Main Page   Modules   Namespace List   Class Hierarchy   Alphabetical List   Compound List   File List   Namespace Members   Compound Members   File Members   Related Pages  

Table.h

Go to the documentation of this file.
00001 /***************************************************************************
00002     TABLE.H -- Tables, macros, constants for Twofish S-boxes and MDS matrix
00003 
00004     Submitters:
00005         Bruce Schneier, Counterpane Systems
00006         Doug Whiting,   Hi/fn
00007         John Kelsey,    Counterpane Systems
00008         Chris Hall,     Counterpane Systems
00009         David Wagner,   UC Berkeley
00010             
00011     Code Author:        Doug Whiting,   Hi/fn
00012         
00013     Version  1.00       April 1998
00014         
00015     Copyright 1998, Hi/fn and Counterpane Systems.  All rights reserved.
00016         
00017     Notes:
00018         *   Tab size is set to 4 characters in this file
00019         *   These definitions should be used in optimized and unoptimized
00020             versions to insure consistency.
00021 
00022 ***************************************************************************/
00023 
00024 /* for computing subkeys */
00025 #define SK_STEP         0x02020202u
00026 #define SK_BUMP         0x01010101u
00027 #define SK_ROTL         9
00028 
00029 /* Reed-Solomon code parameters: (12,8) reversible code
00030     g(x) = x**4 + (a + 1/a) x**3 + a x**2 + (a + 1/a) x + 1
00031    where a = primitive root of field generator 0x14D */
00032 #define RS_GF_FDBK      0x14D       /* field generator */
00033 #define RS_rem(x)       \
00034     { BYTE  b  = (BYTE) (x >> 24);                                           \
00035       DWORD g2 = ((b << 1) ^ ((b & 0x80) ? RS_GF_FDBK : 0 )) & 0xFF;         \
00036       DWORD g3 = ((b >> 1) & 0x7F) ^ ((b & 1) ? RS_GF_FDBK >> 1 : 0 ) ^ g2 ; \
00037       x = (x << 8) ^ (g3 << 24) ^ (g2 << 16) ^ (g3 << 8) ^ b;                \
00038     }
00039 
00040 /*  Macros for the MDS matrix
00041 *   The MDS matrix is (using primitive polynomial 169):
00042 *      01  EF  5B  5B
00043 *      5B  EF  EF  01
00044 *      EF  5B  01  EF
00045 *      EF  01  EF  5B
00046 *----------------------------------------------------------------
00047 * More statistical properties of this matrix (from MDS.EXE output):
00048 *
00049 * Min Hamming weight (one byte difference) =  8. Max=26.  Total =  1020.
00050 * Prob[8]:      7    23    42    20    52    95    88    94   121   128    91
00051 *             102    76    41    24     8     4     1     3     0     0     0
00052 * Runs[8]:      2     4     5     6     7     8     9    11
00053 * MSBs[8]:      1     4    15     8    18    38    40    43
00054 * HW= 8: 05040705 0A080E0A 14101C14 28203828 50407050 01499101 A080E0A0 
00055 * HW= 9: 04050707 080A0E0E 10141C1C 20283838 40507070 80A0E0E0 C6432020 07070504 
00056 *        0E0E0A08 1C1C1410 38382820 70705040 E0E0A080 202043C6 05070407 0A0E080E 
00057 *        141C101C 28382038 50704070 A0E080E0 4320C620 02924B02 089A4508 
00058 * Min Hamming weight (two byte difference) =  3. Max=28.  Total = 390150.
00059 * Prob[3]:      7    18    55   149   270   914  2185  5761 11363 20719 32079
00060 *           43492 51612 53851 52098 42015 31117 20854 11538  6223  2492  1033
00061 * MDS OK, ROR:   6+  7+  8+  9+ 10+ 11+ 12+ 13+ 14+ 15+ 16+
00062 *               17+ 18+ 19+ 20+ 21+ 22+ 23+ 24+ 25+ 26+
00063 */
00064 #define MDS_GF_FDBK     0x169   /* primitive polynomial for GF(256)*/
00065 #define LFSR1(x) ( ((x) >> 1)  ^ (((x) & 0x01) ?   MDS_GF_FDBK/2 : 0))
00066 #define LFSR2(x) ( ((x) >> 2)  ^ (((x) & 0x02) ?   MDS_GF_FDBK/2 : 0)  \
00067                                ^ (((x) & 0x01) ?   MDS_GF_FDBK/4 : 0))
00068 
00069 #define Mx_1(x) ((DWORD)  (x))      /* force result to dword so << will work */
00070 #define Mx_X(x) ((DWORD) ((x) ^            LFSR2(x)))   /* 5B */
00071 #define Mx_Y(x) ((DWORD) ((x) ^ LFSR1(x) ^ LFSR2(x)))   /* EF */
00072 
00073 #define M00     Mul_1
00074 #define M01     Mul_Y
00075 #define M02     Mul_X
00076 #define M03     Mul_X
00077 
00078 #define M10     Mul_X
00079 #define M11     Mul_Y
00080 #define M12     Mul_Y
00081 #define M13     Mul_1
00082 
00083 #define M20     Mul_Y
00084 #define M21     Mul_X
00085 #define M22     Mul_1
00086 #define M23     Mul_Y
00087 
00088 #define M30     Mul_Y
00089 #define M31     Mul_1
00090 #define M32     Mul_Y
00091 #define M33     Mul_X
00092 
00093 #define Mul_1   Mx_1
00094 #define Mul_X   Mx_X
00095 #define Mul_Y   Mx_Y
00096 
00097 /*  Define the fixed p0/p1 permutations used in keyed S-box lookup.  
00098     By changing the following constant definitions for P_ij, the S-boxes will
00099     automatically get changed in all the Twofish source code. Note that P_i0 is
00100     the "outermost" 8x8 permutation applied.  See the f32() function to see
00101     how these constants are to be  used.
00102 */
00103 #define P_00    1                   /* "outermost" permutation */
00104 #define P_01    0
00105 #define P_02    0
00106 #define P_03    (P_01^1)            /* "extend" to larger key sizes */
00107 #define P_04    1
00108 
00109 #define P_10    0
00110 #define P_11    0
00111 #define P_12    1
00112 #define P_13    (P_11^1)
00113 #define P_14    0
00114 
00115 #define P_20    1
00116 #define P_21    1
00117 #define P_22    0
00118 #define P_23    (P_21^1)
00119 #define P_24    0
00120 
00121 #define P_30    0
00122 #define P_31    1
00123 #define P_32    1
00124 #define P_33    (P_31^1)
00125 #define P_34    1
00126 
00127 #define p8(N)   P8x8[P_##N]         /* some syntax shorthand */
00128 
00129 /* fixed 8x8 permutation S-boxes */
00130 
00131 /***********************************************************************
00132 *  07:07:14  05/30/98  [4x4]  TestCnt=256. keySize=128. CRC=4BD14D9E.
00133 * maxKeyed:  dpMax = 18. lpMax =100. fixPt =  8. skXor =  0. skDup =  6. 
00134 * log2(dpMax[ 6..18])=   --- 15.42  1.33  0.89  4.05  7.98 12.05
00135 * log2(lpMax[ 7..12])=  9.32  1.01  1.16  4.23  8.02 12.45
00136 * log2(fixPt[ 0.. 8])=  1.44  1.44  2.44  4.06  6.01  8.21 11.07 14.09 17.00
00137 * log2(skXor[ 0.. 0])
00138 * log2(skDup[ 0.. 6])=   ---  2.37  0.44  3.94  8.36 13.04 17.99
00139 ***********************************************************************/
00140 //CONST BYTE P8x8[2][256]=
00141 BYTE P8x8[2][256]=
00142     {
00143 /*  p0:   */
00144 /*  dpMax      = 10.  lpMax      = 64.  cycleCnt=   1  1  1  0.         */
00145 /* 817D6F320B59ECA4.ECB81235F4A6709D.BA5E6D90C8F32471.D7F4126E9B3085CA. */
00146 /* Karnaugh maps:
00147 *  0111 0001 0011 1010. 0001 1001 1100 1111. 1001 1110 0011 1110. 1101 0101 1111 1001. 
00148 *  0101 1111 1100 0100. 1011 0101 0010 0000. 0101 1000 1100 0101. 1000 0111 0011 0010. 
00149 *  0000 1001 1110 1101. 1011 1000 1010 0011. 0011 1001 0101 0000. 0100 0010 0101 1011. 
00150 *  0111 0100 0001 0110. 1000 1011 1110 1001. 0011 0011 1001 1101. 1101 0101 0000 1100. 
00151 */
00152     {
00153     0xA9, 0x67, 0xB3, 0xE8, 0x04, 0xFD, 0xA3, 0x76, 
00154     0x9A, 0x92, 0x80, 0x78, 0xE4, 0xDD, 0xD1, 0x38, 
00155     0x0D, 0xC6, 0x35, 0x98, 0x18, 0xF7, 0xEC, 0x6C, 
00156     0x43, 0x75, 0x37, 0x26, 0xFA, 0x13, 0x94, 0x48, 
00157     0xF2, 0xD0, 0x8B, 0x30, 0x84, 0x54, 0xDF, 0x23, 
00158     0x19, 0x5B, 0x3D, 0x59, 0xF3, 0xAE, 0xA2, 0x82, 
00159     0x63, 0x01, 0x83, 0x2E, 0xD9, 0x51, 0x9B, 0x7C, 
00160     0xA6, 0xEB, 0xA5, 0xBE, 0x16, 0x0C, 0xE3, 0x61, 
00161     0xC0, 0x8C, 0x3A, 0xF5, 0x73, 0x2C, 0x25, 0x0B, 
00162     0xBB, 0x4E, 0x89, 0x6B, 0x53, 0x6A, 0xB4, 0xF1, 
00163     0xE1, 0xE6, 0xBD, 0x45, 0xE2, 0xF4, 0xB6, 0x66, 
00164     0xCC, 0x95, 0x03, 0x56, 0xD4, 0x1C, 0x1E, 0xD7, 
00165     0xFB, 0xC3, 0x8E, 0xB5, 0xE9, 0xCF, 0xBF, 0xBA, 
00166     0xEA, 0x77, 0x39, 0xAF, 0x33, 0xC9, 0x62, 0x71, 
00167     0x81, 0x79, 0x09, 0xAD, 0x24, 0xCD, 0xF9, 0xD8, 
00168     0xE5, 0xC5, 0xB9, 0x4D, 0x44, 0x08, 0x86, 0xE7, 
00169     0xA1, 0x1D, 0xAA, 0xED, 0x06, 0x70, 0xB2, 0xD2, 
00170     0x41, 0x7B, 0xA0, 0x11, 0x31, 0xC2, 0x27, 0x90, 
00171     0x20, 0xF6, 0x60, 0xFF, 0x96, 0x5C, 0xB1, 0xAB, 
00172     0x9E, 0x9C, 0x52, 0x1B, 0x5F, 0x93, 0x0A, 0xEF, 
00173     0x91, 0x85, 0x49, 0xEE, 0x2D, 0x4F, 0x8F, 0x3B, 
00174     0x47, 0x87, 0x6D, 0x46, 0xD6, 0x3E, 0x69, 0x64, 
00175     0x2A, 0xCE, 0xCB, 0x2F, 0xFC, 0x97, 0x05, 0x7A, 
00176     0xAC, 0x7F, 0xD5, 0x1A, 0x4B, 0x0E, 0xA7, 0x5A, 
00177     0x28, 0x14, 0x3F, 0x29, 0x88, 0x3C, 0x4C, 0x02, 
00178     0xB8, 0xDA, 0xB0, 0x17, 0x55, 0x1F, 0x8A, 0x7D, 
00179     0x57, 0xC7, 0x8D, 0x74, 0xB7, 0xC4, 0x9F, 0x72, 
00180     0x7E, 0x15, 0x22, 0x12, 0x58, 0x07, 0x99, 0x34, 
00181     0x6E, 0x50, 0xDE, 0x68, 0x65, 0xBC, 0xDB, 0xF8, 
00182     0xC8, 0xA8, 0x2B, 0x40, 0xDC, 0xFE, 0x32, 0xA4, 
00183     0xCA, 0x10, 0x21, 0xF0, 0xD3, 0x5D, 0x0F, 0x00, 
00184     0x6F, 0x9D, 0x36, 0x42, 0x4A, 0x5E, 0xC1, 0xE0
00185     },
00186 /*  p1:   */
00187 /*  dpMax      = 10.  lpMax      = 64.  cycleCnt=   2  0  0  1.         */
00188 /* 28BDF76E31940AC5.1E2B4C376DA5F908.4C75169A0ED82B3F.B951C3DE647F208A. */
00189 /* Karnaugh maps:
00190 *  0011 1001 0010 0111. 1010 0111 0100 0110. 0011 0001 1111 0100. 1111 1000 0001 1100. 
00191 *  1100 1111 1111 1010. 0011 0011 1110 0100. 1001 0110 0100 0011. 0101 0110 1011 1011. 
00192 *  0010 0100 0011 0101. 1100 1000 1000 1110. 0111 1111 0010 0110. 0000 1010 0000 0011. 
00193 *  1101 1000 0010 0001. 0110 1001 1110 0101. 0001 0100 0101 0111. 0011 1011 1111 0010. 
00194 */
00195     {
00196     0x75, 0xF3, 0xC6, 0xF4, 0xDB, 0x7B, 0xFB, 0xC8, 
00197     0x4A, 0xD3, 0xE6, 0x6B, 0x45, 0x7D, 0xE8, 0x4B, 
00198     0xD6, 0x32, 0xD8, 0xFD, 0x37, 0x71, 0xF1, 0xE1, 
00199     0x30, 0x0F, 0xF8, 0x1B, 0x87, 0xFA, 0x06, 0x3F, 
00200     0x5E, 0xBA, 0xAE, 0x5B, 0x8A, 0x00, 0xBC, 0x9D, 
00201     0x6D, 0xC1, 0xB1, 0x0E, 0x80, 0x5D, 0xD2, 0xD5, 
00202     0xA0, 0x84, 0x07, 0x14, 0xB5, 0x90, 0x2C, 0xA3, 
00203     0xB2, 0x73, 0x4C, 0x54, 0x92, 0x74, 0x36, 0x51, 
00204     0x38, 0xB0, 0xBD, 0x5A, 0xFC, 0x60, 0x62, 0x96, 
00205     0x6C, 0x42, 0xF7, 0x10, 0x7C, 0x28, 0x27, 0x8C, 
00206     0x13, 0x95, 0x9C, 0xC7, 0x24, 0x46, 0x3B, 0x70, 
00207     0xCA, 0xE3, 0x85, 0xCB, 0x11, 0xD0, 0x93, 0xB8, 
00208     0xA6, 0x83, 0x20, 0xFF, 0x9F, 0x77, 0xC3, 0xCC, 
00209     0x03, 0x6F, 0x08, 0xBF, 0x40, 0xE7, 0x2B, 0xE2, 
00210     0x79, 0x0C, 0xAA, 0x82, 0x41, 0x3A, 0xEA, 0xB9, 
00211     0xE4, 0x9A, 0xA4, 0x97, 0x7E, 0xDA, 0x7A, 0x17, 
00212     0x66, 0x94, 0xA1, 0x1D, 0x3D, 0xF0, 0xDE, 0xB3, 
00213     0x0B, 0x72, 0xA7, 0x1C, 0xEF, 0xD1, 0x53, 0x3E, 
00214     0x8F, 0x33, 0x26, 0x5F, 0xEC, 0x76, 0x2A, 0x49, 
00215     0x81, 0x88, 0xEE, 0x21, 0xC4, 0x1A, 0xEB, 0xD9, 
00216     0xC5, 0x39, 0x99, 0xCD, 0xAD, 0x31, 0x8B, 0x01, 
00217     0x18, 0x23, 0xDD, 0x1F, 0x4E, 0x2D, 0xF9, 0x48, 
00218     0x4F, 0xF2, 0x65, 0x8E, 0x78, 0x5C, 0x58, 0x19, 
00219     0x8D, 0xE5, 0x98, 0x57, 0x67, 0x7F, 0x05, 0x64, 
00220     0xAF, 0x63, 0xB6, 0xFE, 0xF5, 0xB7, 0x3C, 0xA5, 
00221     0xCE, 0xE9, 0x68, 0x44, 0xE0, 0x4D, 0x43, 0x69, 
00222     0x29, 0x2E, 0xAC, 0x15, 0x59, 0xA8, 0x0A, 0x9E, 
00223     0x6E, 0x47, 0xDF, 0x34, 0x35, 0x6A, 0xCF, 0xDC, 
00224     0x22, 0xC9, 0xC0, 0x9B, 0x89, 0xD4, 0xED, 0xAB, 
00225     0x12, 0xA2, 0x0D, 0x52, 0xBB, 0x02, 0x2F, 0xA9, 
00226     0xD7, 0x61, 0x1E, 0xB4, 0x50, 0x04, 0xF6, 0xC2, 
00227     0x16, 0x25, 0x86, 0x56, 0x55, 0x09, 0xBE, 0x91
00228     }
00229     };
Generated on Mon Sep 12 19:58:56 2005 for Destiny3D by doxygen1.3-rc3