dfa-aes/include/dfa.h at main · arusson/dfa-aes · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
#ifndef DFA_H_
#define DFA_H_

#include <stdint.h>
#include <stdbool.h>
#include "aes.h"

#define DFA_ROUND_1 1
#define DFA_ROUND_2 2
#define DFA_ROUND_8 8
#define DFA_ROUND_9 9
#define DELTA_SET_MAX 1020
#define CAND_MAX 2000
#define PAIRS_MAX 20
#define KEYS_MAX 65536

#define BYTES_TO_WORD(a) *(uint32_t *)(a)
#define TAKEBYTE(w,n) (uint8_t)(((w)>>(8*n)) & 255)

int getopt(int argc, char * const argv[], const char *optstring);
extern char *optarg;
extern int optind, opterr, optopt;

extern const int POSITIONS_LAST_ROUND[4][4];
extern const int POSITIONS_FIRST_ROUND[4][4];

typedef struct Pair {
  uint8_t ct[16];
  uint8_t fct[16];
  int fault_pos;
  int fault_value;
  bool bitflip;
} pair_t;

typedef struct KnownPtCt {
  uint8_t pt[16];
  uint8_t ct[16];
  bool is_some;
} known_pt_ct_t;

/* utils */
int readfile(const char *filename, pair_t pairs[PAIRS_MAX], int *npairs,
             known_pt_ct_t *known_pt_ct);
void print_hex(const uint8_t *buffer, const int len);
void print_pair_info(const pair_t *pair);
void print_number_candidates_line(const int num, const int col, const bool decrypt);
void print_number_candidates(const int candidates_len[4], const long nb_cand, const bool decrypt);

/* dfa */
int get_delta_set(const int row, const int fault_list[255], const int fault_len, const bool decrypt,
                  uint32_t delta_set[DELTA_SET_MAX]);
int roundkey_candidates_from_delta_set(const pair_t *pair, const int col, const bool decrypt,
                                       const uint32_t delta_set[DELTA_SET_MAX],
                                       const int diff_mc_len, uint32_t candidates[CAND_MAX]);

void intersection(uint32_t *list1, int *len1, const uint32_t *list2, const int len2);
int exhaustive_search_encryption(const uint32_t candidates[4][CAND_MAX],
                                 const int candidates_len[4], const known_pt_ct_t *known_pt_ct,
                                 uint8_t masterkeys[KEYS_MAX][16]);
int exhaustive_search_decryption(const uint32_t candidates[4][CAND_MAX],
                                 const int candidates_len[4], const known_pt_ct_t *known_pt_ct,
                                 uint8_t masterkeys[KEYS_MAX][16]);

/* dfa round 9 and 1 */
int r1_r9_key_recovery(const pair_t pairs[PAIRS_MAX], const int npairs,
                       const known_pt_ct_t *known_pt_ct, const bool decrypt,
                       uint8_t masterkeys[KEYS_MAX][16]);

/* dfa round 8 */
int r2_r8_key_recovery(pair_t pairs[PAIRS_MAX], const int npairs, const known_pt_ct_t *known_pt_ct,
                       const bool decrypt, uint8_t masterkeys[KEYS_MAX][16]);

#endif