #for col in range(4): # xorsum = stpcommands.getStringXORn(sb_in[4*col:(4*(col + 1))]) # Get One column # for row in range(4): # command += "ASSERT({} = BVXOR({}, {}));\n".format(sr[4*col + row], # sb_in[4*col + row], # xorsum) # ShuffleCells inverse - Midori cell permutation # 0 4 8 c 0 5 f a # 1 5 9 d 7 2 8 d # 2 6 a e e b 1 4 # 3 7 b f 9 c 6 3 permutation = [0x0, 0x7, 0xe, 0x9, 0x5, 0x2, 0xb, 0xc, 0xf, 0x8, 0x1, 0x6, 0xa, 0xd, 0x4, 0x3] for nibble in range(16): command += "ASSERT({} = {});\n".format(sr[nibble], mc[permutation[nibble]]) stp_file.write(command) return
def setupQarmaLastBackwardRound(self, stp_file, sb_in, sr, mc, sb_out, wn, wordsize): """ Model for differential behaviour of the last backward round Qarma. """ command = "" # SubCells # Sboxes # default sbox = sigma1 # qarma sigma0 = [0x0, 0xE, 0x2, 0xA, 0x9, 0xF, 0x8, 0xB, 0x6, 0x4, 0x3, 0x7, 0xD, 0xC, 0x1, 0x5] # qarma sigma1 = [0xA, 0xD. 0xE, 0x6, 0xF, 0x7, 0x3, 0x5, 0x9, 0x8, 0x0, 0xC, 0xB, 0x1, 0x2, 0x4] # qarma sigma2 = [0xB, 0x6, 0x8, 0xF, 0xC, 0x0, 0x9, 0xE, 0x3, 0x7, 0x4, 0x5, 0xD, 0x2, 0x1, 0xA] # qarma sigma2_inv = [0x5, 0xE, 0xD, 0x8, 0xA, 0xB, 0x1, 0x9, 0x2, 0x6, 0xF, 0x0, 0x4, 0xC, 0x7, 0x3] qarma_sbox_sigma_1 = [0xA, 0xD. 0xE, 0x6, 0xF, 0x7, 0x3, 0x5, 0x9, 0x8, 0x0, 0xC, 0xB, 0x1, 0x2, 0x4] for sbox in range(16): command += stpcommands.add4bitSboxNibbles(qarama_sbox_sigma_1, sb_in[sbox], sr[sbox], wn[sbox]) stp_file.write(command) return
def setupPrinceBackwardRound(self, stp_file, sb_in, sr, mc, sb_out, wn, wordsize): """ Model for differential behaviour of one backward round PRINCE. """ command = "" # ShiftRows permutation = [0, 13, 10, 7, 4, 1, 14, 11, 8, 5, 2, 15, 12, 9, 6, 3] for nibble in range(16): command += "ASSERT({} = {});\n".format(sb_in[nibble], sr[permutation[nibble]]) # MixColumns for col in range(4): input_col = [ "{0}[{1}:{1}]".format(sr[4 * col + row], bit) for row in range(4) for bit in range(4) ] output_col = [ "{0}[{1}:{1}]".format(mc[4 * col + row], bit) for row in range(4) for bit in range(4) ] if col % 2 == 0: command += self.princeM(input_col, output_col) else: command += self.princeMhat(input_col, output_col) # Inverse SubBytes prince_sbox_inv = [ 0xb, 0x7, 0x3, 0x2, 0xf, 0xd, 0x8, 0x9, 0xa, 0x6, 0x4, 0x0, 0x5, 0xe, 0xc, 0x1 ] for sbox in range(16): command += stpcommands.add4bitSboxNibbles(prince_sbox_inv, mc[sbox], sb_out[sbox], wn[sbox]) stp_file.write(command) return
def setupMantisForwardRound(self, stp_file, sb_in, sr, mc, sb_out, wn, wordsize): """ Model for differential behaviour of one forward round Mantis. """ command = "" # SubBytes mantis_sbox = [0xc, 0xa, 0xd, 0x3, 0xe, 0xb, 0xf, 0x7, 0x8, 0x9, 0x1, 0x5, 0x0, 0x2, 0x4, 0x6] for sbox in range(16): command += stpcommands.add4bitSboxNibbles(mantis_sbox, sb_in[sbox], sr[sbox], wn[sbox]) # Permute Cells permutation = [0x0, 0xa, 0x5, 0xf, 0xe, 0x4, 0xb, 0x1, 0x9, 0x3, 0xc, 0x6, 0x7, 0xd, 0x2, 0x8] for nibble in range(16): command += "ASSERT({} = {});\n".format(sr[nibble], mc[permutation[nibble]]) #MixColumns # 0 1 1 1 x0 x1 + x2 + x3 # 1 0 1 1 x1 -> x0 + x2 + x3 # 1 1 0 1 x2 x0 + x1 + x3 # 1 1 1 0 x3 x0 + x1 + x2 for col in range(4): xorsum = stpcommands.getStringXORn(mc[4*col:(4*(col + 1))]) # Get One column for row in range(4): command += "ASSERT({} = BVXOR({}, {}));\n".format(sb_out[4*col + row], mc[4*col + row], xorsum) stp_file.write(command) return