1 /* serpent-sboxes-bitslice.c */
3 This file is part of the AVR-Crypto-Lib.
4 Copyright (C) 2006-2015 Daniel Otte (bg@nerilex.org)
6 This program is free software: you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation, either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 * a bitsliced implementation of the serpent sboxes
22 * email: bg@nerilex.org
28 #include <avr/pgmspace.h>
29 #include "serpent-sboxes.h"
34 /* S0: 3 8 15 1 10 6 5 11 14 13 4 2 7 0 9 12 */
36 /* depth = 5,7,4,2, Total gates=18 */
38 void sb0(uint8_t *out, const uint8_t *in){
40 uint8_t t01, t02, t03, t05, t06, t07, t08, t09, t11, t12, t13, t14, t15, t17;
41 t01 = in[4*1] ^ in[4*2];
42 t02 = in[4*0] | in[4*3];
43 t03 = in[4*0] ^ in[4*1];
45 t05 = in[4*2] | out[4*3];
46 t06 = in[4*0] ^ in[4*3];
47 t07 = in[4*1] | in[4*2];
52 t12 = in[4*2] ^ in[4*3];
61 /* InvS0: 13 3 11 0 10 6 5 12 1 14 4 7 15 9 8 2 */
63 /* depth = 8,4,3,6, Total gates=19 */
65 void sb0_inv(uint8_t *out, const uint8_t *in){
66 uint8_t t02, t03, t04, t05, t06, t08, t09, t10, t12, t13, t14, t15, t17, t18, t01;
67 t01 = in[4*2] ^ in[4*3];
68 t02 = in[4*0] | in[4*1];
69 t03 = in[4*1] | in[4*2];
74 t08 = in[4*1] ^ in[4*3];
76 t10 = in[4*3] | out[4*2];
81 t15 = in[4*0] ^ in[4*2];
88 /* S1: 15 12 2 7 9 0 5 10 1 11 14 8 6 13 3 4 */
90 /* depth = 10,7,3,5, Total gates=18 */
92 void sb1(uint8_t *out, const uint8_t *in){
93 uint8_t t02, t03, t04, t05, t06, t07, t08, t10, t11, t12, t13, t16, t17, t01;
94 t01 = in[4*0] | in[4*3];
95 t02 = in[4*2] ^ in[4*3];
97 t04 = in[4*0] ^ in[4*2];
102 out[4*2] = t02 ^ t05;
105 t12 = out[4*2] ^ t11;
106 t13 = in[4*1] & in[4*3];
108 out[4*1] = t13 ^ t12;
109 t16 = t10 | out[4*1];
111 out[4*0] = in[4*2] ^ t17;
114 /* InvS1: 5 8 2 14 15 6 12 3 11 4 7 9 1 13 10 0 */
116 /* depth = 7,4,5,3, Total gates=18 */
117 static void sb1_inv(uint8_t *out, const uint8_t *in){
118 uint8_t t02, t03, t04, t05, t06, t07, t08, t09, t10, t11, t14, t15, t17, t01;
119 t01 = in[4*0] ^ in[4*1];
120 t02 = in[4*1] | in[4*3];
121 t03 = in[4*0] & in[4*2];
131 out[4*1] = t10 ^ t11;
132 t14 = in[4*0] | out[4*2];
133 t15 = t06 ^ out[4*1];
134 out[4*3] = t01 ^ t04;
136 out[4*0] = t14 ^ t17;
139 /* S2: 8 6 7 9 3 12 10 15 13 1 14 4 0 11 5 2 */
141 /* depth = 3,8,11,7, Total gates=16 */
142 static void sb2(uint8_t *out, const uint8_t *in){
143 uint8_t t02, t03, t05, t06, t07, t08, t09, t10, t12, t13, t14, t01;
144 t01 = in[4*0] | in[4*2];
145 t02 = in[4*0] ^ in[4*1];
147 out[4*0] = t02 ^ t03;
148 t05 = in[4*2] ^ out[4*0];
154 out[4*1] = t10 ^ t08;
155 t12 = in[4*0] | in[4*3];
156 t13 = t09 ^ out[4*1];
159 out[4*2] = t12 ^ t14;
162 /* InvS2: 12 9 15 4 11 14 1 2 0 3 6 13 5 8 10 7 */
164 /* depth = 3,6,8,3, Total gates=18 */
165 static void sb2_inv(uint8_t *out, const uint8_t *in){
166 uint8_t t02, t03, t04, t06, t07, t08, t09, t10, t11, t12, t15, t16, t17, t01;
167 t01 = in[4*0] ^ in[4*3];
168 t02 = in[4*2] ^ in[4*3];
169 t03 = in[4*0] & in[4*2];
171 out[4*0] = t01 ^ t04;
172 t06 = in[4*0] | in[4*2];
173 t07 = in[4*3] | out[4*0];
179 out[4*3] = t09 ^ t10;
180 out[4*1] = t12 ^ t11;
181 t15 = in[4*2] & out[4*3];
182 t16 = out[4*0] ^ out[4*1];
184 out[4*2] = t16 ^ t17;
187 /* S3: 0 15 11 8 12 9 6 3 13 1 2 4 10 7 5 14 */
189 /* depth = 8,3,5,5, Total gates=18 */
190 static void sb3(uint8_t *out, const uint8_t *in){
191 uint8_t t02, t03, t04, t05, t06, t07, t08, t09, t10, t11, t13, t14, t15, t01;
192 t01 = in[4*0] ^ in[4*2];
193 t02 = in[4*0] | in[4*3];
194 t03 = in[4*0] & in[4*3];
197 t06 = in[4*0] & in[4*1];
203 out[4*3] = t08 ^ t09;
204 t13 = in[4*3] | out[4*3];
207 out[4*2] = t08 ^ t11;
208 out[4*0] = t14 ^ t15;
209 out[4*1] = t05 ^ t04;
212 /* InvS3: 0 9 10 7 11 14 6 13 3 5 12 2 4 8 15 1 */
214 /* depth = 3,6,4,4, Total gates=17 */
215 static void sb3_inv(uint8_t *out, const uint8_t *in){
216 uint8_t t02, t03, t04, t05, t06, t07, t09, t11, t12, t13, t14, t16, t01;
217 t01 = in[4*2] | in[4*3];
218 t02 = in[4*0] | in[4*3];
221 t05 = in[4*0] ^ in[4*3];
224 out[4*2] = t05 ^ t06;
226 out[4*0] = t07 ^ t03;
227 t11 = out[4*0] | t05;
229 t13 = in[4*0] & out[4*2];
231 out[4*1] = in[4*1] ^ t12;
233 out[4*3] = t14 ^ t16;
236 /* S4: 1 15 8 3 12 0 11 6 2 5 4 10 9 14 7 13 */
238 /* depth = 6,7,5,3, Total gates=19 */
239 static void sb4(uint8_t *out, const uint8_t *in){
240 uint8_t t02, t03, t04, t05, t06, t08, t09, t10, t11, t12, t13, t14, t15, t16, t01;
241 t01 = in[4*0] | in[4*1];
242 t02 = in[4*1] | in[4*2];
244 t04 = in[4*1] ^ in[4*3];
247 out[4*3] = t03 ^ t06;
248 t08 = out[4*3] & t04;
251 t11 = in[4*1] & in[4*2];
257 out[4*2] = t13 ^ t08;
258 out[4*1] = t15 ^ t16;
262 /* InvS4: 5 0 8 3 10 9 7 14 2 12 11 6 4 15 13 1 */
264 /* depth = 6,4,7,3, Total gates=17 */
265 static void sb4_inv(uint8_t *out, const uint8_t *in){
266 uint8_t t02, t03, t04, t05, t06, t07, t09, t10, t11, t12, t13, t15, t01;
267 t01 = in[4*1] | in[4*3];
268 t02 = in[4*2] | in[4*3];
271 t05 = in[4*2] ^ in[4*3];
274 out[4*1] = t05 ^ t07;
275 t09 = out[4*1] | t06;
280 out[4*3] = t03 ^ t12;
282 out[4*2] = t11 ^ t13;
283 out[4*0] = t15 ^ t09;
286 /* S5: 15 5 2 11 4 10 9 12 0 3 14 8 13 6 7 1 */
288 /* depth = 4,6,8,6, Total gates=17 */
289 static void sb5(uint8_t *out, const uint8_t *in){
290 uint8_t t02, t03, t04, t05, t07, t08, t09, t10, t11, t12, t13, t14, t01;
291 t01 = in[4*1] ^ in[4*3];
292 t02 = in[4*1] | in[4*3];
298 t08 = in[4*3] | out[4*0];
302 t12 = t03 | out[4*0];
305 out[4*2] = t09 ^ t13;
306 out[4*1] = t07 ^ t08;
307 out[4*3] = t12 ^ t14;
310 /* InvS5: 8 15 2 9 4 1 13 14 11 6 5 3 7 12 10 0 */
312 /* depth = 4,6,9,7, Total gates=17 */
313 static void sb5_inv(uint8_t *out, const uint8_t *in){
314 uint8_t t02, t03, t04, t05, t07, t08, t09, t10, t12, t13, t15, t16, t01;
315 t01 = in[4*0] & in[4*3];
317 t03 = in[4*0] ^ in[4*3];
319 t05 = in[4*0] & in[4*2];
320 out[4*0] = t03 ^ t04;
321 t07 = in[4*0] & out[4*0];
322 t08 = t01 ^ out[4*0];
325 out[4*1] = t08 ^ t09;
327 t13 = out[4*0] | out[4*1];
328 out[4*3] = t02 ^ t12;
330 t16 = in[4*1] ^ in[4*3];
331 out[4*2] = t16 ^ t15;
334 /* S6: 7 2 12 5 8 4 6 11 14 9 1 15 13 3 10 0 */
336 /* depth = 8,3,6,3, Total gates=19 */
337 static void sb6(uint8_t *out, const uint8_t *in){
338 uint8_t t02, t03, t04, t05, t07, t08, t09, t10, t11, t12, t13, t15, t17, t18, t01;
339 t01 = in[4*0] & in[4*3];
340 t02 = in[4*1] ^ in[4*2];
341 t03 = in[4*0] ^ in[4*3];
343 t05 = in[4*1] | in[4*2];
346 t08 = in[4*1] & out[4*1];
347 t09 = in[4*0] | in[4*2];
349 t11 = in[4*1] | in[4*3];
353 t15 = out[4*1] & t03;
354 out[4*3] = t12 ^ t07;
355 t17 = in[4*0] ^ in[4*1];
356 t18 = out[4*2] ^ t15;
357 out[4*0] = t17 ^ t18;
360 /* InvS6: 15 10 1 13 5 3 6 0 4 9 14 7 2 12 8 11 */
362 /* depth = 5,3,8,6, Total gates=19 */
363 static void sb6_inv(uint8_t *out, const uint8_t *in){
364 uint8_t t02, t03, t04, t05, t06, t07, t08, t09, t12, t13, t14, t15, t16, t17, t01;
365 t01 = in[4*0] ^ in[4*2];
370 t06 = in[4*1] ^ in[4*3];
374 out[4*1] = t06 ^ t08;
376 t12 = in[4*1] & out[4*0];
381 t17 = in[4*0] ^ out[4*1];
382 out[4*3] = t17 ^ t15;
383 out[4*2] = t16 ^ t14;
386 /* S7: 1 13 15 0 14 8 2 11 7 4 12 10 9 3 5 6 */
388 /* depth = 10,7,10,4, Total gates=19 */
389 static void sb7(uint8_t *out, const uint8_t *in){
390 uint8_t t02, t03, t04, t05, t06, t08, t09, t10, t11, t13, t14, t15, t16, t17, t01;
391 t01 = in[4*0] & in[4*2];
395 t05 = in[4*0] & in[4*1];
397 out[4*3] = t03 ^ t06;
398 t08 = in[4*2] | out[4*3];
401 t11 = t04 & out[4*3];
402 out[4*1] = t09 ^ t10;
403 t13 = in[4*1] ^ out[4*1];
404 t14 = t01 ^ out[4*1];
408 out[4*0] = t15 ^ t17;
409 out[4*2] = in[4*0] ^ t16;
412 /* InvS7: 3 0 6 13 9 14 15 8 5 12 11 7 10 1 4 2 */
414 /* depth = 9,7,3,3, Total gates=18 */
415 static void sb7_inv(uint8_t *out, const uint8_t *in){
416 uint8_t t02, t03, t04, t06, t07, t08, t09, t10, t11, t13, t14, t15, t16, t01;
417 t01 = in[4*0] & in[4*1];
418 t02 = in[4*0] | in[4*1];
421 out[4*3] = t03 ^ t04;
423 t07 = in[4*3] ^ out[4*3];
426 t10 = in[4*1] ^ in[4*3];
427 t11 = in[4*0] | in[4*3];
428 out[4*1] = in[4*0] ^ t09;
431 t15 = in[4*3] | out[4*1];
433 out[4*0] = t13 ^ t15;
434 out[4*2] = t14 ^ t16;
437 typedef void(*sb_fpt)(uint8_t*, const uint8_t*);
439 sb_fpt sf_tab[] PROGMEM = {
444 sb_fpt sinvf_tab[] PROGMEM = {
445 sb0_inv, sb1_inv, sb2_inv, sb3_inv,
446 sb4_inv, sb5_inv, sb6_inv, sb7_inv
449 void sbox128(void * w, uint8_t box){
450 uint8_t i, buffer[16];
454 fp = (sb_fpt)pgm_read_word(&(sf_tab[box]));
456 fp(buffer+i, (uint8_t*)w+i);
458 memcpy(w, buffer, 16);
461 void inv_sbox128(void * w, uint8_t box){
462 uint8_t i, buffer[16];
466 fp = (sb_fpt)pgm_read_word(&(sinvf_tab[box]));
468 fp(buffer+i, (uint8_t*)w+i);
470 memcpy(w, buffer, 16);
projects / avr-crypto-lib.git / blob