viff

changeset 1321:71f205befbbb

Optimized local operations in S-box.
author Marcel Keller <mkeller@cs.au.dk>
date Tue, 06 Oct 2009 14:18:55 +0200
parents fb09cb799cc8
children 5a2e6564c40a
files viff/aes.py
diffstat 1 files changed, 18 insertions(+), 18 deletions(-) [+]
line diff
     1.1 --- a/viff/aes.py	Fri Oct 02 16:39:19 2009 +0200
     1.2 +++ b/viff/aes.py	Tue Oct 06 14:18:55 2009 +0200
     1.3 @@ -219,14 +219,19 @@
     1.4          return byte_254
     1.5  
     1.6      # matrix for byte_sub, the last column is the translation vector
     1.7 -    A = Matrix([[1,0,0,0,1,1,1,1, 1],
     1.8 -                [1,1,0,0,0,1,1,1, 1],
     1.9 -                [1,1,1,0,0,0,1,1, 0],
    1.10 -                [1,1,1,1,0,0,0,1, 0],
    1.11 -                [1,1,1,1,1,0,0,0, 0],
    1.12 -                [0,1,1,1,1,1,0,0, 1],
    1.13 -                [0,0,1,1,1,1,1,0, 1],
    1.14 -                [0,0,0,1,1,1,1,1, 0]])
    1.15 +    A = Matrix([[1,0,0,0,1,1,1,1],
    1.16 +                [1,1,0,0,0,1,1,1],
    1.17 +                [1,1,1,0,0,0,1,1],
    1.18 +                [1,1,1,1,0,0,0,1],
    1.19 +                [1,1,1,1,1,0,0,0],
    1.20 +                [0,1,1,1,1,1,0,0],
    1.21 +                [0,0,1,1,1,1,1,0],
    1.22 +                [0,0,0,1,1,1,1,1]])
    1.23 +
    1.24 +    # anticipate bit recombination
    1.25 +    for i, row in enumerate(A.rows):
    1.26 +        for j in range(len(row)):
    1.27 +            row[j] *= 2 ** i
    1.28  
    1.29      def byte_sub(self, state, use_lin_comb=True):
    1.30          """ByteSub operation of Rijndael.
    1.31 @@ -240,21 +245,16 @@
    1.32              for i in range(len(row)):
    1.33                  bits = bit_decompose(self.invert(row[i]))
    1.34  
    1.35 -                # include the translation in the matrix multiplication
    1.36 -                # (see definition of AES.A)
    1.37 -                bits.append(Share(self.runtime, GF256, GF256(1)))
    1.38 -
    1.39                  if (use_lin_comb):
    1.40 -                    bits = [self.runtime.lin_comb(AES.A.rows[j], bits) 
    1.41 -                            for j in range(len(bits) - 1)]
    1.42 -                    row[i] = self.runtime.lin_comb(
    1.43 -                        [2**j for j in range(len(bits))], bits)
    1.44 +                    row[i] = self.runtime.lin_comb(sum(AES.A.rows, []),
    1.45 +                                                   bits * len(AES.A.rows))
    1.46                  else:
    1.47                      # caution: order is lsb first
    1.48                      vector = AES.A * Matrix(zip(bits))
    1.49                      bits = zip(*vector.rows)[0]
    1.50 -                    row[i] = reduce(lambda x,y: x + y, 
    1.51 -                                    [bits[j] * 2**j for j in range(len(bits))])
    1.52 +                    row[i] = sum(bits)
    1.53 +
    1.54 +                row[i].addCallback(lambda x: 0x63 + x)
    1.55  
    1.56      def shift_row(self, state):
    1.57          """Rijndael ShiftRow.