Let us walk on the 3-isogeny graph
Loading...
Searching...
No Matches
keccakf1600.c
Go to the documentation of this file.
1/* Based on the public domain implementation in
2 * crypto_hash/keccakc512/simple/ from http://bench.cr.yp.to/supercop.html
3 * by Ronny Van Keer
4 * and the public domain "TweetFips202" implementation
5 * from https://twitter.com/tweetfips202
6 * by Gilles Van Assche, Daniel J. Bernstein, and Peter Schwabe */
7
8#include <stdint.h>
9#include <assert.h>
10#include "keccakf1600.h"
11
12#define NROUNDS 24
13#define ROL(a, offset) ((a << offset) ^ (a >> (64-offset)))
14
15static const uint64_t KeccakF_RoundConstants[NROUNDS] =
16{
17 (uint64_t)0x0000000000000001ULL,
18 (uint64_t)0x0000000000008082ULL,
19 (uint64_t)0x800000000000808aULL,
20 (uint64_t)0x8000000080008000ULL,
21 (uint64_t)0x000000000000808bULL,
22 (uint64_t)0x0000000080000001ULL,
23 (uint64_t)0x8000000080008081ULL,
24 (uint64_t)0x8000000000008009ULL,
25 (uint64_t)0x000000000000008aULL,
26 (uint64_t)0x0000000000000088ULL,
27 (uint64_t)0x0000000080008009ULL,
28 (uint64_t)0x000000008000000aULL,
29 (uint64_t)0x000000008000808bULL,
30 (uint64_t)0x800000000000008bULL,
31 (uint64_t)0x8000000000008089ULL,
32 (uint64_t)0x8000000000008003ULL,
33 (uint64_t)0x8000000000008002ULL,
34 (uint64_t)0x8000000000000080ULL,
35 (uint64_t)0x000000000000800aULL,
36 (uint64_t)0x800000008000000aULL,
37 (uint64_t)0x8000000080008081ULL,
38 (uint64_t)0x8000000000008080ULL,
39 (uint64_t)0x0000000080000001ULL,
40 (uint64_t)0x8000000080008008ULL
41};
42
43void KeccakF1600_StateExtractBytes(uint64_t *state, unsigned char *data, unsigned int offset, unsigned int length)
44{
45 unsigned int i;
46 for(i=0;i<length;i++)
47 {
48 data[i] = state[(offset + i) >> 3] >> (8*((offset + i) & 0x07));
49 }
50}
51
52void KeccakF1600_StateXORBytes(uint64_t *state, const unsigned char *data, unsigned int offset, unsigned int length)
53{
54 unsigned int i;
55 for(i = 0; i < length; i++)
56 {
57 state[(offset + i) >> 3] ^= (uint64_t)data[i] << (8 * ((offset + i) & 0x07));
58 }
59}
60
61void KeccakF1600_StatePermute(uint64_t * state)
62{
63 int round;
64
65 uint64_t Aba, Abe, Abi, Abo, Abu;
66 uint64_t Aga, Age, Agi, Ago, Agu;
67 uint64_t Aka, Ake, Aki, Ako, Aku;
68 uint64_t Ama, Ame, Ami, Amo, Amu;
69 uint64_t Asa, Ase, Asi, Aso, Asu;
70 uint64_t BCa, BCe, BCi, BCo, BCu;
71 uint64_t Da, De, Di, Do, Du;
72 uint64_t Eba, Ebe, Ebi, Ebo, Ebu;
73 uint64_t Ega, Ege, Egi, Ego, Egu;
74 uint64_t Eka, Eke, Eki, Eko, Eku;
75 uint64_t Ema, Eme, Emi, Emo, Emu;
76 uint64_t Esa, Ese, Esi, Eso, Esu;
77
78 //copyFromState(A, state)
79 Aba = state[ 0];
80 Abe = state[ 1];
81 Abi = state[ 2];
82 Abo = state[ 3];
83 Abu = state[ 4];
84 Aga = state[ 5];
85 Age = state[ 6];
86 Agi = state[ 7];
87 Ago = state[ 8];
88 Agu = state[ 9];
89 Aka = state[10];
90 Ake = state[11];
91 Aki = state[12];
92 Ako = state[13];
93 Aku = state[14];
94 Ama = state[15];
95 Ame = state[16];
96 Ami = state[17];
97 Amo = state[18];
98 Amu = state[19];
99 Asa = state[20];
100 Ase = state[21];
101 Asi = state[22];
102 Aso = state[23];
103 Asu = state[24];
104
105 for( round = 0; round < NROUNDS; round += 2 )
106 {
107 // prepareTheta
108 BCa = Aba^Aga^Aka^Ama^Asa;
109 BCe = Abe^Age^Ake^Ame^Ase;
110 BCi = Abi^Agi^Aki^Ami^Asi;
111 BCo = Abo^Ago^Ako^Amo^Aso;
112 BCu = Abu^Agu^Aku^Amu^Asu;
113
114 //thetaRhoPiChiIotaPrepareTheta(round , A, E)
115 Da = BCu^ROL(BCe, 1);
116 De = BCa^ROL(BCi, 1);
117 Di = BCe^ROL(BCo, 1);
118 Do = BCi^ROL(BCu, 1);
119 Du = BCo^ROL(BCa, 1);
120
121 Aba ^= Da;
122 BCa = Aba;
123 Age ^= De;
124 BCe = ROL(Age, 44);
125 Aki ^= Di;
126 BCi = ROL(Aki, 43);
127 Amo ^= Do;
128 BCo = ROL(Amo, 21);
129 Asu ^= Du;
130 BCu = ROL(Asu, 14);
131 Eba = BCa ^((~BCe)& BCi );
132 Eba ^= (uint64_t)KeccakF_RoundConstants[round];
133 Ebe = BCe ^((~BCi)& BCo );
134 Ebi = BCi ^((~BCo)& BCu );
135 Ebo = BCo ^((~BCu)& BCa );
136 Ebu = BCu ^((~BCa)& BCe );
137
138 Abo ^= Do;
139 BCa = ROL(Abo, 28);
140 Agu ^= Du;
141 BCe = ROL(Agu, 20);
142 Aka ^= Da;
143 BCi = ROL(Aka, 3);
144 Ame ^= De;
145 BCo = ROL(Ame, 45);
146 Asi ^= Di;
147 BCu = ROL(Asi, 61);
148 Ega = BCa ^((~BCe)& BCi );
149 Ege = BCe ^((~BCi)& BCo );
150 Egi = BCi ^((~BCo)& BCu );
151 Ego = BCo ^((~BCu)& BCa );
152 Egu = BCu ^((~BCa)& BCe );
153
154 Abe ^= De;
155 BCa = ROL(Abe, 1);
156 Agi ^= Di;
157 BCe = ROL(Agi, 6);
158 Ako ^= Do;
159 BCi = ROL(Ako, 25);
160 Amu ^= Du;
161 BCo = ROL(Amu, 8);
162 Asa ^= Da;
163 BCu = ROL(Asa, 18);
164 Eka = BCa ^((~BCe)& BCi );
165 Eke = BCe ^((~BCi)& BCo );
166 Eki = BCi ^((~BCo)& BCu );
167 Eko = BCo ^((~BCu)& BCa );
168 Eku = BCu ^((~BCa)& BCe );
169
170 Abu ^= Du;
171 BCa = ROL(Abu, 27);
172 Aga ^= Da;
173 BCe = ROL(Aga, 36);
174 Ake ^= De;
175 BCi = ROL(Ake, 10);
176 Ami ^= Di;
177 BCo = ROL(Ami, 15);
178 Aso ^= Do;
179 BCu = ROL(Aso, 56);
180 Ema = BCa ^((~BCe)& BCi );
181 Eme = BCe ^((~BCi)& BCo );
182 Emi = BCi ^((~BCo)& BCu );
183 Emo = BCo ^((~BCu)& BCa );
184 Emu = BCu ^((~BCa)& BCe );
185
186 Abi ^= Di;
187 BCa = ROL(Abi, 62);
188 Ago ^= Do;
189 BCe = ROL(Ago, 55);
190 Aku ^= Du;
191 BCi = ROL(Aku, 39);
192 Ama ^= Da;
193 BCo = ROL(Ama, 41);
194 Ase ^= De;
195 BCu = ROL(Ase, 2);
196 Esa = BCa ^((~BCe)& BCi );
197 Ese = BCe ^((~BCi)& BCo );
198 Esi = BCi ^((~BCo)& BCu );
199 Eso = BCo ^((~BCu)& BCa );
200 Esu = BCu ^((~BCa)& BCe );
201
202 // prepareTheta
203 BCa = Eba^Ega^Eka^Ema^Esa;
204 BCe = Ebe^Ege^Eke^Eme^Ese;
205 BCi = Ebi^Egi^Eki^Emi^Esi;
206 BCo = Ebo^Ego^Eko^Emo^Eso;
207 BCu = Ebu^Egu^Eku^Emu^Esu;
208
209 //thetaRhoPiChiIotaPrepareTheta(round+1, E, A)
210 Da = BCu^ROL(BCe, 1);
211 De = BCa^ROL(BCi, 1);
212 Di = BCe^ROL(BCo, 1);
213 Do = BCi^ROL(BCu, 1);
214 Du = BCo^ROL(BCa, 1);
215
216 Eba ^= Da;
217 BCa = Eba;
218 Ege ^= De;
219 BCe = ROL(Ege, 44);
220 Eki ^= Di;
221 BCi = ROL(Eki, 43);
222 Emo ^= Do;
223 BCo = ROL(Emo, 21);
224 Esu ^= Du;
225 BCu = ROL(Esu, 14);
226 Aba = BCa ^((~BCe)& BCi );
227 Aba ^= (uint64_t)KeccakF_RoundConstants[round+1];
228 Abe = BCe ^((~BCi)& BCo );
229 Abi = BCi ^((~BCo)& BCu );
230 Abo = BCo ^((~BCu)& BCa );
231 Abu = BCu ^((~BCa)& BCe );
232
233 Ebo ^= Do;
234 BCa = ROL(Ebo, 28);
235 Egu ^= Du;
236 BCe = ROL(Egu, 20);
237 Eka ^= Da;
238 BCi = ROL(Eka, 3);
239 Eme ^= De;
240 BCo = ROL(Eme, 45);
241 Esi ^= Di;
242 BCu = ROL(Esi, 61);
243 Aga = BCa ^((~BCe)& BCi );
244 Age = BCe ^((~BCi)& BCo );
245 Agi = BCi ^((~BCo)& BCu );
246 Ago = BCo ^((~BCu)& BCa );
247 Agu = BCu ^((~BCa)& BCe );
248
249 Ebe ^= De;
250 BCa = ROL(Ebe, 1);
251 Egi ^= Di;
252 BCe = ROL(Egi, 6);
253 Eko ^= Do;
254 BCi = ROL(Eko, 25);
255 Emu ^= Du;
256 BCo = ROL(Emu, 8);
257 Esa ^= Da;
258 BCu = ROL(Esa, 18);
259 Aka = BCa ^((~BCe)& BCi );
260 Ake = BCe ^((~BCi)& BCo );
261 Aki = BCi ^((~BCo)& BCu );
262 Ako = BCo ^((~BCu)& BCa );
263 Aku = BCu ^((~BCa)& BCe );
264
265 Ebu ^= Du;
266 BCa = ROL(Ebu, 27);
267 Ega ^= Da;
268 BCe = ROL(Ega, 36);
269 Eke ^= De;
270 BCi = ROL(Eke, 10);
271 Emi ^= Di;
272 BCo = ROL(Emi, 15);
273 Eso ^= Do;
274 BCu = ROL(Eso, 56);
275 Ama = BCa ^((~BCe)& BCi );
276 Ame = BCe ^((~BCi)& BCo );
277 Ami = BCi ^((~BCo)& BCu );
278 Amo = BCo ^((~BCu)& BCa );
279 Amu = BCu ^((~BCa)& BCe );
280
281 Ebi ^= Di;
282 BCa = ROL(Ebi, 62);
283 Ego ^= Do;
284 BCe = ROL(Ego, 55);
285 Eku ^= Du;
286 BCi = ROL(Eku, 39);
287 Ema ^= Da;
288 BCo = ROL(Ema, 41);
289 Ese ^= De;
290 BCu = ROL(Ese, 2);
291 Asa = BCa ^((~BCe)& BCi );
292 Ase = BCe ^((~BCi)& BCo );
293 Asi = BCi ^((~BCo)& BCu );
294 Aso = BCo ^((~BCu)& BCa );
295 Asu = BCu ^((~BCa)& BCe );
296 }
297
298 //copyToState(state, A)
299 state[ 0] = Aba;
300 state[ 1] = Abe;
301 state[ 2] = Abi;
302 state[ 3] = Abo;
303 state[ 4] = Abu;
304 state[ 5] = Aga;
305 state[ 6] = Age;
306 state[ 7] = Agi;
307 state[ 8] = Ago;
308 state[ 9] = Agu;
309 state[10] = Aka;
310 state[11] = Ake;
311 state[12] = Aki;
312 state[13] = Ako;
313 state[14] = Aku;
314 state[15] = Ama;
315 state[16] = Ame;
316 state[17] = Ami;
317 state[18] = Amo;
318 state[19] = Amu;
319 state[20] = Asa;
320 state[21] = Ase;
321 state[22] = Asi;
322 state[23] = Aso;
323 state[24] = Asu;
324
325 #undef round
326}
NROUNDS
#define NROUNDS
Definition fips202.c:15
KeccakF1600_StateExtractBytes
void KeccakF1600_StateExtractBytes(uint64_t *state, unsigned char *data, unsigned int offset, unsigned int length)
Definition keccakf1600.c:43
KeccakF1600_StateXORBytes
void KeccakF1600_StateXORBytes(uint64_t *state, const unsigned char *data, unsigned int offset, unsigned int length)
Definition keccakf1600.c:52
KeccakF1600_StatePermute
void KeccakF1600_StatePermute(uint64_t *state)
Definition keccakf1600.c:61
ROL
#define ROL(a, offset)
Definition keccakf1600.c:13
i
for i
Definition prime_search.m:10