YAARX: Yet Another ARX Toolkit  0.1
 All Data Structures Files Functions Variables Macros Pages
simon-xor-best-trails.hh
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2012-2013 Luxembourg University,
3  * Laboratory of Algorithmics, Cryptology and Security (LACS).
4  *
5  * This file is part of the YAARX toolkit. YAARX stands for
6  * Yet Another ARX toolkit for analysis of ARX cryptographic algorithms.
7  *
8  * YAARX is free software: you can redistribute it and/or modify
9  * it under the terms of the GNU General Public License as published by
10  * the Free Software Foundation, either version 3 of the License, or
11  * (at your option) any later version.
12  *
13  * YAARX is distributed in the hope that it will be useful,
14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16  * GNU General Public License for more details.
17  *
18  * You should have received a copy of the GNU General Public License
19  * along with YAARX. If not, see <http://www.gnu.org/licenses/>.
20  */
27 #ifndef SIMON_XOR_BEST_TRAILS_H
28 #define SIMON_XOR_BEST_TRAILS_H
29 
30 // Simon32, 12R, -34
31 differential_t g_simon32_trail_12r[SIMON_TRAIL_LEN_MAX] = {
32 { 0x400, 0x1800, 0, 0.250000}, //1: (2^-2.000000)
33 { 0x100, 0x0, 0, 0.250000}, //2: (2^-2.000000)
34 { 0x0, 0x100, 0, 1.000000}, //3: (2^0.000000)
35 { 0x100, 0x400, 0, 0.250000}, //4: (2^-2.000000)
36 { 0x400, 0x1100, 0, 0.250000}, //5: (2^-2.000000)
37 {0x1100, 0x4200, 0, 0.062500}, //6: (2^-4.000000)
38 {0x4200, 0x1D01, 0, 0.062500}, //7: (2^-4.000000)
39 {0x1D01, 0x500, 0, 0.003906}, //8: (2^-8.000000)
40 { 0x500, 0x100, 0, 0.125000}, //9: (2^-3.000000)
41 { 0x100, 0x100, 0, 0.250000}, //10: (2^-2.000000)
42 { 0x100, 0x500, 0, 0.250000}, //11: (2^-2.000000)
43 { 0x500, 0x1500, 0, 0.125000}, //12: (2^-3.000000)
44 {0, 0, 0, 0.0}, // dummy
45 {0, 0, 0, 0.0}, // dummy
46 {0, 0, 0, 0.0}, // dummy
47 {0, 0, 0, 0.0}, // dummy
48 {0, 0, 0, 0.0}, // dummy
49 {0, 0, 0, 0.0}, // dummy
50 {0, 0, 0, 0.0}, // dummy
51 {0, 0, 0, 0.0}, // dummy
52 };
53 
54 // Simon32, 13R, -36
55 differential_t g_simon32_trail_13r[SIMON_TRAIL_LEN_MAX] = {
56  { 0x0, 0x0, 0, 1.000000}, //(2^-0.000000)
57  { 0x40, 0x100, 0, 0.250000}, //(2^-2.000000)
58  { 0x100, 0x440, 0, 0.250000}, //(2^-2.000000)
59  { 0x440, 0x1000, 0, 0.062500}, //(2^-4.000000)
60  {0x1000, 0x4440, 0, 0.250000}, //(2^-2.000000)
61  {0x4440, 0x101, 0, 0.015625}, //(2^-6.000000)
62  { 0x101, 0x4044, 0, 0.062500}, //(2^-4.000000)
63  {0x4044, 0x10, 0, 0.015625}, //(2^-6.000000)
64  { 0x10, 0x4004, 0, 0.250000}, //(2^-2.000000)
65  {0x4004, 0x1, 0, 0.062500}, //(2^-4.000000)
66  { 0x1, 0x4000, 0, 0.250000}, //(2^-2.000000)
67  {0x4000, 0x0, 0, 0.250000}, //(2^-2.000000)
68  { 0x0, 0x4000, 0, 1.000000}, //(2^-0.000000)
69  {0, 0, 0, 0.0}, // dummy
70  {0, 0, 0, 0.0}, // dummy
71  {0, 0, 0, 0.0}, // dummy
72  {0, 0, 0, 0.0}, // dummy
73  {0, 0, 0, 0.0}, // dummy
74  {0, 0, 0, 0.0}, // dummy
75  {0, 0, 0, 0.0}, // dummy
76  {0, 0, 0, 0.0} // dummy
77 };
78 
79 // Simon48, 15R, -48
80 differential_t g_simon48_trail_15r[SIMON_TRAIL_LEN_MAX] = {
81  {0x200020, 0x800080, 0, 0.062500}, //(2^-4.000000)
82  {0x880008, 0x2, 0, 0.015625}, //(2^-6.000000)
83  { 0x2, 0x880000, 0, 0.250000}, //(2^-2.000000)
84  {0x880000, 0x200000, 0, 0.062500}, //(2^-4.000000)
85  {0x200000, 0x80000, 0, 0.250000}, //(2^-2.000000)
86  { 0x80000, 0x0, 0, 0.250000}, //(2^-2.000000)
87  { 0x0, 0x80000, 0, 1.000000}, //(2^0.000000)
88  { 0x80000, 0x200000, 0, 0.250000}, //(2^-2.000000)
89  {0x200000, 0x880000, 0, 0.250000}, //(2^-2.000000)
90  {0x880000, 0x2, 0, 0.062500}, //(2^-4.000000)
91  { 0x2, 0x880008, 0, 0.250000}, //(2^-2.000000)
92  {0x880008, 0x200020, 0, 0.015625}, //(2^-6.000000)
93  {0x200020, 0x80088, 0, 0.062500}, //(2^-4.000000)
94  { 0x80088, 0x200, 0, 0.015625}, //(2^-6.000000)
95  { 0x200, 0x80888, 0, 0.250000}, //(2^-2.000000)
96  {0, 0, 0, 0.0}, // dummy
97  {0, 0, 0, 0.0}, // dummy
98  {0, 0, 0, 0.0}, // dummy
99  {0, 0, 0, 0.0}, // dummy
100  {0, 0, 0, 0.0}, // dummy
101  {0, 0, 0, 0.0} // dummy
102 };
103 
104 // Simon64, 21R, -72
105 differential_t g_simon64_trail_21r[SIMON_TRAIL_LEN_MAX] = {
106  { 0x4000000, 0x10000000, 0, 0.250000}, //(2^-2.000000)
107  { 0x1000000, 0x0, 0, 0.250000}, //(2^-2.000000)
108  { 0x0, 0x1000000, 0, 1.000000}, //(2^0.000000)
109  { 0x1000000, 0x4000000, 0, 0.250000}, //(2^-2.000000)
110  { 0x4000000, 0x11000000, 0, 0.250000}, //(2^-2.000000)
111  {0x11000000, 0x60000000, 0, 0.062500}, //(2^-4.000000)
112  {0x60000000, 0x51000001, 0, 0.062500}, //(2^-4.000000)
113  {0x51000001, 0x4000004, 0, 0.003906}, //(2^-8.000000)
114  { 0x4000004, 0x41000011, 0, 0.062500}, //(2^-4.000000)
115  {0x41000011, 0x0, 0, 0.003906}, //(2^-8.000000)
116  { 0x0, 0x41000011, 0, 1.000000}, //(2^0.000000)
117  {0x41000011, 0x4000004, 0, 0.003906}, //(2^-8.000000)
118  { 0x4000004, 0x51000001, 0, 0.062500}, //(2^-4.000000)
119  {0x51000001, 0x60000000, 0, 0.003906}, //(2^-8.000000)
120  {0x60000000, 0x11000000, 0, 0.062500}, //(2^-4.000000)
121  {0x11000000, 0x4000000, 0, 0.062500}, //(2^-4.000000)
122  { 0x4000000, 0x1000000, 0, 0.250000}, //(2^-2.000000)
123  { 0x1000000, 0x0, 0, 0.250000}, //(2^-2.000000)
124  { 0x0, 0x1000000, 0, 1.000000}, //(2^0.000000)
125  { 0x1000000, 0x4000000, 0, 0.250000}, //(2^-2.000000)
126  { 0x4000000, 0x11000000, 0, 0.250000} //(2^-2.000000) <--- ! artificially added
127 };
128 
129 #endif // #ifndef SIMON_XOR_BEST_TRAILS_H
differential_t
Definition: common.hh:272