aes::soft

Module fixslice

Source
Expand description

Fixsliced implementations of AES-128, AES-192 and AES-256 (64-bit) adapted from the C implementation.

All implementations are fully bitsliced and do not rely on any Look-Up Table (LUT).

See the paper at https://eprint.iacr.org/2020/1123.pdf for more details.

Β§Author (original C code)

Alexandre Adomnicai, Nanyang Technological University, Singapore [email protected]

Originally licensed MIT. Relicensed as Apache 2.0+MIT with permission.

Macros§

define_mix_columns πŸ”’
Computation of the MixColumns transformation in the fixsliced representation, with different rotations used according to the round number mod 4.

Functions§

add_round_constant_bit πŸ”’
add_round_key πŸ”’
XOR the round key to the internal state. The round keys are expected to be pre-computed and to be packed in the fixsliced representation.
aes128_decrypt πŸ”’
Fully-fixsliced AES-128 decryption (the InvShiftRows is completely omitted).
aes128_encrypt πŸ”’
Fully-fixsliced AES-128 encryption (the ShiftRows is completely omitted).
aes128_key_schedule πŸ”’
Fully bitsliced AES-128 key schedule to match the fully-fixsliced representation.
aes192_decrypt πŸ”’
Fully-fixsliced AES-192 decryption (the InvShiftRows is completely omitted).
aes192_encrypt πŸ”’
Fully-fixsliced AES-192 encryption (the ShiftRows is completely omitted).
aes192_key_schedule πŸ”’
Fully bitsliced AES-192 key schedule to match the fully-fixsliced representation.
aes256_decrypt πŸ”’
Fully-fixsliced AES-256 decryption (the InvShiftRows is completely omitted).
aes256_encrypt πŸ”’
Fully-fixsliced AES-256 encryption (the ShiftRows is completely omitted).
aes256_key_schedule πŸ”’
Fully bitsliced AES-256 key schedule to match the fully-fixsliced representation.
bitslice πŸ”’
Bitslice four 128-bit input blocks input0, input1, input2, input3 into a 512-bit internal state.
delta_swap_1 πŸ”’
delta_swap_2 πŸ”’
inv_bitslice πŸ”’
Un-bitslice a 512-bit internal state into four 128-bit blocks of output.
inv_mix_columns_0 πŸ”’
inv_mix_columns_1 πŸ”’
inv_mix_columns_2 πŸ”’
inv_mix_columns_3 πŸ”’
inv_shift_rows_1 πŸ”’
inv_shift_rows_2 πŸ”’
inv_shift_rows_3 πŸ”’
inv_sub_bytes πŸ”’
Note that the 4 bitwise NOT (^= 0xffffffffffffffff) are accounted for here so that it is a true inverse of β€˜sub_bytes’.
memshift32 πŸ”’
Copy 32-bytes within the provided slice to an 8-byte offset
mix_columns_0 πŸ”’
mix_columns_1 πŸ”’
mix_columns_2 πŸ”’
mix_columns_3 πŸ”’
ror πŸ”’
ror_distance πŸ”’
rotate_rows_1 πŸ”’
rotate_rows_2 πŸ”’
rotate_rows_and_columns_1_1 πŸ”’
rotate_rows_and_columns_1_2 πŸ”’
rotate_rows_and_columns_1_3 πŸ”’
rotate_rows_and_columns_2_2 πŸ”’
shift_rows_1 πŸ”’
Applies ShiftRows once on an AES state (or key).
shift_rows_2 πŸ”’
Applies ShiftRows twice on an AES state (or key).
shift_rows_3 πŸ”’
Applies ShiftRows three times on an AES state (or key).
sub_bytes πŸ”’
Bitsliced implementation of the AES Sbox based on Boyar, Peralta and Calik.
sub_bytes_nots πŸ”’
NOT operations that are omitted in S-box
xor_columns πŸ”’
XOR the columns after the S-box during the key schedule round function.

Type Aliases§

BatchBlocks πŸ”’
FixsliceBlocks πŸ”’
AES block batch size for this implementation
FixsliceKeys128 πŸ”’
AES-128 round keys
FixsliceKeys192 πŸ”’
AES-192 round keys
FixsliceKeys256 πŸ”’
AES-256 round keys
State πŸ”’
512-bit internal state