/Experimentation/Investigations/Cryptography/AdvancedEncryptionStandard/plans/KeyDiscovery/064/1_16_4/general.hpp
C++ Header | 65 lines | 0 code | 1 blank | 64 comment | 0 complexity | 82f326a885a407e878f0081d72932b5e MD5 | raw file
- // Matthew Gwynne, 18.7.2011 (Swansea)
- /* Copyright 2011 Oliver Kullmann
- This file is part of the OKlibrary. OKlibrary is free software; you can redistribute
- it and/or modify it under the terms of the GNU General Public License as published by
- the Free Software Foundation and included in this library; either version 3 of the
- License, or any later version. */
- /*!
- \file Investigations/Cryptography/AdvancedEncryptionStandard/plans/KeyDiscovery/064/1_16_4/general.hpp
- \brief Investigations into small-scale AES key discovery for AES with a 1x16 plaintext matrix and 4-bit field elements
- \todo Problem specification
- <ul>
- <li> We consider the small-scale AES with 1 row, 16 column, using the 4-bit
- field size for rounds 1 to 20. </li>
- <li> We denote this AES instance by aes(r,1,16,4) for r in 1,...,20. </li>
- <li> We investigate translations of the key discovery problem for
- aes(r,1,16,4) into SAT. </li>
- <li> aes(r,1,16,4) takes a 64-bit plaintext and 64-bit key and outputs a
- 64-bit ciphertext. </li>
- <li> aes(r,1,16,4) applies the following operations:
- <ol>
- <li> Key schedule which takes the key and generates r+1 64-bit round
- keys. </li>
- <li> Application of the following operation (the "round") r times:
- <ol>
- <li> Addition of round key n-1. </li>
- <li> Application of Sbox operation to each byte. </li>
- </ol>
- </li>
- <li> Addition of round key r+1. </li>
- <li> The result of the last round key addition is the ciphertext. </li>
- </ol>
- </li>
- <li> Round key 0 is the input key. </li>
- <li> The key schedule computes the round key i from round key i-1 by:
- \verbatim
- K_(i,1,k) := S-box(K_(i-1,1,16)) + C_i + sum(K_(i-1,j,l),l,1,j)
- \endverbatim
- where
- <ul>
- <li> C_i is the round constant for round i; </li>
- <li> K_(i,j,k) is the 4-bit word in the j-th row, k-th column of the i-th
- round-key considered as a 1x16X matrix. </li>
- </ul>
- </li>
- <li> The S-box is a permutation from {0,1}^4 to {0,1}^4 which we consider
- as either:
- <ul>
- <li> an 8x1 boolean function; see ss_sbox_bf in
- ComputerAlgebra/Cryptology/Lisp/CryptoSystems/Rijndael/AdvancedEncryptionStandard.mac;
- </li>
- <li> 4 4x1 boolean functions. </li>
- </ul>
- </li>
- <li> The decompositions and translations are listed in "Investigating
- dimensions" in
- Cryptography/AdvancedEncryptionStandard/plans/Experimentation.hpp.
- </li>
- <li> The plaintext and ciphertext variables are then set, and the SAT
- SAT solver is run on this instance to deduce the key variables. </li>
- </ul>
- */