AES advanced encryption standard
// advanced encryption standard
// author: karl malbrain, malbrain@yahoo.com typedef unsigned char uchar;
#include <string.h>
#include <memory.h> // AES only supports Nb=4
#define Nb 4 // number of columns in the state & expanded key #define Nk 4 // number of columns in a key
#define Nr 10 // number of rounds in encryption uchar Sbox[] = { // forward s-box
0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16}; uchar InvSbox[] = { // inverse s-box
0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb,
0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb,
0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e,
0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25,
0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92,
0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84,
0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06,
0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b,
0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73,
0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e,
0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b,
0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4,
0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f,
0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef,
0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61,
0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d}; // combined Xtimes2[Sbox[]]
uchar Xtime2Sbox[] = {
0xc6, 0xf8, 0xee, 0xf6, 0xff, 0xd6, 0xde, 0x91, 0x60, 0x02, 0xce, 0x56, 0xe7, 0xb5, 0x4d, 0xec,
0x8f, 0x1f, 0x89, 0xfa, 0xef, 0xb2, 0x8e, 0xfb, 0x41, 0xb3, 0x5f, 0x45, 0x23, 0x53, 0xe4, 0x9b,
0x75, 0xe1, 0x3d, 0x4c, 0x6c, 0x7e, 0xf5, 0x83, 0x68, 0x51, 0xd1, 0xf9, 0xe2, 0xab, 0x62, 0x2a,
0x08, 0x95, 0x46, 0x9d, 0x30, 0x37, 0x0a, 0x2f, 0x0e, 0x24, 0x1b, 0xdf, 0xcd, 0x4e, 0x7f, 0xea,
0x12, 0x1d, 0x58, 0x34, 0x36, 0xdc, 0xb4, 0x5b, 0xa4, 0x76, 0xb7, 0x7d, 0x52, 0xdd, 0x5e, 0x13,
0xa6, 0xb9, 0x00, 0xc1, 0x40, 0xe3, 0x79, 0xb6, 0xd4, 0x8d, 0x67, 0x72, 0x94, 0x98, 0xb0, 0x85,
0xbb, 0xc5, 0x4f, 0xed, 0x86, 0x9a, 0x66, 0x11, 0x8a, 0xe9, 0x04, 0xfe, 0xa0, 0x78, 0x25, 0x4b,
0xa2, 0x5d, 0x80, 0x05, 0x3f, 0x21, 0x70, 0xf1, 0x63, 0x77, 0xaf, 0x42, 0x20, 0xe5, 0xfd, 0xbf,
0x81, 0x18, 0x26, 0xc3, 0xbe, 0x35, 0x88, 0x2e, 0x93, 0x55, 0xfc, 0x7a, 0xc8, 0xba, 0x32, 0xe6,
0xc0, 0x19, 0x9e, 0xa3, 0x44, 0x54, 0x3b, 0x0b, 0x8c, 0xc7, 0x6b, 0x28, 0xa7, 0xbc, 0x16, 0xad,
0xdb, 0x64, 0x74, 0x14, 0x92, 0x0c, 0x48, 0xb8, 0x9f, 0xbd, 0x43, 0xc4, 0x39, 0x31, 0xd3, 0xf2,
0xd5, 0x8b, 0x6e, 0xda, 0x01, 0xb1, 0x9c, 0x49, 0xd8, 0xac, 0xf3, 0xcf, 0xca, 0xf4, 0x47, 0x10,
0x6f, 0xf0, 0x4a, 0x5c, 0x38, 0x57, 0x73, 0x97, 0xcb, 0xa1, 0xe8, 0x3e, 0x96, 0x61, 0x0d, 0x0f,
0xe0, 0x7c, 0x71, 0xcc, 0x90, 0x06, 0xf7, 0x1c, 0xc2, 0x6a, 0xae, 0x69, 0x17, 0x99, 0x3a, 0x27,
0xd9, 0xeb, 0x2b, 0x22, 0xd2, 0xa9, 0x07, 0x33, 0x2d, 0x3c, 0x15, 0xc9, 0x87, 0xaa, 0x50, 0xa5,
0x03, 0x59, 0x09, 0x1a, 0x65, 0xd7, 0x84, 0xd0, 0x82, 0x29, 0x5a, 0x1e, 0x7b, 0xa8, 0x6d, 0x2c
}; // combined Xtimes3[Sbox[]]
uchar Xtime3Sbox[] = {
0xa5, 0x84, 0x99, 0x8d, 0x0d, 0xbd, 0xb1, 0x54, 0x50, 0x03, 0xa9, 0x7d, 0x19, 0x62, 0xe6, 0x9a,
0x45, 0x9d, 0x40, 0x87, 0x15, 0xeb, 0xc9, 0x0b, 0xec, 0x67, 0xfd, 0xea, 0xbf, 0xf7, 0x96, 0x5b,
0xc2, 0x1c, 0xae, 0x6a, 0x5a, 0x41, 0x02, 0x4f, 0x5c, 0xf4, 0x34, 0x08, 0x93, 0x73, 0x53, 0x3f,
0x0c, 0x52, 0x65, 0x5e, 0x28, 0xa1, 0x0f, 0xb5, 0x09, 0x36, 0x9b, 0x3d, 0x26, 0x69, 0xcd, 0x9f,
0x1b, 0x9e, 0x74, 0x2e, 0x2d, 0xb2, 0xee, 0xfb, 0xf6, 0x4d, 0x61, 0xce, 0x7b, 0x3e, 0x71, 0x97,
0xf5, 0x68, 0x00, 0x2c, 0x60, 0x1f, 0xc8, 0xed, 0xbe, 0x46, 0xd9, 0x4b, 0xde, 0xd4, 0xe8, 0x4a,
0x6b, 0x2a, 0xe5, 0x16, 0xc5, 0xd7, 0x55, 0x94, 0xcf, 0x10, 0x06, 0x81, 0xf0, 0x44, 0xba, 0xe3,
0xf3, 0xfe, 0xc0, 0x8a, 0xad, 0xbc, 0x48, 0x04, 0xdf, 0xc1, 0x75, 0x63, 0x30, 0x1a, 0x0e, 0x6d,
0x4c, 0x14, 0x35, 0x2f, 0xe1, 0xa2, 0xcc, 0x39, 0x57, 0xf2, 0x82, 0x47, 0xac, 0xe7, 0x2b, 0x95,
0xa0, 0x98, 0xd1, 0x7f, 0x66, 0x7e, 0xab, 0x83, 0xca, 0x29, 0xd3, 0x3c, 0x79, 0xe2, 0x1d, 0x76,
0x3b, 0x56, 0x4e, 0x1e, 0xdb, 0x0a, 0x6c, 0xe4, 0x5d, 0x6e, 0xef, 0xa6, 0xa8, 0xa4, 0x37, 0x8b,
0x32, 0x43, 0x59, 0xb7, 0x8c, 0x64, 0xd2, 0xe0, 0xb4, 0xfa, 0x07, 0x25, 0xaf, 0x8e, 0xe9, 0x18,
0xd5, 0x88, 0x6f, 0x72, 0x24, 0xf1, 0xc7, 0x51, 0x23, 0x7c, 0x9c, 0x21, 0xdd, 0xdc, 0x86, 0x85,
0x90, 0x42, 0xc4, 0xaa, 0xd8, 0x05, 0x01, 0x12, 0xa3, 0x5f, 0xf9, 0xd0, 0x91, 0x58, 0x27, 0xb9,
0x38, 0x13, 0xb3, 0x33, 0xbb, 0x70, 0x89, 0xa7, 0xb6, 0x22, 0x92, 0x20, 0x49, 0xff, 0x78, 0x7a,
0x8f, 0xf8, 0x80, 0x17, 0xda, 0x31, 0xc6, 0xb8, 0xc3, 0xb0, 0x77, 0x11, 0xcb, 0xfc, 0xd6, 0x3a
}; // modular multiplication tables
// based on: // Xtime2[x] = (x & 0x80 ? 0x1b : 0) ^ (x + x)
// Xtime3[x] = x^Xtime2[x]; uchar Xtime2[] = {
0x00, 0x02, 0x04, 0x06, 0x08, 0x0a, 0x0c, 0x0e, 0x10, 0x12, 0x14, 0x16, 0x18, 0x1a, 0x1c, 0x1e,
0x20, 0x22, 0x24, 0x26, 0x28, 0x2a, 0x2c, 0x2e, 0x30, 0x32, 0x34, 0x36, 0x38, 0x3a, 0x3c, 0x3e,
0x40, 0x42, 0x44, 0x46, 0x48, 0x4a, 0x4c, 0x4e, 0x50, 0x52, 0x54, 0x56, 0x58, 0x5a, 0x5c, 0x5e,
0x60, 0x62, 0x64, 0x66, 0x68, 0x6a, 0x6c, 0x6e, 0x70, 0x72, 0x74, 0x76, 0x78, 0x7a, 0x7c, 0x7e,
0x80, 0x82, 0x84, 0x86, 0x88, 0x8a, 0x8c, 0x8e, 0x90, 0x92, 0x94, 0x96, 0x98, 0x9a, 0x9c, 0x9e,
0xa0, 0xa2, 0xa4, 0xa6, 0xa8, 0xaa, 0xac, 0xae, 0xb0, 0xb2, 0xb4, 0xb6, 0xb8, 0xba, 0xbc, 0xbe,
0xc0, 0xc2, 0xc4, 0xc6, 0xc8, 0xca, 0xcc, 0xce, 0xd0, 0xd2, 0xd4, 0xd6, 0xd8, 0xda, 0xdc, 0xde,
0xe0, 0xe2, 0xe4, 0xe6, 0xe8, 0xea, 0xec, 0xee, 0xf0, 0xf2, 0xf4, 0xf6, 0xf8, 0xfa, 0xfc, 0xfe,
0x1b, 0x19, 0x1f, 0x1d, 0x13, 0x11, 0x17, 0x15, 0x0b, 0x09, 0x0f, 0x0d, 0x03, 0x01, 0x07, 0x05,
0x3b, 0x39, 0x3f, 0x3d, 0x33, 0x31, 0x37, 0x35, 0x2b, 0x29, 0x2f, 0x2d, 0x23, 0x21, 0x27, 0x25,
0x5b, 0x59, 0x5f, 0x5d, 0x53, 0x51, 0x57, 0x55, 0x4b, 0x49, 0x4f, 0x4d, 0x43, 0x41, 0x47, 0x45,
0x7b, 0x79, 0x7f, 0x7d, 0x73, 0x71, 0x77, 0x75, 0x6b, 0x69, 0x6f, 0x6d, 0x63, 0x61, 0x67, 0x65,
0x9b, 0x99, 0x9f, 0x9d, 0x93, 0x91, 0x97, 0x95, 0x8b, 0x89, 0x8f, 0x8d, 0x83, 0x81, 0x87, 0x85,
0xbb, 0xb9, 0xbf, 0xbd, 0xb3, 0xb1, 0xb7, 0xb5, 0xab, 0xa9, 0xaf, 0xad, 0xa3, 0xa1, 0xa7, 0xa5,
0xdb, 0xd9, 0xdf, 0xdd, 0xd3, 0xd1, 0xd7, 0xd5, 0xcb, 0xc9, 0xcf, 0xcd, 0xc3, 0xc1, 0xc7, 0xc5,
0xfb, 0xf9, 0xff, 0xfd, 0xf3, 0xf1, 0xf7, 0xf5, 0xeb, 0xe9, 0xef, 0xed, 0xe3, 0xe1, 0xe7, 0xe5}; uchar Xtime9[] = {
0x00, 0x09, 0x12, 0x1b, 0x24, 0x2d, 0x36, 0x3f, 0x48, 0x41, 0x5a, 0x53, 0x6c, 0x65, 0x7e, 0x77,
0x90, 0x99, 0x82, 0x8b, 0xb4, 0xbd, 0xa6, 0xaf, 0xd8, 0xd1, 0xca, 0xc3, 0xfc, 0xf5, 0xee, 0xe7,
0x3b, 0x32, 0x29, 0x20, 0x1f, 0x16, 0x0d, 0x04, 0x73, 0x7a, 0x61, 0x68, 0x57, 0x5e, 0x45, 0x4c,
0xab, 0xa2, 0xb9, 0xb0, 0x8f, 0x86, 0x9d, 0x94, 0xe3, 0xea, 0xf1, 0xf8, 0xc7, 0xce, 0xd5, 0xdc,
0x76, 0x7f, 0x64, 0x6d, 0x52, 0x5b, 0x40, 0x49, 0x3e, 0x37, 0x2c, 0x25, 0x1a, 0x13, 0x08, 0x01,
0xe6, 0xef, 0xf4, 0xfd, 0xc2, 0xcb, 0xd0, 0xd9, 0xae, 0xa7, 0xbc, 0xb5, 0x8a, 0x83, 0x98, 0x91,
0x4d, 0x44, 0x5f, 0x56, 0x69, 0x60, 0x7b, 0x72, 0x05, 0x0c, 0x17, 0x1e, 0x21, 0x28, 0x33, 0x3a,
0xdd, 0xd4, 0xcf, 0xc6, 0xf9, 0xf0, 0xeb, 0xe2, 0x95, 0x9c, 0x87, 0x8e, 0xb1, 0xb8, 0xa3, 0xaa,
0xec, 0xe5, 0xfe, 0xf7, 0xc8, 0xc1, 0xda, 0xd3, 0xa4, 0xad, 0xb6, 0xbf, 0x80, 0x89, 0x92, 0x9b,
0x7c, 0x75, 0x6e, 0x67, 0x58, 0x51, 0x4a, 0x43, 0x34, 0x3d, 0x26, 0x2f, 0x10, 0x19, 0x02, 0x0b,
0xd7, 0xde, 0xc5, 0xcc, 0xf3, 0xfa, 0xe1, 0xe8, 0x9f, 0x96, 0x8d, 0x84, 0xbb, 0xb2, 0xa9, 0xa0,
0x47, 0x4e, 0x55, 0x5c, 0x63, 0x6a, 0x71, 0x78, 0x0f, 0x06, 0x1d, 0x14, 0x2b, 0x22, 0x39, 0x30,
0x9a, 0x93, 0x88, 0x81, 0xbe, 0xb7, 0xac, 0xa5, 0xd2, 0xdb, 0xc0, 0xc9, 0xf6, 0xff, 0xe4, 0xed,
0x0a, 0x03, 0x18, 0x11, 0x2e, 0x27, 0x3c, 0x35, 0x42, 0x4b, 0x50, 0x59, 0x66, 0x6f, 0x74, 0x7d,
0xa1, 0xa8, 0xb3, 0xba, 0x85, 0x8c, 0x97, 0x9e, 0xe9, 0xe0, 0xfb, 0xf2, 0xcd, 0xc4, 0xdf, 0xd6,
0x31, 0x38, 0x23, 0x2a, 0x15, 0x1c, 0x07, 0x0e, 0x79, 0x70, 0x6b, 0x62, 0x5d, 0x54, 0x4f, 0x46}; uchar XtimeB[] = {
0x00, 0x0b, 0x16, 0x1d, 0x2c, 0x27, 0x3a, 0x31, 0x58, 0x53, 0x4e, 0x45, 0x74, 0x7f, 0x62, 0x69,
0xb0, 0xbb, 0xa6, 0xad, 0x9c, 0x97, 0x8a, 0x81, 0xe8, 0xe3, 0xfe, 0xf5, 0xc4, 0xcf, 0xd2, 0xd9,
0x7b, 0x70, 0x6d, 0x66, 0x57, 0x5c, 0x41, 0x4a, 0x23, 0x28, 0x35, 0x3e, 0x0f, 0x04, 0x19, 0x12,
0xcb, 0xc0, 0xdd, 0xd6, 0xe7, 0xec, 0xf1, 0xfa, 0x93, 0x98, 0x85, 0x8e, 0xbf, 0xb4, 0xa9, 0xa2,
0xf6, 0xfd, 0xe0, 0xeb, 0xda, 0xd1, 0xcc, 0xc7, 0xae, 0xa5, 0xb8, 0xb3, 0x82, 0x89, 0x94, 0x9f,
0x46, 0x4d, 0x50, 0x5b, 0x6a, 0x61, 0x7c, 0x77, 0x1e, 0x15, 0x08, 0x03, 0x32, 0x39, 0x24, 0x2f,
0x8d, 0x86, 0x9b, 0x90, 0xa1, 0xaa, 0xb7, 0xbc, 0xd5, 0xde, 0xc3, 0xc8, 0xf9, 0xf2, 0xef, 0xe4,
0x3d, 0x36, 0x2b, 0x20, 0x11, 0x1a, 0x07, 0x0c, 0x65, 0x6e, 0x73, 0x78, 0x49, 0x42, 0x5f, 0x54,
0xf7, 0xfc, 0xe1, 0xea, 0xdb, 0xd0, 0xcd, 0xc6, 0xaf, 0xa4, 0xb9, 0xb2, 0x83, 0x88, 0x95, 0x9e,
0x47, 0x4c, 0x51, 0x5a, 0x6b, 0x60, 0x7d, 0x76, 0x1f, 0x14, 0x09, 0x02, 0x33, 0x38, 0x25, 0x2e,
0x8c, 0x87, 0x9a, 0x91, 0xa0, 0xab, 0xb6, 0xbd, 0xd4, 0xdf, 0xc2, 0xc9, 0xf8, 0xf3, 0xee, 0xe5,
0x3c, 0x37, 0x2a, 0x21, 0x10, 0x1b, 0x06, 0x0d, 0x64, 0x6f, 0x72, 0x79, 0x48, 0x43, 0x5e, 0x55,
0x01, 0x0a, 0x17, 0x1c, 0x2d, 0x26, 0x3b, 0x30, 0x59, 0x52, 0x4f, 0x44, 0x75, 0x7e, 0x63, 0x68,
0xb1, 0xba, 0xa7, 0xac, 0x9d, 0x96, 0x8b, 0x80, 0xe9, 0xe2, 0xff, 0xf4, 0xc5, 0xce, 0xd3, 0xd8,
0x7a, 0x71, 0x6c, 0x67, 0x56, 0x5d, 0x40, 0x4b, 0x22, 0x29, 0x34, 0x3f, 0x0e, 0x05, 0x18, 0x13,
0xca, 0xc1, 0xdc, 0xd7, 0xe6, 0xed, 0xf0, 0xfb, 0x92, 0x99, 0x84, 0x8f, 0xbe, 0xb5, 0xa8, 0xa3}; uchar XtimeD[] = {
0x00, 0x0d, 0x1a, 0x17, 0x34, 0x39, 0x2e, 0x23, 0x68, 0x65, 0x72, 0x7f, 0x5c, 0x51, 0x46, 0x4b,
0xd0, 0xdd, 0xca, 0xc7, 0xe4, 0xe9, 0xfe, 0xf3, 0xb8, 0xb5, 0xa2, 0xaf, 0x8c, 0x81, 0x96, 0x9b,
0xbb, 0xb6, 0xa1, 0xac, 0x8f, 0x82, 0x95, 0x98, 0xd3, 0xde, 0xc9, 0xc4, 0xe7, 0xea, 0xfd, 0xf0,
0x6b, 0x66, 0x71, 0x7c, 0x5f, 0x52, 0x45, 0x48, 0x03, 0x0e, 0x19, 0x14, 0x37, 0x3a, 0x2d, 0x20,
0x6d, 0x60, 0x77, 0x7a, 0x59, 0x54, 0x43, 0x4e, 0x05, 0x08, 0x1f, 0x12, 0x31, 0x3c, 0x2b, 0x26,
0xbd, 0xb0, 0xa7, 0xaa, 0x89, 0x84, 0x93, 0x9e, 0xd5, 0xd8, 0xcf, 0xc2, 0xe1, 0xec, 0xfb, 0xf6,
0xd6, 0xdb, 0xcc, 0xc1, 0xe2, 0xef, 0xf8, 0xf5, 0xbe, 0xb3, 0xa4, 0xa9, 0x8a, 0x87, 0x90, 0x9d,
0x06, 0x0b, 0x1c, 0x11, 0x32, 0x3f, 0x28, 0x25, 0x6e, 0x63, 0x74, 0x79, 0x5a, 0x57, 0x40, 0x4d,
0xda, 0xd7, 0xc0, 0xcd, 0xee, 0xe3, 0xf4, 0xf9, 0xb2, 0xbf, 0xa8, 0xa5, 0x86, 0x8b, 0x9c, 0x91,
0x0a, 0x07, 0x10, 0x1d, 0x3e, 0x33, 0x24, 0x29, 0x62, 0x6f, 0x78, 0x75, 0x56, 0x5b, 0x4c, 0x41,
0x61, 0x6c, 0x7b, 0x76, 0x55, 0x58, 0x4f, 0x42, 0x09, 0x04, 0x13, 0x1e, 0x3d, 0x30, 0x27, 0x2a,
0xb1, 0xbc, 0xab, 0xa6, 0x85, 0x88, 0x9f, 0x92, 0xd9, 0xd4, 0xc3, 0xce, 0xed, 0xe0, 0xf7, 0xfa,
0xb7, 0xba, 0xad, 0xa0, 0x83, 0x8e, 0x99, 0x94, 0xdf, 0xd2, 0xc5, 0xc8, 0xeb, 0xe6, 0xf1, 0xfc,
0x67, 0x6a, 0x7d, 0x70, 0x53, 0x5e, 0x49, 0x44, 0x0f, 0x02, 0x15, 0x18, 0x3b, 0x36, 0x21, 0x2c,
0x0c, 0x01, 0x16, 0x1b, 0x38, 0x35, 0x22, 0x2f, 0x64, 0x69, 0x7e, 0x73, 0x50, 0x5d, 0x4a, 0x47,
0xdc, 0xd1, 0xc6, 0xcb, 0xe8, 0xe5, 0xf2, 0xff, 0xb4, 0xb9, 0xae, 0xa3, 0x80, 0x8d, 0x9a, 0x97}; uchar XtimeE[] = {
0x00, 0x0e, 0x1c, 0x12, 0x38, 0x36, 0x24, 0x2a, 0x70, 0x7e, 0x6c, 0x62, 0x48, 0x46, 0x54, 0x5a,
0xe0, 0xee, 0xfc, 0xf2, 0xd8, 0xd6, 0xc4, 0xca, 0x90, 0x9e, 0x8c, 0x82, 0xa8, 0xa6, 0xb4, 0xba,
0xdb, 0xd5, 0xc7, 0xc9, 0xe3, 0xed, 0xff, 0xf1, 0xab, 0xa5, 0xb7, 0xb9, 0x93, 0x9d, 0x8f, 0x81,
0x3b, 0x35, 0x27, 0x29, 0x03, 0x0d, 0x1f, 0x11, 0x4b, 0x45, 0x57, 0x59, 0x73, 0x7d, 0x6f, 0x61,
0xad, 0xa3, 0xb1, 0xbf, 0x95, 0x9b, 0x89, 0x87, 0xdd, 0xd3, 0xc1, 0xcf, 0xe5, 0xeb, 0xf9, 0xf7,
0x4d, 0x43, 0x51, 0x5f, 0x75, 0x7b, 0x69, 0x67, 0x3d, 0x33, 0x21, 0x2f, 0x05, 0x0b, 0x19, 0x17,
0x76, 0x78, 0x6a, 0x64, 0x4e, 0x40, 0x52, 0x5c, 0x06, 0x08, 0x1a, 0x14, 0x3e, 0x30, 0x22, 0x2c,
0x96, 0x98, 0x8a, 0x84, 0xae, 0xa0, 0xb2, 0xbc, 0xe6, 0xe8, 0xfa, 0xf4, 0xde, 0xd0, 0xc2, 0xcc,
0x41, 0x4f, 0x5d, 0x53, 0x79, 0x77, 0x65, 0x6b, 0x31, 0x3f, 0x2d, 0x23, 0x09, 0x07, 0x15, 0x1b,
0xa1, 0xaf, 0xbd, 0xb3, 0x99, 0x97, 0x85, 0x8b, 0xd1, 0xdf, 0xcd, 0xc3, 0xe9, 0xe7, 0xf5, 0xfb,
0x9a, 0x94, 0x86, 0x88, 0xa2, 0xac, 0xbe, 0xb0, 0xea, 0xe4, 0xf6, 0xf8, 0xd2, 0xdc, 0xce, 0xc0,
0x7a, 0x74, 0x66, 0x68, 0x42, 0x4c, 0x5e, 0x50, 0x0a, 0x04, 0x16, 0x18, 0x32, 0x3c, 0x2e, 0x20,
0xec, 0xe2, 0xf0, 0xfe, 0xd4, 0xda, 0xc8, 0xc6, 0x9c, 0x92, 0x80, 0x8e, 0xa4, 0xaa, 0xb8, 0xb6,
0x0c, 0x02, 0x10, 0x1e, 0x34, 0x3a, 0x28, 0x26, 0x7c, 0x72, 0x60, 0x6e, 0x44, 0x4a, 0x58, 0x56,
0x37, 0x39, 0x2b, 0x25, 0x0f, 0x01, 0x13, 0x1d, 0x47, 0x49, 0x5b, 0x55, 0x7f, 0x71, 0x63, 0x6d,
0xd7, 0xd9, 0xcb, 0xc5, 0xef, 0xe1, 0xf3, 0xfd, 0xa7, 0xa9, 0xbb, 0xb5, 0x9f, 0x91, 0x83, 0x8d}; // exchanges columns in each of 4 rows
// row0 - unchanged, row1- shifted left 1,
// row2 - shifted left 2 and row3 - shifted left 3
void ShiftRows (uchar *state, uchar *out)
{
// just substitute row 0
out[] = Sbox[state[]], out[] = Sbox[state[]];
out[] = Sbox[state[]], out[] = Sbox[state[]]; // rotate row 1
out[] = Sbox[state[]], out[] = Sbox[state[]];
out[] = Sbox[state[]], out[] = Sbox[state[]]; // rotate row 2
out[] = Sbox[state[]], out[] = Sbox[state[]];
out[] = Sbox[state[]], out[] = Sbox[state[]]; // rotate row 3
out[] = Sbox[state[]], out[] = Sbox[state[]];
out[] = Sbox[state[]], out[] = Sbox[state[]];
} // restores columns in each of 4 rows
// row0 - unchanged, row1- shifted right 1,
// row2 - shifted right 2 and row3 - shifted right 3
void InvShiftRows (uchar *state, uchar *out)
{
// restore row 0
out[] = InvSbox[state[]], out[] = InvSbox[state[]];
out[] = InvSbox[state[]], out[] = InvSbox[state[]]; // restore row 1
out[] = InvSbox[state[]], out[] = InvSbox[state[]];
out[] = InvSbox[state[]], out[] = InvSbox[state[]]; // restore row 2
out[] = InvSbox[state[]], out[] = InvSbox[state[]];
out[] = InvSbox[state[]], out[] = InvSbox[state[]]; // restore row 3
out[] = InvSbox[state[]], out[] = InvSbox[state[]];
out[] = InvSbox[state[]], out[] = InvSbox[state[]];
} uchar Rcon[] = {
0x00, 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36}; // produce Nb bytes for each round
void ExpandKey (uchar *key, uchar *expkey)
{
uchar tmp0, tmp1, tmp2, tmp3, tmp4;
int idx; memcpy (expkey, key, Nk * ); for( idx = Nk; idx < Nb * (Nr + ); idx++ ) {
tmp0 = expkey[*idx - ];
tmp1 = expkey[*idx - ];
tmp2 = expkey[*idx - ];
tmp3 = expkey[*idx - ];
if( !(idx % Nk) ) {
tmp4 = tmp3;
tmp3 = Sbox[tmp0];
tmp0 = Sbox[tmp1] ^ Rcon[idx/Nk];
tmp1 = Sbox[tmp2];
tmp2 = Sbox[tmp4];
} else if( Nk > && idx % Nk == ) {
tmp0 = Sbox[tmp0];
tmp1 = Sbox[tmp1];
tmp2 = Sbox[tmp2];
tmp3 = Sbox[tmp3];
} expkey[*idx+] = expkey[*idx - *Nk + ] ^ tmp0;
expkey[*idx+] = expkey[*idx - *Nk + ] ^ tmp1;
expkey[*idx+] = expkey[*idx - *Nk + ] ^ tmp2;
expkey[*idx+] = expkey[*idx - *Nk + ] ^ tmp3;
}
} // encrypt/decrypt columns of the key #define AddRoundKey(state, key, out)\
do {\
out[] = state[] ^ key[];\
out[] = state[] ^ key[];\
out[] = state[] ^ key[];\
out[] = state[] ^ key[];\
out[] = state[] ^ key[];\
out[] = state[] ^ key[];\
out[] = state[] ^ key[];\
out[] = state[] ^ key[];\
out[] = state[] ^ key[];\
out[] = state[] ^ key[];\
out[] = state[] ^ key[];\
out[] = state[] ^ key[];\
out[] = state[] ^ key[];\
out[] = state[] ^ key[];\
out[] = state[] ^ key[];\
out[] = state[] ^ key[];\
} while() // recombine and mix each row in a column
#define MixSubColumns(state, out, key)\
do {\
/* mixing column 0*/\
out[] = Xtime2Sbox[state[]] ^ Xtime3Sbox[state[]] ^ Sbox[state[]] ^ Sbox[state[]] ^ key[];\
out[] = Sbox[state[]] ^ Xtime2Sbox[state[]] ^ Xtime3Sbox[state[]] ^ Sbox[state[]] ^ key[];\
out[] = Sbox[state[]] ^ Sbox[state[]] ^ Xtime2Sbox[state[]] ^ Xtime3Sbox[state[]] ^ key[];\
out[] = Xtime3Sbox[state[]] ^ Sbox[state[]] ^ Sbox[state[]] ^ Xtime2Sbox[state[]] ^ key[];\
\
/* mixing column 1*/\
out[] = Xtime2Sbox[state[]] ^ Xtime3Sbox[state[]] ^ Sbox[state[]] ^ Sbox[state[]] ^ key[];\
out[] = Sbox[state[]] ^ Xtime2Sbox[state[]] ^ Xtime3Sbox[state[]] ^ Sbox[state[]] ^ key[];\
out[] = Sbox[state[]] ^ Sbox[state[]] ^ Xtime2Sbox[state[]] ^ Xtime3Sbox[state[]] ^ key[];\
out[] = Xtime3Sbox[state[]] ^ Sbox[state[]] ^ Sbox[state[]] ^ Xtime2Sbox[state[]] ^ key[];\
\
/* mixing column 2*/\
out[] = Xtime2Sbox[state[]] ^ Xtime3Sbox[state[]] ^ Sbox[state[]] ^ Sbox[state[]] ^ key[];\
out[] = Sbox[state[]] ^ Xtime2Sbox[state[]] ^ Xtime3Sbox[state[]] ^ Sbox[state[]] ^ key[];\
out[] = Sbox[state[]] ^ Sbox[state[]] ^ Xtime2Sbox[state[]] ^ Xtime3Sbox[state[]] ^ key[];\
out[] = Xtime3Sbox[state[]] ^ Sbox[state[]] ^ Sbox[state[]] ^ Xtime2Sbox[state[]] ^ key[];\
\
/* mixing column 3*/\
out[] = Xtime2Sbox[state[]] ^ Xtime3Sbox[state[]] ^ Sbox[state[]] ^ Sbox[state[]] ^ key[];\
out[] = Sbox[state[]] ^ Xtime2Sbox[state[]] ^ Xtime3Sbox[state[]] ^ Sbox[state[]] ^ key[];\
out[] = Sbox[state[]] ^ Sbox[state[]] ^ Xtime2Sbox[state[]] ^ Xtime3Sbox[state[]] ^ key[];\
out[] = Xtime3Sbox[state[]] ^ Sbox[state[]] ^ Sbox[state[]] ^ Xtime2Sbox[state[]] ^ key[];\
} while() // encrypt one 128 bit block
void Encrypt (uchar *in, uchar *expkey, uchar *out)
{
uchar state[Nb * ], tmp[Nb * ]; AddRoundKey (in, expkey, state);
expkey += Nb * ; MixSubColumns (state, tmp, expkey);
expkey += Nb * ; MixSubColumns (tmp, state, expkey);
expkey += Nb * ; MixSubColumns (state, tmp, expkey);
expkey += Nb * ; MixSubColumns (tmp, state, expkey);
expkey += Nb * ; MixSubColumns (state, tmp, expkey);
expkey += Nb * ; MixSubColumns (tmp, state, expkey);
expkey += Nb * ; MixSubColumns (state, tmp, expkey);
expkey += Nb * ; MixSubColumns (tmp, state, expkey);
expkey += Nb * ; MixSubColumns (state, tmp, expkey);
expkey += Nb * ; #if (Nr > 10)
MixSubColumns (tmp, state, expkey);
expkey += Nb * ; MixSubColumns (state, tmp, expkey);
expkey += Nb * ;
#endif #if (Nr > 12)
MixSubColumns (tmp, state, expkey);
expkey += Nb * ; MixSubColumns (state, tmp, expkey);
expkey += Nb * ;
#endif ShiftRows (tmp, state);
AddRoundKey (state, expkey, out);
} // restore and un-mix each row in a column
#define InvMixSubColumns(state, out, key)\
do {\
/* restore column 0*/\
t0 = state[] ^ key[];\
t1 = state[] ^ key[];\
t2 = state[] ^ key[];\
t3 = state[] ^ key[];\
out[] = InvSbox[XtimeE[t0] ^ XtimeB[t1] ^ XtimeD[t2] ^ Xtime9[t3]];\
out[] = InvSbox[Xtime9[t0] ^ XtimeE[t1] ^ XtimeB[t2] ^ XtimeD[t3]];\
out[] = InvSbox[XtimeD[t0] ^ Xtime9[t1] ^ XtimeE[t2] ^ XtimeB[t3]];\
out[] = InvSbox[XtimeB[t0] ^ XtimeD[t1] ^ Xtime9[t2] ^ XtimeE[t3]];\
\
/* restore column 1*/\
t0 = state[] ^ key[];\
t1 = state[] ^ key[];\
t2 = state[] ^ key[];\
t3 = state[] ^ key[];\
out[] = InvSbox[XtimeE[t0] ^ XtimeB[t1] ^ XtimeD[t2] ^ Xtime9[t3]];\
out[] = InvSbox[Xtime9[t0] ^ XtimeE[t1] ^ XtimeB[t2] ^ XtimeD[t3]];\
out[] = InvSbox[XtimeD[t0] ^ Xtime9[t1] ^ XtimeE[t2] ^ XtimeB[t3]];\
out[] = InvSbox[XtimeB[t0] ^ XtimeD[t1] ^ Xtime9[t2] ^ XtimeE[t3]];\
\
/* restore column 2*/\
t0 = state[] ^ key[];\
t1 = state[] ^ key[];\
t2 = state[] ^ key[];\
t3 = state[] ^ key[];\
out[] = InvSbox[XtimeE[t0] ^ XtimeB[t1] ^ XtimeD[t2] ^ Xtime9[t3]];\
out[] = InvSbox[Xtime9[t0] ^ XtimeE[t1] ^ XtimeB[t2] ^ XtimeD[t3]];\
out[] = InvSbox[XtimeD[t0] ^ Xtime9[t1] ^ XtimeE[t2] ^ XtimeB[t3]];\
out[] = InvSbox[XtimeB[t0] ^ XtimeD[t1] ^ Xtime9[t2] ^ XtimeE[t3]];\
\
/* restore column 3*/\
t0 = state[] ^ key[];\
t1 = state[] ^ key[];\
t2 = state[] ^ key[];\
t3 = state[] ^ key[];\
out[] = InvSbox[XtimeE[t0] ^ XtimeB[t1] ^ XtimeD[t2] ^ Xtime9[t3]];\
out[] = InvSbox[Xtime9[t0] ^ XtimeE[t1] ^ XtimeB[t2] ^ XtimeD[t3]];\
out[] = InvSbox[XtimeD[t0] ^ Xtime9[t1] ^ XtimeE[t2] ^ XtimeB[t3]];\
out[] = InvSbox[XtimeB[t0] ^ XtimeD[t1] ^ Xtime9[t2] ^ XtimeE[t3]];\
} while() void Decrypt (uchar *in, uchar *expkey, uchar *out)
{
uchar state[Nb * ], tmp[Nb * ];
uchar t0, t1, t2, t3; expkey += Nr * Nb * ;
AddRoundKey (in, expkey, tmp);
InvShiftRows(tmp, state); expkey -= Nb * ;
InvMixSubColumns (state, tmp, expkey); expkey -= Nb * ;
InvMixSubColumns (tmp, state, expkey); expkey -= Nb * ;
InvMixSubColumns (state, tmp, expkey); expkey -= Nb * ;
InvMixSubColumns (tmp, state, expkey); expkey -= Nb * ;
InvMixSubColumns (state, tmp, expkey); expkey -= Nb * ;
InvMixSubColumns (tmp, state, expkey); expkey -= Nb * ;
InvMixSubColumns (state, tmp, expkey); expkey -= Nb * ;
InvMixSubColumns (tmp, state, expkey); expkey -= Nb * ;
InvMixSubColumns (state, tmp, expkey); #if (Nr > 10)
expkey -= Nb * ;
InvMixSubColumns (tmp, state, expkey); expkey -= Nb * ;
InvMixSubColumns (state, tmp, expkey);
#endif #if (Nr > 12)
expkey -= Nb * ;
InvMixSubColumns (tmp, state, expkey); expkey -= Nb * ;
InvMixSubColumns (state, tmp, expkey);
#endif expkey -= Nb * ;
AddRoundKey (tmp, expkey, out);
} #include <stdio.h>
#include <fcntl.h>
uchar in[] = { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff}; uchar key[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f}; uchar out[]; #ifndef unix
void rd_clock (__int64 *ans)
{
unsigned dwLow, dwHigh; __asm {
rdtsc
mov dwLow, eax
mov dwHigh, edx
}
*ans = (__int64)dwHigh << | (__int64)dwLow;
}
#else
typedef long long __int64; void rd_clock (__int64 *ans)
{
unsigned long long dwBoth; __asm__ volatile(".byte 0x0f, 0x31" : "=A"(dwBoth));
*ans = dwBoth;
}
#endif uchar samplekey[] = {0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab,
0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c}; uchar samplein[] = {0x32, 0x43, 0xf6, 0xa8, 0x88, 0x5a, 0x30, 0x8d, 0x31,
0x31, 0x98, 0xa2, 0xe0, 0x37, 0x07, 0x34}; void sample ()
{
uchar expkey[ * Nb * (Nr + )];
int idx, diff;
__int64 start, stop; ExpandKey (samplekey, expkey);
Encrypt (samplein, expkey, out); rd_clock(&start); Encrypt (samplein, expkey, out); rd_clock(&stop);
diff = stop - start;
printf ("encrypt time: %d, %d cycles per byte\n", diff, diff/); for( idx = ; idx < ; idx++ )
printf ("%.2x ", out[idx]); printf ("\n");
Decrypt (out, expkey, in);
rd_clock(&start);
Decrypt (out, expkey, in); rd_clock(&stop);
diff = stop - start;
printf ("decrypt time: %d, %d cycles per byte\n", diff, diff/); for( idx = ; idx < ; idx++ )
printf ("%.2x ", in[idx]); printf ("\n");
} void certify ()
{
uchar expkey[ * Nb * (Nr + )];
int idx, diff;
__int64 start, stop; ExpandKey (key, expkey);
Encrypt (in, expkey, out); rd_clock(&start); Encrypt (in, expkey, out); rd_clock(&stop);
diff = stop - start;
printf ("encrypt time: %d, %d cycles per byte\n", diff, diff/); for( idx = ; idx < ; idx++ )
printf ("%.2x ", out[idx]); printf ("\n");
Decrypt (out, expkey, in);
rd_clock(&start);
Decrypt (out, expkey, in); rd_clock(&stop);
diff = stop - start;
printf ("decrypt time: %d, %d cycles per byte\n", diff, diff/); for( idx = ; idx < ; idx++ )
printf ("%.2x ", in[idx]); printf ("\n");
} void decrypt (char *mykey, char *name)
{
uchar expkey[ * Nb * (Nr + )];
FILE *fd = fopen (name, "rb");
int ch, idx = ; strncpy (key, mykey, sizeof(key));
ExpandKey (key, expkey); while( ch = getc(fd), ch != EOF ) {
in[idx++] = ch;
if( idx % )
continue; Decrypt (in, expkey, out); for( idx = ; idx < ; idx++ )
putchar (out[idx]);
idx = ;
}
} void encrypt (char *mykey, char *name)
{
uchar expkey[ * Nb * (Nr + )];
FILE *fd = fopen (name, "rb");
int ch, idx = ; strncpy (key, mykey, sizeof(key));
ExpandKey (key, expkey); while( ch = getc(fd), ch != EOF ) {
in[idx++] = ch;
if( idx % )
continue; Encrypt (in, expkey, out); for( idx = ; idx < ; idx++ )
putchar (out[idx]);
idx = ;
} if( idx )
while( idx % )
in[idx++] = ;
else
return; Encrypt (in, expkey, out); for( idx = ; idx < ; idx++ )
putchar (out[idx]);
} uchar expkey[ * Nb * (Nr + )];
void mrandom (int, char *);
unsigned xrandom (void); int aescycles ()
{
__int64 start, end;
int t; do {
rd_clock(&start);
Encrypt (in, expkey, out);
rd_clock (&end);
t = end - start;
} while( t<= || t>= );
return t;
} int bestx (int b, int loops)
{
int bestx = , bestxt = ;
int x, xt, i, j; for( x = ; x < ; x++ ) {
xt = ;
for( i = ; i < loops; i++ ) {
for( j = ; j < ; j++ )
in[j] = xrandom() >> ;
in[b] = x;
xt += aescycles(); xt += aescycles(); xt += aescycles();
xt += aescycles(); xt += aescycles();
}
if( xt > bestxt )
bestx = x, bestxt = xt;
}
return bestx;
} void bernstein (char *seed)
{
int loops, b, j, k; mrandom (strlen(seed), seed); for( loops = ; loops <= ; loops *= ) {
for( b = ; b < ; b++ ) {
printf ("%.2d, %.5d loops:", b, loops);
for( k = ; k < ; k++ ) {
for( j = ; j < ; j++ )
key[j] = xrandom() >> ;
ExpandKey (key, expkey);
printf (" %.2x", bestx (b, loops) ^ key[b]);
fflush (stdout);
}
printf ("\n");
}
}
} void tables()
{
int i; for( i = ; i < ; i++)
{
printf("0x%.2x, ", Sbox[i] ^ Xtime2[Sbox[i]]);
if( !((i+) % ) )
printf("\n");
} printf("\n"); for( i = ; i < ; i++)
{
printf("0x%.2x, ", Xtime2[Sbox[i]]);
if ( !((i+) % ) )
printf("\n");
}
} int main (int argc, char *argv[])
{
#ifndef unix
extern int __cdecl _setmode (int, int); _setmode (_fileno(stdout), _O_BINARY);
#endif switch( argv[][] ) {
case 'c': certify(); break;
case 'e': encrypt(argv[], argv[]); break;
case 'd': decrypt(argv[], argv[]); break;
case 'b': bernstein(argv[]); break;
case 's': sample(); break;
case 't': tables(); break;
}
} /*
* The package generates far better random numbers than a linear
* congruential generator. The random number generation technique
* is a linear feedback shift register approach. In this approach,
* the least significant bit of all the numbers in the RandTbl table
* will act as a linear feedback shift register, and will have period
* of approximately 2^96 - 1.
*
*/ #define RAND_order (7 * sizeof(unsigned))
#define RAND_size (96 * sizeof(unsigned)) uchar RandTbl[RAND_size + RAND_order];
int RandHead = ; /*
* random: x**96 + x**7 + x**6 + x**4 + x**3 + x**2 + 1
*
* The basic operation is to add to the number at the head index
* the XOR sum of the lower order terms in the polynomial.
* Then the index is advanced to the next location cyclically
* in the table. The value returned is the sum generated.
*
*/ unsigned xrandom ()
{
register unsigned fact; if( (RandHead -= sizeof(unsigned)) < ) {
RandHead = RAND_size - sizeof(unsigned);
memcpy (RandTbl + RAND_size, RandTbl, RAND_order);
} fact = *(unsigned *)(RandTbl + RandHead + * sizeof(unsigned));
fact ^= *(unsigned *)(RandTbl + RandHead + * sizeof(unsigned));
fact ^= *(unsigned *)(RandTbl + RandHead + * sizeof(unsigned));
fact ^= *(unsigned *)(RandTbl + RandHead + * sizeof(unsigned));
fact ^= *(unsigned *)(RandTbl + RandHead + * sizeof(unsigned));
return *(unsigned *)(RandTbl + RandHead) += fact;
} /*
* mrandom:
* Initialize the random number generator based on the given seed.
*
*/ void mrandom (int len, char *ptr)
{
unsigned short rand = *ptr;
int idx, bit = len * ; memset (RandTbl, , sizeof(RandTbl));
RandHead = ; while( rand *= , rand += , bit-- )
if( ptr[bit >> ] & ( << (bit & )) )
for (idx = ; idx < ; idx++) {
rand *= , rand += ;
RandTbl[rand % << ] ^= ;
} for( idx = ; idx < * ; idx++ )
xrandom ();
}
AES advanced encryption standard的更多相关文章
- AES advanced encryption standard 3
This optimized <../aesbench/> AES implementation conforms to FIPS-. aes.h #ifndef _AES_H #defi ...
- AES advanced encryption standard 2
/* * FIPS-197 compliant AES implementation * * Copyright (C) 2006-2007 Christophe Devine * * Redistr ...
- java AES 加密解密工具(Advanced Encryption Standard)发现明文相同但每次重启服务后密文就会不同于是有了改进
1.通用方法 package com.qlkj.hzd.commom.utils; import javax.crypto.*; import java.io.UnsupportedEncodingE ...
- ECC(Ellipse Curve Cryptography)+AES(Advanced Encryption Standard)前端通讯加密模拟(使用eccrypto-js)
前置知识 不了解对称加密与非对称加密的小伙伴可以看看下面的文章,想详细学习与区块链有关的加密算法可以戳这里 对称与非对称加密 https://blog.csdn.net/u013320868/arti ...
- 高级加密标准(英语:Advanced Encryption Standard,缩写:AES)
2006年,高级加密标准已然成为对称密钥加密中最流行的算法之一.
- 目前常用的加密算法有DES(Data Encryption Standard)和IDEA(International Data Encryption Algorithm)国际数据加密算法等,请用工厂方法实现加密算法系统。提交该系统的代码,该系统务必是一个可以能够直接使用的系统,查阅资料完成相应加密算法的实现;
1.加密算法的类图结构 2.源代码 2.1代码运行截图 2.2代码的目录结构 2.3具体代码 MethodFactory.java package jiami; public interface Me ...
- DES(Data Encryption Standard)数据加密标准
DES算法入口参数 DES算法的入口参数有三个:Key.Data.Mode.其中Key为7个字节共56位,是DES算法的工作密钥.Data为8个字节64位,是要被加密或解密的数据;Mode为DES的工 ...
- DES,3DES,AES这三种对称密钥的区别与联系
DES:Data Encryption Standard(数据加密标准,又美国国密局,选中的IBM的方案,密钥长度为56,标准提出是要使用64位长的密钥,但是实际中DES算法只用了64位中的56位密钥 ...
- Node 实现 AES 加密,结果输出为“byte”。
Node 实现 AES 加密,结果输出为"byte". 最近做个需求,对接一个平台的接口,该平台采用 AES (Advanced Encryption Standard)加密算法, ...
随机推荐
- 数据库-mysql视图
视图是一个虚拟表(非真实存在),其本质是[根据SQL语句获取动态的数据集,并为其命名],用户使用时只需使用[名称]即可获取结果集,并可以将其当作表来使用 一:创建视图 create view view ...
- java基础76 web服务器之Tomcat服务器
(注:本文是以“压缩版Tomcat”为例,展开描述的) 一.Tomcat服务器的介绍 1.服务器 1.1.服务器的种类 从物理上讲:服务器就是一台pc机器.至少8核/8G以上.内存至少用T来计算.宽带 ...
- java基础34 泛型的使用
本文知识点(目录): 1.泛型的好处 2.泛型在集合中的常见应用(这里只用String类型举例) 3.在泛型中是不能使用基本数据类型,如果需要使用基本数据类型,那么就使用基本数据类型对应的 ...
- 牛客红包OI赛 B 小可爱序列
Description 链接:https://ac.nowcoder.com/acm/contest/224/B 来源:牛客网 "我愿意舍弃一切,以想念你,终此一生." " ...
- qlserver排序规则在全角与半角处理中的应用
--1.查询区分全角与半角字符--测试数据DECLARE @t TABLE(col varchar(10))INSERT @t SELECT 'aa'UNION ALL SELECT 'Aa'UNIO ...
- MySQL5.6 Waiting for Commit Lock
mysql Bug#19843808 自动修复记录 MySQL5.6和Xtrabackup之间存在一个bug,这个bug在5.6.23中已经修复. Xtrabackup备份的时候执行flushs t ...
- CF474D. Flowers
D. Flowers time limit per test 1.5 seconds memory limit per test 256 megabytes input standard input ...
- 程序设计实习MOOC / 程序设计与算法(三)第一周测验
作业题: 7. 填空(2分)简单的swap 通过码是 ( 请参考公告中的“关于编程作业的说明”完成编程作业(请注意,编程题都要求提交通过码,在openjudge上提交了程序并且通过以后,就可以下载到通 ...
- jquery实现checkbox的单选和全选
一.思路 全选:判断“全选”checkbox的状态,如果选中则把tbody下所有的checkbox选中,反之 单选:主要是判断有没有全选,如果不是选中状态就把全选的checkbox状态设置为false ...
- Ionic Js十八:滑动框
ion-slide-box 滑动框是一个包含多页容器的组件,每页滑动或拖动切换: 效果图如下:   用法 <ion-slide-box on-slide-changed="slid ...