Browse Source

started AES

thajohns 11 months ago
parent
commit
e241aea1bf
2 changed files with 342 additions and 12 deletions
  1. 287
    0
      aes.c
  2. 55
    12
      sieve.c

+ 287
- 0
aes.c View File

@@ -0,0 +1,287 @@
1
+// I'm aware that this file is written horribly and dooesn't have inverse functions
2
+
3
+#include <stdlib.h>
4
+#include <stdio.h>
5
+#include <stdint.h>
6
+#include <string.h>
7
+
8
+#define LROT8(v, b) ((v) << (b) | (v) >> (8 - (b)))
9
+#define LROT32(v, b) ((v) << (b) | (v) >> (32 - (b)))
10
+
11
+char sbox[256], inv_sbox[256];
12
+
13
+struct polydiv_result
14
+{
15
+  uint16_t q;
16
+  uint16_t r;
17
+};
18
+
19
+struct polyeeuclid_result
20
+{
21
+  uint16_t u;
22
+  uint16_t v;
23
+  uint16_t g;
24
+};
25
+
26
+static uint16_t msb(uint16_t x)
27
+{
28
+  x |= x >> 1;
29
+  x |= x >> 2;
30
+  x |= x >> 4;
31
+  x |= x >> 8;
32
+  x ^= (x >> 1);
33
+  return x;
34
+}
35
+
36
+static uint16_t poly_mult(uint16_t multiplicand, uint16_t multiplier)
37
+{
38
+  uint16_t accum = 0;
39
+  int ii;
40
+  for (ii = 0; ii < 16; ii++)
41
+  {
42
+    if (multiplier & 1)
43
+      accum ^= multiplicand;
44
+    multiplier >>= 1;
45
+    multiplicand <<= 1;
46
+  }
47
+  return accum;
48
+}
49
+
50
+static void poly_div(uint16_t dividend, uint16_t divisor, struct polydiv_result *out)
51
+{
52
+  uint16_t quotient = 0;
53
+  if (divisor == 0)
54
+    return;
55
+  while (msb(dividend) >= msb(divisor))
56
+  {
57
+    uint16_t intermittent = msb(dividend) / msb(divisor);
58
+    quotient ^= intermittent;
59
+    dividend ^= divisor * intermittent;
60
+  }
61
+  out->q = quotient;
62
+  out->r = dividend;
63
+}
64
+
65
+static uint16_t poly_mult_mod(uint16_t a, uint16_t b, uint16_t m)
66
+{
67
+  struct polydiv_result qr;
68
+  poly_div(poly_mult(a, b), m, &qr);
69
+  return qr.r;
70
+}
71
+
72
+static void poly_eeuclid(uint16_t a, uint16_t b, struct polyeeuclid_result *out)
73
+{
74
+  struct polydiv_result qr;
75
+  uint16_t x0 = 1, y0 = 0, x1 = 0, y1 = 1;
76
+  poly_div(a, b, &qr);
77
+  while (qr.r)
78
+  {
79
+    uint16_t xn = x0 ^ poly_mult(qr.q, x1), yn = y0 ^ poly_mult(qr.q, y1);
80
+    a = b;
81
+    b = qr.r;
82
+    poly_div(a, b, &qr);
83
+    x0 = x1;
84
+    y0 = y1;
85
+    x1 = xn;
86
+    y1 = yn;
87
+  }
88
+
89
+  out->g = b;
90
+  out->u = x1;
91
+  out->v = y1;
92
+}
93
+
94
+//void print_poly(uint16_t p)
95
+//{
96
+//  int ii;
97
+//  for (ii = 0; ii < 16; ii++)
98
+//  {
99
+//    printf((p & 32768) ? "1" : "0");
100
+//    p <<= 1;
101
+//  }
102
+//  printf("\n");
103
+//}
104
+
105
+static uint8_t inv_Rijndael(uint8_t p)
106
+{
107
+  if (!p)
108
+    return 0;
109
+  struct polyeeuclid_result guv;
110
+  poly_eeuclid(p, 0x11b, &guv);
111
+  return (uint8_t) guv.u;
112
+}
113
+
114
+static uint8_t Nyberg(uint8_t i)
115
+{
116
+  return i ^ LROT8(i, 1) ^ LROT8(i, 2) ^ LROT8(i, 3) ^ LROT8(i, 4) ^ 0x63;
117
+}
118
+
119
+static uint8_t sbox_transform(uint8_t i)
120
+{
121
+  return Nyberg(inv_Rijndael(i));
122
+}
123
+
124
+void initializeSBox()
125
+{
126
+  int ii;
127
+  for (ii = 0; ii < 256; ii++)
128
+  {
129
+    uint8_t in = (uint8_t) ii;
130
+    uint8_t out = sbox_transform(ii);
131
+    sbox[in] = out;
132
+    inv_sbox[out] = in;
133
+  }
134
+}
135
+
136
+static uint32_t wordSBox(uint32_t word)
137
+{
138
+  return
139
+    (sbox[word]) |
140
+    (sbox[(uint8_t) (word >> 8)] << 8) |
141
+    (sbox[(uint8_t) (word >> 16)] << 16) |
142
+    (sbox[(uint8_t) (word >> 24)] << 24);
143
+}
144
+
145
+void expandKey(uint32_t short_key[8], uint32_t expanded_key[60])
146
+{
147
+  // TODO: Make the round constants constant
148
+  uint8_t rcs[8] = {1};
149
+  int ii;
150
+  for (ii = 1; ii < 8; ii++)
151
+  {
152
+    if (rcs[ii - 1] < 0x80)
153
+    {
154
+      rcs[ii] = rcs[ii - 1] << 1;
155
+    } else
156
+    {
157
+      rcs[ii] = 0x1b ^ (rcs[ii - 1] << 1);
158
+    }
159
+  }
160
+
161
+  memcpy(expanded_key, short_key, 8 * sizeof(uint32_t));
162
+
163
+  int rci = 0;
164
+
165
+  for (ii = 8; ii < 60; ii++)
166
+  {
167
+    if (ii % 8 == 0)
168
+    {
169
+      expanded_key[ii] = expanded_key[ii - 8] ^ wordSBox(LROT32(expanded_key[ii - 1], 8)) ^ (rcs[rci] << 24);
170
+      rci++;
171
+    } else if (ii % 8 == 4)
172
+    {
173
+      expanded_key[ii] = expanded_key[ii - 8] ^ wordSBox(expanded_key[ii - 1]);
174
+    } else
175
+    {
176
+      expanded_key[ii] = expanded_key[ii - 8] ^ expanded_key[ii - 1];
177
+    }
178
+  }
179
+}
180
+
181
+void AESRound(uint32_t state[4], uint32_t key[60])
182
+{
183
+  int ii, ij;
184
+  for (ii = 0; ii < 4; ii++)
185
+  {
186
+    state[ii] ^= *key;
187
+    key++;
188
+  }
189
+  for (ij = 0; ij < 13; ij++)
190
+  {
191
+    for (ii = 0; ii < 4; ii++)
192
+      state[ii] = wordSBox(state[ii]);
193
+    for (ii = 0; ii < 4; ii++)
194
+      state[ii] = LROT32(state[ii], 8 * ii);
195
+    uint32_t newstate[4] = {0};
196
+    for (ii = 0; ii < 4; ii++)
197
+    {
198
+      int shc = 8 * ii;
199
+      newstate[0] |= (poly_mult_mod((uint8_t) (state[0] >> shc), 2, 0x11b) ^
200
+          poly_mult_mod((uint8_t) (state[1] >> shc), 3, 0x11b) ^ 
201
+          ((uint8_t) (state[2] >> shc)) ^ ((uint8_t) (state[3] >> shc))) << shc;
202
+      newstate[1] |= (poly_mult_mod((uint8_t) (state[1] >> shc), 2, 0x11b) ^
203
+          poly_mult_mod((uint8_t) (state[2] >> shc), 3, 0x11b) ^ 
204
+          ((uint8_t) (state[3] >> shc)) ^ ((uint8_t) (state[0] >> shc))) << shc;
205
+      newstate[2] |= (poly_mult_mod((uint8_t) (state[2] >> shc), 2, 0x11b) ^
206
+          poly_mult_mod((uint8_t) (state[3] >> shc), 3, 0x11b) ^ 
207
+          ((uint8_t) (state[0] >> shc)) ^ ((uint8_t) (state[1] >> shc))) << shc;
208
+      newstate[3] |= (poly_mult_mod((uint8_t) (state[3] >> shc), 2, 0x11b) ^
209
+          poly_mult_mod((uint8_t) (state[0] >> shc), 3, 0x11b) ^ 
210
+          ((uint8_t) (state[1] >> shc)) ^ ((uint8_t) (state[2] >> shc))) << shc;
211
+    }
212
+    memcpy(state, newstate, 4 * sizeof(uint32_t));
213
+    for (ii = 0; ii < 4; ii++)
214
+    {
215
+      state[ii] ^= *key;
216
+      key++;
217
+    }
218
+  }
219
+  for (ii = 0; ii < 4; ii++)
220
+    state[ii] = wordSBox(state[ii]);
221
+  for (ii = 0; ii < 4; ii++)
222
+    state[ii] = LROT32(state[ii], 8 * ii);
223
+  for (ii = 0; ii < 4; ii++)
224
+  {
225
+    state[ii] ^= *key;
226
+    key++;
227
+  }
228
+}
229
+
230
+void dataToState(char data[16], uint32_t state[4]);
231
+{
232
+  int ii;
233
+  for (ii = 0; ii < 4; ii++)
234
+  {
235
+    state[ii] = data[0] | (data[1] << 8) | (data[2] << 16) | (data[3] << 24);
236
+    data += 4;
237
+  }
238
+}
239
+
240
+void stateToData(uint32_t state[4], char data[16])
241
+{
242
+  int ii, ij;;
243
+  for (ii = 0; ii < 4; ii++)
244
+  {
245
+    uint32_t d = state[ii];
246
+    for (ij = 0; ij < 4; ij++)
247
+    {
248
+      *data = d;
249
+      data++;
250
+      d >>= 8;
251
+    }
252
+  }
253
+}
254
+
255
+
256
+//int main()
257
+//{
258
+//  int ii;
259
+//  //for (ii = 0; ii < 256; ii++)
260
+//  //{
261
+//  //  printf("%02x %02x %02x\n", ii & 0xf0, ii & 0x0f, sbox_transform(ii));
262
+//  //}
263
+//
264
+//  uint8_t state[4] = {0xf2, 0x0a, 0x22, 0x5c};
265
+//  uint8_t newstate[4] = {0};
266
+//  int shc = 0;
267
+//  newstate[0] |= (poly_mult_mod((uint8_t) (state[0] >> shc), 2, 0x11b) ^
268
+//      poly_mult_mod((uint8_t) (state[1] >> shc), 3, 0x11b) ^ 
269
+//      ((uint8_t) (state[2] >> shc)) ^ ((uint8_t) (state[3] >> shc))) << shc;
270
+//  newstate[1] |= (poly_mult_mod((uint8_t) (state[1] >> shc), 2, 0x11b) ^
271
+//      poly_mult_mod((uint8_t) (state[2] >> shc), 3, 0x11b) ^ 
272
+//      ((uint8_t) (state[3] >> shc)) ^ ((uint8_t) (state[0] >> shc))) << shc;
273
+//  newstate[2] |= (poly_mult_mod((uint8_t) (state[2] >> shc), 2, 0x11b) ^
274
+//      poly_mult_mod((uint8_t) (state[3] >> shc), 3, 0x11b) ^ 
275
+//      ((uint8_t) (state[0] >> shc)) ^ ((uint8_t) (state[1] >> shc))) << shc;
276
+//  newstate[3] |= (poly_mult_mod((uint8_t) (state[3] >> shc), 2, 0x11b) ^
277
+//      poly_mult_mod((uint8_t) (state[0] >> shc), 3, 0x11b) ^ 
278
+//      ((uint8_t) (state[1] >> shc)) ^ ((uint8_t) (state[2] >> shc))) << shc;
279
+//
280
+//  for (ii = 0; ii < 4; ii++)
281
+//  {
282
+//    printf("%02x ", newstate[ii]);
283
+//  }
284
+//  printf("\n");
285
+//  return 0;
286
+//}
287
+//

+ 55
- 12
sieve.c View File

@@ -199,6 +199,45 @@ unsigned long int build_sgprime_candidate_list(unsigned long int n, struct mpz_l
199 199
   return list->numel;
200 200
 }
201 201
 
202
+unsigned long int build_sgnprime_candidate_list(int niter, unsigned long int n, struct mpz_list **list_out)
203
+{
204
+  struct mpz_list *list = malloc(sizeof(struct mpz_list));
205
+  mpz_list_init(list, 16);
206
+
207
+  mpz_t c, g, u;
208
+  mpz_init(c);
209
+  mpz_init(g);
210
+  mpz_init(u);
211
+  mpz_set_ui(c, 1);
212
+
213
+  while (mpz_cmp_ui(c, n) != 0)
214
+  {
215
+    mpz_set(u, c);
216
+    mpz_gcd_ui(g, u, n);
217
+    int ii;
218
+    for (ii = 0; ii < niter ; ii++)
219
+    {
220
+      if (mpz_cmp_ui(g, 1) != 0)
221
+        goto cont;
222
+      mpz_add(u, u, u);
223
+      mpz_add_ui(u, u, 1);
224
+      if (mpz_cmp_ui(u, n) > 0)
225
+        mpz_sub_ui(u, u, n);
226
+      mpz_gcd_ui(g, u, n);
227
+    }
228
+    mpz_set(*mpz_list_push(list), c);
229
+cont:
230
+    mpz_add_ui(c, c, 1);
231
+  }
232
+
233
+  mpz_clear(c);
234
+  mpz_clear(g);
235
+  mpz_clear(u);
236
+
237
+  *list_out = list;
238
+  return list->numel;
239
+}
240
+
202 241
 // This function makes the liberal assumption that each element has another one within the range of an unsigned long ahead of it.
203 242
 unsigned long int differentiate_list(unsigned long int max, struct mpz_list *list, struct ui_list **out_list)
204 243
 {
@@ -291,7 +330,6 @@ int test_sgprime(mpz_t p, mpz_t q, int reps)
291 330
   return 0;
292 331
 }
293 332
 
294
-// Search through a difflist exactly once for an SG prime. Return nonzero if one is found.
295 333
 // q is passed to prevent unnecessary memory allocation
296 334
 int search_sgprime_iter(mpz_t a, mpz_t q, int reps, struct ui_list *difflist, int *counter, int chunksize)
297 335
 {
@@ -316,7 +354,8 @@ void st_sgprime_search(mpz_t r, int reps, unsigned long int offset, struct ui_li
316 354
   mpz_sub(r, r, q);
317 355
   mpz_add_ui(r, r, offset);
318 356
 
319
-  int c;
357
+  int c = 0;
358
+
320 359
   while(!search_sgprime_iter(r, q, reps, difflist, &c, difflist->numel));
321 360
 
322 361
   mpz_clear(q);
@@ -436,21 +475,23 @@ int main()
436 475
 //  {
437 476
 //    printf("%lu\n", mpz_get_ui(list->data[ii]));
438 477
 //  }
439
-  printf("%lu\n", primorial);
478
+ // printf("%lu\n", primorial);
440 479
 
441 480
   destroy_mpz_list(list);
442 481
   free(list);
443 482
 
444
-  unsigned long int totient = build_sgprime_candidate_list(primorial, &list);
483
+  unsigned long int totient = build_sgnprime_candidate_list(2, primorial, &list);
445 484
 
446
-  printf("totient: %lu\n", totient);
447
-  printf("ratio: %lu\n", primorial / totient);
485
+  printf("finished building candidate list\n");
486
+  fflush(stdout);
487
+//  printf("totient: %lu\n", totient);
488
+//  printf("ratio: %lu\n", primorial / totient);
448 489
 
449 490
   struct ui_list *difflist;
450 491
 
451 492
   unsigned long int offset = differentiate_list(primorial, list, &difflist);
452 493
   
453
-  printf("offset: %lu\n", offset);
494
+//  printf("offset: %lu\n", offset);
454 495
 
455 496
   mpz_t p;
456 497
   mpz_init(p);
@@ -458,15 +499,17 @@ int main()
458 499
   gmp_randstate_t rs;
459 500
   gmp_randinit_default(rs);
460 501
 
502
+  int bits = 8192;
503
+
461 504
   int ii;
462
-  for (ii = 0; ii < 5; ii++)
505
+  for (ii = 0; ii < 1000; ii++)
463 506
   {
464
-    mpz_urandomb(p, rs, 4096);
465
-    mpz_setbit(p, 4096);
507
+    mpz_urandomb(p, rs, bits);
508
+    mpz_setbit(p, bits);
466 509
 
467
-    mt_sgprime_search(p, 31, offset, difflist, primorial, 8, 100);
510
+    mt_sgprime_search(p, 31, offset, difflist, primorial, 8, 10);
468 511
 
469
-    gmp_printf("safe prime: %Zd\n", p);
512
+    gmp_printf("%i-bit safe prime: %Zd\n", bits, p);
470 513
   }
471 514
 
472 515
   gmp_randclear(rs);

Loading…
Cancel
Save