Let us walk on the 3-isogeny graph
Loading...
Searching...
No Matches
keccakf1600.c
Go to the documentation of this file.
1
/* Based on the public domain implementation in
2
* crypto_hash/keccakc512/simple/ from http://bench.cr.yp.to/supercop.html
3
* by Ronny Van Keer
4
* and the public domain "TweetFips202" implementation
5
* from https://twitter.com/tweetfips202
6
* by Gilles Van Assche, Daniel J. Bernstein, and Peter Schwabe */
7
8
#include <stdint.h>
9
#include <assert.h>
10
#include "
keccakf1600.h
"
11
12
#define NROUNDS 24
13
#define ROL(a, offset) ((a << offset) ^ (a >> (64-offset)))
14
15
static
const
uint64_t
KeccakF_RoundConstants[
NROUNDS
] =
16
{
17
(
uint64_t
)0x0000000000000001ULL,
18
(
uint64_t
)0x0000000000008082ULL,
19
(
uint64_t
)0x800000000000808aULL,
20
(
uint64_t
)0x8000000080008000ULL,
21
(
uint64_t
)0x000000000000808bULL,
22
(
uint64_t
)0x0000000080000001ULL,
23
(
uint64_t
)0x8000000080008081ULL,
24
(
uint64_t
)0x8000000000008009ULL,
25
(
uint64_t
)0x000000000000008aULL,
26
(
uint64_t
)0x0000000000000088ULL,
27
(
uint64_t
)0x0000000080008009ULL,
28
(
uint64_t
)0x000000008000000aULL,
29
(
uint64_t
)0x000000008000808bULL,
30
(
uint64_t
)0x800000000000008bULL,
31
(
uint64_t
)0x8000000000008089ULL,
32
(
uint64_t
)0x8000000000008003ULL,
33
(
uint64_t
)0x8000000000008002ULL,
34
(
uint64_t
)0x8000000000000080ULL,
35
(
uint64_t
)0x000000000000800aULL,
36
(
uint64_t
)0x800000008000000aULL,
37
(
uint64_t
)0x8000000080008081ULL,
38
(
uint64_t
)0x8000000000008080ULL,
39
(
uint64_t
)0x0000000080000001ULL,
40
(
uint64_t
)0x8000000080008008ULL
41
};
42
43
void
KeccakF1600_StateExtractBytes
(
uint64_t
*state,
unsigned
char
*data,
unsigned
int
offset,
unsigned
int
length)
44
{
45
unsigned
int
i
;
46
for
(
i
=0;
i
<length;
i
++)
47
{
48
data[
i
] = state[(offset +
i
) >> 3] >> (8*((offset +
i
) & 0x07));
49
}
50
}
51
52
void
KeccakF1600_StateXORBytes
(
uint64_t
*state,
const
unsigned
char
*data,
unsigned
int
offset,
unsigned
int
length)
53
{
54
unsigned
int
i
;
55
for
(
i
= 0;
i
< length;
i
++)
56
{
57
state[(offset +
i
) >> 3] ^= (
uint64_t
)data[
i
] << (8 * ((offset +
i
) & 0x07));
58
}
59
}
60
61
void
KeccakF1600_StatePermute
(
uint64_t
* state)
62
{
63
int
round
;
64
65
uint64_t
Aba
,
Abe
,
Abi
,
Abo
,
Abu
;
66
uint64_t
Aga
,
Age
,
Agi
,
Ago
,
Agu
;
67
uint64_t
Aka
,
Ake
,
Aki
,
Ako
,
Aku
;
68
uint64_t
Ama
,
Ame
,
Ami
,
Amo
,
Amu
;
69
uint64_t
Asa
,
Ase
,
Asi
,
Aso
,
Asu
;
70
uint64_t
BCa
,
BCe
,
BCi
,
BCo
,
BCu
;
71
uint64_t
Da
,
De
,
Di
,
Do
,
Du
;
72
uint64_t
Eba
,
Ebe
,
Ebi
,
Ebo
,
Ebu
;
73
uint64_t
Ega
,
Ege
,
Egi
,
Ego
,
Egu
;
74
uint64_t
Eka
,
Eke
,
Eki
,
Eko
,
Eku
;
75
uint64_t
Ema
,
Eme
,
Emi
,
Emo
,
Emu
;
76
uint64_t
Esa
,
Ese
,
Esi
,
Eso
,
Esu
;
77
78
//copyFromState(A, state)
79
Aba
= state[ 0];
80
Abe
= state[ 1];
81
Abi
= state[ 2];
82
Abo
= state[ 3];
83
Abu
= state[ 4];
84
Aga
= state[ 5];
85
Age
= state[ 6];
86
Agi
= state[ 7];
87
Ago
= state[ 8];
88
Agu
= state[ 9];
89
Aka
= state[10];
90
Ake
= state[11];
91
Aki
= state[12];
92
Ako
= state[13];
93
Aku
= state[14];
94
Ama
= state[15];
95
Ame
= state[16];
96
Ami
= state[17];
97
Amo
= state[18];
98
Amu
= state[19];
99
Asa
= state[20];
100
Ase
= state[21];
101
Asi
= state[22];
102
Aso
= state[23];
103
Asu
= state[24];
104
105
for
(
round
= 0;
round
<
NROUNDS
;
round
+= 2 )
106
{
107
// prepareTheta
108
BCa
=
Aba
^
Aga
^
Aka
^
Ama
^
Asa
;
109
BCe
=
Abe
^
Age
^
Ake
^
Ame
^
Ase
;
110
BCi
=
Abi
^
Agi
^
Aki
^
Ami
^
Asi
;
111
BCo
=
Abo
^
Ago
^
Ako
^
Amo
^
Aso
;
112
BCu
=
Abu
^
Agu
^
Aku
^
Amu
^
Asu
;
113
114
//thetaRhoPiChiIotaPrepareTheta(round , A, E)
115
Da
=
BCu
^
ROL
(
BCe
, 1);
116
De
=
BCa
^
ROL
(
BCi
, 1);
117
Di
=
BCe
^
ROL
(
BCo
, 1);
118
Do
=
BCi
^
ROL
(
BCu
, 1);
119
Du
=
BCo
^
ROL
(
BCa
, 1);
120
121
Aba
^=
Da
;
122
BCa
=
Aba
;
123
Age
^=
De
;
124
BCe
=
ROL
(
Age
, 44);
125
Aki
^=
Di
;
126
BCi
=
ROL
(
Aki
, 43);
127
Amo
^=
Do
;
128
BCo
=
ROL
(
Amo
, 21);
129
Asu
^=
Du
;
130
BCu
=
ROL
(
Asu
, 14);
131
Eba
=
BCa
^((
~BCe
)&
BCi
);
132
Eba
^= (
uint64_t
)KeccakF_RoundConstants[
round
];
133
Ebe
=
BCe
^((
~BCi
)&
BCo
);
134
Ebi
=
BCi
^((
~BCo
)&
BCu
);
135
Ebo
=
BCo
^((
~BCu
)&
BCa
);
136
Ebu
=
BCu
^((
~BCa
)&
BCe
);
137
138
Abo
^=
Do
;
139
BCa
=
ROL
(
Abo
, 28);
140
Agu
^=
Du
;
141
BCe
=
ROL
(
Agu
, 20);
142
Aka
^=
Da
;
143
BCi
=
ROL
(
Aka
, 3);
144
Ame
^=
De
;
145
BCo
=
ROL
(
Ame
, 45);
146
Asi
^=
Di
;
147
BCu
=
ROL
(
Asi
, 61);
148
Ega
=
BCa
^((
~BCe
)&
BCi
);
149
Ege
=
BCe
^((
~BCi
)&
BCo
);
150
Egi
=
BCi
^((
~BCo
)&
BCu
);
151
Ego
=
BCo
^((
~BCu
)&
BCa
);
152
Egu
=
BCu
^((
~BCa
)&
BCe
);
153
154
Abe
^=
De
;
155
BCa
=
ROL
(
Abe
, 1);
156
Agi
^=
Di
;
157
BCe
=
ROL
(
Agi
, 6);
158
Ako
^=
Do
;
159
BCi
=
ROL
(
Ako
, 25);
160
Amu
^=
Du
;
161
BCo
=
ROL
(
Amu
, 8);
162
Asa
^=
Da
;
163
BCu
=
ROL
(
Asa
, 18);
164
Eka
=
BCa
^((
~BCe
)&
BCi
);
165
Eke
=
BCe
^((
~BCi
)&
BCo
);
166
Eki
=
BCi
^((
~BCo
)&
BCu
);
167
Eko
=
BCo
^((
~BCu
)&
BCa
);
168
Eku
=
BCu
^((
~BCa
)&
BCe
);
169
170
Abu
^=
Du
;
171
BCa
=
ROL
(
Abu
, 27);
172
Aga
^=
Da
;
173
BCe
=
ROL
(
Aga
, 36);
174
Ake
^=
De
;
175
BCi
=
ROL
(
Ake
, 10);
176
Ami
^=
Di
;
177
BCo
=
ROL
(
Ami
, 15);
178
Aso
^=
Do
;
179
BCu
=
ROL
(
Aso
, 56);
180
Ema
=
BCa
^((
~BCe
)&
BCi
);
181
Eme
=
BCe
^((
~BCi
)&
BCo
);
182
Emi
=
BCi
^((
~BCo
)&
BCu
);
183
Emo
=
BCo
^((
~BCu
)&
BCa
);
184
Emu
=
BCu
^((
~BCa
)&
BCe
);
185
186
Abi
^=
Di
;
187
BCa
=
ROL
(
Abi
, 62);
188
Ago
^=
Do
;
189
BCe
=
ROL
(
Ago
, 55);
190
Aku
^=
Du
;
191
BCi
=
ROL
(
Aku
, 39);
192
Ama
^=
Da
;
193
BCo
=
ROL
(
Ama
, 41);
194
Ase
^=
De
;
195
BCu
=
ROL
(
Ase
, 2);
196
Esa
=
BCa
^((
~BCe
)&
BCi
);
197
Ese
=
BCe
^((
~BCi
)&
BCo
);
198
Esi
=
BCi
^((
~BCo
)&
BCu
);
199
Eso
=
BCo
^((
~BCu
)&
BCa
);
200
Esu
=
BCu
^((
~BCa
)&
BCe
);
201
202
// prepareTheta
203
BCa
=
Eba
^
Ega
^
Eka
^
Ema
^
Esa
;
204
BCe
=
Ebe
^
Ege
^
Eke
^
Eme
^
Ese
;
205
BCi
=
Ebi
^
Egi
^
Eki
^
Emi
^
Esi
;
206
BCo
=
Ebo
^
Ego
^
Eko
^
Emo
^
Eso
;
207
BCu
=
Ebu
^
Egu
^
Eku
^
Emu
^
Esu
;
208
209
//thetaRhoPiChiIotaPrepareTheta(round+1, E, A)
210
Da
=
BCu
^
ROL
(
BCe
, 1);
211
De
=
BCa
^
ROL
(
BCi
, 1);
212
Di
=
BCe
^
ROL
(
BCo
, 1);
213
Do
=
BCi
^
ROL
(
BCu
, 1);
214
Du
=
BCo
^
ROL
(
BCa
, 1);
215
216
Eba
^=
Da
;
217
BCa
=
Eba
;
218
Ege
^=
De
;
219
BCe
=
ROL
(
Ege
, 44);
220
Eki
^=
Di
;
221
BCi
=
ROL
(
Eki
, 43);
222
Emo
^=
Do
;
223
BCo
=
ROL
(
Emo
, 21);
224
Esu
^=
Du
;
225
BCu
=
ROL
(
Esu
, 14);
226
Aba
=
BCa
^((
~BCe
)&
BCi
);
227
Aba
^= (
uint64_t
)KeccakF_RoundConstants[
round
+1];
228
Abe
=
BCe
^((
~BCi
)&
BCo
);
229
Abi
=
BCi
^((
~BCo
)&
BCu
);
230
Abo
=
BCo
^((
~BCu
)&
BCa
);
231
Abu
=
BCu
^((
~BCa
)&
BCe
);
232
233
Ebo
^=
Do
;
234
BCa
=
ROL
(
Ebo
, 28);
235
Egu
^=
Du
;
236
BCe
=
ROL
(
Egu
, 20);
237
Eka
^=
Da
;
238
BCi
=
ROL
(
Eka
, 3);
239
Eme
^=
De
;
240
BCo
=
ROL
(
Eme
, 45);
241
Esi
^=
Di
;
242
BCu
=
ROL
(
Esi
, 61);
243
Aga
=
BCa
^((
~BCe
)&
BCi
);
244
Age
=
BCe
^((
~BCi
)&
BCo
);
245
Agi
=
BCi
^((
~BCo
)&
BCu
);
246
Ago
=
BCo
^((
~BCu
)&
BCa
);
247
Agu
=
BCu
^((
~BCa
)&
BCe
);
248
249
Ebe
^=
De
;
250
BCa
=
ROL
(
Ebe
, 1);
251
Egi
^=
Di
;
252
BCe
=
ROL
(
Egi
, 6);
253
Eko
^=
Do
;
254
BCi
=
ROL
(
Eko
, 25);
255
Emu
^=
Du
;
256
BCo
=
ROL
(
Emu
, 8);
257
Esa
^=
Da
;
258
BCu
=
ROL
(
Esa
, 18);
259
Aka
=
BCa
^((
~BCe
)&
BCi
);
260
Ake
=
BCe
^((
~BCi
)&
BCo
);
261
Aki
=
BCi
^((
~BCo
)&
BCu
);
262
Ako
=
BCo
^((
~BCu
)&
BCa
);
263
Aku
=
BCu
^((
~BCa
)&
BCe
);
264
265
Ebu
^=
Du
;
266
BCa
=
ROL
(
Ebu
, 27);
267
Ega
^=
Da
;
268
BCe
=
ROL
(
Ega
, 36);
269
Eke
^=
De
;
270
BCi
=
ROL
(
Eke
, 10);
271
Emi
^=
Di
;
272
BCo
=
ROL
(
Emi
, 15);
273
Eso
^=
Do
;
274
BCu
=
ROL
(
Eso
, 56);
275
Ama
=
BCa
^((
~BCe
)&
BCi
);
276
Ame
=
BCe
^((
~BCi
)&
BCo
);
277
Ami
=
BCi
^((
~BCo
)&
BCu
);
278
Amo
=
BCo
^((
~BCu
)&
BCa
);
279
Amu
=
BCu
^((
~BCa
)&
BCe
);
280
281
Ebi
^=
Di
;
282
BCa
=
ROL
(
Ebi
, 62);
283
Ego
^=
Do
;
284
BCe
=
ROL
(
Ego
, 55);
285
Eku
^=
Du
;
286
BCi
=
ROL
(
Eku
, 39);
287
Ema
^=
Da
;
288
BCo
=
ROL
(
Ema
, 41);
289
Ese
^=
De
;
290
BCu
=
ROL
(
Ese
, 2);
291
Asa
=
BCa
^((
~BCe
)&
BCi
);
292
Ase
=
BCe
^((
~BCi
)&
BCo
);
293
Asi
=
BCi
^((
~BCo
)&
BCu
);
294
Aso
=
BCo
^((
~BCu
)&
BCa
);
295
Asu
=
BCu
^((
~BCa
)&
BCe
);
296
}
297
298
//copyToState(state, A)
299
state[ 0] =
Aba
;
300
state[ 1] =
Abe
;
301
state[ 2] =
Abi
;
302
state[ 3] =
Abo
;
303
state[ 4] =
Abu
;
304
state[ 5] =
Aga
;
305
state[ 6] =
Age
;
306
state[ 7] =
Agi
;
307
state[ 8] =
Ago
;
308
state[ 9] =
Agu
;
309
state[10] =
Aka
;
310
state[11] =
Ake
;
311
state[12] =
Aki
;
312
state[13] =
Ako
;
313
state[14] =
Aku
;
314
state[15] =
Ama
;
315
state[16] =
Ame
;
316
state[17] =
Ami
;
317
state[18] =
Amo
;
318
state[19] =
Amu
;
319
state[20] =
Asa
;
320
state[21] =
Ase
;
321
state[22] =
Asi
;
322
state[23] =
Aso
;
323
state[24] =
Asu
;
324
325
#undef round
326
}
KeccakF1600_StateExtractBytes
void KeccakF1600_StateExtractBytes(uint64_t *state, unsigned char *data, unsigned int offset, unsigned int length)
Definition
keccakf1600.c:43
KeccakF1600_StateXORBytes
void KeccakF1600_StateXORBytes(uint64_t *state, const unsigned char *data, unsigned int offset, unsigned int length)
Definition
keccakf1600.c:52
NROUNDS
#define NROUNDS
Definition
keccakf1600.c:12
KeccakF1600_StatePermute
void KeccakF1600_StatePermute(uint64_t *state)
Definition
keccakf1600.c:61
ROL
#define ROL(a, offset)
Definition
keccakf1600.c:13
keccakf1600.h
i
for i
Definition
prime_search.m:10
dCTIDH
src
common
keccakf1600.c
Generated by
1.9.8
1.9.8 1.9.8