def generate_GIFT_version(size):
GIFT = CipherDescription(size)
s = ['s{}'.format(i) for i in range(size)]
#Sbox layer
sbox = [1, 0xa, 4, 0xc, 6, 0xf, 3, 9, 2, 0xd, 0xb, 7, 5, 0, 8, 0xe]
GIFT.add_sbox('S_box', sbox)
for i in range(size / 4):
bits = s[i * 4:(i + 1) * 4]
bits.reverse()
GIFT.apply_sbox('S_box', bits, bits)
#Bit permutation
if size == 64:
P = [
0, 17, 34, 51, 48, 1, 18, 35, 32, 49, 2, 19, 16, 33, 50, 3, 4, 21,
38, 55, 52, 5, 22, 39, 36, 53, 6, 23, 20, 37, 54, 7, 8, 25, 42, 59,
56, 9, 26, 43, 40, 57, 10, 27, 24, 41, 58, 11, 12, 29, 46, 63, 60,
13, 30, 47, 44, 61, 14, 31, 28, 45, 62, 15
]
else:
P = [
0, 33, 66, 99, 96, 1, 34, 67, 64, 97, 2, 35, 32, 65, 98, 3, 4, 37,
70, 103, 100, 5, 38, 71, 68, 101, 6, 39, 36, 69, 102, 7, 8, 41, 74,
107, 104, 9, 42, 75, 72, 105, 10, 43, 40, 73, 106, 11, 12, 45, 78,
111, 108, 13, 46, 79, 76, 109, 14, 47, 44, 77, 110, 15, 16, 49, 82,
115, 112, 17, 50, 83, 80, 113, 18, 51, 48, 81, 114, 19, 20, 53, 86,
119, 116, 21, 54, 87, 84, 117, 22, 55, 52, 85, 118, 23, 24, 57, 90,
123, 120, 25, 58, 91, 88, 121, 26, 59, 56, 89, 122, 27, 28, 61, 94,
127, 124, 29, 62, 95, 92, 125, 30, 63, 60, 93, 126, 31
]
GIFT.shufflewords(P, 1, 1)
return GIFT
def generate_test_version(wordsize):
# State
# 0 4 8 12
# 1 5 9 13
# 2 6 10 14
# 3 7 11 15
test = CipherDescription(16*wordsize)
midori_sbox = [0xC, 0xA, 0xD, 0x3, 0xE, 0xB, 0xF, 0x7,
0x8, 0x9, 0x1, 0x5, 0x0, 0x2, 0x4, 0x6]
shuffle = [0,10,5,15, 14,4,11,1, 9,3,12,6, 7,13,2,8]
MC = [[0, 1, 1, 1],
[1, 0, 1, 1],
[1, 1, 0, 1],
[1, 1, 1, 0]]
Rp = 0
test.add_sbox('S-box', midori_sbox)
for i in range(16):
bits = []
for j in range(wordsize):
bits.append("s{}".format(wordsize*i + wordsize - 1 - j))
test.apply_sbox('S-box', bits, bits)
test.shufflewords(shuffle,wordsize)
# MixColumn
test.apply_MC(wordsize, MC, Rp, 4, 4)
return test
def generate_AES():
AES = CipherDescription(128)
#Add the appropriate sbox
sbox = [
0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b,
0xfe, 0xd7, 0xab, 0x76, 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0,
0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0, 0xb7, 0xfd, 0x93, 0x26,
0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2,
0xeb, 0x27, 0xb2, 0x75, 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0,
0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84, 0x53, 0xd1, 0x00, 0xed,
0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f,
0x50, 0x3c, 0x9f, 0xa8, 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5,
0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2, 0xcd, 0x0c, 0x13, 0xec,
0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14,
0xde, 0x5e, 0x0b, 0xdb, 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c,
0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79, 0xe7, 0xc8, 0x37, 0x6d,
0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f,
0x4b, 0xbd, 0x8b, 0x8a, 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e,
0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e, 0xe1, 0xf8, 0x98, 0x11,
0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f,
0xb0, 0x54, 0xbb, 0x16
]
AES.add_sbox('S-box', sbox)
#Apply the sbox to all cells
for i in range(16):
bits = []
for j in range(8):
bits.append("s{}".format(8 * i + 7 - j))
AES.apply_sbox('S-box', bits, bits)
#Define and apply shiftrows
tshuffle = []
for i in range(4):
tshuffle.append([((j + i) % 4) * 4 + i for j in range(4)])
shuffle = []
for i in range(4):
for j in range(4):
shuffle.append(tshuffle[j][i])
AES.shufflewords(shuffle, 8, 1)
#Apply MixColumns
MC = [[2, 3, 1, 1], [1, 2, 3, 1], [1, 1, 2, 3], [3, 1, 1, 2]]
IP = 0x1b
AES.apply_MC(8, MC, IP, 4, 4)
return AES
def generate_spongent_version(b):
spongent = CipherDescription(b)
sbox = [0xE, 0xD, 0xB, 0, 2, 1, 4, 0xF, 7, 0xA, 8, 5, 9, 0xC, 3, 6]
spongent.add_sbox('S-box', sbox)
for i in range(b / 4):
bits = []
for j in range(4):
bits.append("s{}".format(4 * i + 3 - j))
spongent.apply_sbox('S-box', bits, bits)
shuffle = [(j * b / 4) % (b - 1) for j in range(b - 1)]
shuffle.append(b - 1)
spongent.shufflewords(shuffle, 1, 1)
return spongent
from cipher_description import CipherDescription
size = 64
TWINE = CipherDescription(size)
s = ['s{}'.format(i) for i in range(size)]
t = ['t{}'.format(i) for i in range(size)]
Sbox = [0xC, 0, 0xF, 0xA, 2, 0xB, 9, 5, 8, 3, 0xD, 7, 1, 0xE, 6, 4]
p = [5, 0, 1, 4, 7, 12, 3, 8, 13, 6, 9, 2, 15, 10, 11, 14]
TWINE.add_sbox('sbox', Sbox)
for i in range(8):
for j in range(4):
TWINE.apply_mov(s[8 * i + j], t[4 * i + j])
bits = t[4 * i:4 * (i + 1)]
bits.reverse()
TWINE.apply_sbox('sbox', bits, bits)
for j in range(4):
TWINE.apply_xor(t[4 * i + j], s[8 * i + 4 + j], s[8 * i + 4 + j])
TWINE.shufflewords(p, 4, 0)
s1 = [4, 15, 3, 8, 13, 10, 12, 0, 11, 5, 7, 14, 2, 6, 1, 9]
mibs.add_sbox('S1', s1)
shuffle1 = [1, 0]
shuffle2 = [1, 7, 0, 2, 5, 6, 3, 4]
shuffle2_inv = [2, 0, 3, 6, 7, 4, 5, 1]
# Copy of the left side pass through the round function
for i in range(32):
mibs.apply_mov(s[i], t[i])
# Applying sboxes
for i in range(8):
bits = t[4 * i:4 * (i + 1)]
bits.reverse()
mibs.apply_sbox('S1', bits, bits)
# Applying mixing layer
for bit in range(wordsize):
y1 = "t{}".format(bit)
y2 = "t{}".format(bit + wordsize)
y3 = "t{}".format(bit + 2 * wordsize)
y4 = "t{}".format(bit + 3 * wordsize)
y5 = "t{}".format(bit + 4 * wordsize)
y6 = "t{}".format(bit + 5 * wordsize)
y7 = "t{}".format(bit + 6 * wordsize)
y8 = "t{}".format(bit + 7 * wordsize)
mibs.apply_xor(y4, y8, y8)
mibs.apply_xor(y3, y7, y7)
mibs.apply_xor(y2, y6, y6)
0x11, 0xd9, 0x5c, 0x41, 0x1f, 0x10, 0x5a, 0xd8,
0x0a, 0xc1, 0x31, 0x88, 0xa5, 0xcd, 0x7b, 0xbd,
0x2d, 0x74, 0xd0, 0x12, 0xb8, 0xe5, 0xb4, 0xb0,
0x89, 0x69, 0x97, 0x4a, 0x0c, 0x96, 0x77, 0x7e,
0x65, 0xb9, 0xf1, 0x09, 0xc5, 0x6e, 0xc6, 0x84,
0x18, 0xf0, 0x7d, 0xec, 0x3a, 0xdc, 0x4d, 0x20,
0x79, 0xee, 0x5f, 0x3e, 0xd7, 0xcb, 0x39, 0x48]
SM4.add_sbox('sbox',Sbox)
for i in range(32):
SM4.apply_xor(s[32 + i], s[64 + i], t[i])
SM4.apply_xor(t[i], s[96 + i], t[i])
# S-box Layer
for i in range(4):
sbox_bits = t[8*i:8*(i + 1)]
SM4.apply_sbox('sbox',sbox_bits,sbox_bits)
# Linear Layer
for i in range(32):
SM4.apply_xor(t[i], s[i], s[i])
SM4.apply_xor(s[i], t[(i + 2) % 32], s[i])
SM4.apply_xor(s[i], t[(i + 10) % 32], s[i])
SM4.apply_xor(s[i], t[(i + 18) % 32], s[i])
SM4.apply_xor(s[i], t[(i + 24) % 32], s[i])
p = [3, 0, 1, 2]
SM4.shufflewords(p, 32, 0)
Sigma Function used in ASCON
'''
cipher.apply_xor("s{}".format((bit - rot_a) % 64), "s{}".format(
(bit - rot_b) % 64), "tmp")
cipher.apply_xor("s{}".format(bit), "tmp", "s{}".format(bit))
ascon_sbox = [
4, 11, 31, 20, 26, 21, 9, 2, 27, 5, 8, 18, 29, 3, 6, 28, 30, 19, 7, 14, 0,
13, 17, 24, 16, 12, 1, 25, 22, 10, 15, 23
]
ascon = CipherDescription(320)
ascon.add_sbox('S-box', ascon_sbox)
# Substitution Layer
for i in range(64):
bits = [
"s{}".format(i + 0), "s{}".format(i + 64), "s{}".format(i + 128),
"s{}".format(i + 192), "s{}".format(i + 256)
]
ascon.apply_sbox('S-box', bits, bits)
# Linear Layer
for i in range(64):
apply_sigma(ascon, i, 19, 28)
apply_sigma(ascon, i + 64, 61, 39)
apply_sigma(ascon, i + 128, 1, 6)
apply_sigma(ascon, i + 192, 10, 17)
apply_sigma(ascon, i + 256, 7, 41)
def generate_skinny_version(wordsize, rounds):
# State
# 0 1 2 3
# 4 5 6 7
# 8 9 10 11
# 12 13 14 15
if wordsize == 4:
skinny_sbox = [
0xC, 0x6, 0x9, 0x0, 0x1, 0xa, 0x2, 0xb, 0x3, 0x8, 0x5, 0xd, 0x4,
0xe, 0x7, 0xf
]
elif wordsize == 8:
skinny_sbox = [
0x65, 0x4c, 0x6a, 0x42, 0x4b, 0x63, 0x43, 0x6b, 0x55, 0x75, 0x5a,
0x7a, 0x53, 0x73, 0x5b, 0x7b, 0x35, 0x8c, 0x3a, 0x81, 0x89, 0x33,
0x80, 0x3b, 0x95, 0x25, 0x98, 0x2a, 0x90, 0x23, 0x99, 0x2b, 0xe5,
0xcc, 0xe8, 0xc1, 0xc9, 0xe0, 0xc0, 0xe9, 0xd5, 0xf5, 0xd8, 0xf8,
0xd0, 0xf0, 0xd9, 0xf9, 0xa5, 0x1c, 0xa8, 0x12, 0x1b, 0xa0, 0x13,
0xa9, 0x05, 0xb5, 0x0a, 0xb8, 0x03, 0xb0, 0x0b, 0xb9, 0x32, 0x88,
0x3c, 0x85, 0x8d, 0x34, 0x84, 0x3d, 0x91, 0x22, 0x9c, 0x2c, 0x94,
0x24, 0x9d, 0x2d, 0x62, 0x4a, 0x6c, 0x45, 0x4d, 0x64, 0x44, 0x6d,
0x52, 0x72, 0x5c, 0x7c, 0x54, 0x74, 0x5d, 0x7d, 0xa1, 0x1a, 0xac,
0x15, 0x1d, 0xa4, 0x14, 0xad, 0x02, 0xb1, 0x0c, 0xbc, 0x04, 0xb4,
0x0d, 0xbd, 0xe1, 0xc8, 0xec, 0xc5, 0xcd, 0xe4, 0xc4, 0xed, 0xd1,
0xf1, 0xdc, 0xfc, 0xd4, 0xf4, 0xdd, 0xfd, 0x36, 0x8e, 0x38, 0x82,
0x8b, 0x30, 0x83, 0x39, 0x96, 0x26, 0x9a, 0x28, 0x93, 0x20, 0x9b,
0x29, 0x66, 0x4e, 0x68, 0x41, 0x49, 0x60, 0x40, 0x69, 0x56, 0x76,
0x58, 0x78, 0x50, 0x70, 0x59, 0x79, 0xa6, 0x1e, 0xaa, 0x11, 0x19,
0xa3, 0x10, 0xab, 0x06, 0xb6, 0x08, 0xba, 0x00, 0xb3, 0x09, 0xbb,
0xe6, 0xce, 0xea, 0xc2, 0xcb, 0xe3, 0xc3, 0xeb, 0xd6, 0xf6, 0xda,
0xfa, 0xd3, 0xf3, 0xdb, 0xfb, 0x31, 0x8a, 0x3e, 0x86, 0x8f, 0x37,
0x87, 0x3f, 0x92, 0x21, 0x9e, 0x2e, 0x97, 0x27, 0x9f, 0x2f, 0x61,
0x48, 0x6e, 0x46, 0x4f, 0x67, 0x47, 0x6f, 0x51, 0x71, 0x5e, 0x7e,
0x57, 0x77, 0x5f, 0x7f, 0xa2, 0x18, 0xae, 0x16, 0x1f, 0xa7, 0x17,
0xaf, 0x01, 0xb2, 0x0e, 0xbe, 0x07, 0xb7, 0x0f, 0xbf, 0xe2, 0xca,
0xee, 0xc6, 0xcf, 0xe7, 0xc7, 0xef, 0xd2, 0xf2, 0xde, 0xfe, 0xd7,
0xf7, 0xdf, 0xff
]
# ShiftRows
shiftrows = []
for bit in range(wordsize):
# Second Row
shiftrows.append([
"s{}".format(wordsize * 4 + bit), "s{}".format(wordsize * 5 + bit),
"s{}".format(wordsize * 6 + bit), "s{}".format(wordsize * 7 + bit)
])
# Third Row
shiftrows.append([
"s{}".format(wordsize * 8 + bit), "s{}".format(wordsize * 10 + bit)
])
shiftrows.append([
"s{}".format(wordsize * 9 + bit), "s{}".format(wordsize * 11 + bit)
])
# Fourth Row
shiftrows.append([
"s{}".format(wordsize * 12 + bit),
"s{}".format(wordsize * 15 + bit),
"s{}".format(wordsize * 14 + bit),
"s{}".format(wordsize * 13 + bit)
])
skinny = CipherDescription(wordsize * 16)
skinny.add_sbox('S-box', skinny_sbox)
# SubCells
for word in range(16):
bits = ["s{}".format(wordsize * word + i) for i in range(wordsize)]
skinny.apply_sbox('S-box', bits, bits)
# ShiftRows
for shift in shiftrows:
skinny.apply_permutation(shift)
# MixColumns
for col in range(4):
for bit in range(wordsize):
x0 = "s{}".format(bit + col * wordsize)
x1 = "s{}".format(bit + 4 * wordsize + col * wordsize)
x2 = "s{}".format(bit + 4 * 2 * wordsize + col * wordsize)
x3 = "s{}".format(bit + 4 * 3 * wordsize + col * wordsize)
skinny.apply_xor(x1, x2, x1)
skinny.apply_xor(x2, x0, x2)
skinny.apply_xor(x2, x3, x3)
skinny.apply_permutation([x0, x1, x2, x3])
return skinny
def generate_photon_version(t):
#define wordsize, statesize, and irreducible polynomial
if t == 100:
d = 5
s = 4
IP = 3
Z = [1, 2, 9, 9, 2]
elif t == 144:
d = 6
s = 4
IP = 3
Z = [1, 2, 8, 5, 8, 2]
elif t == 196:
d = 7
s = 4
IP = 3
Z = [1, 4, 6, 1, 1, 6, 4]
elif t == 256:
d = 8
s = 4
IP = 3
Z = [2, 4, 2, 11, 2, 8, 5, 6]
elif t == 288:
d = 6
s = 8
IP = 0x1b
Z = [2, 3, 1, 2, 1, 4]
photon = CipherDescription(t)
#Add the appropriate sbox
if s == 8:
sbox = [
0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67,
0x2b, 0xfe, 0xd7, 0xab, 0x76, 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59,
0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0, 0xb7,
0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1,
0x71, 0xd8, 0x31, 0x15, 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05,
0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75, 0x09, 0x83,
0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29,
0xe3, 0x2f, 0x84, 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b,
0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf, 0xd0, 0xef, 0xaa,
0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c,
0x9f, 0xa8, 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc,
0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2, 0xcd, 0x0c, 0x13, 0xec,
0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19,
0x73, 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee,
0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb, 0xe0, 0x32, 0x3a, 0x0a, 0x49,
0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4,
0xea, 0x65, 0x7a, 0xae, 0x08, 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6,
0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a, 0x70,
0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9,
0x86, 0xc1, 0x1d, 0x9e, 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e,
0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf, 0x8c, 0xa1,
0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0,
0x54, 0xbb, 0x16
]
elif s == 4:
sbox = [
0xC, 0x5, 0x6, 0xB, 0x9, 0x0, 0xA, 0xD, 0x3, 0xE, 0xF, 0x8, 0x4,
0x7, 0x1, 0x2
]
photon.add_sbox('S-box', sbox)
#Apply the sbox to all cells
for i in range(d * d):
bits = []
for j in range(s):
bits.append("s{}".format(s * i + s - 1 - j))
photon.apply_sbox('S-box', bits, bits)
#Define and apply shiftrows
tshuffle = []
for i in range(d):
tshuffle.append([((j + i) % d) * d + i for j in range(d)])
shuffle = []
for i in range(d):
for j in range(d):
shuffle.append(tshuffle[j][i])
photon.shufflewords(shuffle, s, 1)
'''
#Apply MixColumns
MC = []
for i in range(d-1):
temp = [0]
for j in range(d-1):
if i==j:
temp.append(1)
else:
temp.append(0)
MC.append(temp)
MC.append(Z)
for i in range(d):
photon.apply_MC(s,MC,IP,d,d)
'''
photon.apply_MC_serial(s, Z, IP)
return photon
from cipher_description import CipherDescription
rectangle_sbox = [
0x6, 0x5, 0xC, 0xA, 0x1, 0xE, 0x7, 0x9, 0xB, 0x0, 0x3, 0xD, 0x8, 0xF, 0x4,
0x2
]
rectangle_permutations = [\
['s16', 's17', 's18','s19','s20','s21','s22','s23','s24','s25','s26','s27','s28','s29','s30','s31'],
['s32', 's44', 's40','s36'],
['s33', 's45', 's41','s37'],
['s34', 's46', 's42','s38'],
['s35', 's47', 's43','s39'],
['s48', 's61', 's58','s55','s52','s49','s62','s59','s56','s53','s50','s63','s60','s57','s54','s51'],
]
rectangle = CipherDescription(64)
rectangle.add_sbox('S-box', rectangle_sbox)
for i in range(16):
bits = [
"s{}".format(i + 0), "s{}".format(i + 16), "s{}".format(i + 32),
"s{}".format(i + 48)
]
rectangle.apply_sbox('S-box', bits, bits)
for p in rectangle_permutations:
rectangle.apply_permutation(p)
['s2', 's32', 's8'],
['s3', 's48', 's12'],
['s5', 's17', 's20'],
['s6', 's33', 's24'],
['s7', 's49', 's28'],
['s9', 's18', 's36'],
['s10', 's34', 's40'],
['s11', 's50', 's44'],
['s13', 's19', 's52'],
['s14', 's35', 's56'],
['s15', 's51', 's60'],
['s22', 's37', 's25'],
['s23', 's53', 's29'],
['s26', 's38', 's41'],
['s27', 's54', 's45'],
['s30', 's39', 's57'],
['s31', 's55', 's61'],
['s43', 's58', 's46'],
['s47', 's59', 's62']]
present = CipherDescription(64)
present.add_sbox('S-box', present_sbox)
for i in range(16):
bits = [
"s{}".format(4 * i + 0), "s{}".format(4 * i + 1),
"s{}".format(4 * i + 2), "s{}".format(4 * i + 3)
]
present.apply_sbox('S-box', bits, bits)
for p in present_permutations:
present.apply_permutation(p)
IP = 3
Z = [4, 1, 2, 2]
#Add the appropriate sbox
sbox = [
0xC, 0x5, 0x6, 0xB, 0x9, 0x0, 0xA, 0xD, 0x3, 0xE, 0xF, 0x8, 0x4, 0x7, 0x1,
0x2
]
LED.add_sbox('S-box', sbox)
#Apply the sbox to all cells
for i in range(d * d):
bits = []
for j in range(s):
bits.append("s{}".format(s * i + s - 1 - j))
LED.apply_sbox('S-box', bits, bits)
#Define and apply shiftrows
tshuffle = []
for i in range(d):
tshuffle.append([((j + i) % d) * d + i for j in range(d)])
shuffle = []
for i in range(d):
for j in range(d):
shuffle.append(tshuffle[j][i])
LED.shufflewords(shuffle, s, 1)
#Apply MixColumns
LED.apply_MC_serial(s, Z, IP)
def generate_midori_version(wordsize, rounds):
# State
# 0 4 8 12
# 1 5 9 13
# 2 6 10 14
# 3 7 11 15
if wordsize == 4:
midori_sbox = [
0xC, 0xA, 0xD, 0x3, 0xE, 0xB, 0xF, 0x7, 0x8, 0x9, 0x1, 0x5, 0x0,
0x2, 0x4, 0x6
]
elif wordsize == 8:
midori_sbox = [
0x1, 0x0, 0x5, 0x3, 0xe, 0x2, 0xf, 0x7, 0xd, 0xa, 0x9, 0xb, 0xc,
0x8, 0x4, 0x6
]
# Shuffle Cells
shuffle_cells = []
for bit in range(wordsize):
shuffle_cells.append([
"s{}".format(wordsize * 10 + bit),
"s{}".format(wordsize * 1 + bit), "s{}".format(wordsize * 7 + bit),
"s{}".format(wordsize * 12 + bit)
])
shuffle_cells.append([
"s{}".format(wordsize * 5 + bit), "s{}".format(wordsize * 2 + bit),
"s{}".format(wordsize * 14 + bit), "s{}".format(wordsize * 4 + bit)
])
shuffle_cells.append([
"s{}".format(wordsize * 15 + bit),
"s{}".format(wordsize * 3 + bit), "s{}".format(wordsize * 9 + bit),
"s{}".format(wordsize * 8 + bit)
])
shuffle_cells.append([
"s{}".format(wordsize * 11 + bit), "s{}".format(wordsize * 6 + bit)
])
midori = CipherDescription(wordsize * 16)
midori.add_sbox('S-box', midori_sbox)
# SubCell
for i in range(16):
if wordsize == 4:
bits = [
"s{}".format(4 * i + 3), "s{}".format(4 * i + 2),
"s{}".format(4 * i + 1), "s{}".format(4 * i + 0)
]
midori.apply_sbox('S-box', bits, bits)
else:
# Apply bit permutation
bit_perm = [sb_perm[i % 4][j] for j in range(8)]
for cycle in decompose_permutation(bit_perm):
cycle_bits = []
for v in cycle:
cycle_bits.append("s{}".format(8 * i + v))
midori.apply_permutation(cycle_bits)
# Apply S-box
bits = [
"s{}".format(8 * i + 0), "s{}".format(8 * i + 1),
"s{}".format(8 * i + 2), "s{}".format(8 * i + 3)
]
midori.apply_sbox('S-box', bits, bits)
bits = [
"s{}".format(8 * i + 4), "s{}".format(8 * i + 5),
"s{}".format(8 * i + 6), "s{}".format(8 * i + 7)
]
midori.apply_sbox('S-box', bits, bits)
# Apply bit permutation
bit_perm = [8 * i + sb_perminv[i % 4][j] for j in range(8)]
for cycle in decompose_permutation(bit_perm):
cycle_bits = []
for v in cycle:
cycle_bits.append("s{}".format(8 * i + v))
midori.apply_permutation(cycle_bits)
# ShuffleCell
for shuffle in shuffle_cells:
midori.apply_permutation(shuffle)
# MixColumn
for col in range(4):
for bit in range(wordsize):
x0 = "s{}".format(bit + col * wordsize * 4)
x1 = "s{}".format(bit + wordsize + col * wordsize * 4)
x2 = "s{}".format(bit + 2 * wordsize + col * wordsize * 4)
x3 = "s{}".format(bit + 3 * wordsize + col * wordsize * 4)
midori.apply_xor(x0, x1, "txor01")
midori.apply_xor(x0, x2, "txor02")
midori.apply_xor(x1, x2, "txor12")
midori.apply_xor(x1, "txor12", "tx2")
midori.apply_xor("txor12", x3, x0)
midori.apply_xor("txor02", x3, x1)
midori.apply_xor("txor01", x3, x2)
midori.apply_xor("txor01", "tx2", x3)
# midori.apply_xor(x0, x1, "txor01")
# midori.apply_xor("txor01", x2, "tx3p")
#
# midori.apply_xor("txor01", x3, "tx2p")
#
# midori.apply_xor(x0, x2, "txor02")
# midori.apply_xor("txor02", x3, "tx1p")
#
# midori.apply_xor(x1, x2, "txor12")
# midori.apply_xor("txor12", x3, "tx0p")
#
# midori.apply_mov("tx0p", x0)
# midori.apply_mov("tx1p", x1)
# midori.apply_mov("tx2p", x2)
# midori.apply_mov("tx3p", x3)
return midori
#Expansion
E = [
32, 1, 2, 3, 4, 5, 4, 5, 6, 7, 8, 9, 8, 9, 10, 11, 12, 13, 12, 13, 14, 15,
16, 17, 16, 17, 18, 19, 20, 21, 20, 21, 22, 23, 24, 25, 24, 25, 26, 27, 28,
29, 28, 29, 30, 31, 32, 1
]
for i in range(48):
DES.apply_mov(s[32 + E[i] - 1], t[i])
#S-box layer
for i in range(1, 9):
input_bits = t[(i - 1) * 6:i * 6]
output_bits = t[(i - 1) * 4:i * 4]
DES.apply_sbox('S-box{}'.format(i), input_bits, output_bits)
#P-box
P = [
16, 7, 20, 21, 29, 12, 28, 17, 1, 15, 23, 26, 5, 18, 31, 10, 2, 8, 24, 14,
32, 27, 3, 9, 19, 13, 30, 6, 22, 11, 4, 25
]
for i in range(32):
DES.apply_mov(t[P[i] - 1], t[32 + i])
#Compression
for i in range(32):
DES.apply_xor(s[i], t[32 + i], s[i])
#swap
shuffle = [1, 0]
s3 = [7, 6, 8, 11, 0, 15, 3, 14, 9, 10, 12, 13, 5, 2, 4, 1]
s4 = [14, 5, 15, 0, 7, 2, 12, 13, 1, 8, 4, 9, 11, 10, 6, 3]
s5 = [2, 13, 11, 12, 15, 14, 0, 9, 7, 10, 6, 3, 1, 8, 4, 5]
s6 = [11, 9, 4, 14, 0, 15, 10, 13, 6, 12, 5, 7, 3, 8, 1, 2]
s7 = [13, 10, 15, 0, 14, 4, 9, 11, 2, 1, 8, 3, 7, 5, 12, 6]
LBlock.add_sbox('S0', s0)
LBlock.add_sbox('S1', s1)
LBlock.add_sbox('S2', s2)
LBlock.add_sbox('S3', s3)
LBlock.add_sbox('S4', s4)
LBlock.add_sbox('S5', s5)
LBlock.add_sbox('S6', s6)
LBlock.add_sbox('S7', s7)
shuffle1 = [1, 0]
shuffle2 = [1, 2, 3, 0]
shuffle3 = [4, 12, 0, 8, 20, 28, 16, 24]
LBlock.shufflewords(shuffle2, 8, 0)
for i in range(size / 2):
LBlock.apply_mov(s[i + 32], t[i])
for i in range(8):
bits = t[4 * i:4 * (i + 1)]
bits.reverse()
LBlock.apply_sbox('S{}'.format(i), bits, bits)
for i in range(size / 2):
LBlock.apply_xor(t[shuffle3[i / 4] + i % 4], s[i], s[i])
LBlock.shufflewords(shuffle1, 32, 0)
for col in range(5):
bit = col * lanesize + (5 * row * lanesize)
rot_perm = [(i + rot_const[col][row]) % lanesize
for i in range(lanesize)]
for cycle in decompose_permutation(rot_perm):
cycle_bits = []
for v in cycle:
cycle_bits.append("s{}".format(v + bit))
keccak.apply_permutation(cycle_bits)
# Pi
pi_perm = [
1, 15, 22, 16, 12, 13, 3, 20, 11, 23, 6, 9, 4, 10, 8, 14, 18, 17, 2, 5, 19,
7, 24, 21
]
for bit in range(lanesize):
perm = ['s{}'.format(i * lanesize + bit) for i in pi_perm]
keccak.apply_permutation(perm)
for row in range(5):
for bit in range(lanesize):
bits = [
"s{}".format(bit + (5 * row) * lanesize),
"s{}".format(bit + (5 * row) * lanesize + lanesize),
"s{}".format(bit + (5 * row) * lanesize + 2 * lanesize),
"s{}".format(bit + (5 * row) * lanesize + 3 * lanesize),
"s{}".format(bit + (5 * row) * lanesize + 4 * lanesize)
]
keccak.apply_sbox('S-box', bits, bits)