YAARX: Yet Another ARX Toolkit  0.1
 All Data Structures Files Functions Variables Macros Pages
simon-xor-threshold-search.hh
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2012-2013 Luxembourg University,
3  * Laboratory of Algorithmics, Cryptology and Security (LACS).
4  *
5  * This file is part of the YAARX toolkit. YAARX stands for
6  * Yet Another ARX toolkit for analysis of ARX cryptographic algorithms.
7  *
8  * YAARX is free software: you can redistribute it and/or modify
9  * it under the terms of the GNU General Public License as published by
10  * the Free Software Foundation, either version 3 of the License, or
11  * (at your option) any later version.
12  *
13  * YAARX is distributed in the hope that it will be useful,
14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16  * GNU General Public License for more details.
17  *
18  * You should have received a copy of the GNU General Public License
19  * along with YAARX. If not, see <http://www.gnu.org/licenses/>.
20  */
27 #ifndef SIMON_XOR_THRESHOLD_SEARCH_H
28 #define SIMON_XOR_THRESHOLD_SEARCH_H
29 
30 // http://www.boost.org/doc/libs/1_47_0/doc/html/unordered/hash_equality.html
31 
32 // Best found bounds and trails for Simon64
33 #if(WORD_SIZE == 16)
34 #define SIMON_TRAIL_LEN 15
35 #elif(WORD_SIZE == 24)
36 #define SIMON_TRAIL_LEN 15
37 #elif(WORD_SIZE == 32)
38 #define SIMON_TRAIL_LEN 21
39 #endif
40 
41 #define SIMON32_TRAIL_LEN 15
42 #define SIMON48_TRAIL_LEN 20
43 #define SIMON64_TRAIL_LEN 21
44 
45 #if(WORD_SIZE == 16)
46 extern double g_B[SIMON_TRAIL_LEN];
47 extern differential_t g_trail[SIMON32_TRAIL_LEN];
48 #elif(WORD_SIZE == 24)
49 extern double g_B[SIMON_TRAIL_LEN];
50 extern differential_t g_trail[SIMON_TRAIL_LEN];
51 #elif(WORD_SIZE == 32)
52 extern double g_B[SIMON_TRAIL_LEN];
53 extern differential_t g_trail[SIMON64_TRAIL_LEN];
54 #endif
55 
56 struct simon_diff_equal_to
57  : std::binary_function<std::array<differential_t, SIMON_NDIFFS>, std::array<differential_t, SIMON_NDIFFS>, bool>
58 {
59  bool operator()(std::array<differential_t, SIMON_NDIFFS> const& a,
60  std::array<differential_t, SIMON_NDIFFS> const& b) const
61  {
62  assert(a.size() == SIMON_NDIFFS);
63  assert(b.size() == SIMON_NDIFFS);
64 
65  bool b_equal = true;
66  uint32_t i = 0;
67  if(a.size() == b.size()) {
68  while((i != a.size()) && (i != b.size()) && (b_equal == true)) {
69  b_equal = ((a[i].dx == b[i].dx) && (a[i].dy == b[i].dy));
70  i++;
71  }
72  } else {
73  b_equal = false;
74  }
75 #if 1 // DEBUG
76  if(b_equal) {
77  assert(i == a.size());
78  assert(i == b.size());
79  };
80 #endif
81  // return boost::algorithm::iequals(x, y, std::locale());
82  return b_equal;
83  }
84 };
85 
86 struct simon_diff_hash
87  : std::unary_function<std::array<differential_t, SIMON_NDIFFS>, std::size_t>
88 {
89  std::size_t operator()(std::array<differential_t, SIMON_NDIFFS> const& a) const
90  {
91  assert(a.size() == SIMON_NDIFFS);
92  std::size_t seed = 0;
93 
94  for(uint32_t i = 0; i < a.size(); i++) {
95  boost::hash_combine(seed, a[i].dx);
96  boost::hash_combine(seed, a[i].dy);
97  }
98  return seed;
99  }
100 };
101 
102 struct simon_trail_equal_to
103  : std::binary_function<std::array<differential_t, NROUNDS>, std::array<differential_t, NROUNDS>, bool>
104 {
105  bool operator()(std::array<differential_t, NROUNDS> const& a,
106  std::array<differential_t, NROUNDS> const& b) const
107  {
108  assert(a.size() == NROUNDS);
109  assert(b.size() == NROUNDS);
110 
111  bool b_equal = true;
112  uint32_t i = 0;
113  if(a.size() == b.size()) {
114  while((i != a.size()) && (i != b.size()) && (b_equal == true)) {
115  b_equal = ((a[i].dx == b[i].dx) && (a[i].dy == b[i].dy));
116  i++;
117  }
118  } else {
119  b_equal = false;
120  }
121 #if 1 // DEBUG
122  if(b_equal) {
123  assert(i == a.size());
124  assert(i == b.size());
125  };
126 #endif
127  // return boost::algorithm::iequals(x, y, std::locale());
128  return b_equal;
129  }
130 };
131 
132 struct simon_trail_hash
133  : std::unary_function<std::array<differential_t, NROUNDS>, std::size_t>
134 {
135  std::size_t operator()(std::array<differential_t, NROUNDS> const& a) const
136  {
137  assert(a.size() == NROUNDS);
138  std::size_t seed = 0;
139 
140  for(uint32_t i = 0; i < a.size(); i++) {
141  boost::hash_combine(seed, a[i].dx);
142  boost::hash_combine(seed, a[i].dy);
143  }
144  return seed;
145  }
146 };
147 
148 struct simon_diff_graph_node_comp
149  : std::binary_function<simon_diff_graph_node_t, simon_diff_graph_node_t, bool>
150 {
151  bool operator()(simon_diff_graph_node_t const& a,
152  simon_diff_graph_node_t const& b) const
153  {
154  bool b_less = false;
155  if(a.level != b.level) {
156  b_less = (a.level < b.level);
157  } else {
158  if(a.node[1] != b.node[1]) {
159  b_less = (a.node[1] < b.node[1]);
160  } else {
161  if(a.node[0] != b.node[0]) {
162  b_less = (a.node[0] < b.node[0]);
163  }
164  }
165  }
166 #if 0 // DEBUG
167  printf("(%d %d) (%X %X) (%X %X) | %d\n", a.level, b.level, a.node[1], b.node[1], a.node[0], b.node[0], b_less);
168 #endif
169  return b_less;
170  }
171 };
172 
173 struct simon_diff_graph_node_alloc
174  : std::unary_function<simon_diff_graph_node_t, simon_diff_graph_node_t>
175 {
176  simon_diff_graph_node_t operator()(simon_diff_graph_node_t const& a) const
177  {
178 
179  simon_diff_graph_node_t node_key = {0, {0, 0}, 0, 0, 0.0};
180 
181  node_key.level = a.level;
182  node_key.node[0] = a.node[0];
183  node_key.node[1] = a.node[1];
184 
185  return node_key;
186  }
187 };
188 
189 void simon_diff_graph_check_edge(std::vector<simon_diff_graph_edge_t>* E,
190  const simon_diff_graph_edge_t new_edge);
191 void simon_print_diff_array(std::array<differential_t, SIMON_NDIFFS> diff_array);
192 void simon_print_diff_hash_map(boost::unordered_map<std::array<differential_t, SIMON_NDIFFS>, uint32_t, simon_diff_hash, simon_diff_equal_to> diffs_hash_map);
193 void simon_print_trail_array(std::array<differential_t, NROUNDS> trail_array);
194 void simon_print_trail_hash_map(boost::unordered_map<std::array< differential_t, NROUNDS>, uint32_t, simon_trail_hash, simon_trail_equal_to> trails_hash_map);
195 uint32_t simon_xor_threshold_count_lp(differential_t trail[NROUNDS], uint32_t trail_len, double p_thres);
196 uint32_t simon_verify_xor_trail(uint32_t nrounds, uint32_t npairs,
197  uint32_t key_in[SIMON_MAX_NROUNDS],
198  differential_t trail[NROUNDS], uint32_t dy_init,
199  uint32_t lrot_const_s, uint32_t lrot_const_t, uint32_t lrot_const_u);
200 double simon_verify_differential(const uint32_t key_in[SIMON_MAX_NROUNDS],
201  const differential_t input_diff,
202  const differential_t output_diff,
203  const uint32_t nrounds,
204  const uint64_t npairs,
205  std::vector<simon_diff_graph_edge_t>* E);
206 double simon_verify_differential_approx(const uint32_t key_in[SIMON_MAX_NROUNDS],
207  const differential_t input_diff,
208  const differential_t output_diff,
209  const uint32_t nrounds,
210  const uint64_t npairs,
211  std::vector<simon_diff_graph_edge_t>* E);
212 void simon_graphviz_write_file(char* datfile, char* datfile_con,
213  std::vector< simon_diff_graph_edge_t> E);
214 void simon_trail_to_round_diffs(differential_t trail_in[NROUNDS], differential_t round_diffs[NROUNDS + 1],
215  uint32_t nrounds, uint32_t lrot_const_s, uint32_t lrot_const_t, uint32_t lrot_const_u);
216 uint32_t simon_verify_xor_differential(uint32_t nrounds, uint32_t npairs,
217  uint32_t key_in[SIMON_MAX_NROUNDS],
218  differential_t trail_in[NROUNDS], uint32_t dy_init,
219  uint32_t lrot_const_s, uint32_t lrot_const_t, uint32_t lrot_const_u);
220 void simon_encrypt_pairs(uint32_t key[SIMON_MAX_NROUNDS], uint32_t nrounds,
221  uint32_t* x_in, uint32_t* y_in,
222  uint32_t* xx_in, uint32_t* yy_in);
223 void simon_xor_threshold_search(const int n, const int nrounds,
224  double B[NROUNDS], double* Bn,
225  const differential_t diff_in[NROUNDS], differential_t trail[NROUNDS],
226  const uint32_t dyy_init,
227  uint32_t lrot_const_s, uint32_t lrot_const_t, uint32_t lrot_const_u,
228  std::multiset<differential_t, struct_comp_diff_p>* diff_mset_p, // initial highways
229  // std::multiset<differential_t, struct_comp_diff_hw>* diff_mset_hw, // initial highways
230  std::set<differential_t, struct_comp_diff_dx_dy>* diff_set_dx_dy,
231  std::multiset<differential_t, struct_comp_diff_p>* hways_diff_mset_p, // all highways
232  std::set<differential_t, struct_comp_diff_dx_dy>* hways_diff_set_dx_dy,
233  std::multiset<differential_t, struct_comp_diff_p>* croads_diff_mset_p, // country roads
234  std::set<differential_t, struct_comp_diff_dx_dy>* croads_diff_set_dx_dy,
235  boost::unordered_map<std::array<differential_t, SIMON_NDIFFS>, uint32_t, simon_diff_hash, simon_diff_equal_to>* diffs_hash_map,
236  boost::unordered_map<std::array<differential_t, NROUNDS>, uint32_t, simon_trail_hash, simon_trail_equal_to>* trails_hash_map,
237  differential_t** diff_max,
238  bool b_hash_map,
239  double p_eps,
240  double p_thres);
241 void simon_print_round_diffs_latex(FILE* fp, uint32_t nrounds, uint32_t keys[4], differential_t trail[NROUNDS + 1]);
242 uint32_t simon_xor_trail_search(uint32_t key[SIMON_MAX_NROUNDS], double B[NROUNDS],
243  differential_t best_trail[NROUNDS], uint32_t* best_trail_len);
244 std::string trail_to_string(differential_t* trail, uint32_t trail_len);
245 std::string differential_to_string(const differential_t diff);
246 uint32_t differential_to_num(const differential_t diff);
247 void simon_xor_cluster_trails(const int n, const int nrounds,
248  const double B[NROUNDS],
249  const differential_t diff_in[NROUNDS], const differential_t best_trail[NROUNDS],
250  std::unordered_map<std::string, differential_t**>* trails_hash_map,
251  // const uint32_t dyy_init,
252  const differential_t input_diff, const differential_t output_diff,
253  uint32_t lrot_const_s, uint32_t lrot_const_t, uint32_t lrot_const_u,
254  std::multiset<differential_t, struct_comp_diff_p>* diff_mset_p, // highways
255  std::set<differential_t, struct_comp_diff_dx_dy>* diff_set_dx_dy,
256  std::multiset<differential_t, struct_comp_diff_p>* croads_diff_mset_p, // country roads
257  std::set<differential_t, struct_comp_diff_dx_dy>* croads_diff_set_dx_dy,
258  double eps);
259 void simon_trail_cluster_search(std::unordered_map<std::string, differential_t**>* trails_hash_map,
260  double B[NROUNDS], const differential_t trail_in[NROUNDS], uint32_t trail_len, uint32_t* dyy_init);
261 void simon_trail_cluster_search_boost(boost::unordered_map<std::array<differential_t, NROUNDS>, uint32_t, simon_trail_hash, simon_trail_equal_to>* trails_hash_map,
262  double B[NROUNDS], const differential_t trail_in[NROUNDS], uint32_t trail_len, uint32_t* dyy_init);
263 void simon_print_hash_table(std::unordered_map<std::string, differential_t**> trails_hash_map, uint32_t trail_len);
264 void simon_boost_print_hash_table(boost::unordered_map<std::array<differential_t, NROUNDS>, uint32_t, simon_trail_hash, simon_trail_equal_to> trails_hash_map, uint32_t trail_len);
265 void simon_cluster_trails_datfile_read(std::vector<simon_diff_graph_edge_t>* E);
266 void simon_diff_graph_extract_nodes(std::vector<simon_diff_graph_edge_t> E,
267  std::map<simon_diff_graph_node_t, // key
268  simon_diff_graph_node_t, // value
269  simon_diff_graph_node_comp>* V); // comparison function
270 void simon_diff_graph_print_nodes(std::map<simon_diff_graph_node_t, simon_diff_graph_node_t, simon_diff_graph_node_comp> V);
271 bool simon_diff_vec_comp(std::pair<simon_diff_graph_node_t, simon_diff_graph_node_t> a,
272  std::pair<simon_diff_graph_node_t, simon_diff_graph_node_t> b);
273 #endif // #ifndef SIMON_XOR_THRESHOLD_SEARCH_H
simon_diff_graph_node_t
Definition: simon.hh:66
NROUNDS
#define NROUNDS
Definition: common.hh:122
simon_xor_threshold_search
void simon_xor_threshold_search(const int n, const int nrounds, double B[NROUNDS], double *Bn, const differential_t diff_in[NROUNDS], differential_t trail[NROUNDS], const uint32_t dyy_init, uint32_t lrot_const_s, uint32_t lrot_const_t, uint32_t lrot_const_u, std::multiset< differential_t, struct_comp_diff_p > *diff_mset_p, std::set< differential_t, struct_comp_diff_dx_dy > *diff_set_dx_dy, std::multiset< differential_t, struct_comp_diff_p > *hways_diff_mset_p, std::set< differential_t, struct_comp_diff_dx_dy > *hways_diff_set_dx_dy, std::multiset< differential_t, struct_comp_diff_p > *croads_diff_mset_p, std::set< differential_t, struct_comp_diff_dx_dy > *croads_diff_set_dx_dy, boost::unordered_map< std::array< differential_t, SIMON_NDIFFS >, uint32_t, simon_diff_hash, simon_diff_equal_to > *diffs_hash_map, boost::unordered_map< std::array< differential_t, NROUNDS >, uint32_t, simon_trail_hash, simon_trail_equal_to > *trails_hash_map, differential_t **diff_max, bool b_hash_map, double p_eps, double p_thres)
Definition: simon-xor-threshold-search.cc:1890
simon_diff_graph_node_alloc
Definition: simon-xor-threshold-search.hh:173
differential_t
Definition: common.hh:272
simon_trail_to_round_diffs
void simon_trail_to_round_diffs(differential_t trail_in[NROUNDS], differential_t round_diffs[NROUNDS+1], uint32_t nrounds, uint32_t lrot_const_s, uint32_t lrot_const_t, uint32_t lrot_const_u)
Definition: simon-xor-threshold-search.cc:526
simon_diff_hash
Definition: simon-xor-threshold-search.hh:86
simon_diff_equal_to
Definition: simon-xor-threshold-search.hh:56
simon_xor_trail_search
uint32_t simon_xor_trail_search(uint32_t key[SIMON_MAX_NROUNDS], double B[NROUNDS], differential_t best_trail[NROUNDS], uint32_t *best_trail_len)
Definition: simon-xor-threshold-search.cc:2304
simon_verify_xor_differential
uint32_t simon_verify_xor_differential(uint32_t nrounds, uint32_t npairs, uint32_t key_in[SIMON_MAX_NROUNDS], differential_t trail_in[NROUNDS], uint32_t dy_init, uint32_t lrot_const_s, uint32_t lrot_const_t, uint32_t lrot_const_u)
Definition: simon-xor-threshold-search.cc:571
E
uint32_t E[SALSA_STATE+SALSA_STATE][5]
Definition: salsa.cc:50
simon_diff_graph_edge_t
Definition: simon.hh:58
simon_trail_cluster_search
void simon_trail_cluster_search(std::unordered_map< std::string, differential_t ** > *trails_hash_map, double B[NROUNDS], const differential_t trail_in[NROUNDS], uint32_t trail_len, uint32_t *dyy_init)
Definition: simon-xor-threshold-search.cc:2961
simon_verify_xor_trail
uint32_t simon_verify_xor_trail(uint32_t nrounds, uint32_t npairs, uint32_t key_in[SIMON_MAX_NROUNDS], differential_t trail[NROUNDS], uint32_t dy_init, uint32_t lrot_const_s, uint32_t lrot_const_t, uint32_t lrot_const_u)
Definition: simon-xor-threshold-search.cc:447
simon_trail_equal_to
Definition: simon-xor-threshold-search.hh:102
simon_trail_hash
Definition: simon-xor-threshold-search.hh:132
simon_xor_threshold_count_lp
uint32_t simon_xor_threshold_count_lp(differential_t trail[NROUNDS], uint32_t trail_len, double p_thres)
Definition: simon-xor-threshold-search.cc:427
simon_xor_cluster_trails
void simon_xor_cluster_trails(const int n, const int nrounds, const double B[NROUNDS], const differential_t diff_in[NROUNDS], const differential_t best_trail[NROUNDS], std::unordered_map< std::string, differential_t ** > *trails_hash_map, const differential_t input_diff, const differential_t output_diff, uint32_t lrot_const_s, uint32_t lrot_const_t, uint32_t lrot_const_u, std::multiset< differential_t, struct_comp_diff_p > *diff_mset_p, std::set< differential_t, struct_comp_diff_dx_dy > *diff_set_dx_dy, std::multiset< differential_t, struct_comp_diff_p > *croads_diff_mset_p, std::set< differential_t, struct_comp_diff_dx_dy > *croads_diff_set_dx_dy, double eps)
Definition: simon-xor-threshold-search.cc:2733
simon_diff_graph_node_comp
Definition: simon-xor-threshold-search.hh:148