def setupPresentRound(self, stp_file, s_in, p, s_out, w, wordsize):
"""
Model for differential behaviour of one round PRESENT
"""
command = ""
#Permutation Layer
for i in range(16):
command += "ASSERT({0}[{1}:{1}] = {2}[{3}:{3}]);\n".format(p, i*4+0, s_out, i)
command += "ASSERT({0}[{1}:{1}] = {2}[{3}:{3}]);\n".format(p, i*4+1, s_out, i+16)
command += "ASSERT({0}[{1}:{1}] = {2}[{3}:{3}]);\n".format(p, i*4+2, s_out, i+32)
command += "ASSERT({0}[{1}:{1}] = {2}[{3}:{3}]);\n".format(p, i*4+3, s_out, i+48)
# Substitution Layer
present_sbox = [0xc, 5, 6, 0xb, 9, 0, 0xa, 0xd, 3, 0xe, 0xf, 8, 4, 7, 1, 2]
for i in range(16):
variables = ["{0}[{1}:{1}]".format(s_in, 4*i + 3),
"{0}[{1}:{1}]".format(s_in, 4*i + 2),
"{0}[{1}:{1}]".format(s_in, 4*i + 1),
"{0}[{1}:{1}]".format(s_in, 4*i + 0),
"{0}[{1}:{1}]".format(p, 4*i + 3),
"{0}[{1}:{1}]".format(p, 4*i + 2),
"{0}[{1}:{1}]".format(p, 4*i + 1),
"{0}[{1}:{1}]".format(p, 4*i + 0),
"{0}[{1}:{1}]".format(w, 4*i + 3),
"{0}[{1}:{1}]".format(w, 4*i + 2),
"{0}[{1}:{1}]".format(w, 4*i + 1),
"{0}[{1}:{1}]".format(w, 4*i + 0)]
command += stpcommands.add4bitSbox(present_sbox, variables)
stp_file.write(command)
return
def setupCraftRound(self, stp_file, x_in, y, z, x_out, w, wordsize):
"""
Model for single tweak differential behaviour of CRAFT
"""
command = ""
"""
MixColumn
note that in CVC language when you use x[i:j], i must always be equal or greater than j
I' = MC(I)
I[i, j] = I[4*i + j]
I[0] = nibble 0
I[15] = nibble 15
I'[j] = I[j] xor I[j + 8] xor I[12 + j] for j = [0, 3]
I'[4 + j] = I[4 + j] xor I[12 + j] for j = [0, 3]
I'[8 + j] = I[8 + j] for j = [0, 7]
I[j] = xr[4*j + 3:4*j]
I'[j] = yr[4*j + 3:4j]
"""
for j in range(4):
command += "ASSERT(" + y + "[%d:%d]" % (4*j + 3, 4*j) + " = "
command += "BVXOR("
command += "BVXOR(" + x_in + "[%d:%d]" % (4*(8 + j) + 3, 4*(8 + j)) +\
"," + x_in + "[%d:%d]" % (4*(12 + j) + 3, 4*(12 + j)) + "),"
command += x_in + "[%d:%d]" % (4*j + 3, 4*j) + "));\n"
command += "ASSERT(" + y + \
"[%d:%d]" % (4*(4 + j) + 3, 4*(4 + j)) + " = "
command += "BVXOR(" + x_in + "[%d:%d]" % (4*(4 + j) + 3, 4*(4 + j)) +\
"," + x_in + "[%d:%d]" % (4*(12 + j) + 3, 4*(12 + j)) + "));\n"
command += "ASSERT(" + y + "[63:32]" + \
" = " + x_in + "[63:32]" + ");\n"
# PermuteNibbles Layer
# zr = PermuteNibbles(xr)
# zr[i] = xr[PN[i]]
for i in range(16):
command += "ASSERT(" + z + "[%d:%d]" % (4*i + 3, 4*i) + \
" = " + y + "[%d:%d]" % (4*self.PN[i] + 3,
4*self.PN[i]) + ");\n"
# Sbox layer
for i in range(16):
variables = ["{0}[{1}:{1}]".format(z, 4*i + 3),
"{0}[{1}:{1}]".format(z, 4*i + 2),
"{0}[{1}:{1}]".format(z, 4*i + 1),
"{0}[{1}:{1}]".format(z, 4*i + 0),
"{0}[{1}:{1}]".format(x_out, 4*i + 3),
"{0}[{1}:{1}]".format(x_out, 4*i + 2),
"{0}[{1}:{1}]".format(x_out, 4*i + 1),
"{0}[{1}:{1}]".format(x_out, 4*i + 0),
"{0}[{1}:{1}]".format(w, 4*i + 3),
"{0}[{1}:{1}]".format(w, 4*i + 2),
"{0}[{1}:{1}]".format(w, 4*i + 1),
"{0}[{1}:{1}]".format(w, 4*i + 0)]
# print(variables)
command += stpcommands.add4bitSbox(self.craft_sbox, variables)
stp_file.write(command)
return
def setupCraftRound(self, stp_file, x_in, y, z, x_out, w, wordsize):
"""
Model for single tweak differential behaviour of CRAFT
"""
command = ""
"""
MixColumn
note that in CVC language when you use x[i:j], i must always be equal or greater than j
I' = MC(I)
I[i, j] = I[4*i + j]
I[0] = nibble 0
I[15] = nibble 15
I'[j] = I[j] xor I[j + 8] xor I[12 + j] for j = [0, 3]
I'[4 + j] = I[4 + j] xor I[12 + j] for j = [0, 3]
I'[8 + j] = I[8 + j] for j = [0, 7]
I[j] = xr[4*j + 3:4*j]
I'[j] = yr[4*j + 3:4j]
"""
for j in range(4):
command += "ASSERT(" + y + "[%d:%d]" % (4 * j + 3, 4 * j) + " = "
command += "BVXOR("
command += "BVXOR(" + x_in + "[%d:%d]" % (4*(8 + j) + 3, 4*(8 + j)) +\
"," + x_in + "[%d:%d]" % (4*(12 + j) + 3, 4*(12 + j)) + "),"
command += x_in + "[%d:%d]" % (4 * j + 3, 4 * j) + "));\n"
command += "ASSERT(" + y + \
"[%d:%d]" % (4*(4 + j) + 3, 4*(4 + j)) + " = "
command += "BVXOR(" + x_in + "[%d:%d]" % (4*(4 + j) + 3, 4*(4 + j)) +\
"," + x_in + "[%d:%d]" % (4*(12 + j) + 3, 4*(12 + j)) + "));\n"
command += "ASSERT(" + y + "[63:32]" + \
" = " + x_in + "[63:32]" + ");\n"
# PermuteNibbles Layer
# zr = PermuteNibbles(xr)
# zr[i] = xr[PN[i]]
for i in range(16):
command += "ASSERT(" + z + "[%d:%d]" % (4*i + 3, 4*i) + \
" = " + y + "[%d:%d]" % (4*self.PN[i] + 3,
4*self.PN[i]) + ");\n"
# Sbox layer
for i in range(16):
variables = [
"{0}[{1}:{1}]".format(z, 4 * i + 3), "{0}[{1}:{1}]".format(
z, 4 * i + 2), "{0}[{1}:{1}]".format(z, 4 * i + 1),
"{0}[{1}:{1}]".format(z, 4 * i + 0), "{0}[{1}:{1}]".format(
x_out, 4 * i + 3), "{0}[{1}:{1}]".format(x_out, 4 * i + 2),
"{0}[{1}:{1}]".format(x_out, 4 * i + 1), "{0}[{1}:{1}]".format(
x_out, 4 * i + 0), "{0}[{1}:{1}]".format(w, 4 * i + 3),
"{0}[{1}:{1}]".format(w, 4 * i + 2),
"{0}[{1}:{1}]".format(w, 4 * i + 1),
"{0}[{1}:{1}]".format(w, 4 * i + 0)
]
# print(variables)
command += stpcommands.add4bitSbox(self.craft_sbox, variables)
stp_file.write(command)
return
def setupSkinnyRound(self, stp_file, sc_in, sr, mc, sc_out, w, blocksize):
"""
Model for differential behaviour of one round Skinny
"""
command = ""
# SubBytes
skinny_sbox = [0xc, 0x6, 0x9, 0x0, 0x1, 0xa, 0x2, 0xb,
0x3, 0x8, 0x5, 0xd, 0x4, 0xe, 0x7, 0xf]
for i in range(16):
variables = ["{0}[{1}:{1}]".format(sc_in, 4*i + 3),
"{0}[{1}:{1}]".format(sc_in, 4*i + 2),
"{0}[{1}:{1}]".format(sc_in, 4*i + 1),
"{0}[{1}:{1}]".format(sc_in, 4*i + 0),
"{0}[{1}:{1}]".format(sr, 4*i + 3),
"{0}[{1}:{1}]".format(sr, 4*i + 2),
"{0}[{1}:{1}]".format(sr, 4*i + 1),
"{0}[{1}:{1}]".format(sr, 4*i + 0),
"{0}[{1}:{1}]".format(w, 4*i + 3),
"{0}[{1}:{1}]".format(w, 4*i + 2),
"{0}[{1}:{1}]".format(w, 4*i + 1),
"{0}[{1}:{1}]".format(w, 4*i + 0)]
command += stpcommands.add4bitSbox(skinny_sbox, variables)
# ShiftRows
command += "ASSERT({0}[15:0] = {1}[15:0]);\n".format(sr, mc)
command += "ASSERT({0}[31:20] = {1}[27:16]);\n".format(sr, mc)
command += "ASSERT({0}[19:16] = {1}[31:28]);\n".format(sr, mc)
command += "ASSERT({0}[39:32] = {1}[47:40]);\n".format(sr, mc)
command += "ASSERT({0}[47:40] = {1}[39:32]);\n".format(sr, mc)
command += "ASSERT({0}[63:60] = {1}[51:48]);\n".format(sr, mc)
command += "ASSERT({0}[59:48] = {1}[63:52]);\n".format(sr, mc)
# MixColumns
command += "ASSERT("
command += "{0}[15:0] = {1}[31:16]".format(mc, sc_out);
command += ");\n"
command += "ASSERT("
command += "BVXOR({0}[31:16], {0}[47:32]) = {1}[47:32]".format(mc, sc_out);
command += ");\n"
command += "ASSERT("
command += "BVXOR({0}[47:32], {0}[15:0]) = {1}[63:48]".format(mc, sc_out);
command += ");\n"
command += "ASSERT("
command += "BVXOR({0}[63:48], {1}[63:48]) = {1}[15:0]".format(mc, sc_out);
command += ");\n"
stp_file.write(command)
return
def setupSkinnyRound(self, stp_file, sc_in, sr, mc, sc_out, w, blocksize):
"""
Model for differential behaviour of one round Skinny
"""
command = ""
# SubBytes
skinny_sbox = [0xc, 0x6, 0x9, 0x0, 0x1, 0xa, 0x2, 0xb,
0x3, 0x8, 0x5, 0xd, 0x4, 0xe, 0x7, 0xf]
for i in range(16):
variables = ["{0}[{1}:{1}]".format(sc_in, 4*i + 3),
"{0}[{1}:{1}]".format(sc_in, 4*i + 2),
"{0}[{1}:{1}]".format(sc_in, 4*i + 1),
"{0}[{1}:{1}]".format(sc_in, 4*i + 0),
"{0}[{1}:{1}]".format(sr, 4*i + 3),
"{0}[{1}:{1}]".format(sr, 4*i + 2),
"{0}[{1}:{1}]".format(sr, 4*i + 1),
"{0}[{1}:{1}]".format(sr, 4*i + 0),
"{0}[{1}:{1}]".format(w, 4*i + 3),
"{0}[{1}:{1}]".format(w, 4*i + 2),
"{0}[{1}:{1}]".format(w, 4*i + 1),
"{0}[{1}:{1}]".format(w, 4*i + 0)]
command += stpcommands.add4bitSbox(skinny_sbox, variables)
# ShiftRows
command += "ASSERT({0}[15:0] = {1}[15:0]);\n".format(sr, mc)
command += "ASSERT({0}[31:20] = {1}[27:16]);\n".format(sr, mc)
command += "ASSERT({0}[19:16] = {1}[31:28]);\n".format(sr, mc)
command += "ASSERT({0}[39:32] = {1}[47:40]);\n".format(sr, mc)
command += "ASSERT({0}[47:40] = {1}[39:32]);\n".format(sr, mc)
command += "ASSERT({0}[63:60] = {1}[51:48]);\n".format(sr, mc)
command += "ASSERT({0}[59:48] = {1}[63:52]);\n".format(sr, mc)
# MixColumns
command += "ASSERT("
command += "{0}[15:0] = {1}[31:16]".format(mc, sc_out);
command += ");\n"
command += "ASSERT("
command += "BVXOR({0}[31:16], {0}[47:32]) = {1}[47:32]".format(mc, sc_out);
command += ");\n"
command += "ASSERT("
command += "BVXOR({0}[47:32], {0}[15:0]) = {1}[63:48]".format(mc, sc_out);
command += ");\n"
command += "ASSERT("
command += "BVXOR({0}[63:48], {1}[63:48]) = {1}[15:0]".format(mc, sc_out);
command += ");\n"
stp_file.write(command)
return
def setupRectangleRound(self, stp_file, sc_in, sr, sc_out, w, blocksize):
"""
Model for differential behaviour of one round Rectangle
"""
command = ""
#SubColumn
rectangle_sbox = [
0x6, 0x5, 0xC, 0xA, 0x1, 0xE, 0x7, 0x9, 0xB, 0x0, 0x3, 0xD, 0x8,
0xF, 0x4, 0x2
]
for i in range(16):
variables = [
"{0}[{1}:{1}]".format(sc_in, i + 48), "{0}[{1}:{1}]".format(
sc_in, i + 32), "{0}[{1}:{1}]".format(sc_in, i + 16),
"{0}[{1}:{1}]".format(sc_in, i + 0), "{0}[{1}:{1}]".format(
sr, i + 48), "{0}[{1}:{1}]".format(sr, i + 32),
"{0}[{1}:{1}]".format(sr, i + 16),
"{0}[{1}:{1}]".format(sr,
i + 0), "{0}[{1}:{1}]".format(w, i + 48),
"{0}[{1}:{1}]".format(w, i + 32),
"{0}[{1}:{1}]".format(w,
i + 16), "{0}[{1}:{1}]".format(w, i + 0)
]
command += stpcommands.add4bitSbox(rectangle_sbox, variables)
#ShiftRows
# row 0 <<< 0
command += "ASSERT({0}[15:0] = {1}[15:0]);\n".format(sr, sc_out)
# row 1 <<< 1
command += "ASSERT({0}[30:16] = {1}[31:17]);\n".format(sr, sc_out)
command += "ASSERT({0}[31:31] = {1}[16:16]);\n".format(sr, sc_out)
# row 2 <<< 12
command += "ASSERT({0}[47:36] = {1}[43:32]);\n".format(sr, sc_out)
command += "ASSERT({0}[35:32] = {1}[47:44]);\n".format(sr, sc_out)
# row 3 <<< 13
command += "ASSERT({0}[50:48] = {1}[63:61]);\n".format(sr, sc_out)
command += "ASSERT({0}[63:51] = {1}[60:48]);\n".format(sr, sc_out)
stp_file.write(command)
return
def setupGiftRound(self, stp_file, s_in, p, s_out, w, wordsize):
"""
Model for differential behaviour of one round GIFT
"""
command = ""
#Permutation Layer
if wordsize == 64:
command += "ASSERT({0}[0:0] = {1}[0:0]);\n".format(s_out, p) #0
command += "ASSERT({0}[17:17] = {1}[1:1]);\n".format(s_out, p) #1
command += "ASSERT({0}[34:34] = {1}[2:2]);\n".format(s_out, p) #2
command += "ASSERT({0}[51:51] = {1}[3:3]);\n".format(s_out, p) #3
command += "ASSERT({0}[48:48] = {1}[4:4]);\n".format(s_out, p) #4
command += "ASSERT({0}[1:1] = {1}[5:5]);\n".format(s_out, p) #5
command += "ASSERT({0}[18:18] = {1}[6:6]);\n".format(s_out, p) #6
command += "ASSERT({0}[35:35] = {1}[7:7]);\n".format(s_out, p) #7
command += "ASSERT({0}[32:32] = {1}[8:8]);\n".format(s_out, p) #8
command += "ASSERT({0}[49:49] = {1}[9:9]);\n".format(s_out, p) #9
command += "ASSERT({0}[2:2] = {1}[10:10]);\n".format(s_out, p) #10
command += "ASSERT({0}[19:19] = {1}[11:11]);\n".format(s_out,
p) #11
command += "ASSERT({0}[16:16] = {1}[12:12]);\n".format(s_out,
p) #12
command += "ASSERT({0}[33:33] = {1}[13:13]);\n".format(s_out,
p) #13
command += "ASSERT({0}[50:50] = {1}[14:14]);\n".format(s_out,
p) #14
command += "ASSERT({0}[3:3] = {1}[15:15]);\n".format(s_out, p) #15
command += "ASSERT({0}[4:4] = {1}[16:16]);\n".format(s_out, p) #16
command += "ASSERT({0}[21:21] = {1}[17:17]);\n".format(s_out,
p) #17
command += "ASSERT({0}[38:38] = {1}[18:18]);\n".format(s_out,
p) #18
command += "ASSERT({0}[55:55] = {1}[19:19]);\n".format(s_out,
p) #19
command += "ASSERT({0}[52:52] = {1}[20:20]);\n".format(s_out,
p) #20
command += "ASSERT({0}[5:5] = {1}[21:21]);\n".format(s_out, p) #21
command += "ASSERT({0}[22:22] = {1}[22:22]);\n".format(s_out,
p) #22
command += "ASSERT({0}[39:39] = {1}[23:23]);\n".format(s_out,
p) #23
command += "ASSERT({0}[36:36] = {1}[24:24]);\n".format(s_out,
p) #24
command += "ASSERT({0}[53:53] = {1}[25:25]);\n".format(s_out,
p) #25
command += "ASSERT({0}[6:6] = {1}[26:26]);\n".format(s_out, p) #26
command += "ASSERT({0}[23:23] = {1}[27:27]);\n".format(s_out,
p) #27
command += "ASSERT({0}[20:20] = {1}[28:28]);\n".format(s_out,
p) #28
command += "ASSERT({0}[37:37] = {1}[29:29]);\n".format(s_out,
p) #29
command += "ASSERT({0}[54:54] = {1}[30:30]);\n".format(s_out,
p) #30
command += "ASSERT({0}[7:7] = {1}[31:31]);\n".format(s_out, p) #31
command += "ASSERT({0}[8:8] = {1}[32:32]);\n".format(s_out, p) #32
command += "ASSERT({0}[25:25] = {1}[33:33]);\n".format(s_out,
p) #33
command += "ASSERT({0}[42:42] = {1}[34:34]);\n".format(s_out,
p) #34
command += "ASSERT({0}[59:59] = {1}[35:35]);\n".format(s_out,
p) #35
command += "ASSERT({0}[56:56] = {1}[36:36]);\n".format(s_out,
p) #36
command += "ASSERT({0}[9:9] = {1}[37:37]);\n".format(s_out, p) #37
command += "ASSERT({0}[26:26] = {1}[38:38]);\n".format(s_out,
p) #38
command += "ASSERT({0}[43:43] = {1}[39:39]);\n".format(s_out,
p) #39
command += "ASSERT({0}[40:40] = {1}[40:40]);\n".format(s_out,
p) #40
command += "ASSERT({0}[57:57] = {1}[41:41]);\n".format(s_out,
p) #41
command += "ASSERT({0}[10:10] = {1}[42:42]);\n".format(s_out,
p) #42
command += "ASSERT({0}[27:27] = {1}[43:43]);\n".format(s_out,
p) #43
command += "ASSERT({0}[24:24] = {1}[44:44]);\n".format(s_out,
p) #44
command += "ASSERT({0}[41:41] = {1}[45:45]);\n".format(s_out,
p) #45
command += "ASSERT({0}[58:58] = {1}[46:46]);\n".format(s_out,
p) #46
command += "ASSERT({0}[11:11] = {1}[47:47]);\n".format(s_out,
p) #47
command += "ASSERT({0}[12:12] = {1}[48:48]);\n".format(s_out,
p) #48
command += "ASSERT({0}[29:29] = {1}[49:49]);\n".format(s_out,
p) #49
command += "ASSERT({0}[46:46] = {1}[50:50]);\n".format(s_out,
p) #50
command += "ASSERT({0}[63:63] = {1}[51:51]);\n".format(s_out,
p) #51
command += "ASSERT({0}[60:60] = {1}[52:52]);\n".format(s_out,
p) #52
command += "ASSERT({0}[13:13] = {1}[53:53]);\n".format(s_out,
p) #53
command += "ASSERT({0}[30:30] = {1}[54:54]);\n".format(s_out,
p) #54
command += "ASSERT({0}[47:47] = {1}[55:55]);\n".format(s_out,
p) #55
command += "ASSERT({0}[44:44] = {1}[56:56]);\n".format(s_out,
p) #56
command += "ASSERT({0}[61:61] = {1}[57:57]);\n".format(s_out,
p) #57
command += "ASSERT({0}[14:14] = {1}[58:58]);\n".format(s_out,
p) #58
command += "ASSERT({0}[31:31] = {1}[59:59]);\n".format(s_out,
p) #59
command += "ASSERT({0}[28:28] = {1}[60:60]);\n".format(s_out,
p) #60
command += "ASSERT({0}[45:45] = {1}[61:61]);\n".format(s_out,
p) #61
command += "ASSERT({0}[62:62] = {1}[62:62]);\n".format(s_out,
p) #62
command += "ASSERT({0}[15:15] = {1}[63:63]);\n".format(s_out,
p) #63
elif wordsize == 128:
command += "ASSERT({0}[0:0] = {1}[0:0]);\n".format(s_out, p) #0
command += "ASSERT({0}[33:33] = {1}[1:1]);\n".format(s_out, p) #1
command += "ASSERT({0}[66:66] = {1}[2:2]);\n".format(s_out, p) #2
command += "ASSERT({0}[99:99] = {1}[3:3]);\n".format(s_out, p) #3
command += "ASSERT({0}[96:96] = {1}[4:4]);\n".format(s_out, p) #4
command += "ASSERT({0}[1:1] = {1}[5:5]);\n".format(s_out, p) #5
command += "ASSERT({0}[34:34] = {1}[6:6]);\n".format(s_out, p) #6
command += "ASSERT({0}[67:67] = {1}[7:7]);\n".format(s_out, p) #7
command += "ASSERT({0}[64:64] = {1}[8:8]);\n".format(s_out, p) #8
command += "ASSERT({0}[97:97] = {1}[9:9]);\n".format(s_out, p) #9
command += "ASSERT({0}[2:2] = {1}[10:10]);\n".format(s_out, p) #10
command += "ASSERT({0}[35:35] = {1}[11:11]);\n".format(s_out,
p) #11
command += "ASSERT({0}[32:32] = {1}[12:12]);\n".format(s_out,
p) #12
command += "ASSERT({0}[65:65] = {1}[13:13]);\n".format(s_out,
p) #13
command += "ASSERT({0}[98:98] = {1}[14:14]);\n".format(s_out,
p) #14
command += "ASSERT({0}[3:3] = {1}[15:15]);\n".format(s_out, p) #15
command += "ASSERT({0}[4:4] = {1}[16:16]);\n".format(s_out, p) #16
command += "ASSERT({0}[37:37] = {1}[17:17]);\n".format(s_out,
p) #17
command += "ASSERT({0}[70:70] = {1}[18:18]);\n".format(s_out,
p) #18
command += "ASSERT({0}[103:103] = {1}[19:19]);\n".format(s_out,
p) #19
command += "ASSERT({0}[100:100] = {1}[20:20]);\n".format(s_out,
p) #20
command += "ASSERT({0}[5:5] = {1}[21:21]);\n".format(s_out, p) #21
command += "ASSERT({0}[38:38] = {1}[22:22]);\n".format(s_out,
p) #22
command += "ASSERT({0}[71:71] = {1}[23:23]);\n".format(s_out,
p) #23
command += "ASSERT({0}[68:68] = {1}[24:24]);\n".format(s_out,
p) #24
command += "ASSERT({0}[101:101] = {1}[25:25]);\n".format(s_out,
p) #25
command += "ASSERT({0}[6:6] = {1}[26:26]);\n".format(s_out, p) #26
command += "ASSERT({0}[39:39] = {1}[27:27]);\n".format(s_out,
p) #27
command += "ASSERT({0}[36:36] = {1}[28:28]);\n".format(s_out,
p) #28
command += "ASSERT({0}[69:69] = {1}[29:29]);\n".format(s_out,
p) #29
command += "ASSERT({0}[102:102] = {1}[30:30]);\n".format(s_out,
p) #30
command += "ASSERT({0}[7:7] = {1}[31:31]);\n".format(s_out, p) #31
command += "ASSERT({0}[8:8] = {1}[32:32]);\n".format(s_out, p) #32
command += "ASSERT({0}[41:41] = {1}[33:33]);\n".format(s_out,
p) #33
command += "ASSERT({0}[74:74] = {1}[34:34]);\n".format(s_out,
p) #34
command += "ASSERT({0}[107:107] = {1}[35:35]);\n".format(s_out,
p) #35
command += "ASSERT({0}[104:104] = {1}[36:36]);\n".format(s_out,
p) #36
command += "ASSERT({0}[9:9] = {1}[37:37]);\n".format(s_out, p) #37
command += "ASSERT({0}[42:42] = {1}[38:38]);\n".format(s_out,
p) #38
command += "ASSERT({0}[75:75] = {1}[39:39]);\n".format(s_out,
p) #39
command += "ASSERT({0}[72:72] = {1}[40:40]);\n".format(s_out,
p) #40
command += "ASSERT({0}[105:105] = {1}[41:41]);\n".format(s_out,
p) #41
command += "ASSERT({0}[10:10] = {1}[42:42]);\n".format(s_out,
p) #42
command += "ASSERT({0}[43:43] = {1}[43:43]);\n".format(s_out,
p) #43
command += "ASSERT({0}[40:40] = {1}[44:44]);\n".format(s_out,
p) #44
command += "ASSERT({0}[73:73] = {1}[45:45]);\n".format(s_out,
p) #45
command += "ASSERT({0}[106:106] = {1}[46:46]);\n".format(s_out,
p) #46
command += "ASSERT({0}[11:11] = {1}[47:47]);\n".format(s_out,
p) #47
command += "ASSERT({0}[12:12] = {1}[48:48]);\n".format(s_out,
p) #48
command += "ASSERT({0}[45:45] = {1}[49:49]);\n".format(s_out,
p) #49
command += "ASSERT({0}[78:78] = {1}[50:50]);\n".format(s_out,
p) #50
command += "ASSERT({0}[111:111] = {1}[51:51]);\n".format(s_out,
p) #51
command += "ASSERT({0}[108:108] = {1}[52:52]);\n".format(s_out,
p) #52
command += "ASSERT({0}[13:13] = {1}[53:53]);\n".format(s_out,
p) #53
command += "ASSERT({0}[46:46] = {1}[54:54]);\n".format(s_out,
p) #54
command += "ASSERT({0}[79:79] = {1}[55:55]);\n".format(s_out,
p) #55
command += "ASSERT({0}[76:76] = {1}[56:56]);\n".format(s_out,
p) #56
command += "ASSERT({0}[109:109] = {1}[57:57]);\n".format(s_out,
p) #57
command += "ASSERT({0}[14:14] = {1}[58:58]);\n".format(s_out,
p) #58
command += "ASSERT({0}[47:47] = {1}[59:59]);\n".format(s_out,
p) #59
command += "ASSERT({0}[44:44] = {1}[60:60]);\n".format(s_out,
p) #60
command += "ASSERT({0}[77:77] = {1}[61:61]);\n".format(s_out,
p) #61
command += "ASSERT({0}[110:110] = {1}[62:62]);\n".format(s_out,
p) #62
command += "ASSERT({0}[15:15] = {1}[63:63]);\n".format(s_out,
p) #63
command += "ASSERT({0}[16:16] = {1}[64:64]);\n".format(s_out,
p) #64
command += "ASSERT({0}[49:49] = {1}[65:65]);\n".format(s_out,
p) #65
command += "ASSERT({0}[82:82] = {1}[66:66]);\n".format(s_out,
p) #66
command += "ASSERT({0}[115:115] = {1}[67:67]);\n".format(s_out,
p) #67
command += "ASSERT({0}[112:112] = {1}[68:68]);\n".format(s_out,
p) #68
command += "ASSERT({0}[17:17] = {1}[69:69]);\n".format(s_out,
p) #69
command += "ASSERT({0}[50:50] = {1}[70:70]);\n".format(s_out,
p) #70
command += "ASSERT({0}[83:83] = {1}[71:71]);\n".format(s_out,
p) #71
command += "ASSERT({0}[80:80] = {1}[72:72]);\n".format(s_out,
p) #72
command += "ASSERT({0}[113:113] = {1}[73:73]);\n".format(s_out,
p) #73
command += "ASSERT({0}[18:18] = {1}[74:74]);\n".format(s_out,
p) #74
command += "ASSERT({0}[51:51] = {1}[75:75]);\n".format(s_out,
p) #75
command += "ASSERT({0}[48:48] = {1}[76:76]);\n".format(s_out,
p) #76
command += "ASSERT({0}[81:81] = {1}[77:77]);\n".format(s_out,
p) #77
command += "ASSERT({0}[114:114] = {1}[78:78]);\n".format(s_out,
p) #78
command += "ASSERT({0}[19:19] = {1}[79:79]);\n".format(s_out,
p) #79
command += "ASSERT({0}[20:20] = {1}[80:80]);\n".format(s_out,
p) #80
command += "ASSERT({0}[53:53] = {1}[81:81]);\n".format(s_out,
p) #81
command += "ASSERT({0}[86:86] = {1}[82:82]);\n".format(s_out,
p) #82
command += "ASSERT({0}[119:119] = {1}[83:83]);\n".format(s_out,
p) #83
command += "ASSERT({0}[116:116] = {1}[84:84]);\n".format(s_out,
p) #84
command += "ASSERT({0}[21:21] = {1}[85:85]);\n".format(s_out,
p) #85
command += "ASSERT({0}[54:54] = {1}[86:86]);\n".format(s_out,
p) #86
command += "ASSERT({0}[87:87] = {1}[87:87]);\n".format(s_out,
p) #87
command += "ASSERT({0}[84:84] = {1}[88:88]);\n".format(s_out,
p) #88
command += "ASSERT({0}[117:117] = {1}[89:89]);\n".format(s_out,
p) #89
command += "ASSERT({0}[22:22] = {1}[90:90]);\n".format(s_out,
p) #90
command += "ASSERT({0}[55:55] = {1}[91:91]);\n".format(s_out,
p) #91
command += "ASSERT({0}[52:52] = {1}[92:92]);\n".format(s_out,
p) #92
command += "ASSERT({0}[85:85] = {1}[93:93]);\n".format(s_out,
p) #93
command += "ASSERT({0}[118:118] = {1}[94:94]);\n".format(s_out,
p) #94
command += "ASSERT({0}[23:23] = {1}[95:95]);\n".format(s_out,
p) #95
command += "ASSERT({0}[24:24] = {1}[96:96]);\n".format(s_out,
p) #96
command += "ASSERT({0}[57:57] = {1}[97:97]);\n".format(s_out,
p) #97
command += "ASSERT({0}[90:90] = {1}[98:98]);\n".format(s_out,
p) #98
command += "ASSERT({0}[123:123] = {1}[99:99]);\n".format(s_out,
p) #99
command += "ASSERT({0}[120:120] = {1}[100:100]);\n".format(
s_out, p) #100
command += "ASSERT({0}[25:25] = {1}[101:101]);\n".format(s_out,
p) #101
command += "ASSERT({0}[58:58] = {1}[102:102]);\n".format(s_out,
p) #102
command += "ASSERT({0}[91:91] = {1}[103:103]);\n".format(s_out,
p) #103
command += "ASSERT({0}[88:88] = {1}[104:104]);\n".format(s_out,
p) #104
command += "ASSERT({0}[121:121] = {1}[105:105]);\n".format(
s_out, p) #105
command += "ASSERT({0}[26:26] = {1}[106:106]);\n".format(s_out,
p) #106
command += "ASSERT({0}[59:59] = {1}[107:107]);\n".format(s_out,
p) #107
command += "ASSERT({0}[56:56] = {1}[108:108]);\n".format(s_out,
p) #108
command += "ASSERT({0}[89:89] = {1}[109:109]);\n".format(s_out,
p) #109
command += "ASSERT({0}[122:122] = {1}[110:110]);\n".format(
s_out, p) #110
command += "ASSERT({0}[27:27] = {1}[111:111]);\n".format(s_out,
p) #111
command += "ASSERT({0}[28:28] = {1}[112:112]);\n".format(s_out,
p) #112
command += "ASSERT({0}[61:61] = {1}[113:113]);\n".format(s_out,
p) #113
command += "ASSERT({0}[94:94] = {1}[114:114]);\n".format(s_out,
p) #114
command += "ASSERT({0}[127:127] = {1}[115:115]);\n".format(
s_out, p) #115
command += "ASSERT({0}[124:124] = {1}[116:116]);\n".format(
s_out, p) #116
command += "ASSERT({0}[29:29] = {1}[117:117]);\n".format(s_out,
p) #117
command += "ASSERT({0}[62:62] = {1}[118:118]);\n".format(s_out,
p) #118
command += "ASSERT({0}[95:95] = {1}[119:119]);\n".format(s_out,
p) #119
command += "ASSERT({0}[92:92] = {1}[120:120]);\n".format(s_out,
p) #120
command += "ASSERT({0}[125:125] = {1}[121:121]);\n".format(
s_out, p) #121
command += "ASSERT({0}[30:30] = {1}[122:122]);\n".format(s_out,
p) #122
command += "ASSERT({0}[63:63] = {1}[123:123]);\n".format(s_out,
p) #123
command += "ASSERT({0}[60:60] = {1}[124:124]);\n".format(s_out,
p) #124
command += "ASSERT({0}[93:93] = {1}[125:125]);\n".format(s_out,
p) #125
command += "ASSERT({0}[126:126] = {1}[126:126]);\n".format(
s_out, p) #126
command += "ASSERT({0}[31:31] = {1}[127:127]);\n".format(s_out,
p) #127
else:
print("Only wordsize 64/128 bit supported!")
exit(1)
# Substitution Layer
gift_sbox = [
0x1, 0xa, 0x4, 0xc, 0x6, 0xf, 0x3, 0x9, 0x2, 0xd, 0xb, 0x7, 0x5,
0x0, 0x8, 0xe
]
nrOfSboxes = 0
if wordsize == 64:
nrOfSboxes = 16
elif wordsize == 128:
nrOfSboxes = 32
else:
print("Only wordsize 64/128 bit supported!")
exit(1)
for i in range(nrOfSboxes):
variables = [
"{0}[{1}:{1}]".format(s_in, 4 * i + 3), "{0}[{1}:{1}]".format(
s_in, 4 * i + 2), "{0}[{1}:{1}]".format(s_in, 4 * i + 1),
"{0}[{1}:{1}]".format(s_in, 4 * i + 0), "{0}[{1}:{1}]".format(
p, 4 * i + 3), "{0}[{1}:{1}]".format(p, 4 * i + 2),
"{0}[{1}:{1}]".format(p, 4 * i + 1), "{0}[{1}:{1}]".format(
p, 4 * i + 0), "{0}[{1}:{1}]".format(w, 4 * i + 3),
"{0}[{1}:{1}]".format(w, 4 * i + 2),
"{0}[{1}:{1}]".format(w, 4 * i + 1),
"{0}[{1}:{1}]".format(w, 4 * i + 0)
]
command += stpcommands.add4bitSbox(gift_sbox, variables)
stp_file.write(command)
return
def setupSkinnyRound(self,
stp_file,
sc_in,
atk,
sr,
mc,
sc_out,
w,
blocksize,
nrOfTK,
tk1=None,
tk2=None,
tk3=None):
"""
Model for differential behaviour of one round Skinny
"""
command = ""
#Add S-box transitions
#for i in range(16):
# command += self.addSbox(sc_in, sr, 4*i)
#AddRoundTweakey
#add round tweakeys to first two rows of the state
if nrOfTK == 1:
tk = tk1
elif nrOfTK == 2:
tk = "BVXOR({}[31:0], {}[31:0])".format(tk1, tk2)
elif nrOfTK == 3:
tk = "BVXOR({}[31:0], BVXOR({}[31:0], {}[31:0]))".format(
tk1, tk2, tk3)
command += "ASSERT({}[31:0] = BVXOR({}[31:0], {}));\n".format(
sr, atk, tk)
#ShiftRows
command += "ASSERT({0}[15:0] = {1}[15:0]);\n".format(sr, mc)
command += "ASSERT({0}[31:20] = {1}[27:16]);\n".format(sr, mc)
command += "ASSERT({0}[19:16] = {1}[31:28]);\n".format(sr, mc)
command += "ASSERT({0}[39:32] = {1}[47:40]);\n".format(sr, mc)
command += "ASSERT({0}[47:40] = {1}[39:32]);\n".format(sr, mc)
command += "ASSERT({0}[63:60] = {1}[51:48]);\n".format(sr, mc)
command += "ASSERT({0}[59:48] = {1}[63:52]);\n".format(sr, mc)
#MixColumns
command += "ASSERT("
command += "{0}[15:0] = {1}[31:16]".format(mc, sc_out)
command += ");\n"
command += "ASSERT("
command += "BVXOR({0}[31:16], {0}[47:32]) = {1}[47:32]".format(
mc, sc_out)
command += ");\n"
command += "ASSERT("
command += "BVXOR({0}[47:32], {0}[15:0]) = {1}[63:48]".format(
mc, sc_out)
command += ");\n"
command += "ASSERT("
command += "BVXOR({0}[63:48], {1}[63:48]) = {1}[15:0]".format(
mc, sc_out)
command += ");\n"
# TODO: correctly compute weight
# For now just take the Hamming weight
skinny_sbox = [
0xc, 6, 9, 0, 1, 0xa, 2, 0xb, 3, 8, 5, 0xd, 4, 0xe, 7, 0xf
]
for i in range(16):
variables = [
"{0}[{1}:{1}]".format(sc_in, 4 * i + 3), "{0}[{1}:{1}]".format(
sc_in, 4 * i + 2), "{0}[{1}:{1}]".format(sc_in, 4 * i + 1),
"{0}[{1}:{1}]".format(sc_in, 4 * i + 0), "{0}[{1}:{1}]".format(
atk, 4 * i + 3), "{0}[{1}:{1}]".format(atk, 4 * i + 2),
"{0}[{1}:{1}]".format(atk, 4 * i + 1), "{0}[{1}:{1}]".format(
atk, 4 * i + 0), "{0}[{1}:{1}]".format(w, 4 * i + 3),
"{0}[{1}:{1}]".format(w, 4 * i + 2),
"{0}[{1}:{1}]".format(w, 4 * i + 1),
"{0}[{1}:{1}]".format(w, 4 * i + 0)
]
command += stpcommands.add4bitSbox(skinny_sbox, variables)
stp_file.write(command)
return
def setupTwineRound(self, stp_file, x_in, s, p, x_out, w, wordsize):
"""
Model for differential behaviour of one round TWINE
"""
command = ""
# Substitution Layer
twine_sbox = [
0xC, 0, 0xF, 0xA, 2, 0xB, 9, 5, 8, 3, 0xD, 7, 1, 0xE, 6, 4
]
for i in range(8):
variables = [
"{0}[{1}:{1}]".format(x_in, 8 * i + 3), "{0}[{1}:{1}]".format(
x_in, 8 * i + 2), "{0}[{1}:{1}]".format(x_in, 8 * i + 1),
"{0}[{1}:{1}]".format(x_in, 8 * i + 0), "{0}[{1}:{1}]".format(
s, 4 * i + 3), "{0}[{1}:{1}]".format(s, 4 * i + 2),
"{0}[{1}:{1}]".format(s, 4 * i + 1), "{0}[{1}:{1}]".format(
s, 4 * i + 0), "{0}[{1}:{1}]".format(w, 4 * i + 3),
"{0}[{1}:{1}]".format(w, 4 * i + 2),
"{0}[{1}:{1}]".format(w, 4 * i + 1),
"{0}[{1}:{1}]".format(w, 4 * i + 0)
]
command += stpcommands.add4bitSbox(twine_sbox, variables)
#Feistel structure
command += "ASSERT({0}[3:0] = {1}[3:0]);\n".format(x_in, p)
command += "ASSERT({0}[11:8] = {1}[11:8]);\n".format(x_in, p)
command += "ASSERT({0}[19:16] = {1}[19:16]);\n".format(x_in, p)
command += "ASSERT({0}[27:24] = {1}[27:24]);\n".format(x_in, p)
command += "ASSERT({0}[35:32] = {1}[35:32]);\n".format(x_in, p)
command += "ASSERT({0}[43:40] = {1}[43:40]);\n".format(x_in, p)
command += "ASSERT({0}[51:48] = {1}[51:48]);\n".format(x_in, p)
command += "ASSERT({0}[59:56] = {1}[59:56]);\n".format(x_in, p)
command += "ASSERT({0}[7:4] = BVXOR({1}[7:4],{2}[3:0]));\n".format(
p, x_in, s)
command += "ASSERT({0}[15:12] = BVXOR({1}[15:12],{2}[7:4]));\n".format(
p, x_in, s)
command += "ASSERT({0}[23:20] = BVXOR({1}[23:20],{2}[11:8]));\n".format(
p, x_in, s)
command += "ASSERT({0}[31:28] = BVXOR({1}[31:28],{2}[15:12]));\n".format(
p, x_in, s)
command += "ASSERT({0}[39:36] = BVXOR({1}[39:36],{2}[19:16]));\n".format(
p, x_in, s)
command += "ASSERT({0}[47:44] = BVXOR({1}[47:44],{2}[23:20]));\n".format(
p, x_in, s)
command += "ASSERT({0}[55:52] = BVXOR({1}[55:52],{2}[27:24]));\n".format(
p, x_in, s)
command += "ASSERT({0}[63:60] = BVXOR({1}[63:60],{2}[31:28]));\n".format(
p, x_in, s)
command += "ASSERT(0x00000000 = {0}[63:32]);\n".format(s)
command += "ASSERT(0x00000000 = {0}[63:32]);\n".format(w)
#Permutation Layer
# pi = [5, 0, 1, 4, 7, 0xC, 3, 8, 0xD, 6, 9, 2, 0xF, 0xA, 0xB, 0xE]
# 1 word = 4 bit
command += "ASSERT({0}[3:0] = {1}[23:20]);\n".format(p,
x_out) #0 -> 5
command += "ASSERT({0}[7:4] = {1}[3:0]);\n".format(p, x_out) #1 -> 0
command += "ASSERT({0}[11:8] = {1}[7:4]);\n".format(p, x_out) #2 -> 1
command += "ASSERT({0}[15:12] = {1}[19:16]);\n".format(p,
x_out) #3 -> 4
command += "ASSERT({0}[19:16] = {1}[31:28]);\n".format(p,
x_out) #4 -> 7
command += "ASSERT({0}[23:20] = {1}[51:48]);\n".format(p,
x_out) #5 -> 12
command += "ASSERT({0}[27:24] = {1}[15:12]);\n".format(p,
x_out) #6 -> 3
command += "ASSERT({0}[31:28] = {1}[35:32]);\n".format(p,
x_out) #7 -> 8
command += "ASSERT({0}[35:32] = {1}[55:52]);\n".format(p,
x_out) #8 -> 13
command += "ASSERT({0}[39:36] = {1}[27:24]);\n".format(p,
x_out) #9 -> 6
command += "ASSERT({0}[43:40] = {1}[39:36]);\n".format(p,
x_out) #10 -> 9
command += "ASSERT({0}[47:44] = {1}[11:8]);\n".format(p,
x_out) #11 -> 2
command += "ASSERT({0}[51:48] = {1}[63:60]);\n".format(
p, x_out) #12 -> 15
command += "ASSERT({0}[55:52] = {1}[43:40]);\n".format(
p, x_out) #13 -> 10
command += "ASSERT({0}[59:56] = {1}[47:44]);\n".format(
p, x_out) #14 -> 11
command += "ASSERT({0}[63:60] = {1}[59:56]);\n".format(
p, x_out) #15 -> 14
stp_file.write(command)
return
def setupMidoriRound(self, stp_file, sb_in, sc, mc, sb_out, w, wordsize):
"""
Model for differential behaviour of one round MIDORI
"""
command = ""
#Permutation Layer
#ShuffleCells
# 0 4 8 c 0 e 9 7
# 1 5 9 d a 4 3 d
# 2 6 a e 5 b c 2
# 3 7 b f f 1 6 8
permutation = [
0x0, 0xa, 0x5, 0xf, 0xe, 0x4, 0xb, 0x1, 0x9, 0x3, 0xc, 0x6, 0x7,
0xd, 0x2, 0x8
]
for idx, val in enumerate(permutation):
command += "ASSERT({0}[{1}:{2}] = {3}[{4}:{5}]);\n".format(
sc, 4 * val + 3, 4 * val, mc, 4 * idx + 3, 4 * idx)
#MixColumns
# 0 1 1 1 x0 x1 + x2 + x3
# 1 0 1 1 x1 -> x0 + x2 + x3
# 1 1 0 1 x2 x0 + x1 + x3
# 1 1 1 0 x3 x0 + x1 + x2
for col in range(4):
for bit in range(4):
offset0 = col * 16 + 0 + bit
offset1 = col * 16 + 4 + bit
offset2 = col * 16 + 8 + bit
offset3 = col * 16 + 12 + bit
command += "ASSERT(BVXOR(BVXOR({4}[{1}:{1}], {4}[{2}:{2}]), {4}[{3}:{3}]) \
= {5}[{0}:{0}]);\n".format(
offset0, offset1, offset2, offset3, mc, sb_out)
command += "ASSERT(BVXOR(BVXOR({4}[{0}:{0}], {4}[{2}:{2}]), {4}[{3}:{3}]) \
= {5}[{1}:{1}]);\n".format(
offset0, offset1, offset2, offset3, mc, sb_out)
command += "ASSERT(BVXOR(BVXOR({4}[{0}:{0}], {4}[{1}:{1}]), {4}[{3}:{3}]) \
= {5}[{2}:{2}]);\n".format(
offset0, offset1, offset2, offset3, mc, sb_out)
command += "ASSERT(BVXOR(BVXOR({4}[{0}:{0}], {4}[{1}:{1}]), {4}[{2}:{2}]) \
= {5}[{3}:{3}]);\n".format(
offset0, offset1, offset2, offset3, mc, sb_out)
# Substitution Layer
midori_sbox = [
0xc, 0xa, 0xd, 3, 0xe, 0xb, 0xf, 7, 8, 9, 1, 5, 0, 2, 4, 6
]
for i in range(16):
variables = [
"{0}[{1}:{1}]".format(sb_in, 4 * i + 3), "{0}[{1}:{1}]".format(
sb_in, 4 * i + 2), "{0}[{1}:{1}]".format(sb_in, 4 * i + 1),
"{0}[{1}:{1}]".format(sb_in, 4 * i + 0), "{0}[{1}:{1}]".format(
sc, 4 * i + 3), "{0}[{1}:{1}]".format(sc, 4 * i + 2),
"{0}[{1}:{1}]".format(sc, 4 * i + 1), "{0}[{1}:{1}]".format(
sc, 4 * i + 0), "{0}[{1}:{1}]".format(w, 4 * i + 3),
"{0}[{1}:{1}]".format(w, 4 * i + 2),
"{0}[{1}:{1}]".format(w, 4 * i + 1),
"{0}[{1}:{1}]".format(w, 4 * i + 0)
]
command += stpcommands.add4bitSbox(midori_sbox, variables)
stp_file.write(command)
return
def gamma(self, in0, in1, in2, in3, out0, out1, out2, out3, w):
"""
Model for the Gamma function in NOEKEON - represents the Sbox layer
"""
command = ""
noekeon_sbox = [
7, 0xA, 2, 0xC, 4, 8, 0xF, 0, 5, 9, 1, 0xE, 3, 0xD, 0xB, 6
]
for i in range(32):
variables = [
"{0}[{1}:{1}]".format(in3, i), "{0}[{1}:{1}]".format(in2, i),
"{0}[{1}:{1}]".format(in1, i), "{0}[{1}:{1}]".format(in0, i),
"{0}[{1}:{1}]".format(out3, i), "{0}[{1}:{1}]".format(out2, i),
"{0}[{1}:{1}]".format(out1, i), "{0}[{1}:{1}]".format(out0, i),
"{0}[{1}:{1}]".format(w, 4 * i + 3), "{0}[{1}:{1}]".format(
w, 4 * i + 2), "{0}[{1}:{1}]".format(w, 4 * i + 1),
"{0}[{1}:{1}]".format(w, 4 * i + 0)
]
command += stpcommands.add4bitSbox(noekeon_sbox, variables)
# for i in range(8):
# variables = ["{0}[{1}:{1}]".format(in0, 4*i + 3),
# "{0}[{1}:{1}]".format(in0, 4*i + 2),
# "{0}[{1}:{1}]".format(in0, 4*i + 1),
# "{0}[{1}:{1}]".format(in0, 4*i + 0),
# "{0}[{1}:{1}]".format(out0, 4*i + 3),
# "{0}[{1}:{1}]".format(out0, 4*i + 2),
# "{0}[{1}:{1}]".format(out0, 4*i + 1),
# "{0}[{1}:{1}]".format(out0, 4*i + 0),
# "{0}[{1}:{1}]".format(w, 4*i + 3),
# "{0}[{1}:{1}]".format(w, 4*i + 2),
# "{0}[{1}:{1}]".format(w, 4*i + 1),
# "{0}[{1}:{1}]".format(w, 4*i + 0)]
# command += stpcommands.add4bitSbox(noekeon_sbox, variables)
#
# for i in range(8):
# variables = ["{0}[{1}:{1}]".format(in1, 4*i + 3),
# "{0}[{1}:{1}]".format(in1, 4*i + 2),
# "{0}[{1}:{1}]".format(in1, 4*i + 1),
# "{0}[{1}:{1}]".format(in1, 4*i + 0),
# "{0}[{1}:{1}]".format(out1, 4*i + 3),
# "{0}[{1}:{1}]".format(out1, 4*i + 2),
# "{0}[{1}:{1}]".format(out1, 4*i + 1),
# "{0}[{1}:{1}]".format(out1, 4*i + 0),
# "{0}[{1}:{1}]".format(w, 4*i + 3 + 32),
# "{0}[{1}:{1}]".format(w, 4*i + 2 + 32),
# "{0}[{1}:{1}]".format(w, 4*i + 1 + 32),
# "{0}[{1}:{1}]".format(w, 4*i + 0 + 32)]
# command += stpcommands.add4bitSbox(noekeon_sbox, variables)
#
# for i in range(8):
# variables = ["{0}[{1}:{1}]".format(in2, 4*i + 3),
# "{0}[{1}:{1}]".format(in2, 4*i + 2),
# "{0}[{1}:{1}]".format(in2, 4*i + 1),
# "{0}[{1}:{1}]".format(in2, 4*i + 0),
# "{0}[{1}:{1}]".format(out2, 4*i + 3),
# "{0}[{1}:{1}]".format(out2, 4*i + 2),
# "{0}[{1}:{1}]".format(out2, 4*i + 1),
# "{0}[{1}:{1}]".format(out2, 4*i + 0),
# "{0}[{1}:{1}]".format(w, 4*i + 3 + 64),
# "{0}[{1}:{1}]".format(w, 4*i + 2 + 64),
# "{0}[{1}:{1}]".format(w, 4*i + 1 + 64),
# "{0}[{1}:{1}]".format(w, 4*i + 0 + 64)]
# command += stpcommands.add4bitSbox(noekeon_sbox, variables)
#
# for i in range(8):
# variables = ["{0}[{1}:{1}]".format(in3, 4*i + 3),
# "{0}[{1}:{1}]".format(in3, 4*i + 2),
# "{0}[{1}:{1}]".format(in3, 4*i + 1),
# "{0}[{1}:{1}]".format(in3, 4*i + 0),
# "{0}[{1}:{1}]".format(out3, 4*i + 3),
# "{0}[{1}:{1}]".format(out3, 4*i + 2),
# "{0}[{1}:{1}]".format(out3, 4*i + 1),
# "{0}[{1}:{1}]".format(out3, 4*i + 0),
# "{0}[{1}:{1}]".format(w, 4*i + 3 + 96),
# "{0}[{1}:{1}]".format(w, 4*i + 2 + 96),
# "{0}[{1}:{1}]".format(w, 4*i + 1 + 96),
# "{0}[{1}:{1}]".format(w, 4*i + 0 + 96)]
# command += stpcommands.add4bitSbox(noekeon_sbox, variables)
return command
def setupFlyRound(self, stp_file, s_in, p, sbox1, s_out, w1, w2, w3, wordsize):
"""
Model for differential behaviour of one round FLY
"""
command = ""
# Substitution Layer
fly_sbox = [0, 0xa, 4, 0xf, 0xc, 7, 2, 8, 0xd, 0xe, 9 , 0xb, 5, 6, 3, 1]
for i in range(8):
hixorlo = "BVXOR({0}[{1}:{2}], {0}[{3}:{4}])".format(s_in, 8*i+3, 8*i+0, 8*i+7, 8*i+4)
#Sbox 1 - center
variables = ["{0}[{1}:{1}]".format(hixorlo, 4*i + 3),
"{0}[{1}:{1}]".format(hixorlo, 4*i + 2),
"{0}[{1}:{1}]".format(hixorlo, 4*i + 1),
"{0}[{1}:{1}]".format(hixorlo, 4*i + 0),
"{0}[{1}:{1}]".format(sbox1, 4*i + 3),
"{0}[{1}:{1}]".format(sbox1, 4*i + 2),
"{0}[{1}:{1}]".format(sbox1, 4*i + 1),
"{0}[{1}:{1}]".format(sbox1, 4*i + 0),
"{0}[{1}:{1}]".format(w1, 4*i + 3),
"{0}[{1}:{1}]".format(w1, 4*i + 2),
"{0}[{1}:{1}]".format(w1, 4*i + 1),
"{0}[{1}:{1}]".format(w1, 4*i + 0)]
command += stpcommands.add4bitSbox(fly_sbox, variables)
#sbox2 = "BVXOR({0}[{2}:{3}], {1}[{4}:{5}])".format(s_in, sbox1, 8*i+3, 8*i+0, 4*i + 3, 4*i + 0)
#sbox3 = "BVXOR({0}[{2}:{3}], {1}[{4}:{5}])".format(s_in, sbox1, 8*i+7, 8*i+4, 4*i + 3, 4*i + 0)
command += "ASSERT({6}[{2}:{3}] = BVXOR({0}[{2}:{3}], {1}[{4}:{5}]));\n".format(s_in, sbox1, 8*i+3, 8*i+0, 4*i + 3, 4*i + 0, p)
command += "ASSERT({6}[{2}:{3}] = BVXOR({0}[{2}:{3}], {1}[{4}:{5}]));\n".format(s_in, sbox1, 8*i+7, 8*i+4, 4*i + 3, 4*i + 0, p)
"""
#Sbox 2 - left
variables = ["{0}[{1}:{1}]".format(sbox2, 4*i + 3),
"{0}[{1}:{1}]".format(sbox2, 4*i + 2),
"{0}[{1}:{1}]".format(sbox2, 4*i + 1),
"{0}[{1}:{1}]".format(sbox2, 4*i + 0),
"{0}[{1}:{1}]".format(p, 8*i + 3),
"{0}[{1}:{1}]".format(p, 8*i + 2),
"{0}[{1}:{1}]".format(p, 8*i + 1),
"{0}[{1}:{1}]".format(p, 8*i + 0),
"{0}[{1}:{1}]".format(w2, 4*i + 3),
"{0}[{1}:{1}]".format(w2, 4*i + 2),
"{0}[{1}:{1}]".format(w2, 4*i + 1),
"{0}[{1}:{1}]".format(w2, 4*i + 0)]
command += stpcommands.add4bitSbox(fly_sbox, variables)
#Sbox 3 - right
variables = ["{0}[{1}:{1}]".format(sbox3, 4*i + 3),
"{0}[{1}:{1}]".format(sbox3, 4*i + 2),
"{0}[{1}:{1}]".format(sbox3, 4*i + 1),
"{0}[{1}:{1}]".format(sbox3, 4*i + 0),
"{0}[{1}:{1}]".format(p, 8*i + 7),
"{0}[{1}:{1}]".format(p, 8*i + 6),
"{0}[{1}:{1}]".format(p, 8*i + 5),
"{0}[{1}:{1}]".format(p, 8*i + 4),
"{0}[{1}:{1}]".format(w3, 4*i + 3),
"{0}[{1}:{1}]".format(w3, 4*i + 2),
"{0}[{1}:{1}]".format(w3, 4*i + 1),
"{0}[{1}:{1}]".format(w3, 4*i + 0)]
command += stpcommands.add4bitSbox(fly_sbox, variables)
"""
#Permutation Layer
#Rot(.) = (i+8*(i mod 8)) mod 64
for i in range(64):
command += "ASSERT({0}[{1}:{1}] = {2}[{3}:{3}]);\n".format(p, i, s_out, (i+8*(i%8))%64)
stp_file.write(command)
return
def setupMidoriRound(self, stp_file, sb_in, sc, mc, sb_out, w, wordsize):
"""
Model for differential behaviour of one round MIDORI
"""
command = ""
#Permutation Layer
#ShuffleCells
# 0 4 8 c 0 e 9 7
# 1 5 9 d a 4 3 d
# 2 6 a e 5 b c 2
# 3 7 b f f 1 6 8
permutation = [0x0, 0xa, 0x5, 0xf, 0xe, 0x4, 0xb, 0x1,
0x9, 0x3, 0xc, 0x6, 0x7, 0xd, 0x2, 0x8]
for idx, val in enumerate(permutation):
command += "ASSERT({0}[{1}:{2}] = {3}[{4}:{5}]);\n".format(
sc, 8*idx + 7, 8*idx, mc, 8*val + 7, 8*val)
#MixColumns
# 0 1 1 1 x0 x1 + x2 + x3
# 1 0 1 1 x1 -> x0 + x2 + x3
# 1 1 0 1 x2 x0 + x1 + x3
# 1 1 1 0 x3 x0 + x1 + x2
for col in range(4):
for bit in range(8):
offset0 = col*32 + 0 + bit
offset1 = col*32 + 8 + bit
offset2 = col*32 + 16 + bit
offset3 = col*32 + 24 + bit
command += "ASSERT(BVXOR(BVXOR({4}[{1}:{1}], {4}[{2}:{2}]), {4}[{3}:{3}]) \
= {5}[{0}:{0}]);\n".format(offset0, offset1, offset2, offset3, mc, sb_out)
command += "ASSERT(BVXOR(BVXOR({4}[{0}:{0}], {4}[{2}:{2}]), {4}[{3}:{3}]) \
= {5}[{1}:{1}]);\n".format(offset0, offset1, offset2, offset3, mc, sb_out)
command += "ASSERT(BVXOR(BVXOR({4}[{0}:{0}], {4}[{1}:{1}]), {4}[{3}:{3}]) \
= {5}[{2}:{2}]);\n".format(offset0, offset1, offset2, offset3, mc, sb_out)
command += "ASSERT(BVXOR(BVXOR({4}[{0}:{0}], {4}[{1}:{1}]), {4}[{2}:{2}]) \
= {5}[{3}:{3}]);\n".format(offset0, offset1, offset2, offset3, mc, sb_out)
# Substitution Layer
midori_sbox_sb1 = [1, 0, 5, 3, 0xe, 2, 0xf, 7, 0xd, 0xa, 9, 0xb, 0xc, 8, 4, 6]
for i in range(16):
if i % 4 == 0:
#SSB0
#x[7,6,5,4,3,2,1,0]=y[4,1,6,3,0,5,2,7]
variables_sbox1 = ["{0}[{1}:{1}]".format(sb_in, 8*i + 3), #msb # 0
"{0}[{1}:{1}]".format(sb_in, 8*i + 6), # 1
"{0}[{1}:{1}]".format(sb_in, 8*i + 1), # 2
"{0}[{1}:{1}]".format(sb_in, 8*i + 4), #lsb # 3
"{0}[{1}:{1}]".format(sc, 8*i + 3), # 0
"{0}[{1}:{1}]".format(sc, 8*i + 6), # 1
"{0}[{1}:{1}]".format(sc, 8*i + 1), # 2
"{0}[{1}:{1}]".format(sc, 8*i + 4), # 3
"{0}[{1}:{1}]".format(w, 8*i + 3),
"{0}[{1}:{1}]".format(w, 8*i + 2),
"{0}[{1}:{1}]".format(w, 8*i + 1),
"{0}[{1}:{1}]".format(w, 8*i + 0)]
variables_sbox2 = ["{0}[{1}:{1}]".format(sb_in, 8*i + 7), #msb # 4
"{0}[{1}:{1}]".format(sb_in, 8*i + 2), # 5
"{0}[{1}:{1}]".format(sb_in, 8*i + 5), # 6
"{0}[{1}:{1}]".format(sb_in, 8*i + 0), #lsb # 7
"{0}[{1}:{1}]".format(sc, 8*i + 7), # 4
"{0}[{1}:{1}]".format(sc, 8*i + 2), # 5
"{0}[{1}:{1}]".format(sc, 8*i + 5), # 6
"{0}[{1}:{1}]".format(sc, 8*i + 0), # 7
"{0}[{1}:{1}]".format(w, 8*i + 7),
"{0}[{1}:{1}]".format(w, 8*i + 6),
"{0}[{1}:{1}]".format(w, 8*i + 5),
"{0}[{1}:{1}]".format(w, 8*i + 4)]
command += stpcommands.add4bitSbox(midori_sbox_sb1, variables_sbox1)
command += stpcommands.add4bitSbox(midori_sbox_sb1, variables_sbox2)
elif i % 4 == 1:
#SSB1
#y[7,6,5,4,3,2,1,0]=x[3,0,5,6,7,4,1,2]
variables_sbox1 = ["{0}[{1}:{1}]".format(sb_in, 8*i + 6), #msb # 0
"{0}[{1}:{1}]".format(sb_in, 8*i + 1), # 1
"{0}[{1}:{1}]".format(sb_in, 8*i + 0), # 2
"{0}[{1}:{1}]".format(sb_in, 8*i + 7), #lsb # 3
"{0}[{1}:{1}]".format(sc, 8*i + 6), # 0
"{0}[{1}:{1}]".format(sc, 8*i + 1), # 1
"{0}[{1}:{1}]".format(sc, 8*i + 0), # 2
"{0}[{1}:{1}]".format(sc, 8*i + 7), # 3
"{0}[{1}:{1}]".format(w, 8*i + 3),
"{0}[{1}:{1}]".format(w, 8*i + 2),
"{0}[{1}:{1}]".format(w, 8*i + 1),
"{0}[{1}:{1}]".format(w, 8*i + 0)]
variables_sbox2 = ["{0}[{1}:{1}]".format(sb_in, 8*i + 2), #msb # 4
"{0}[{1}:{1}]".format(sb_in, 8*i + 5), # 5
"{0}[{1}:{1}]".format(sb_in, 8*i + 4), # 6
"{0}[{1}:{1}]".format(sb_in, 8*i + 3), #lsb # 7
"{0}[{1}:{1}]".format(sc, 8*i + 2), # 4
"{0}[{1}:{1}]".format(sc, 8*i + 5), # 5
"{0}[{1}:{1}]".format(sc, 8*i + 4), # 6
"{0}[{1}:{1}]".format(sc, 8*i + 3), # 7
"{0}[{1}:{1}]".format(w, 8*i + 7),
"{0}[{1}:{1}]".format(w, 8*i + 6),
"{0}[{1}:{1}]".format(w, 8*i + 5),
"{0}[{1}:{1}]".format(w, 8*i + 4)]
command += stpcommands.add4bitSbox(midori_sbox_sb1, variables_sbox1)
command += stpcommands.add4bitSbox(midori_sbox_sb1, variables_sbox2)
elif i % 4 == 2:
#SSB2
#y[7,6,5,4,3,2,1,0]=x[6,3,0,1,2,7,4,5]
variables_sbox1 = ["{0}[{1}:{1}]".format(sb_in, 8*i + 5), #msb # 0
"{0}[{1}:{1}]".format(sb_in, 8*i + 4), # 1
"{0}[{1}:{1}]".format(sb_in, 8*i + 3), # 2
"{0}[{1}:{1}]".format(sb_in, 8*i + 6), #lsb # 3
"{0}[{1}:{1}]".format(sc, 8*i + 5), # 0
"{0}[{1}:{1}]".format(sc, 8*i + 4), # 1
"{0}[{1}:{1}]".format(sc, 8*i + 3), # 2
"{0}[{1}:{1}]".format(sc, 8*i + 6), # 3
"{0}[{1}:{1}]".format(w, 8*i + 3),
"{0}[{1}:{1}]".format(w, 8*i + 2),
"{0}[{1}:{1}]".format(w, 8*i + 1),
"{0}[{1}:{1}]".format(w, 8*i + 0)]
variables_sbox2 = ["{0}[{1}:{1}]".format(sb_in, 8*i + 1), #msb # 4
"{0}[{1}:{1}]".format(sb_in, 8*i + 0), # 5
"{0}[{1}:{1}]".format(sb_in, 8*i + 7), # 6
"{0}[{1}:{1}]".format(sb_in, 8*i + 2), #lsb # 7
"{0}[{1}:{1}]".format(sc, 8*i + 1), # 4
"{0}[{1}:{1}]".format(sc, 8*i + 0), # 5
"{0}[{1}:{1}]".format(sc, 8*i + 7), # 6
"{0}[{1}:{1}]".format(sc, 8*i + 2), # 7
"{0}[{1}:{1}]".format(w, 8*i + 7),
"{0}[{1}:{1}]".format(w, 8*i + 6),
"{0}[{1}:{1}]".format(w, 8*i + 5),
"{0}[{1}:{1}]".format(w, 8*i + 4)]
command += stpcommands.add4bitSbox(midori_sbox_sb1, variables_sbox1)
command += stpcommands.add4bitSbox(midori_sbox_sb1, variables_sbox2)
elif i % 4 == 3:
#SSB3
#y[7,6,5,4,3,2,1,0]=x[5,2,3,4,1,6,7,0]
variables_sbox1 = ["{0}[{1}:{1}]".format(sb_in, 8*i + 0), #msb # 0
"{0}[{1}:{1}]".format(sb_in, 8*i + 3), # 1
"{0}[{1}:{1}]".format(sb_in, 8*i + 6), # 2
"{0}[{1}:{1}]".format(sb_in, 8*i + 5), #lsb # 3
"{0}[{1}:{1}]".format(sc, 8*i + 0), # 0
"{0}[{1}:{1}]".format(sc, 8*i + 3), # 1
"{0}[{1}:{1}]".format(sc, 8*i + 6), # 2
"{0}[{1}:{1}]".format(sc, 8*i + 5), # 3
"{0}[{1}:{1}]".format(w, 8*i + 3),
"{0}[{1}:{1}]".format(w, 8*i + 2),
"{0}[{1}:{1}]".format(w, 8*i + 1),
"{0}[{1}:{1}]".format(w, 8*i + 0)]
variables_sbox2 = ["{0}[{1}:{1}]".format(sb_in, 8*i + 4), #msb # 4
"{0}[{1}:{1}]".format(sb_in, 8*i + 7), # 5
"{0}[{1}:{1}]".format(sb_in, 8*i + 2), # 6
"{0}[{1}:{1}]".format(sb_in, 8*i + 1), #lsb # 7
"{0}[{1}:{1}]".format(sc, 8*i + 4), # 4
"{0}[{1}:{1}]".format(sc, 8*i + 7), # 5
"{0}[{1}:{1}]".format(sc, 8*i + 2), # 6
"{0}[{1}:{1}]".format(sc, 8*i + 1), # 7
"{0}[{1}:{1}]".format(w, 8*i + 7),
"{0}[{1}:{1}]".format(w, 8*i + 6),
"{0}[{1}:{1}]".format(w, 8*i + 5),
"{0}[{1}:{1}]".format(w, 8*i + 4)]
command += stpcommands.add4bitSbox(midori_sbox_sb1, variables_sbox1)
command += stpcommands.add4bitSbox(midori_sbox_sb1, variables_sbox2)
else:
#something is seriously wrong!
print("Error with modulo!")
return
stp_file.write(command)
return
def F(self, f_in, s_out, f_out, w):
"""
Model for the F function used in LBlock
"""
command = ""
# Substitution Layer
s0 = [0xE, 9, 0xF, 0, 0xD, 4, 0xA, 0xB, 1, 2, 8, 3, 7, 6, 0xC, 5]
s1 = [4, 0xB, 0xE, 9, 0xF, 0xD, 0, 0xA, 7, 0xC, 5, 6, 2, 8, 1, 3]
s2 = [1, 0xE, 7, 0xC, 0xF, 0xD, 0, 6, 0xB, 5, 9, 3, 2, 4, 8, 0xA]
s3 = [7, 6, 8, 0xB, 0, 0xF, 3, 0xE, 9, 0xA, 0xC, 0xD, 5, 2, 4, 1]
s4 = [0xE, 5, 0xF, 0, 7, 2, 0xC, 0xD, 1, 8, 4, 9, 0xB, 0xA, 6, 3]
s5 = [2, 0xD, 0xB, 0xC, 0xF, 0xE, 0, 9, 7, 0xA, 6, 3, 1, 8, 4, 5]
s6 = [0xB, 9, 4, 0xE, 0, 0xF, 0xA, 0xD, 6, 0xC, 5, 7, 3, 8, 1, 2]
s7 = [0xD, 0xA, 0xF, 0, 0xE, 4, 9, 0xB, 2, 1, 8, 3, 7, 5, 0xC, 6]
#s0
variables = ["{0}[{1}:{1}]".format(f_in, 3),
"{0}[{1}:{1}]".format(f_in, 2),
"{0}[{1}:{1}]".format(f_in, 1),
"{0}[{1}:{1}]".format(f_in, 0),
"{0}[{1}:{1}]".format(s_out, 3),
"{0}[{1}:{1}]".format(s_out, 2),
"{0}[{1}:{1}]".format(s_out, 1),
"{0}[{1}:{1}]".format(s_out, 0),
"{0}[{1}:{1}]".format(w, 3),
"{0}[{1}:{1}]".format(w, 2),
"{0}[{1}:{1}]".format(w, 1),
"{0}[{1}:{1}]".format(w, 0)]
command += stpcommands.add4bitSbox(s0, variables)
#s1
variables = ["{0}[{1}:{1}]".format(f_in, 7),
"{0}[{1}:{1}]".format(f_in, 6),
"{0}[{1}:{1}]".format(f_in, 5),
"{0}[{1}:{1}]".format(f_in, 4),
"{0}[{1}:{1}]".format(s_out, 7),
"{0}[{1}:{1}]".format(s_out, 6),
"{0}[{1}:{1}]".format(s_out, 5),
"{0}[{1}:{1}]".format(s_out, 4),
"{0}[{1}:{1}]".format(w, 7),
"{0}[{1}:{1}]".format(w, 6),
"{0}[{1}:{1}]".format(w, 5),
"{0}[{1}:{1}]".format(w, 4)]
command += stpcommands.add4bitSbox(s1, variables)
#s2
variables = ["{0}[{1}:{1}]".format(f_in, 11),
"{0}[{1}:{1}]".format(f_in, 10),
"{0}[{1}:{1}]".format(f_in, 9),
"{0}[{1}:{1}]".format(f_in, 8),
"{0}[{1}:{1}]".format(s_out, 11),
"{0}[{1}:{1}]".format(s_out, 10),
"{0}[{1}:{1}]".format(s_out, 9),
"{0}[{1}:{1}]".format(s_out, 8),
"{0}[{1}:{1}]".format(w, 11),
"{0}[{1}:{1}]".format(w, 10),
"{0}[{1}:{1}]".format(w, 9),
"{0}[{1}:{1}]".format(w, 8)]
command += stpcommands.add4bitSbox(s2, variables)
#s3
variables = ["{0}[{1}:{1}]".format(f_in, 15),
"{0}[{1}:{1}]".format(f_in, 14),
"{0}[{1}:{1}]".format(f_in, 13),
"{0}[{1}:{1}]".format(f_in, 12),
"{0}[{1}:{1}]".format(s_out, 15),
"{0}[{1}:{1}]".format(s_out, 14),
"{0}[{1}:{1}]".format(s_out, 13),
"{0}[{1}:{1}]".format(s_out, 12),
"{0}[{1}:{1}]".format(w, 15),
"{0}[{1}:{1}]".format(w, 14),
"{0}[{1}:{1}]".format(w, 13),
"{0}[{1}:{1}]".format(w, 12)]
command += stpcommands.add4bitSbox(s3, variables)
#s4
variables = ["{0}[{1}:{1}]".format(f_in, 19),
"{0}[{1}:{1}]".format(f_in, 18),
"{0}[{1}:{1}]".format(f_in, 17),
"{0}[{1}:{1}]".format(f_in, 16),
"{0}[{1}:{1}]".format(s_out, 19),
"{0}[{1}:{1}]".format(s_out, 18),
"{0}[{1}:{1}]".format(s_out, 17),
"{0}[{1}:{1}]".format(s_out, 16),
"{0}[{1}:{1}]".format(w, 19),
"{0}[{1}:{1}]".format(w, 18),
"{0}[{1}:{1}]".format(w, 17),
"{0}[{1}:{1}]".format(w, 16)]
command += stpcommands.add4bitSbox(s4, variables)
#s5
variables = ["{0}[{1}:{1}]".format(f_in, 23),
"{0}[{1}:{1}]".format(f_in, 22),
"{0}[{1}:{1}]".format(f_in, 21),
"{0}[{1}:{1}]".format(f_in, 20),
"{0}[{1}:{1}]".format(s_out, 23),
"{0}[{1}:{1}]".format(s_out, 22),
"{0}[{1}:{1}]".format(s_out, 21),
"{0}[{1}:{1}]".format(s_out, 20),
"{0}[{1}:{1}]".format(w, 23),
"{0}[{1}:{1}]".format(w, 22),
"{0}[{1}:{1}]".format(w, 21),
"{0}[{1}:{1}]".format(w, 20)]
command += stpcommands.add4bitSbox(s5, variables)
#s6
variables = ["{0}[{1}:{1}]".format(f_in, 27),
"{0}[{1}:{1}]".format(f_in, 26),
"{0}[{1}:{1}]".format(f_in, 25),
"{0}[{1}:{1}]".format(f_in, 24),
"{0}[{1}:{1}]".format(s_out, 27),
"{0}[{1}:{1}]".format(s_out, 26),
"{0}[{1}:{1}]".format(s_out, 25),
"{0}[{1}:{1}]".format(s_out, 24),
"{0}[{1}:{1}]".format(w, 27),
"{0}[{1}:{1}]".format(w, 26),
"{0}[{1}:{1}]".format(w, 25),
"{0}[{1}:{1}]".format(w, 24)]
command += stpcommands.add4bitSbox(s6, variables)
#s7
variables = ["{0}[{1}:{1}]".format(f_in, 31),
"{0}[{1}:{1}]".format(f_in, 30),
"{0}[{1}:{1}]".format(f_in, 29),
"{0}[{1}:{1}]".format(f_in, 28),
"{0}[{1}:{1}]".format(s_out, 31),
"{0}[{1}:{1}]".format(s_out, 30),
"{0}[{1}:{1}]".format(s_out, 29),
"{0}[{1}:{1}]".format(s_out, 28),
"{0}[{1}:{1}]".format(w, 31),
"{0}[{1}:{1}]".format(w, 30),
"{0}[{1}:{1}]".format(w, 29),
"{0}[{1}:{1}]".format(w, 28)]
command += stpcommands.add4bitSbox(s7, variables)
# Permutation Layer
command += "ASSERT({0}[7:4] = {1}[3:0]);\n".format(s_out, f_out)
command += "ASSERT({0}[15:12] = {1}[7:4]);\n".format(s_out, f_out)
command += "ASSERT({0}[3:0] = {1}[11:8]);\n".format(s_out, f_out)
command += "ASSERT({0}[11:8] = {1}[15:12]);\n".format(s_out, f_out)
command += "ASSERT({0}[23:20] = {1}[19:16]);\n".format(s_out, f_out)
command += "ASSERT({0}[31:28] = {1}[23:20]);\n".format(s_out, f_out)
command += "ASSERT({0}[19:16] = {1}[27:24]);\n".format(s_out, f_out)
command += "ASSERT({0}[27:24] = {1}[31:28]);\n".format(s_out, f_out)
return command