YAARX: Yet Another ARX Toolkit  0.1
 All Data Structures Files Functions Variables Macros Pages
rc5-dc.hh File Reference

Header file for rc5-dc.cc: Differential Cryptanalysis of block cipher RC5 . . More...

#include "rc5-eq.hh"

Go to the source code of this file.

Data Structures

struct  rc5_enc_t
 
struct  rc5_interval_t
 
struct  rc5_goup_diffs_t
 
struct  rc5_goup_diffs_hash
 
struct  rc5_goup_diffs_equal_to
 
struct  rc5_diff_hash
 
struct  rc5_diff_equal_to
 
struct  rc5_key_t
 
struct  rc5_compare_key_by_value
 

Macros

#define RC5_MAX_NROUNDS   12
 
#define RC5_MAX_NHALF_ROUNDS   (2*RC5_MAX_NROUNDS) + 2
 
#define RC5_NTEXTS   (1ULL << 23)
 
#define RC5_ORACLE_NTEXTS   (1ULL << 27)
 
#define RC5_NKEYS   (1U << 0)
 
#define RC5_ROT_MASK   (WORD_SIZE - 1)
 
#define RC5_NDIFFS   2
 
#define RC5_LWCS_NWORDS   2
 
#define RC5_LWCS_NROUNDS   5
 
#define RC5_WEAKEN_KEYS   0
 
#define RC5_XOR   0
 
#define RC5_FIXED_KEY   0
 
#define RC5_KEY_READ_FROM_FILE   0
 
#define RC5_FEISTEL_LEFT   0
 
#define RC5_FEISTEL_RIGHT   1
 
#define RC5_FILTER_GOUP_ADD_EQUALS_XOR_APPROX   1
 
#define RC5_FILTER_LAST_ROUND   1
 
#define RC5_FILTER_ONETOLAST_ROUND   0
 
#define RC5_FILTER_GOUP   1
 
#define RC5_FILTER_GOUP_DEBUG   0
 
#define RC5_DEBUG_HAVE_MEMORY   1
 
#define RC5_FILTER_CUT_HW1   1
 
#define RC5_FILTER_GOUP_LINEAR   0
 
#define RC5_FLEX_FIB   0
 
#define RC5_EQUAL_ROT_TRAIL_DP_DEBUG   1 /* Print debug info */
 
#define RC5_EQUAL_ROT_TRAIL_DP_SET_DEBUG   0 /* Print debug info */
 
#define RC5_EQUAL_ROT_ATTACK_DEBUG   1 /* Print debug info */
 
#define RC5_GOOD_PAIRS_GOUP_FILTER_DEBUG_READ_FROM_FILE   1
 
#define RC5_NEUTRAL_BITS_DEPTH_NHALF_ROUNDS   7
 
#define RC5_FILTER_GOUP_DIFF_SET   1
 
#define RC5_FILTER_GOUP_v2   1
 
#define RC5_FLEX_FIB_NROUNDS   6
 
#define RC5_FILTER_GOUP_LIMIT_NVARIANTS   1
 
#define RC5_FILTER_GOUP_MAX_NVARIANTS   1
 
#define RC5_FILTER_USE_STRUCTURES   1
 
#define RC5_FILTER_SECOND_PASS   0
 
#define RC5_FILTER_BLIND_ORACLE   0
 
#define RC5_FILTER_BLIND_ORACLE_ROT_4   0
 
#define RC5_FILTER_BLIND_ORACLE_ROT_5   0
 
#define RC5_FILTER_BLIND_ORACLE_BACKWARD_WINDOW_NBITS   0
 
#define RC5_FILTER_LEARNING_ORACLE   0
 
#define RC5_LOG_TO_FILE   1
 
#define RC5_FILTER_ORACLE   RC5_FILTER_SECOND_PASS
 
#define RC5_ORACLE_BK   0
 
#define RC5_ORACLE_KM   0
 
#define RC5_FILTER_CIPHERTEXT_HW_LIMIT   1
 
#define RC5_CIPHERTEXT_HW_LIMIT_LEFT   WORD_SIZE
 
#define RC5_CIPHERTEXT_HW_LIMIT_RIGHT   WORD_SIZE
 
#define RC5_PAIRS_SORT_BY_CIPHERTEXT_DIFF_HW   1
 
#define RC5_PAIRS_SORTED_THRESHOLD   10
 
#define RC5_FILTERED_PAIRS_FILE   "/tmp/rc5-filtered-pairs.txt"
 
#define RC5_LOG_FILE   "/tmp/rc5-log.txt"
 
#define RC5_FILENAME_LEN   1024
 
#define RC5_LOG_FILE_CONTAINS_RAND_LR   1
 
#define RC5_STRUCTURES_NTEXTS   (1ULL << RC5_STRUCTURES_NBITS)
 
#define RC5_BIN_READ_INPUT_ARGS_FROM_STDIN   1
 
#define RC5_FILTERED_PAIRS_FILENAME_FROM_STDIN   1
 
#define RC5_SLIDE_WIN_LEN   5
 
#define RC5_COMPILE_WITH_CODING_TOOL_LIB   0
 

Functions

void rc5_key_vec_print (const std::vector< rc5_key_t > key_vec, const WORD_T key_correct, const uint32_t ntop)
 
void rc5_key_set_print (const std::set< rc5_key_t, rc5_compare_key_by_value > key_set, WORD_T key_correct)
 
bool rc5_struct_key_compare_by_counter (rc5_key_t first, rc5_key_t second)
 
bool rc5_struct_key_compare_by_value (rc5_key_t first, rc5_key_t second)
 
uint32_t rc5_key_set_update (const WORD_T new_key_value, std::set< rc5_key_t, rc5_compare_key_by_value > *key_set)
 
uint32_t rc5_params_count_good (const boost::unordered_map< eq_x_params_t, uint32_t, rc5_eq_x_params_hash, rc5_eq_x_params_equal_to > good_params_hash_map, const boost::unordered_map< eq_x_params_t, uint32_t, rc5_eq_x_params_hash, rc5_eq_x_params_equal_to > params_hash_map)
 
void rc5_params_hash_map_print (const boost::unordered_map< eq_x_params_t, uint32_t, rc5_eq_x_params_hash, rc5_eq_x_params_equal_to > params_hash_map)
 
void rc5_pair_print_to_file (FILE *fp, pair_t cp_pair, bool b_good)
 
void rc5_compute_structures (std::vector< std::pair< WORD_T, WORD_T >> *P, const uint32_t word_size, const WORD_T k, const WORD_T lsb_start_idx)
 
void rc5_filtered_pairs_read_from_file (const char *filename, uint32_t k[16], WORD_T *rand_L, WORD_T *rand_R, std::vector< pair_t > *pair_vec, std::vector< bool > *b_pair_is_good_vec)
 
void rc5_log_file_read ()
 
void rc5_filtered_pairs_sort_by_ciphertext_diff_hw (std::vector< pair_t > *pair_vec)
 
bool rc5_pairs_compare_by_ciphertext_diff_hw (const pair_t pair_one, const pair_t pair_two)
 

Variables

uint32_t g_nvariants
 
char g_filename [RC5_FILENAME_LEN]
 
char g_rc5_filtered_pairs_filename [RC5_FILENAME_LEN]
 

Detailed Description

Header file for rc5-dc.cc: Differential Cryptanalysis of block cipher RC5 . .

Author
V.Velichkov, vesse.nosp@m.lin..nosp@m.velic.nosp@m.hkov.nosp@m.@uni..nosp@m.lu
Date
2012-2014

Macro Definition Documentation

#define RC5_BIN_READ_INPUT_ARGS_FROM_STDIN   1

Next flag makes the binary ./bin/rc5-tests to accept arguments from standard input. The arguments are:

./bin/rc5-tests arg1 arg2 arg3 arg4

arg1 = the name of the file in which the filtered pairs from the 1st pass will be stored (i.e. e.g. rc5-filtered-pairs.txt). It will be copied into the g_filename global variable. arg2 = 16 Bytes of the secret key k[16] arg3 = 1 WORD_T of left random value arg4 = 1 WORD_T ofright random value

#define RC5_COMPILE_WITH_CODING_TOOL_LIB   0

The Coding Tool library by Tomislav Nad is used for finding of differentials for RC5 using low Hamming weight codeword search. To compile this part of the code set the next flag to 1 and also set the corresponding flag in the YAARX Makefile to TRUE.

#define RC5_DEBUG_HAVE_MEMORY   1

Set this flag to 0 to improve the memory efficiency

#define RC5_FEISTEL_LEFT   0

left Feistel branch.

#define RC5_FEISTEL_RIGHT   1

Right Fesitel branch.

#define RC5_FILTER_BLIND_ORACLE_ROT_4   0

Ensure that top 4 rot const are equal (RC5_FILTER_BLIND_ORACLE must be 1)

#define RC5_FILTER_BLIND_ORACLE_ROT_5   0

Ensure that top 5 rot const are equal (RC5_FILTER_BLIND_ORACLE must be 1)

#define RC5_FILTER_CIPHERTEXT_HW_LIMIT   1

Blind oracle adition: first shift out (to the right) the backward bits and then add remaning values modulo the word size.Filter the ciphertexts by Hamming weight, before passing them to the GoUP filter

#define RC5_FILTER_GOUP_DEBUG   0

For debugging the goUP filter.

#define RC5_FILTER_LEARNING_ORACLE   0

From one or several good pairs – try to learn more

#define RC5_FILTERED_PAIRS_FILE   "/tmp/rc5-filtered-pairs.txt"

prefix to file that stores filtered piars

#define RC5_FILTERED_PAIRS_FILENAME_FROM_STDIN   1

get name from stdin and copy it to the global var g_filename

#define RC5_FLEX_FIB   0

Flexible Fibonacci coeffeicients adjusted depending on probabilities (not used!)

#define RC5_FLEX_FIB_NROUNDS   6

How many rounds does the FLEX_FIB filter cover. Note: should be <= NROUNDS and >= (RC5_GOUP_LEVEL / 2)

#define RC5_GOOD_PAIRS_GOUP_FILTER_DEBUG_READ_FROM_FILE   1

see test_rc5_good_pairs_goup_filter_debug

#define RC5_KEY_READ_FROM_FILE   0

Read a key pre-stored in a file.

#define RC5_LOG_FILE   "/tmp/rc5-log.txt"

READ file that contains list of filtered pairs

#define RC5_LOG_FILE_CONTAINS_RAND_LR   1

This flag RC5_LOG_FILE_CONTAINS_RAND_LR indicates if the file stroing the filtered pairs (from the 1st pass) contains also the random constants (rand_L, rand_R) with which structures were generated (using the corresponding pait)

In other words the flag indicates if the format of the RC5_LOG_FILE is (flag = 0):

5F 8C 3B F1 CA 2E 21 90 99 65 67 F0 19 91 72 50 D15B8BE9 FF9A4949 D1598BE9 FF984949 727B467D B0BC7AF8 7475527D B13FF4F8 0 8F9231E9 A153F349 9F9231E9 B153F349 42B305DE B4165EB0 2ED345DE A5245ED0 0 ...

or the format of the RC5_LOG_FILE is (flag = 1):

B7 3B 68 83 46 8 78 77 2B EC 46 89 C0 42 B1 96 55561A08 67E7BE29 55563A08 67E79E29 6D62201D CEDD9460 7062181D C26D5060 0 02920028 3023a409 8691D4E8 B42070C9 8791D4E8 B52070C9 A08B28C2 63B3F356 808BA742 E7B5F557 0 02920028 3023a409 ...

where the last two 32-bit words are resp. rand_L and rand_R.

#define RC5_LOG_TO_FILE   1

generate data for file RC5_FILTERED_PAIRS_FILE. Note: !RC5_FILTER_SECOND_PASS

#define RC5_MAX_NROUNDS   12

Max number of full rounds: 12 for RC5-32; 16 for RC5-64

#define RC5_WEAKEN_KEYS   0

Weaken keys e.g. by setting 5 LSB to 0 .

Function Documentation

void rc5_compute_structures ( std::vector< std::pair< WORD_T, WORD_T >> *  P,
const uint32_t  word_size,
const WORD_T  k,
const WORD_T  lsb_start_idx 
)

Compute structures of plaintexts

Parameters
Parray of pairs of plaintexts. Each pair satisfies one of k 1-bit differences
knumber of linearly indepedent 1 bit differences delta_i (see [Biryukov, Kushilevitz])
lsb_start_idxfirst LSB bit index from which the constrcution of the delta-s begins
void rc5_filtered_pairs_read_from_file ( const char *  filename,
uint32_t  k[16],
WORD_T *  rand_L,
WORD_T *  rand_R,
std::vector< pair_t > *  pair_vec,
std::vector< bool > *  b_pair_is_good_vec 
)
void rc5_filtered_pairs_sort_by_ciphertext_diff_hw ( std::vector< pair_t > *  pair_vec)

Sort the list of pairs by the (sum of) Hamming weights of the difference of the ciphertexts.

uint32_t rc5_key_set_update ( const WORD_T  new_key_value,
std::set< rc5_key_t, rc5_compare_key_by_value > *  key_set 
)

If the key is new - add it to the set, otherwise update its counter.

void rc5_key_vec_print ( const std::vector< rc5_key_t key_vec,
const WORD_T  key_correct,
const uint32_t  ntop 
)

Prinst the top ntop key candidates

void rc5_log_file_read ( )