2 * a non-bitsliced implementation of the serpent sboxes
4 * email: daniel.otte@rub.de
10 #include <avr/pgmspace.h>
11 #include "serpent-sboxes.h"
16 /* S0: 3 8 15 1 10 6 5 11 14 13 4 2 7 0 9 12 */
18 /* depth = 5,7,4,2, Total gates=18 */
20 void sb0(uint8_t* out, const uint8_t* in, uint8_t i){
22 uint8_t t01, t02, t03, t05, t06, t07, t08, t09, t11, t12, t13, t14, t15, t17;
23 t01 = in[4*1+i] ^ in[4*2+i];
24 t02 = in[4*0+i] | in[4*3+i];
25 t03 = in[4*0+i] ^ in[4*1+i];
26 out[4*3+i] = t02 ^ t01;
27 t05 = in[4*2+i] | out[4*3+i];
28 t06 = in[4*0+i] ^ in[4*3+i];
29 t07 = in[4*1+i] | in[4*2+i];
30 t08 = in[4*3+i] & t05;
32 out[4*2+i] = t09 ^ t08;
33 t11 = t09 & out[4*2+i];
34 t12 = in[4*2+i] ^ in[4*3+i];
36 t14 = in[4*1+i] & t06;
39 t17 = out[4*0+i] ^ t14;
40 out[4*1+i] = t12 ^ t17;
43 /* InvS0: 13 3 11 0 10 6 5 12 1 14 4 7 15 9 8 2 */
45 /* depth = 8,4,3,6, Total gates=19 */
47 void sb0_inv(uint8_t* out, const uint8_t* in, uint8_t i){
48 uint8_t t02, t03, t04, t05, t06, t08, t09, t10, t12, t13, t14, t15, t17, t18, t01;
49 t01 = in[4*2+i] ^ in[4*3+i];
50 t02 = in[4*0+i] | in[4*1+i];
51 t03 = in[4*1+i] | in[4*2+i];
52 t04 = in[4*2+i] & t01;
54 t06 = in[4*0+i] | t04;
56 t08 = in[4*1+i] ^ in[4*3+i];
58 t10 = in[4*3+i] | out[4*2+i];
59 out[4*1+i] = t09 ^ t06;
60 t12 = in[4*0+i] | t05;
61 t13 = out[4*1+i] ^ t12;
63 t15 = in[4*0+i] ^ in[4*2+i];
64 out[4*3+i] = t14 ^ t13;
67 out[4*0+i] = t15 ^ t18;
70 /* S1: 15 12 2 7 9 0 5 10 1 11 14 8 6 13 3 4 */
72 /* depth = 10,7,3,5, Total gates=18 */
74 void sb1(uint8_t* out, const uint8_t* in, uint8_t i){
75 uint8_t t02, t03, t04, t05, t06, t07, t08, t10, t11, t12, t13, t16, t17, t01;
76 t01 = in[4*0+i] | in[4*3+i];
77 t02 = in[4*2+i] ^ in[4*3+i];
79 t04 = in[4*0+i] ^ in[4*2+i];
80 t05 = in[4*0+i] | t03;
81 t06 = in[4*3+i] & t04;
83 t08 = in[4*1+i] | t06;
84 out[4*2+i] = t02 ^ t05;
87 t12 = out[4*2+i] ^ t11;
88 t13 = in[4*1+i] & in[4*3+i];
90 out[4*1+i] = t13 ^ t12;
91 t16 = t10 | out[4*1+i];
93 out[4*0+i] = in[4*2+i] ^ t17;
96 /* InvS1: 5 8 2 14 15 6 12 3 11 4 7 9 1 13 10 0 */
98 /* depth = 7,4,5,3, Total gates=18 */
99 static void sb1_inv(uint8_t* out, const uint8_t* in, uint8_t i){
100 uint8_t t02, t03, t04, t05, t06, t07, t08, t09, t10, t11, t14, t15, t17, t01;
101 t01 = in[4*0+i] ^ in[4*1+i];
102 t02 = in[4*1+i] | in[4*3+i];
103 t03 = in[4*0+i] & in[4*2+i];
104 t04 = in[4*2+i] ^ t02;
105 t05 = in[4*0+i] | t04;
107 t07 = in[4*3+i] | t03;
108 t08 = in[4*1+i] ^ t06;
111 t11 = in[4*3+i] & t08;
113 out[4*1+i] = t10 ^ t11;
114 t14 = in[4*0+i] | out[4*2+i];
115 t15 = t06 ^ out[4*1+i];
116 out[4*3+i] = t01 ^ t04;
117 t17 = in[4*2+i] ^ t15;
118 out[4*0+i] = t14 ^ t17;
121 /* S2: 8 6 7 9 3 12 10 15 13 1 14 4 0 11 5 2 */
123 /* depth = 3,8,11,7, Total gates=16 */
124 static void sb2(uint8_t* out, const uint8_t* in, uint8_t i){
125 uint8_t t02, t03, t05, t06, t07, t08, t09, t10, t12, t13, t14, t01;
126 t01 = in[4*0+i] | in[4*2+i];
127 t02 = in[4*0+i] ^ in[4*1+i];
128 t03 = in[4*3+i] ^ t01;
129 out[4*0+i] = t02 ^ t03;
130 t05 = in[4*2+i] ^ out[4*0+i];
131 t06 = in[4*1+i] ^ t05;
132 t07 = in[4*1+i] | t05;
136 out[4*1+i] = t10 ^ t08;
137 t12 = in[4*0+i] | in[4*3+i];
138 t13 = t09 ^ out[4*1+i];
139 t14 = in[4*1+i] ^ t13;
141 out[4*2+i] = t12 ^ t14;
144 /* InvS2: 12 9 15 4 11 14 1 2 0 3 6 13 5 8 10 7 */
146 /* depth = 3,6,8,3, Total gates=18 */
147 static void sb2_inv(uint8_t* out, const uint8_t* in, uint8_t i){
148 uint8_t t02, t03, t04, t06, t07, t08, t09, t10, t11, t12, t15, t16, t17, t01;
149 t01 = in[4*0+i] ^ in[4*3+i];
150 t02 = in[4*2+i] ^ in[4*3+i];
151 t03 = in[4*0+i] & in[4*2+i];
152 t04 = in[4*1+i] | t02;
153 out[4*0+i] = t01 ^ t04;
154 t06 = in[4*0+i] | in[4*2+i];
155 t07 = in[4*3+i] | out[4*0+i];
157 t09 = in[4*1+i] & t06;
159 t11 = in[4*1+i] & t07;
161 out[4*3+i] = t09 ^ t10;
162 out[4*1+i] = t12 ^ t11;
163 t15 = in[4*2+i] & out[4*3+i];
164 t16 = out[4*0+i] ^ out[4*1+i];
166 out[4*2+i] = t16 ^ t17;
169 /* S3: 0 15 11 8 12 9 6 3 13 1 2 4 10 7 5 14 */
171 /* depth = 8,3,5,5, Total gates=18 */
172 static void sb3(uint8_t* out, const uint8_t* in, uint8_t i){
173 uint8_t t02, t03, t04, t05, t06, t07, t08, t09, t10, t11, t13, t14, t15, t01;
174 t01 = in[4*0+i] ^ in[4*2+i];
175 t02 = in[4*0+i] | in[4*3+i];
176 t03 = in[4*0+i] & in[4*3+i];
178 t05 = in[4*1+i] | t03;
179 t06 = in[4*0+i] & in[4*1+i];
180 t07 = in[4*3+i] ^ t04;
181 t08 = in[4*2+i] | t06;
182 t09 = in[4*1+i] ^ t07;
183 t10 = in[4*3+i] & t05;
185 out[4*3+i] = t08 ^ t09;
186 t13 = in[4*3+i] | out[4*3+i];
187 t14 = in[4*0+i] | t07;
188 t15 = in[4*1+i] & t13;
189 out[4*2+i] = t08 ^ t11;
190 out[4*0+i] = t14 ^ t15;
191 out[4*1+i] = t05 ^ t04;
194 /* InvS3: 0 9 10 7 11 14 6 13 3 5 12 2 4 8 15 1 */
196 /* depth = 3,6,4,4, Total gates=17 */
197 static void sb3_inv(uint8_t* out, const uint8_t* in, uint8_t i){
198 uint8_t t02, t03, t04, t05, t06, t07, t09, t11, t12, t13, t14, t16, t01;
199 t01 = in[4*2+i] | in[4*3+i];
200 t02 = in[4*0+i] | in[4*3+i];
201 t03 = in[4*2+i] ^ t02;
202 t04 = in[4*1+i] ^ t02;
203 t05 = in[4*0+i] ^ in[4*3+i];
205 t07 = in[4*1+i] & t01;
206 out[4*2+i] = t05 ^ t06;
207 t09 = in[4*0+i] ^ t03;
208 out[4*0+i] = t07 ^ t03;
209 t11 = out[4*0+i] | t05;
211 t13 = in[4*0+i] & out[4*2+i];
213 out[4*1+i] = in[4*1+i] ^ t12;
214 t16 = in[4*1+i] | t13;
215 out[4*3+i] = t14 ^ t16;
218 /* S4: 1 15 8 3 12 0 11 6 2 5 4 10 9 14 7 13 */
220 /* depth = 6,7,5,3, Total gates=19 */
221 static void sb4(uint8_t* out, const uint8_t* in, uint8_t i){
222 uint8_t t02, t03, t04, t05, t06, t08, t09, t10, t11, t12, t13, t14, t15, t16, t01;
223 t01 = in[4*0+i] | in[4*1+i];
224 t02 = in[4*1+i] | in[4*2+i];
225 t03 = in[4*0+i] ^ t02;
226 t04 = in[4*1+i] ^ in[4*3+i];
227 t05 = in[4*3+i] | t03;
228 t06 = in[4*3+i] & t01;
229 out[4*3+i] = t03 ^ t06;
230 t08 = out[4*3+i] & t04;
232 t10 = in[4*2+i] ^ t06;
233 t11 = in[4*1+i] & in[4*2+i];
237 t15 = in[4*0+i] & t05;
239 out[4*2+i] = t13 ^ t08;
240 out[4*1+i] = t15 ^ t16;
244 /* InvS4: 5 0 8 3 10 9 7 14 2 12 11 6 4 15 13 1 */
246 /* depth = 6,4,7,3, Total gates=17 */
247 static void sb4_inv(uint8_t* out, const uint8_t* in, uint8_t i){
248 uint8_t t02, t03, t04, t05, t06, t07, t09, t10, t11, t12, t13, t15, t01;
249 t01 = in[4*1+i] | in[4*3+i];
250 t02 = in[4*2+i] | in[4*3+i];
251 t03 = in[4*0+i] & t01;
252 t04 = in[4*1+i] ^ t02;
253 t05 = in[4*2+i] ^ in[4*3+i];
255 t07 = in[4*0+i] & t04;
256 out[4*1+i] = t05 ^ t07;
257 t09 = out[4*1+i] | t06;
258 t10 = in[4*0+i] ^ t07;
260 t12 = in[4*3+i] ^ t04;
261 t13 = in[4*2+i] | t10;
262 out[4*3+i] = t03 ^ t12;
263 t15 = in[4*0+i] ^ t04;
264 out[4*2+i] = t11 ^ t13;
265 out[4*0+i] = t15 ^ t09;
268 /* S5: 15 5 2 11 4 10 9 12 0 3 14 8 13 6 7 1 */
270 /* depth = 4,6,8,6, Total gates=17 */
271 static void sb5(uint8_t* out, const uint8_t* in, uint8_t i){
272 uint8_t t02, t03, t04, t05, t07, t08, t09, t10, t11, t12, t13, t14, t01;
273 t01 = in[4*1+i] ^ in[4*3+i];
274 t02 = in[4*1+i] | in[4*3+i];
275 t03 = in[4*0+i] & t01;
276 t04 = in[4*2+i] ^ t02;
279 t07 = in[4*0+i] ^ t01;
280 t08 = in[4*3+i] | out[4*0+i];
281 t09 = in[4*1+i] | t05;
282 t10 = in[4*3+i] ^ t08;
283 t11 = in[4*1+i] | t07;
284 t12 = t03 | out[4*0+i];
287 out[4*2+i] = t09 ^ t13;
288 out[4*1+i] = t07 ^ t08;
289 out[4*3+i] = t12 ^ t14;
292 /* InvS5: 8 15 2 9 4 1 13 14 11 6 5 3 7 12 10 0 */
294 /* depth = 4,6,9,7, Total gates=17 */
295 static void sb5_inv(uint8_t* out, const uint8_t* in, uint8_t i){
296 uint8_t t02, t03, t04, t05, t07, t08, t09, t10, t12, t13, t15, t16, t01;
297 t01 = in[4*0+i] & in[4*3+i];
298 t02 = in[4*2+i] ^ t01;
299 t03 = in[4*0+i] ^ in[4*3+i];
300 t04 = in[4*1+i] & t02;
301 t05 = in[4*0+i] & in[4*2+i];
302 out[4*0+i] = t03 ^ t04;
303 t07 = in[4*0+i] & out[4*0+i];
304 t08 = t01 ^ out[4*0+i];
305 t09 = in[4*1+i] | t05;
307 out[4*1+i] = t08 ^ t09;
309 t13 = out[4*0+i] | out[4*1+i];
310 out[4*3+i] = t02 ^ t12;
312 t16 = in[4*1+i] ^ in[4*3+i];
313 out[4*2+i] = t16 ^ t15;
316 /* S6: 7 2 12 5 8 4 6 11 14 9 1 15 13 3 10 0 */
318 /* depth = 8,3,6,3, Total gates=19 */
319 static void sb6(uint8_t* out, const uint8_t* in, uint8_t i){
320 uint8_t t02, t03, t04, t05, t07, t08, t09, t10, t11, t12, t13, t15, t17, t18, t01;
321 t01 = in[4*0+i] & in[4*3+i];
322 t02 = in[4*1+i] ^ in[4*2+i];
323 t03 = in[4*0+i] ^ in[4*3+i];
325 t05 = in[4*1+i] | in[4*2+i];
328 t08 = in[4*1+i] & out[4*1+i];
329 t09 = in[4*0+i] | in[4*2+i];
331 t11 = in[4*1+i] | in[4*3+i];
332 t12 = in[4*2+i] ^ t11;
335 t15 = out[4*1+i] & t03;
336 out[4*3+i] = t12 ^ t07;
337 t17 = in[4*0+i] ^ in[4*1+i];
338 t18 = out[4*2+i] ^ t15;
339 out[4*0+i] = t17 ^ t18;
342 /* InvS6: 15 10 1 13 5 3 6 0 4 9 14 7 2 12 8 11 */
344 /* depth = 5,3,8,6, Total gates=19 */
345 static void sb6_inv(uint8_t* out, const uint8_t* in, uint8_t i){
346 uint8_t t02, t03, t04, t05, t06, t07, t08, t09, t12, t13, t14, t15, t16, t17, t01;
347 t01 = in[4*0+i] ^ in[4*2+i];
349 t03 = in[4*1+i] & t01;
350 t04 = in[4*1+i] | t02;
351 t05 = in[4*3+i] | t03;
352 t06 = in[4*1+i] ^ in[4*3+i];
353 t07 = in[4*0+i] & t04;
354 t08 = in[4*0+i] | t02;
356 out[4*1+i] = t06 ^ t08;
358 t12 = in[4*1+i] & out[4*0+i];
362 t16 = in[4*3+i] | t02;
363 t17 = in[4*0+i] ^ out[4*1+i];
364 out[4*3+i] = t17 ^ t15;
365 out[4*2+i] = t16 ^ t14;
368 /* S7: 1 13 15 0 14 8 2 11 7 4 12 10 9 3 5 6 */
370 /* depth = 10,7,10,4, Total gates=19 */
371 static void sb7(uint8_t* out, const uint8_t* in, uint8_t i){
372 uint8_t t02, t03, t04, t05, t06, t08, t09, t10, t11, t13, t14, t15, t16, t17, t01;
373 t01 = in[4*0+i] & in[4*2+i];
375 t03 = in[4*0+i] & t02;
376 t04 = in[4*1+i] | t01;
377 t05 = in[4*0+i] & in[4*1+i];
378 t06 = in[4*2+i] ^ t04;
379 out[4*3+i] = t03 ^ t06;
380 t08 = in[4*2+i] | out[4*3+i];
381 t09 = in[4*3+i] | t05;
382 t10 = in[4*0+i] ^ t08;
383 t11 = t04 & out[4*3+i];
384 out[4*1+i] = t09 ^ t10;
385 t13 = in[4*1+i] ^ out[4*1+i];
386 t14 = t01 ^ out[4*1+i];
387 t15 = in[4*2+i] ^ t05;
390 out[4*0+i] = t15 ^ t17;
391 out[4*2+i] = in[4*0+i] ^ t16;
394 /* InvS7: 3 0 6 13 9 14 15 8 5 12 11 7 10 1 4 2 */
396 /* depth = 9,7,3,3, Total gates=18 */
397 static void sb7_inv(uint8_t* out, const uint8_t* in, uint8_t i){
398 uint8_t t02, t03, t04, t06, t07, t08, t09, t10, t11, t13, t14, t15, t16, t01;
399 t01 = in[4*0+i] & in[4*1+i];
400 t02 = in[4*0+i] | in[4*1+i];
401 t03 = in[4*2+i] | t01;
402 t04 = in[4*3+i] & t02;
403 out[4*3+i] = t03 ^ t04;
404 t06 = in[4*1+i] ^ t04;
405 t07 = in[4*3+i] ^ out[4*3+i];
408 t10 = in[4*1+i] ^ in[4*3+i];
409 t11 = in[4*0+i] | in[4*3+i];
410 out[4*1+i] = in[4*0+i] ^ t09;
411 t13 = in[4*2+i] ^ t06;
412 t14 = in[4*2+i] & t11;
413 t15 = in[4*3+i] | out[4*1+i];
415 out[4*0+i] = t13 ^ t15;
416 out[4*2+i] = t14 ^ t16;
419 typedef void(*sb_fpt)(uint8_t*, const uint8_t*, uint8_t i);
421 sb_fpt sf_tab[] PROGMEM = {
426 sb_fpt sinvf_tab[] PROGMEM = {
427 sb0_inv, sb1_inv, sb2_inv, sb3_inv,
428 sb4_inv, sb5_inv, sb6_inv, sb7_inv
431 void sbox128(void * w, uint8_t box){
432 uint8_t i, buffer[16];
436 fp = (sb_fpt)pgm_read_word(&(sf_tab[box]));
438 fp(buffer, (uint8_t*)w, i);
440 memcpy(w, buffer, 16);
443 void inv_sbox128(void * w, uint8_t box){
444 uint8_t i, buffer[16];
448 fp = (sb_fpt)pgm_read_word(&(sinvf_tab[box]));
450 fp(buffer, (uint8_t*)w, i);
452 memcpy(w, buffer, 16);
projects / avr-crypto-lib.git / blob