updated Grøstl for round 3

groestl/groestl_large.c

@@ -65,14 +65,49 @@ static uint8_t matrix[] PROGMEM = {
  2, 3, 4, 5, 3, 5, 7, 2
 };
 
+static
+void shift_columns(uint8_t *a, PGM_VOID_P shifts){
+	uint8_t s;
+	uint8_t tmp[16];
+	uint8_t i,j;
+	for(i=0; i<8; ++i){
+		s = pgm_read_byte(shifts);
+		shifts = (uint8_t*)shifts + 1;
+		if(s==0){
+			continue;
+		}
+		for(j=0;j<16;++j){
+			tmp[j] = a[i+j*8];
+		}
+		for(j=0; j<16; ++j){
+			a[i+((j-s+16)%16)*8] = tmp[j];
+		}
+	}
+}
+
+static const uint8_t p_shifts[] PROGMEM = {
+		0, 1, 2, 3, 4, 5, 6, 11
+};
+
+static const uint8_t q_shifts[] PROGMEM = {
+		1, 3, 5, 11, 0, 2, 4, 6
+};
+
 void groestl_large_rounds(uint8_t *m, uint8_t q){
 	uint8_t r,i,j;
 	uint8_t tmp[16];
 	for(r=0; r<ROUNDS; ++r){
 		if(q){
-			m[7] ^= 0xff ^ r;
+			for(i=0; i<(8*16); ++i){
+				m[i] ^= 0xff;
+			}
+			for(i=0; i<16; ++i){
+				m[7+i*8] ^= r ^ (i<<4);
+			}
 		}else{
-			m[0] ^= r;
+			for(i=0; i<16; ++i){
+				m[i*8] ^= r ^ (i<<4);
+			}
 		}	
 #if DEBUG		
 		if(r<2){
@@ -83,17 +118,10 @@ void groestl_large_rounds(uint8_t *m, uint8_t q){
 		for(i=0;i<16*8; ++i){
 			m[i] = pgm_read_byte(aes_sbox+m[i]);
 		}
-		for(i=1; i<7; ++i){
-			for(j=0; j<16; ++j)
-				tmp[j] = m[i+8*j];
-			for(j=0; j<16; ++j){
-				m[i+((j-i+16)%16)*8] = tmp[j];
-			}
-		}
-		for(j=0; j<16; ++j)
-			tmp[j] = m[7+8*j];
-		for(j=0; j<16; ++j){
-			m[7+((j-11+16)%16)*8] = tmp[j];
+		if(!q){
+			shift_columns(m, p_shifts);
+		}else{
+			shift_columns(m, q_shifts);
 		}
 		
 #if DEBUG		

groestl/groestl_small.c

@@ -65,30 +65,72 @@ static uint8_t matrix[] PROGMEM = {
  2, 3, 4, 5, 3, 5, 7, 2
 };
 
+
+static const uint8_t p_shifts[] PROGMEM = {
+		0, 1, 2, 3, 4, 5, 6, 7
+};
+
+static const uint8_t q_shifts[] PROGMEM = {
+		1, 3, 5, 7, 0, 2, 4, 6
+};
+
+
+static
+void shift_columns(uint8_t *a, PGM_VOID_P shifts){
+	uint8_t s;
+	uint8_t tmp[8];
+	uint8_t i,j;
+	for(i=0; i<8; ++i){
+		s = pgm_read_byte(shifts);
+		shifts = (uint8_t*)shifts + 1;
+		if(s==0){
+			continue;
+		}
+		for(j=0;j<8;++j){
+			tmp[j] = a[i+j*8];
+		}
+		for(j=0; j<8; ++j){
+			a[i+((j-s+8)%8)*8] = tmp[j];
+		}
+	}
+}
+
+
+
 void groestl_small_rounds(uint8_t *m, uint8_t q){
 	uint8_t r,i,j;
 	uint8_t tmp[8];
+#if DEBUG
+	cli_putstr_P(PSTR("\r\n:: BEGIN "));
+	cli_putc(q?'Q':'P');
+#endif
+
 	for(r=0; r<ROUNDS; ++r){
 		if(q){
-			m[7] ^= 0xff ^ r;
+			for(i=0; i<8*8; ++i){
+				m[i] ^= 0xff;
+			}
+			for(i=0; i<8; ++i){
+				m[7+i*8] ^=  r ^ (i<<4);
+			}
 		}else{
-			m[0] ^= r;
+			for(i=0; i<8; ++i){
+				m[i*8] ^= r ^ (i<<4);
+			}
 		}
 #if DEBUG
-		if(r<2){
+	//	if(r<2){
 			cli_putstr_P(PSTR("\r\npost add-const"));
 			dump_m(m);
-		}
+	//	}
 #endif
 		for(i=0;i<8*8; ++i){
 			m[i] = pgm_read_byte(aes_sbox+m[i]);
 		}
-		for(i=1; i<8; ++i){
-			for(j=0; j<8; ++j)
-				tmp[j] = m[i+8*j];
-			for(j=0; j<8; ++j){
-				m[i+((j-i+8)%8)*8] = tmp[j];
-			}
+		if(!q){
+			shift_columns(m, p_shifts);
+		}else{
+			shift_columns(m, q_shifts);
 		}
 #if DEBUG
 		if(r<2){

mkfiles/grain.mk

@@ -10,4 +10,4 @@ $(ALGO_NAME)_INCDIR   := memxor/ scal/
 $(ALGO_NAME)_TEST_BIN := main-grain-test.o $(CLI_STD) $(SCAL_STD) scal_grain.o
 $(ALGO_NAME)_NESSIE_TEST      := "nessie"
 $(ALGO_NAME)_PERFORMANCE_TEST := "performance"
-
+$(ALGO_NAME)_DEF := NESSIE_ESTREAM=1

mkfiles/mickey128.mk

@@ -10,4 +10,4 @@ $(ALGO_NAME)_INCDIR   := memxor/ scal/
 $(ALGO_NAME)_TEST_BIN := main-mickey128-test.o $(CLI_STD) $(SCAL_STD) scal_mickey128.o 
 $(ALGO_NAME)_NESSIE_TEST      := "nessie"
 $(ALGO_NAME)_PERFORMANCE_TEST := "performance"
-
+$(ALGO_NAME)_DEF := NESSIE_ESTREAM=1

mkfiles/trivium.mk

@@ -10,4 +10,4 @@ $(ALGO_NAME)_INCDIR   := memxor/ scal/
 $(ALGO_NAME)_TEST_BIN := main-trivium-test.o $(CLI_STD) $(SCAL_STD) scal_trivium.o 
 $(ALGO_NAME)_NESSIE_TEST      := "nessie"
 $(ALGO_NAME)_PERFORMANCE_TEST := "performance"
-
+$(ALGO_NAME)_DEF       := NESSIE_ESTREAM=1

scal/scal-basic.c

@@ -24,8 +24,6 @@
 #include "streamcipher_descriptor.h"
 #include "keysize_descriptor.h"
 
-#include "cli.h"
-
 uint8_t scal_cipher_init(const scdesc_t* cipher_descriptor,
                          const void* key, uint16_t keysize_b,
                          const void* iv,  uint16_t ivsize_b, scgen_ctx_t* ctx){
@@ -114,8 +112,6 @@ uint8_t scal_cipher_gen_byte(scgen_ctx_t* ctx){
 			r |= ((((sc_gen1_fpt)gen_fpt)(ctx->ctx))&(0xff<<(8-blocksize_b)))>>fill;
 			fill += blocksize_b;
 		}while(fill<8);
-//		cli_putstr_P(PSTR("\r\nDBG: "));
-//		cli_hexdump_byte(r);
 		return r;
 	}else{
 		uint8_t r;

scal/scal-nessie.c

@@ -25,6 +25,11 @@
 #include "memxor.h"
 #include <avr/pgmspace.h>
 
+#ifndef NESSIE_ESTREAM
+#define NESSIE_ESTREAM 0
+#endif
+
+
 static const uint8_t normal_hooks[] PROGMEM = {
 		0, 192/64, 256/64, 448/64
 };
@@ -37,7 +42,12 @@ static const char stream0_n[] PROGMEM = "stream[0..63]";
 static const char stream1_n[] PROGMEM = "stream[192..255]";
 static const char stream2_n[] PROGMEM = "stream[256..319]";
 static const char stream3_n[] PROGMEM = "stream[448..511]";
+
+#if NESSIE_ESTREAM
+static const char streamX_n[] PROGMEM = "xor-digest";
+#else
 static const char streamX_n[] PROGMEM = "stream[0..511]xored";
+#endif
 
 static const char* stream_n_str[] PROGMEM = {
 		stream0_n,
@@ -50,7 +60,11 @@ static const char* stream_n_str[] PROGMEM = {
 static const char stream1_l[] PROGMEM = "stream[65472..65535]";
 static const char stream2_l[] PROGMEM = "stream[65536..65599]";
 static const char stream3_l[] PROGMEM = "stream[131008..131071]";
+#if NESSIE_ESTREAM
+static const char streamX_l[] PROGMEM = "xor-digest";
+#else
 static const char streamX_l[] PROGMEM = "stream[0..131071]xored";
+#endif
 
 static const char* stream_l_str[] PROGMEM = {
 		stream0_n,
@@ -141,7 +155,11 @@ void scal_nessie_stream_run(const scdesc_t *desc, uint16_t keysize_b, uint16_t i
 	memset(key, 0, (keysize_b+7)/8);
 	/***  Test SET 1 ***/
 	nessie_print_setheader(1);
+#if NESSIE_ESTREAM
+	for(v=0;v<keysize_b; v+=9){
+#else
 	for(v=0;v<keysize_b; ++v){
+#endif
 		nessie_print_set_vector(1,v);
 		key[v/8] |= 0x80>>(v&7);
 		nessie_print_item("key", key, (keysize_b+7)/8);
@@ -155,7 +173,11 @@ void scal_nessie_stream_run(const scdesc_t *desc, uint16_t keysize_b, uint16_t i
 	}
 	/***  Test SET 2 ***/
 	nessie_print_setheader(2);
+#if NESSIE_ESTREAM
+	for(v=0;v<256; v+=9){
+#else
 	for(v=0;v<256; ++v){
+#endif
 		nessie_print_set_vector(2,v);
 		memset(key, v&0xff, (keysize_b+7)/8);
 		nessie_print_item("key", key, (keysize_b+7)/8);
@@ -168,7 +190,11 @@ void scal_nessie_stream_run(const scdesc_t *desc, uint16_t keysize_b, uint16_t i
 	}
 	/***  Test SET 3 ***/
 	nessie_print_setheader(3);
+#if NESSIE_ESTREAM
+	for(v=0;v<256; v+=9){
+#else
 	for(v=0;v<256; ++v){
+#endif
 		uint8_t i;
 		nessie_print_set_vector(3,v);
 		for(i=0; i<((keysize_b+7)/8); ++i){
@@ -205,7 +231,11 @@ void scal_nessie_stream_run(const scdesc_t *desc, uint16_t keysize_b, uint16_t i
 	/***  Test SET 5 ***/
 	nessie_print_setheader(5);
 	memset(key, 0, (keysize_b+7)/8);
+#if NESSIE_ESTREAM
+	for(v=0;v<ivsize_b; v+=9){
+#else
 	for(v=0;v<ivsize_b; ++v){
+#endif
 		nessie_print_set_vector(5,v);
 		iv[v/8] |= 0x80>>(v&7);
 		nessie_print_item("key", key, (keysize_b+7)/8);
@@ -233,6 +263,7 @@ void scal_nessie_stream_run(const scdesc_t *desc, uint16_t keysize_b, uint16_t i
 		scal_cipher_free(&ctx);
 	}
 	/***  Test SET 7 ***/
+#if !NESSIE_ESTREAM
 	nessie_print_setheader(7);
 	uint8_t u;
 	for(v=0;v<3; ++v){
@@ -252,6 +283,7 @@ void scal_nessie_stream_run(const scdesc_t *desc, uint16_t keysize_b, uint16_t i
 		long_block(&ctx);
 		scal_cipher_free(&ctx);
 	}
+#endif
 	nessie_print_footer();
 }