YAARX: Yet Another ARX Toolkit  0.1
 All Data Structures Files Functions Variables Macros Pages
Functions
xdp-rot-and.cc File Reference

The XOR differential probability of the sequence of ROT and AND: $b = f(a) = (a~\mathrm{rot}~s) \wedge (a~\mathrm{rot}~t)$: $\mathrm{xdp}^{\mathrm{rot}\wedge}(da \rightarrow db)$. More...

#include "common.hh"
#include "xdp-and.hh"
#include "xdp-rot-and.hh"

Functions

double xdp_rot_and_exper (uint32_t da, uint32_t dc, uint32_t rot_const_1, uint32_t rot_const_2)
 
void xdp_rot_and_alloc_matrices (gsl_matrix *A[WORD_SIZE])
 
void xdp_rot_and_free_matrices (gsl_matrix *A[WORD_SIZE])
 
void xdp_rot_and_print_graph (gsl_matrix *A[WORD_SIZE])
 
void xdp_rot_and_print_matrix (gsl_matrix *A)
 
void xdp_rot_and_print_vector (gsl_vector *R)
 
void xdp_rot_and_compute_subgraph (gsl_matrix *A, uint32_t da_in, uint32_t db_in, uint32_t dc_in, uint32_t da_out, uint32_t db_out, uint32_t dc_out)
 
uint32_t xdp_rot_compute_indices (uint32_t s, uint32_t t, bool b_is_marked[WORD_SIZE], uint32_t i_start, uint32_t start_idx, uint32_t da_idx[WORD_SIZE], uint32_t db_idx[WORD_SIZE])
 
void xdp_rot_and_compute_graph (gsl_matrix *A[WORD_SIZE], uint32_t i_start, uint32_t cycle_len, uint32_t da_idx[WORD_SIZE], uint32_t db_idx[WORD_SIZE], const uint32_t da, const uint32_t db, const uint32_t dc)
 
double xdp_rot_and_one_cycle (gsl_matrix *A[WORD_SIZE], uint32_t i_start, uint32_t cycle_len)
 
double xdp_rot_and (const uint32_t delta, const uint32_t dc, const uint32_t s, const uint32_t t)
 
void xdp_rot_and_index_debug (uint32_t s, uint32_t t)
 
void xdp_rot_and_xcond_init (uint32_t XCOND[2][2][2][2])
 
void xdp_and_arrey_to_matrix_gf2 (uint32_t A[WORD_SIZE][WORD_SIZE+1], uint32_t **M, uint32_t M_rows, uint32_t M_cols)
 
void xdp_and_print_equations (uint32_t E[WORD_SIZE][WORD_SIZE+1])
 
uint32_t xdp_and_add_equation (uint32_t i, uint32_t E[WORD_SIZE][WORD_SIZE+1], uint32_t da_i, uint32_t db_i, uint32_t dc_i, uint32_t x_i, uint32_t y_i)
 
double xdp_rot_and_constraints (const uint32_t delta, const uint32_t dc, const uint32_t s_in, const uint32_t t_in)
 
void xdp_rot_and_compute_graph_i (gsl_matrix *A[WORD_SIZE], uint32_t i_start, uint32_t cycle_len, uint32_t da_idx[WORD_SIZE], uint32_t db_idx[WORD_SIZE], const uint32_t da, const uint32_t db, const uint32_t dc)
 
void xdp_rot_and_normalize_matrix (gsl_matrix *A, double f)
 
void max_xdp_rot_and_bounds_0 (uint32_t k, const uint32_t k_start, const uint32_t n, double *p, uint32_t *dc, gsl_matrix *A, gsl_vector *B[XDP_ROT_AND_NISTATES][WORD_SIZE], gsl_vector *C[2], uint32_t da_idx[WORD_SIZE], uint32_t db_idx[WORD_SIZE], const uint32_t da, const uint32_t db, uint32_t *dc_max, double *p_max)
 
void max_xdp_rot_and_bounds_i (uint32_t k, const uint32_t k_start, const uint32_t n, double *p, uint32_t *dc, gsl_matrix *A, gsl_vector *B[WORD_SIZE], gsl_vector *C, uint32_t da_idx[WORD_SIZE], uint32_t db_idx[WORD_SIZE], const uint32_t da, const uint32_t db, uint32_t *dc_max, double *p_max)
 
void max_xdp_rot_and_bounds (gsl_vector *B[XDP_ROT_AND_NISTATES][WORD_SIZE], uint32_t i_start, uint32_t cycle_len, uint32_t da_idx[WORD_SIZE], uint32_t db_idx[WORD_SIZE], const uint32_t da, const uint32_t db, uint32_t *dc_max)
 
void max_xdp_rot_and_print_bounds (gsl_vector *B[XDP_ROT_AND_NISTATES][WORD_SIZE])
 
double max_xdp_rot_and_exper (uint32_t da, uint32_t *dc_max, uint32_t s, uint32_t t)
 
double max_xdp_rot_and (const uint32_t delta, uint32_t *dc, const uint32_t s, const uint32_t t)
 
bool xdp_rot_and_is_dx_in_set_dx_dy (uint32_t dy, uint32_t dx, uint32_t dx_prev, uint32_t lrot_const_u, std::set< differential_t, struct_comp_diff_dx_dy > diff_set_dx_dy)
 
void xdp_rot_and_pddt_i (uint32_t k, uint32_t n, uint32_t s, uint32_t t, const uint32_t delta_in, const uint32_t dc_in, std::set< differential_t, struct_comp_diff_dx_dy > *hways_diff_set_dx_dy, std::multiset< differential_t, struct_comp_diff_p > *hways_diff_mset_p, uint64_t *cnt_diff, uint64_t max_cnt, double p_thres)
 
uint64_t xdp_rot_and_pddt (std::set< differential_t, struct_comp_diff_dx_dy > *hways_diff_set_dx_dy, std::multiset< differential_t, struct_comp_diff_p > *hways_diff_mset_p, const uint32_t s, const uint32_t t, const uint64_t max_cnt, const double p_thres)
 
void xdp_rot_and_ddt (std::set< differential_t, struct_comp_diff_dx_dy > *hways_diff_set_dx_dy, std::multiset< differential_t, struct_comp_diff_p > *hways_diff_mset_p, const uint32_t s, const uint32_t t, const double p_thres)
 
void xdp_rot_and_dx_pddt_i (uint32_t k, uint32_t n, uint32_t s, uint32_t t, uint32_t u, const uint32_t delta, const uint32_t delta_prev, const uint32_t dc_in, std::set< differential_t, struct_comp_diff_dx_dy > *diff_set_dx_dy, std::multiset< differential_t, struct_comp_diff_p > *diff_mset_p, std::set< differential_t, struct_comp_diff_dx_dy > *hways_diff_set_dx_dy, std::multiset< differential_t, struct_comp_diff_p > *hways_diff_mset_p, std::set< differential_t, struct_comp_diff_dx_dy > *croads_diff_set_dx_dy, std::multiset< differential_t, struct_comp_diff_p > *croads_diff_mset_p, uint64_t *cnt_diff, uint64_t max_cnt, double p_thres, bool b_backto_hway)
 
uint64_t xdp_rot_and_dx_pddt (const uint32_t delta, const uint32_t delta_prev, std::set< differential_t, struct_comp_diff_dx_dy > *diff_set_dx_dy, std::multiset< differential_t, struct_comp_diff_p > *diff_mset_p, std::set< differential_t, struct_comp_diff_dx_dy > *hways_diff_set_dx_dy, std::multiset< differential_t, struct_comp_diff_p > *hways_diff_mset_p, std::set< differential_t, struct_comp_diff_dx_dy > *croads_diff_set_dx_dy, std::multiset< differential_t, struct_comp_diff_p > *croads_diff_mset_p, const uint32_t s, const uint32_t t, const uint32_t u, const uint64_t max_cnt, const double p_thres, bool b_backto_hway)
 
void xdp_rot_and_print_mset_hw (std::multiset< differential_t, struct_comp_diff_hw > hways_diff_mset_hw)
 
void xdp_rot_and_print_mset_p (std::multiset< differential_t, struct_comp_diff_p > hways_diff_mset_p)
 
void xdp_rot_and_print_set_dx_dy (std::set< differential_t, struct_comp_diff_dx_dy > hways_diff_set_dx_dy)
 

Detailed Description

The XOR differential probability of the sequence of ROT and AND: $b = f(a) = (a~\mathrm{rot}~s) \wedge (a~\mathrm{rot}~t)$: $\mathrm{xdp}^{\mathrm{rot}\wedge}(da \rightarrow db)$.

Author
A.Roy, V.Velichkov, {arnab.roy,vesselin.velichkov}.lu
Date
2012-2013

Function Documentation

void max_xdp_rot_and_bounds_i ( uint32_t  k,
const uint32_t  k_start,
const uint32_t  n,
double *  p,
uint32_t *  dc,
gsl_matrix *  A,
gsl_vector *  B[WORD_SIZE],
gsl_vector *  C,
uint32_t  da_idx[WORD_SIZE],
uint32_t  db_idx[WORD_SIZE],
const uint32_t  da,
const uint32_t  db,
uint32_t *  dc_max,
double *  p_max 
)

Compute bounds.

uint64_t xdp_rot_and_dx_pddt ( const uint32_t  delta,
const uint32_t  delta_prev,
std::set< differential_t, struct_comp_diff_dx_dy > *  diff_set_dx_dy,
std::multiset< differential_t, struct_comp_diff_p > *  diff_mset_p,
std::set< differential_t, struct_comp_diff_dx_dy > *  hways_diff_set_dx_dy,
std::multiset< differential_t, struct_comp_diff_p > *  hways_diff_mset_p,
std::set< differential_t, struct_comp_diff_dx_dy > *  croads_diff_set_dx_dy,
std::multiset< differential_t, struct_comp_diff_p > *  croads_diff_mset_p,
const uint32_t  s,
const uint32_t  t,
const uint32_t  u,
const uint64_t  max_cnt,
const double  p_thres,
bool  b_backto_hway 
)

Wrapper for xdp_rot_and_dx_pddt_i

void xdp_rot_and_dx_pddt_i ( uint32_t  k,
uint32_t  n,
uint32_t  s,
uint32_t  t,
uint32_t  u,
const uint32_t  delta,
const uint32_t  delta_prev,
const uint32_t  dc_in,
std::set< differential_t, struct_comp_diff_dx_dy > *  diff_set_dx_dy,
std::multiset< differential_t, struct_comp_diff_p > *  diff_mset_p,
std::set< differential_t, struct_comp_diff_dx_dy > *  hways_diff_set_dx_dy,
std::multiset< differential_t, struct_comp_diff_p > *  hways_diff_mset_p,
std::set< differential_t, struct_comp_diff_dx_dy > *  croads_diff_set_dx_dy,
std::multiset< differential_t, struct_comp_diff_p > *  croads_diff_mset_p,
uint64_t *  cnt_diff,
uint64_t  max_cnt,
double  p_thres,
bool  b_backto_hway 
)

For a fixed input difference $\alpha_r$ to round $r$ compute a list of output differences $\beta_r$ that satisfy the following conditions:

  1. The probability of the differential $(\alpha_r \rightarrow \beta_r)$ is bigger than a pre-defined threshold p_thres .
  2. The input difference $\alpha_{r+1} = \alpha_{r-1} + \beta_{r}$ to the next round has a matching entry in the pre-computed pDDT hways_diff_set_dx_dy.
See Also
tea_f_da_db_dc_add_pddt_i
bool xdp_rot_and_is_dx_in_set_dx_dy ( uint32_t  dy,
uint32_t  dx,
uint32_t  dx_prev,
uint32_t  lrot_const_u,
std::set< differential_t, struct_comp_diff_dx_dy diff_set_dx_dy 
)

For a given output difference dy, check if in the list of differentials set_dx_dy exists an entry (dx -> dy)

uint64_t xdp_rot_and_pddt ( std::set< differential_t, struct_comp_diff_dx_dy > *  hways_diff_set_dx_dy,
std::multiset< differential_t, struct_comp_diff_p > *  hways_diff_mset_p,
const uint32_t  s,
const uint32_t  t,
const uint64_t  max_cnt,
const double  p_thres 
)

Wrapper for xdp_rot_and_pddt_i

void xdp_rot_and_pddt_i ( uint32_t  k,
uint32_t  n,
uint32_t  s,
uint32_t  t,
const uint32_t  delta_in,
const uint32_t  dc_in,
std::set< differential_t, struct_comp_diff_dx_dy > *  hways_diff_set_dx_dy,
std::multiset< differential_t, struct_comp_diff_p > *  hways_diff_mset_p,
uint64_t *  cnt_diff,
uint64_t  max_cnt,
double  p_thres 
)

if(b_low_hw) {