The maximum ADD differential probability of XOR with three inputs: .
More...
#include "common.hh"
#include "adp-xor3.hh"
|
void | max_adp_xor3_i (const int i, const uint32_t k, const uint32_t n, double *p, uint32_t *dd, gsl_matrix *A[2][2][2][2], gsl_vector *B[WORD_SIZE+1], gsl_vector *C, const uint32_t da, const uint32_t db, const uint32_t dc, uint32_t *dd_max, double *p_max) |
|
void | max_adp_xor3_bounds (gsl_matrix *A[2][2][2][2], gsl_vector *B[WORD_SIZE+1], const uint32_t da, const uint32_t db, const uint32_t dc, uint32_t *dd_max) |
|
double | max_adp_xor3 (gsl_matrix *A[2][2][2][2], const uint32_t da, const uint32_t db, const uint32_t dc, uint32_t *dd_max) |
|
void | max_adp_xor3_rec_i (const uint32_t k, const uint32_t n, double *p, uint32_t *dd, gsl_matrix *A[2][2][2][2], gsl_vector *C, const uint32_t da, const uint32_t db, const uint32_t dc, uint32_t *dd_max, double *p_max) |
|
double | max_adp_xor3_rec (gsl_matrix *A[2][2][2][2], gsl_vector *C, const uint32_t da, const uint32_t db, const uint32_t dc, uint32_t *dd_max) |
|
double | max_adp_xor3_exper (gsl_matrix *A[2][2][2][2], const uint32_t da, const uint32_t db, const uint32_t dc, uint32_t *dd_max) |
|
The maximum ADD differential probability of XOR with three inputs: .
- Author
- V.Velichkov, vesse.nosp@m.lin..nosp@m.velic.nosp@m.hkov.nosp@m.@uni..nosp@m.lu
double max_adp_xor3 |
( |
gsl_matrix * |
A[2][2][2][2], |
|
|
const uint32_t |
da, |
|
|
const uint32_t |
db, |
|
|
const uint32_t |
dc, |
|
|
uint32_t * |
dd_max |
|
) |
| |
Compute the maximum differential probability over all output differences: . Complexity c: .
- Parameters
-
A | transition probability matrices. |
da | first input difference. |
db | second input difference. |
dc | third input difference. |
dd_max | maximum probability output difference. |
- See Also
- max_adp_xor3_bounds, max_adp_xor3_i
void max_adp_xor3_bounds |
( |
gsl_matrix * |
A[2][2][2][2], |
|
|
gsl_vector * |
B[WORD_SIZE+1], |
|
|
const uint32_t |
da, |
|
|
const uint32_t |
db, |
|
|
const uint32_t |
dc, |
|
|
uint32_t * |
dd_max |
|
) |
| |
Compute an array of bounds that can be used in the computation of the maximum differential probability.
- Parameters
-
A | transition probability matrices. |
B | array of size A_size rows by (n + 1) columns containing upper bounds on the maximum probabilities of all j bit differentials beginning from any state i: A_size . |
da | first input difference. |
db | second input difference. |
dc | third input difference. |
dd_max | maximum probability output difference. |
- See Also
- max_adp_xor_bounds, max_adp_xor3_i
double max_adp_xor3_exper |
( |
gsl_matrix * |
A[2][2][2][2], |
|
|
const uint32_t |
da, |
|
|
const uint32_t |
db, |
|
|
const uint32_t |
dc, |
|
|
uint32_t * |
dd_max |
|
) |
| |
Compute the maximum differential probability by exhaustive search over all output differences. Complexity: .
- Parameters
-
A | transition probability matrices. |
da | first input difference. |
db | second input difference. |
dc | third input difference. |
dd_max | maximum probability output difference. |
- Returns
- See Also
- max_adp_xor
void max_adp_xor3_i |
( |
const int |
i, |
|
|
const uint32_t |
k, |
|
|
const uint32_t |
n, |
|
|
double * |
p, |
|
|
uint32_t * |
dd, |
|
|
gsl_matrix * |
A[2][2][2][2], |
|
|
gsl_vector * |
B[WORD_SIZE+1], |
|
|
gsl_vector * |
C, |
|
|
const uint32_t |
da, |
|
|
const uint32_t |
db, |
|
|
const uint32_t |
dc, |
|
|
uint32_t * |
dd_max, |
|
|
double * |
p_max |
|
) |
| |
double max_adp_xor3_rec |
( |
gsl_matrix * |
A[2][2][2][2], |
|
|
gsl_vector * |
C, |
|
|
const uint32_t |
da, |
|
|
const uint32_t |
db, |
|
|
const uint32_t |
dc, |
|
|
uint32_t * |
dd_max |
|
) |
| |
Recursively compute the maximum differential probability over all output differences: . Complexity c: .
- Parameters
-
A | transition probability matrices. |
C | unit row vector initialized with 1 at the nitial state. |
da | first input difference. |
db | second input difference. |
dc | third input difference. |
dd_max | maximum probability output difference. |
- Returns
- Note
- This function max_adp_xor3_rec is more efficient than exhaustive search over all output differences max_adp_xor3_exper, but is less efficient than the function max_adp_xor3 that uses bounds. The reason is that at every bit position, max_adp_xor3_rec (by max_adp_xor3_rec_i) implicitly assumes that the remaining probability until the end (i.e. until the MSB) is 1, while the bounds computed by max_adp_xor3 are tighter and thus more branches of the recursion are cut earlier in the computation.
See also: max_adp_xor3_i()
void max_adp_xor3_rec_i |
( |
const uint32_t |
k, |
|
|
const uint32_t |
n, |
|
|
double * |
p, |
|
|
uint32_t * |
dd, |
|
|
gsl_matrix * |
A[2][2][2][2], |
|
|
gsl_vector * |
C, |
|
|
const uint32_t |
da, |
|
|
const uint32_t |
db, |
|
|
const uint32_t |
dc, |
|
|
uint32_t * |
dd_max, |
|
|
double * |
p_max |
|
) |
| |
Recursively compute the maximum differential probability over all output differences of the partial -bit differential .
- Parameters
-
k | current bit position: . |
n | word size. |
p | the probability at bit position k . |
dd | output difference. |
A | transition probability matrices. |
C | unit row vector initialized with 1 at the nitial state. |
da | first input difference. |
db | second input difference. |
dc | third input difference. |
dd_max | maximum probability output difference. |
p_max | the maximum probability. |
Algorithm Outline:
The function recursively assigns the bits of the output difference starting at the LS bit position and proceeding to only if the probability so far is still above the maximum that was found up to now. The initial value for the maximum probability p_max
is 0 and is updated dynamically during the process every time a higher probability is encountered. The recursion stops at the MSB .
See also: max_adp_xor3_rec()