diff --git a/claasp/cipher_modules/generic_functions_vectorized_byte.py b/claasp/cipher_modules/generic_functions_vectorized_byte.py index bcad7eab..3494463e 100644 --- a/claasp/cipher_modules/generic_functions_vectorized_byte.py +++ b/claasp/cipher_modules/generic_functions_vectorized_byte.py @@ -174,7 +174,7 @@ def get_number_of_consecutive_bits(l): sage: from claasp.cipher_modules.generic_functions_vectorized_byte import get_number_of_consecutive_bits sage: L=[4, 3, 5, 7, 2] - sage: get_number_of_consecutive_bits(L) == 2 + sage: get_number_of_consecutive_bits(L) == 1 True """ diff --git a/claasp/cipher_modules/models/milp/utils/dictionary_containing_truncated_xor_inequalities_between_n_input_bits.obj b/claasp/cipher_modules/models/milp/utils/dictionary_containing_truncated_xor_inequalities_between_n_input_bits.obj index 096790f8..6a493584 100644 Binary files a/claasp/cipher_modules/models/milp/utils/dictionary_containing_truncated_xor_inequalities_between_n_input_bits.obj and b/claasp/cipher_modules/models/milp/utils/dictionary_containing_truncated_xor_inequalities_between_n_input_bits.obj differ diff --git a/claasp/cipher_modules/models/milp/utils/generate_inequalities_for_wordwise_truncated_xor_with_n_input_bits.py b/claasp/cipher_modules/models/milp/utils/generate_inequalities_for_wordwise_truncated_xor_with_n_input_bits.py index 66e61033..fe9f80f8 100644 --- a/claasp/cipher_modules/models/milp/utils/generate_inequalities_for_wordwise_truncated_xor_with_n_input_bits.py +++ b/claasp/cipher_modules/models/milp/utils/generate_inequalities_for_wordwise_truncated_xor_with_n_input_bits.py @@ -100,6 +100,7 @@ def get_valid_points_for_wordwise_xor(delta_in_1, zeta_in_1, delta_in_2, zeta_in zeta_out = 0 if delta_in_1 + delta_in_2 > 2: delta_out = 3 + zeta_out = -2 elif delta_in_1 + delta_in_2 == 1: delta_out = 1 zeta_out = zeta_in_1 + zeta_in_2 @@ -107,6 +108,7 @@ def get_valid_points_for_wordwise_xor(delta_in_1, zeta_in_1, delta_in_2, zeta_in delta_out = 0 elif zeta_in_1 + zeta_in_2 < 0: delta_out = 2 + zeta_out = -1 elif zeta_in_1 == zeta_in_2: delta_out = 0 else: @@ -169,6 +171,7 @@ def generate_valid_points_for_xor_between_n_input_words(wordsize=4, number_of_wo zeta[summand + 1]) delta_output, zeta_output = get_valid_points_for_wordwise_xor(tmp_delta[-1], tmp_zeta[-1], delta[-1], zeta[-1]) + zeta_output = max(0, zeta_output) if delta.count(3) == 0 and delta.count(2) == 1 and delta.count(1) > 1: only_fixed_patterns = [i[1] for i in enumerate(zeta) if delta[i[0]] == 1] if len(only_fixed_patterns) > 1: diff --git a/claasp/cipher_modules/models/milp/utils/utils.py b/claasp/cipher_modules/models/milp/utils/utils.py index cc40a8ed..dd288c05 100644 --- a/claasp/cipher_modules/models/milp/utils/utils.py +++ b/claasp/cipher_modules/models/milp/utils/utils.py @@ -613,7 +613,7 @@ def milp_xor_truncated(model, input_1, input_2, output): def milp_xor_truncated_wordwise(model, input_1, input_2, output): """ - Returns a list of variables and a list of constraints for the XOR for two input words + Returns a list of variables and a list of constraints for the XOR for two input bytes in deterministic truncated XOR differential model. This method uses a binary encoding (where each variable v is seen as a binary tuple (v0, v1), where v0 is the MSB) to diff --git a/claasp/components/linear_layer_component.py b/claasp/components/linear_layer_component.py index 71dd4efb..b3d5cee7 100644 --- a/claasp/components/linear_layer_component.py +++ b/claasp/components/linear_layer_component.py @@ -610,8 +610,8 @@ def milp_wordwise_deterministic_truncated_xor_differential_constraints(self, mod [1 <= 1 + x_6 + x_8 + x_9 + x_10 + x_11 + x_13 + x_18 + x_19 - x_25, 1 <= 1 + x_6 + x_8 + x_9 + x_10 + x_11 + x_12 + x_13 + x_19 - x_25, ... - 1 <= 2 - x_6 - x_8, - 1 <= 1 + x_7 - x_8] + 1 <= 1 + x_7 - x_8, + 1 <= 1 + x_1 - x_2] """ x = model.binary_variable diff --git a/claasp/components/xor_component.py b/claasp/components/xor_component.py index 50466b52..ac108ebc 100644 --- a/claasp/components/xor_component.py +++ b/claasp/components/xor_component.py @@ -802,6 +802,9 @@ def milp_wordwise_deterministic_truncated_xor_differential_constraints(self, mod 1 <= 2 - x_30 - x_39] """ + if model.word_size == 8: + return self.milp_wordwise_deterministic_truncated_xor_differential_sequential_constraints(model) + x = model.binary_variable num_of_inputs = int(self.description[1]) @@ -845,20 +848,20 @@ def milp_wordwise_deterministic_truncated_xor_differential_sequential_constraint sage: from claasp.cipher_modules.models.milp.milp_models.milp_wordwise_deterministic_truncated_xor_differential_model import MilpWordwiseDeterministicTruncatedXorDifferentialModel sage: milp = MilpWordwiseDeterministicTruncatedXorDifferentialModel(cipher) sage: milp.init_model_in_sage_milp_class() - sage: xor_component = cipher.get_component_from_id("xor_0_32") + sage: xor_component = cipher.get_component_from_id("xor_0_31") sage: variables, constraints = xor_component.milp_wordwise_deterministic_truncated_xor_differential_sequential_constraints(milp) sage: variables - [('x[xor_0_31_word_0_class_bit_0]', x_0), - ('x[xor_0_31_word_0_class_bit_1]', x_1), + [('x[sbox_0_26_word_0_class_bit_0]', x_0), + ('x[sbox_0_26_word_0_class_bit_1]', x_1), ... - ('x[xor_0_32_30]', x_118), - ('x[xor_0_32_31]', x_119)] + ('x[xor_0_31_30]', x_158), + ('x[xor_0_31_31]', x_159)] sage: constraints - [1 <= 1 + x_0 + x_2 + x_3 + x_4 + x_5 + x_6 + x_7 + x_8 + x_9 + x_41 - x_81, - 1 <= 1 + x_1 + x_40 + x_42 + x_43 + x_44 + x_45 + x_46 + x_47 + x_48 + x_49 - x_81, + [1 <= 1 + x_0 + x_2 + x_3 + x_4 + x_5 + x_6 + x_7 + x_8 + x_9 + x_41 - x_161, + 1 <= 1 + x_1 + x_40 + x_42 + x_43 + x_44 + x_45 + x_46 + x_47 + x_48 + x_49 - x_161, ... - 1 <= 1 + x_31 - x_39, - 1 <= 2 - x_30 - x_39] + 1 <= 1 + x_111 - x_119, + 1 <= 2 - x_110 - x_119] """ diff --git a/tests/unit/cipher_modules/models/milp/milp_models/milp_wordwise_deterministic_truncated_xor_differential_model_test.py b/tests/unit/cipher_modules/models/milp/milp_models/milp_wordwise_deterministic_truncated_xor_differential_model_test.py index 52b1cc01..a6aa8fe2 100644 --- a/tests/unit/cipher_modules/models/milp/milp_models/milp_wordwise_deterministic_truncated_xor_differential_model_test.py +++ b/tests/unit/cipher_modules/models/milp/milp_models/milp_wordwise_deterministic_truncated_xor_differential_model_test.py @@ -13,7 +13,7 @@ def test_build_wordwise_deterministic_truncated_xor_differential_trail_model(): milp.build_wordwise_deterministic_truncated_xor_differential_trail_model() constraints = milp.model_constraints - assert len(constraints) == 43960 + assert len(constraints) == 19768 assert str(constraints[0]) == '1 <= 1 + x_0 - x_1 + x_2 + x_3 + x_4 + x_5 + x_6 + x_7 + x_8 + x_9' assert str(constraints[1]) == '1 <= 1 + x_1 - x_9' assert str(constraints[-2]) == 'x_3062 == x_2886' diff --git a/tests/unit/cipher_modules/models/milp/milp_models/milp_wordwise_impossible_xor_differential_model_test.py b/tests/unit/cipher_modules/models/milp/milp_models/milp_wordwise_impossible_xor_differential_model_test.py index 3f0b8cd8..db07d006 100644 --- a/tests/unit/cipher_modules/models/milp/milp_models/milp_wordwise_impossible_xor_differential_model_test.py +++ b/tests/unit/cipher_modules/models/milp/milp_models/milp_wordwise_impossible_xor_differential_model_test.py @@ -15,7 +15,7 @@ def test_build_wordwise_impossible_xor_differential_trail_model(): constraints = milp.model_constraints - assert len(constraints) == 48392 + assert len(constraints) == 24200 assert str(constraints[0]) == '1 <= 1 + x_0 - x_1 + x_2 + x_3 + x_4 + x_5 + x_6 + x_7 + x_8 + x_9' assert str(constraints[1]) == '1 <= 1 + x_1 - x_9' assert str(constraints[-2]) == 'x_3238 == x_2065' diff --git a/tests/unit/cipher_modules/models/milp/utils/generate_inequalities_for_wordwise_truncated_xor_with_n_input_bits_test.py b/tests/unit/cipher_modules/models/milp/utils/generate_inequalities_for_wordwise_truncated_xor_with_n_input_bits_test.py index 8c8e3a63..c9f29e81 100644 --- a/tests/unit/cipher_modules/models/milp/utils/generate_inequalities_for_wordwise_truncated_xor_with_n_input_bits_test.py +++ b/tests/unit/cipher_modules/models/milp/utils/generate_inequalities_for_wordwise_truncated_xor_with_n_input_bits_test.py @@ -22,5 +22,5 @@ def test_generate_valid_points_for_xor_between_n_input_words(): def test_update_dictionary_that_contains_wordwise_truncated_xor_inequalities_between_n_inputs(): update_dictionary_that_contains_wordwise_truncated_xor_inequalities_between_n_inputs(3, 3) dictio = output_dictionary_that_contains_wordwise_truncated_xor_inequalities() - assert dictio[3][3][:2] == ['1----1----------0---', '--100--100-0----1---'] - assert dictio[3][3][-2:] == ['------01------------', '----------1----0----'] \ No newline at end of file + assert dictio[3][3][:2] == ['0-000-0---00----1---', '0-00000----0----1---'] + assert dictio[3][3][-2:] == ['-----1---------0----', '1--------------0----'] \ No newline at end of file diff --git a/tests/unit/components/linear_layer_component_test.py b/tests/unit/components/linear_layer_component_test.py index aa7773d8..6aeab34c 100644 --- a/tests/unit/components/linear_layer_component_test.py +++ b/tests/unit/components/linear_layer_component_test.py @@ -325,8 +325,8 @@ def test_milp_wordwise_deterministic_truncated_xor_differential_constraints(): assert str(constraints[0]) == '1 <= 1 + x_6 + x_8 + x_9 + x_10 + x_11 + x_13 + x_18 + x_19 - x_25' assert str(constraints[1]) == '1 <= 1 + x_6 + x_8 + x_9 + x_10 + x_11 + x_12 + x_13 + x_19 - x_25' - assert str(constraints[-2]) == '1 <= 2 - x_6 - x_8' - assert str(constraints[-1]) == '1 <= 1 + x_7 - x_8' + assert str(constraints[-2]) == '1 <= 1 + x_7 - x_8' + assert str(constraints[-1]) == '1 <= 1 + x_1 - x_2' cipher = AESBlockCipher(number_of_rounds=2) cipher_inverse = cipher.cipher_inverse()