def setupMantisBackwardRound(self, stp_file, sb_in, sr, mc, sb_out, wn, wordsize):
"""
Model for differential behaviour of one backward round Mantis.
"""
command = ""
# MixColumns
for col in range(4):
xorsum = stpcommands.getStringXORn(sb_in[4*col:(4*(col + 1))]) # Get One column
for row in range(4):
command += "ASSERT({} = BVXOR({}, {}));\n".format(sr[4*col + row],
sb_in[4*col + row],
xorsum)
# Permute Cells Inverse
permutation = [0, 7, 14, 9, 5, 2, 11, 12,
15, 8, 1, 6, 10, 13, 4, 3]
for nibble in range(16):
command += "ASSERT({} = {});\n".format(sr[nibble], mc[permutation[nibble]])
# Inverse SubBytes
mantis_sbox = [0xc, 0xa, 0xd, 0x3, 0xe, 0xb, 0xf, 0x7,
0x8, 0x9, 0x1, 0x5, 0x0, 0x2, 0x4, 0x6]
for sbox in range(16):
command += stpcommands.add4bitSboxNibbles(mantis_sbox, mc[sbox], sb_out[sbox], wn[sbox])
stp_file.write(command)
return
def setupMantisMiddleRound(self, stp_file, sb_in, m_in, m_out, sb_out, wn, wn2, wordsize):
"""
Middle round of Mantis.
"""
command = ""
# SubBytes
mantis_sbox = [0xc, 0xa, 0xd, 0x3, 0xe, 0xb, 0xf, 0x7,
0x8, 0x9, 0x1, 0x5, 0x0, 0x2, 0x4, 0x6]
for sbox in range(16):
command += stpcommands.add4bitSboxNibbles(mantis_sbox, sb_in[sbox], m_in[sbox], wn[sbox])
# MixColumns
for col in range(4):
xorsum = stpcommands.getStringXORn(m_in[4*col:(4*(col + 1))]) # Get One column
for row in range(4):
command += "ASSERT({} = BVXOR({}, {}));\n".format(m_out[4*col + row],
m_in[4*col + row],
xorsum)
# SubBytes
for sbox in range(16):
command += stpcommands.add4bitSboxNibbles(mantis_sbox, m_out[sbox], sb_out[sbox], wn2[sbox])
stp_file.write(command)
return
def setupMantisForwardRound(self, stp_file, sb_in, sr, mc, sb_out, wn, wordsize):
"""
Model for differential behaviour of one forward round Mantis.
"""
command = ""
# SubBytes
mantis_sbox = [0xc, 0xa, 0xd, 0x3, 0xe, 0xb, 0xf, 0x7,
0x8, 0x9, 0x1, 0x5, 0x0, 0x2, 0x4, 0x6]
for sbox in range(16):
command += stpcommands.add4bitSboxNibbles(mantis_sbox, sb_in[sbox], sr[sbox], wn[sbox])
# Permute Cells
permutation = [0x0, 0xa, 0x5, 0xf, 0xe, 0x4, 0xb, 0x1,
0x9, 0x3, 0xc, 0x6, 0x7, 0xd, 0x2, 0x8]
for nibble in range(16):
command += "ASSERT({} = {});\n".format(sr[nibble], mc[permutation[nibble]])
#MixColumns
# 0 1 1 1 x0 x1 + x2 + x3
# 1 0 1 1 x1 -> x0 + x2 + x3
# 1 1 0 1 x2 x0 + x1 + x3
# 1 1 1 0 x3 x0 + x1 + x2
for col in range(4):
xorsum = stpcommands.getStringXORn(mc[4*col:(4*(col + 1))]) # Get One column
for row in range(4):
command += "ASSERT({} = BVXOR({}, {}));\n".format(sb_out[4*col + row],
mc[4*col + row],
xorsum)
stp_file.write(command)
return
def princeMhat(self, input, output):
# Add constraints for Prince M
# input = (a0 a1 a2 a3 b0 b1 b2 b3 c0 c1 c2 c3 d0 d1 d2 d3)
command = ""
command += "ASSERT({} = {});\n".format(
output[0],
stpcommands.getStringXORn([input[0], input[4], input[12]]))
command += "ASSERT({} = {});\n".format(
output[1],
stpcommands.getStringXORn([input[1], input[9], input[13]]))
command += "ASSERT({} = {});\n".format(
output[2],
stpcommands.getStringXORn([input[6], input[10], input[14]]))
command += "ASSERT({} = {});\n".format(
output[3],
stpcommands.getStringXORn([input[3], input[7], input[11]]))
command += "ASSERT({} = {});\n".format(
output[4],
stpcommands.getStringXORn([input[0], input[8], input[12]]))
command += "ASSERT({} = {});\n".format(
output[5],
stpcommands.getStringXORn([input[5], input[9], input[13]]))
command += "ASSERT({} = {});\n".format(
output[6],
stpcommands.getStringXORn([input[2], input[6], input[10]]))
command += "ASSERT({} = {});\n".format(
output[7],
stpcommands.getStringXORn([input[3], input[7], input[15]]))
command += "ASSERT({} = {});\n".format(
output[8],
stpcommands.getStringXORn([input[4], input[8], input[12]]))
command += "ASSERT({} = {});\n".format(
output[9],
stpcommands.getStringXORn([input[1], input[5], input[9]]))
command += "ASSERT({} = {});\n".format(
output[10],
stpcommands.getStringXORn([input[2], input[6], input[14]]))
command += "ASSERT({} = {});\n".format(
output[11],
stpcommands.getStringXORn([input[3], input[11], input[15]]))
command += "ASSERT({} = {});\n".format(
output[12],
stpcommands.getStringXORn([input[0], input[4], input[8]]))
command += "ASSERT({} = {});\n".format(
output[13],
stpcommands.getStringXORn([input[1], input[5], input[13]]))
command += "ASSERT({} = {});\n".format(
output[14],
stpcommands.getStringXORn([input[2], input[10], input[14]]))
command += "ASSERT({} = {});\n".format(
output[15],
stpcommands.getStringXORn([input[7], input[11], input[15]]))
return command