Mzn impossible xor differential model¶

class MznImpossibleXorDifferentialModel(cipher)¶

Bases: MznDeterministicTruncatedXorDifferentialModel

add_comment(comment)¶

Write a ‘comment’ at the beginning of the model.

INPUT:

comment – string; string with the comment to be added

add_constraint_from_str(str_constraint)¶

add_output_comment(comment)¶

add_solution_to_components_values(component_id, component_solution, components_values, j, output_to_parse, solution_number, string)¶

add_solution_to_components_values_internal(component_solution, components_values, component_weight, solution_number, component)¶

add_solutions_from_components_values(components_values, memory, model_type, solutions, solve_time, solver_name, solver_output, total_weight, solve_external=False)¶

build_deterministic_truncated_xor_differential_trail_model(fixed_variables=[], number_of_rounds=None, minimize=False, wordwise=False)¶

Build the CP model for the search of deterministic truncated XOR differential trails.

INPUT:

fixed_variables – list (default: []); dictionaries containing the variables to be fixed in standard format
number_of_rounds – integer (default: None); number of rounds

EXAMPLES:

sage: from claasp.cipher_modules.models.cp.mzn_models.mzn_deterministic_truncated_xor_differential_model import MznDeterministicTruncatedXorDifferentialModel
sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: from claasp.cipher_modules.models.utils import set_fixed_variables, integer_to_bit_list
sage: speck = SpeckBlockCipher(block_bit_size=32, key_bit_size=64, number_of_rounds=2)
sage: cp = MznDeterministicTruncatedXorDifferentialModel(speck)
sage: fixed_variables = [set_fixed_variables('key', 'equal', range(64), integer_to_bit_list(0, 64, 'little'))]
sage: cp.build_deterministic_truncated_xor_differential_trail_model(fixed_variables)

build_impossible_backward_model(backward_components, clean=True)¶

build_impossible_forward_model(forward_components, clean=False)¶

build_impossible_xor_differential_trail_model(fixed_variables=[], number_of_rounds=None, initial_round=1, middle_round=None, final_round=None, intermediate_components=True)¶

Build the CP model for the search of deterministic truncated XOR differential trails.

INPUT:

fixed_variables – list (default: []); dictionaries containing the variables to be fixed in standard format
number_of_rounds – integer (default: None); number of rounds
initial_round – integer (default: 1); initial round of the impossible differential
middle_round – integer (default: 1); incosistency round of the impossible differential
final_round – integer (default: None); final round of the impossible differential
intermediate_components – Boolean (default: True); check inconsistency on intermediate components of the inconsistency round or only on outputs

EXAMPLES:

sage: from claasp.cipher_modules.models.cp.mzn_models.mzn_impossible_xor_differential_model import MznImpossibleXorDifferentialModel
sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: from claasp.cipher_modules.models.utils import set_fixed_variables, integer_to_bit_list
sage: speck = SpeckBlockCipher(block_bit_size=32, key_bit_size=64, number_of_rounds=4)
sage: cp = MznImpossibleXorDifferentialModel(speck)
sage: fixed_variables = [set_fixed_variables('key', 'equal', range(64), integer_to_bit_list(0, 64, 'little'))]
sage: cp.build_impossible_xor_differential_trail_model(fixed_variables, 4, 1, 3, 4, False)

build_impossible_xor_differential_trail_with_extensions_model(fixed_variables, number_of_rounds, initial_round, middle_round, final_round, intermediate_components)¶

Build the CP model for the search of deterministic truncated XOR differential trails with extensions for key recovery.

INPUT:

fixed_variables – list (default: []); dictionaries containing the variables to be fixed in standard format
number_of_rounds – integer ; number of rounds
initial_round – integer ; initial round of the impossible differential trail
middle_round – integer ; incosistency round of the impossible differential trail
final_round – integer ; final round of the impossible differential trail
intermediate_components – Boolean ; check inconsistency on intermediate components of the inconsistency round or only on outputs

EXAMPLES:

sage: from claasp.cipher_modules.models.cp.mzn_models.mzn_impossible_xor_differential_model import MznImpossibleXorDifferentialModel
sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: from claasp.cipher_modules.models.utils import set_fixed_variables, integer_to_bit_list
sage: speck = SpeckBlockCipher(block_bit_size=32, key_bit_size=64, number_of_rounds=5)
sage: cp = MznImpossibleXorDifferentialModel(speck)
sage: fixed_variables = [set_fixed_variables('key', 'equal', range(64), integer_to_bit_list(0, 64, 'little'))]
sage: cp.build_impossible_xor_differential_trail_with_extensions_model(fixed_variables, 5, 2, 3, 4, False)

build_mix_column_truncated_table(component)¶

Return a model that generates the list of possible input/output couples for the given mix column.

INPUT:

component – Component object; the mix column component in Cipher

EXAMPLES:

sage: from claasp.cipher_modules.models.cp.mzn_model import MznModel
sage: from claasp.ciphers.block_ciphers.aes_block_cipher import AESBlockCipher
sage: aes = AESBlockCipher(number_of_rounds=3)
sage: cp = MznModel(aes)
sage: mix_column = aes.component_from(0, 21)
sage: cp.build_mix_column_truncated_table(mix_column)
'array[0..93, 1..8] of int: mix_column_truncated_table_mix_column_0_21 = array2d(0..93, 1..8, [0,0,0,0,0,0,0,0,0,0,0,1,1,1,1,1,0,0,1,0,1,1,1,1,0,0,1,1,0,1,1,1,0,0,1,1,1,0,1,1,0,0,1,1,1,1,0,1,0,0,1,1,1,1,1,0,0,0,1,1,1,1,1,1,0,1,0,0,1,1,1,1,0,1,0,1,0,1,1,1,0,1,0,1,1,0,1,1,0,1,0,1,1,1,0,1,0,1,0,1,1,1,1,0,0,1,0,1,1,1,1,1,0,1,1,0,0,1,1,1,0,1,1,0,1,0,1,1,0,1,1,0,1,1,0,1,0,1,1,0,1,1,1,0,0,1,1,0,1,1,1,1,0,1,1,1,0,0,1,1,0,1,1,1,0,1,0,1,0,1,1,1,0,1,1,0,0,1,1,1,0,1,1,1,0,1,1,1,1,0,0,1,0,1,1,1,1,0,1,0,0,1,1,1,1,0,1,1,0,1,1,1,1,1,0,0,0,1,1,1,1,1,0,1,0,1,1,1,1,1,1,0,0,1,1,1,1,1,1,1,1,0,0,0,1,1,1,1,1,0,0,1,0,1,1,1,1,0,0,1,1,0,1,1,1,0,0,1,1,1,0,1,1,0,0,1,1,1,1,0,1,0,0,1,1,1,1,1,1,0,1,0,0,1,1,1,1,0,1,0,1,0,1,1,1,0,1,0,1,1,0,1,1,0,1,0,1,1,1,0,1,0,1,0,1,1,1,1,1,0,1,1,0,0,1,1,1,0,1,1,0,1,0,1,1,0,1,1,0,1,1,0,1,0,1,1,0,1,1,1,1,0,1,1,1,0,0,1,1,0,1,1,1,0,1,0,1,0,1,1,1,0,1,1,1,0,1,1,1,1,0,0,1,0,1,1,1,1,0,1,1,0,1,1,1,1,1,0,1,0,1,1,1,1,1,1,1,1,0,0,0,1,1,1,1,1,0,0,1,0,1,1,1,1,0,0,1,1,0,1,1,1,0,0,1,1,1,0,1,1,0,0,1,1,1,1,1,1,0,1,0,0,1,1,1,1,0,1,0,1,0,1,1,1,0,1,0,1,1,0,1,1,0,1,0,1,1,1,1,1,0,1,1,0,0,1,1,1,0,1,1,0,1,0,1,1,0,1,1,0,1,1,1,1,0,1,1,1,0,0,1,1,0,1,1,1,0,1,1,1,0,1,1,1,1,0,1,1,0,1,1,1,1,1,1,1,1,0,0,0,1,1,1,1,1,0,0,1,0,1,1,1,1,0,0,1,1,0,1,1,1,0,0,1,1,1,1,1,1,0,1,0,0,1,1,1,1,0,1,0,1,0,1,1,1,0,1,0,1,1,1,1,1,0,1,1,0,0,1,1,1,0,1,1,0,1,1,1,1,0,1,1,1,0,1,1,1,0,1,1,1,1,1,1,1,1,0,0,0,1,1,1,1,1,0,0,1,0,1,1,1,1,0,0,1,1,1,1,1,1,0,1,0,0,1,1,1,1,0,1,0,1,1,1,1,1,0,1,1,0,1,1,1,1,0,1,1,1,1,1,1,1,1,0,0,0,1,1,1,1,1,0,0,1,1,1,1,1,1,0,1,0,1,1,1,1,1,0,1,1,1,1,1,1,1,1,0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,1,1,0,1,1,1,1,1,1,1,1]);'

calculate_bit_positions(bit_positions, input_length)¶

calculate_bit_values(bit_values, input_length)¶

calculate_input_bit_positions(word_index, input_name_1, input_name_2, new_input_bit_positions_1, new_input_bit_positions_2)¶

property cipher¶

property cipher_id¶

clean_constraints(set_of_constraints, initial_round, middle_round, final_round)¶

clean_inverse_impossible_variables_constraints(backward_components, inverse_variables, inverse_constraints)¶

clean_inverse_impossible_variables_constraints_with_extensions(backward_components, inverse_variables, inverse_constraints)¶

clean_repetitions_in_constraints(inverse_variables, inverse_constraints)¶

constraints_for_constants()¶

constraints_for_key_schedule()¶

extract_constants()¶

extract_key_schedule()¶

final_deterministic_truncated_xor_differential_constraints(minimize=False)¶

Return a CP constraints list for the cipher outputs and solving indications for single or second step model.

INPUT:

None

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: from claasp.cipher_modules.models.cp.mzn_models.mzn_deterministic_truncated_xor_differential_model import MznDeterministicTruncatedXorDifferentialModel
sage: speck = SpeckBlockCipher(number_of_rounds=2)
sage: cp = MznDeterministicTruncatedXorDifferentialModel(speck)
sage: cp.final_deterministic_truncated_xor_differential_constraints()[:-1]
['solve satisfy;']

final_impossible_constraints(number_of_rounds, initial_round, middle_round, final_round, intermediate_components)¶

Constraints for output and incompatibility.

INPUT:

number_of_rounds – integer ; number of rounds
initial_round – integer ; initial round of the impossible differential trail
middle_round – integer ; incosistency round of the impossible differential trail
final_round – integer ; final round of the impossible differential trail
intermediate_components – Boolean ; check inconsistency on intermediate components of the inconsistency round or only on outputs

EXAMPLES:

sage: from claasp.cipher_modules.models.cp.mzn_models.mzn_impossible_xor_differential_model import MznImpossibleXorDifferentialModel
sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: from claasp.cipher_modules.models.utils import set_fixed_variables, integer_to_bit_list
sage: speck = SpeckBlockCipher(block_bit_size=32, key_bit_size=64, number_of_rounds=5)
sage: cp = MznImpossibleXorDifferentialModel(speck)
sage: cp.final_impossible_constraints(3, 2, 3, 4, False)
['solve satisfy;',
 ...
 'output["key = "++ show(key) ++ "\n" ++"intermediate_output_0_5 = "++ show(intermediate_output_0_5) ++ "\n" ++"intermediate_output_0_6 = "++ show(intermediate_output_0_6) ++ "\n" ++"inverse_intermediate_output_3_12 = "++ show(inverse_intermediate_output_3_12) ++ "\n" ++ "0" ++ "\n" ++"intermediate_output_0_6 = "++ show(intermediate_output_0_6)++ "\n" ++ "0" ++ "\n" ++"intermediate_output_1_12 = "++ show(intermediate_output_1_12)++ "\n" ++ "0" ++ "\n" ++"intermediate_output_2_12 = "++ show(intermediate_output_2_12)++ "\n" ++ "0" ++ "\n" ++"inverse_intermediate_output_2_12 = "++ show(inverse_intermediate_output_2_12)++ "\n" ++ "0" ++ "\n" ++"inverse_intermediate_output_3_12 = "++ show(inverse_intermediate_output_3_12)++ "\n" ++ "0" ++ "\n" ++"inverse_cipher_output_4_12 = "++ show(inverse_cipher_output_4_12)++ "\n" ++ "0" ++ "\n" ];']

final_impossible_constraints_with_extensions(number_of_rounds, initial_round, middle_round, final_round, intermediate_components)¶

Constraints for output and incompatibility.

INPUT:

number_of_rounds – integer ; number of rounds
initial_round – integer ; initial round of the impossible differential trail
middle_round – integer ; incosistency round of the impossible differential trail
final_round – integer ; final round of the impossible differential trail
intermediate_components – Boolean ; check inconsistency on intermediate components of the inconsistency round or only on outputs

EXAMPLES:

sage: from claasp.cipher_modules.models.cp.mzn_models.mzn_impossible_xor_differential_model import MznImpossibleXorDifferentialModel
sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: from claasp.cipher_modules.models.utils import set_fixed_variables, integer_to_bit_list
sage: speck = SpeckBlockCipher(block_bit_size=32, key_bit_size=64, number_of_rounds=5)
sage: cp = MznImpossibleXorDifferentialModel(speck)
sage: cp.final_impossible_constraints_with_extensions(5, 2, 3, 4, False)
['solve satisfy;',
 ...
 'output["plaintext = "++ show(plaintext) ++ "\n" ++"key = "++ show(key) ++ "\n" ++"inverse_plaintext = "++ show(inverse_plaintext) ++ "\n" ++"inverse_intermediate_output_0_6 = "++ show(inverse_intermediate_output_0_6)++ "\n" ++ "0" ++ "\n" ++"intermediate_output_1_12 = "++ show(intermediate_output_1_12)++ "\n" ++ "0" ++ "\n" ++"intermediate_output_2_12 = "++ show(intermediate_output_2_12)++ "\n" ++ "0" ++ "\n" ++"inverse_intermediate_output_2_12 = "++ show(inverse_intermediate_output_2_12)++ "\n" ++ "0" ++ "\n" ++"inverse_intermediate_output_3_12 = "++ show(inverse_intermediate_output_3_12)++ "\n" ++ "0" ++ "\n" ++"cipher_output_4_12 = "++ show(cipher_output_4_12)++ "\n" ++ "0" ++ "\n" ++"intermediate_output_2_12 = "++ show(intermediate_output_2_12)++ "\n" ++ "0" ++ "\n" ++"inverse_intermediate_output_2_12 = "++ show(inverse_intermediate_output_2_12)++ "\n" ++ "0" ++ "\n" ];']

find_all_deterministic_truncated_xor_differential_trails(number_of_rounds=None, fixed_values=[], solver_name='chuffed', num_of_processors=None, timelimit=None, solve_with_API=False, solve_external=False)¶

Return the solution representing a differential trail with any weight.

INPUT:

number_of_rounds – integer; number of rounds
fixed_values – list (default: []); can be created using set_fixed_variables method
solver_name – string (default: None); the name of the solver. Available values are:
- 'Chuffed'
- 'Gecode'
- 'COIN-BC'

EXAMPLES:

sage: from claasp.cipher_modules.models.cp.mzn_models.mzn_deterministic_truncated_xor_differential_model import MznDeterministicTruncatedXorDifferentialModel
sage: from claasp.cipher_modules.models.utils import set_fixed_variables
sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: speck = SpeckBlockCipher(number_of_rounds=3)
sage: cp = MznDeterministicTruncatedXorDifferentialModel(speck)
sage: plaintext = set_fixed_variables(
....:         component_id='plaintext',
....:         constraint_type='not_equal',
....:         bit_positions=range(32),
....:         bit_values=[0]*32)
sage: key = set_fixed_variables(
....:         component_id='key',
....:         constraint_type='equal',
....:         bit_positions=range(64),
....:         bit_values=[0]*64)
sage: cp.find_all_deterministic_truncated_xor_differential_trails(3, [plaintext,key], 'chuffed') # random
[{'cipher_id': 'speck_p32_k64_o32_r3',
  'components_values': {'cipher_output_2_12': {'value': '22222222222222202222222222222222',
    'weight': 0},
  ...
  'memory_megabytes': 0.02,
  'model_type': 'deterministic_truncated_xor_differential',
  'solver_name': 'Chuffed',
  'solving_time_seconds': 0.002,
  'total_weight': '0.0'}]

find_all_impossible_xor_differential_trails(number_of_rounds=None, fixed_values=[], solver_name='Chuffed', initial_round=1, middle_round=None, final_round=None, intermediate_components=True, num_of_processors=None, timelimit=None, solve_with_API=False, solve_external=True)¶

Search for all impossible XOR differential trails of a cipher.

INPUT:

number_of_rounds – integer (default: None); number of rounds
fixed_values – list (default: []); dictionaries containing the variables to be fixed in standard format
initial_round – integer (default: 1); initial round of the impossible differential
middle_round – integer (default: 1); incosistency round of the impossible differential
final_round – integer (default: None); final round of the impossible differential
intermediate_components – Boolean (default: True); check inconsistency on intermediate components of the inconsistency round or only on outputs
num_of_processors – Integer (default: None); number of processors used for MiniZinc search
timelimit – Integer (default: None); time limit of MiniZinc search

EXAMPLES:

sage: from claasp.cipher_modules.models.cp.mzn_models.mzn_impossible_xor_differential_model import MznImpossibleXorDifferentialModel
sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: from claasp.cipher_modules.models.utils import set_fixed_variables, integer_to_bit_list
sage: speck = SpeckBlockCipher(block_bit_size=32, key_bit_size=64, number_of_rounds=4)
sage: cp = MznImpossibleXorDifferentialModel(speck)
sage: fixed_variables = [set_fixed_variables('key', 'equal', range(64), integer_to_bit_list(0, 64, 'little'))]
sage: fixed_variables.append(set_fixed_variables('plaintext', 'not_equal', range(32), integer_to_bit_list(0, 32, 'little')))
sage: fixed_variables.append(set_fixed_variables('inverse_cipher_output_3_12', 'not_equal', range(32), integer_to_bit_list(0, 32, 'little')))
sage: trail = cp.find_all_impossible_xor_differential_trails(4, fixed_variables, 'Chuffed', 1, 3, 4, False) #doctest: +SKIP

find_lowest_complexity_impossible_xor_differential_trail(number_of_rounds=None, fixed_values=[], solver_name='Chuffed', initial_round=1, middle_round=None, final_round=None, intermediate_components=True, num_of_processors=None, timelimit=None, solve_with_API=False, solve_external=True)¶

Search for the impossible XOR differential trail of a cipher with the highest number of known bits in plaintext and ciphertext difference.

INPUT:

number_of_rounds – integer (default: None); number of rounds
fixed_values – list (default: []); dictionaries containing the variables to be fixed in standard format
initial_round – integer (default: 1); initial round of the impossible differential
middle_round – integer (default: 1); inconsistency round of the impossible differential
final_round – integer (default: None); final round of the impossible differential
intermediate_components – Boolean (default: True); check inconsistency on intermediate components of the inconsistency round or only on outputs
num_of_processors – Integer (default: None); number of processors used for MiniZinc search
timelimit – Integer (default: None); time limit of MiniZinc search

EXAMPLES:

sage: from claasp.cipher_modules.models.cp.mzn_models.mzn_impossible_xor_differential_model import MznImpossibleXorDifferentialModel
sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: from claasp.cipher_modules.models.utils import set_fixed_variables, integer_to_bit_list
sage: speck = SpeckBlockCipher(block_bit_size=32, key_bit_size=64, number_of_rounds=4)
sage: cp = MznImpossibleXorDifferentialModel(speck)
sage: fixed_variables = [set_fixed_variables('key', 'equal', range(64), integer_to_bit_list(0, 64, 'little'))]
sage: fixed_variables.append(set_fixed_variables('plaintext', 'not_equal', range(32), integer_to_bit_list(0, 32, 'little')))
sage: fixed_variables.append(set_fixed_variables('inverse_cipher_output_3_12', 'not_equal', range(32), integer_to_bit_list(0, 32, 'little')))
sage: trail = cp.find_lowest_complexity_impossible_xor_differential_trail(4, fixed_variables, 'Chuffed', 1, 3, 4, intermediate_components = False)

find_lowest_varied_patterns_bitwise_deterministic_truncated_xor_differential_trail(number_of_rounds=None, fixed_values=[], solver_name='chuffed', num_of_processors=None, timelimit=None, solve_with_API=False, solve_external=False)¶

Return the solution representing a differential trail with any weight.

INPUT:

number_of_rounds – integer (default: None); number of rounds
fixed_values – list (default: []); can be created using set_fixed_variables method
solver_name – string (default: Chuffed); the name of the solver. Available values are:
- 'Chuffed'
- 'Gecode'
- 'COIN-BC'

EXAMPLES:

sage: from claasp.cipher_modules.models.cp.mzn_models.mzn_deterministic_truncated_xor_differential_model import MznDeterministicTruncatedXorDifferentialModel
sage: from claasp.cipher_modules.models.utils import set_fixed_variables
sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: speck = SpeckBlockCipher(number_of_rounds=1)
sage: cp = MznDeterministicTruncatedXorDifferentialModel(speck)
sage: plaintext = set_fixed_variables(
....:         component_id='plaintext',
....:         constraint_type='not_equal',
....:         bit_positions=range(32),
....:         bit_values=[0]*32)
sage: key = set_fixed_variables(
....:         component_id='key',
....:         constraint_type='equal',
....:         bit_positions=range(64),
....:         bit_values=[0]*64)
sage: cp.find_one_deterministic_truncated_xor_differential_trail(1, [plaintext,key], 'chuffed') # random
[{'cipher_id': 'speck_p32_k64_o32_r1',
  'components_values': {'cipher_output_0_6': {'value': '22222222222222212222222222222220',
    'weight': 0},
   'intermediate_output_0_5': {'value': '0000000000000000', 'weight': 0},
   'key': {'value': '0000000000000000000000000000000000000000000000000000000000000000',
    'weight': 0},
   'modadd_0_1': {'value': '2222222222222221', 'weight': 0},
   'plaintext': {'value': '11111111011111111111111111111111', 'weight': 0},
   'rot_0_0': {'value': '1111111111111110', 'weight': 0},
   'rot_0_3': {'value': '1111111111111111', 'weight': 0},
   'xor_0_2': {'value': '2222222222222221', 'weight': 0},
   'xor_0_4': {'value': '2222222222222220', 'weight': 0}},
  'memory_megabytes': 0.01,
  'model_type': 'deterministic_truncated_xor_differential_one_solution',
  'solver_name': 'Chuffed',
  'solving_time_seconds': 0.0,
  'total_weight': '0.0'}]

find_one_deterministic_truncated_xor_differential_trail(number_of_rounds=None, fixed_values=[], solver_name='chuffed', num_of_processors=None, timelimit=None, solve_with_API=False, solve_external=False)¶

Return the solution representing a differential trail with any weight.

INPUT:

number_of_rounds – integer (default: None); number of rounds
fixed_values – list (default: []); can be created using set_fixed_variables method
solver_name – string (default: Chuffed); the name of the solver. Available values are:
- 'Chuffed'
- 'Gecode'
- 'COIN-BC'

EXAMPLES:

sage: from claasp.cipher_modules.models.cp.mzn_models.mzn_deterministic_truncated_xor_differential_model import MznDeterministicTruncatedXorDifferentialModel
sage: from claasp.cipher_modules.models.utils import set_fixed_variables
sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: speck = SpeckBlockCipher(number_of_rounds=1)
sage: cp = MznDeterministicTruncatedXorDifferentialModel(speck)
sage: plaintext = set_fixed_variables(
....:         component_id='plaintext',
....:         constraint_type='not_equal',
....:         bit_positions=range(32),
....:         bit_values=[0]*32)
sage: key = set_fixed_variables(
....:         component_id='key',
....:         constraint_type='equal',
....:         bit_positions=range(64),
....:         bit_values=[0]*64)
sage: cp.find_one_deterministic_truncated_xor_differential_trail(1, [plaintext,key], 'chuffed') # random
[{'cipher_id': 'speck_p32_k64_o32_r1',
  'components_values': {'cipher_output_0_6': {'value': '22222222222222212222222222222220',
    'weight': 0},
   'intermediate_output_0_5': {'value': '0000000000000000', 'weight': 0},
   'key': {'value': '0000000000000000000000000000000000000000000000000000000000000000',
    'weight': 0},
   'modadd_0_1': {'value': '2222222222222221', 'weight': 0},
   'plaintext': {'value': '11111111011111111111111111111111', 'weight': 0},
   'rot_0_0': {'value': '1111111111111110', 'weight': 0},
   'rot_0_3': {'value': '1111111111111111', 'weight': 0},
   'xor_0_2': {'value': '2222222222222221', 'weight': 0},
   'xor_0_4': {'value': '2222222222222220', 'weight': 0}},
  'memory_megabytes': 0.01,
  'model_type': 'deterministic_truncated_xor_differential_one_solution',
  'solver_name': 'Chuffed',
  'solving_time_seconds': 0.0,
  'total_weight': '0.0'}]

find_one_impossible_xor_differential_cluster(number_of_rounds=None, fixed_values=[], solver_name='Chuffed', initial_round=1, middle_round=None, final_round=None, intermediate_components=True, num_of_processors=None, timelimit=None, solve_with_API=False, solve_external=True)¶

Search for the impossible XOR differential trail of a cipher with the highest number of unknown bits in plaintext and ciphertext difference.

INPUT:

number_of_rounds – integer (default: None); number of rounds
fixed_values – list (default: []); dictionaries containing the variables to be fixed in standard format
initial_round – integer (default: 1); initial round of the impossible differential
middle_round – integer (default: 1); inconsistency round of the impossible differential
final_round – integer (default: None); final round of the impossible differential
intermediate_components – Boolean (default: True); check inconsistency on intermediate components of the inconsistency round or only on outputs
num_of_processors – Integer (default: None); number of processors used for MiniZinc search
timelimit – Integer (default: None); time limit of MiniZinc search

EXAMPLES:

sage: from claasp.cipher_modules.models.cp.mzn_models.mzn_impossible_xor_differential_model import MznImpossibleXorDifferentialModel
sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: from claasp.cipher_modules.models.utils import set_fixed_variables, integer_to_bit_list
sage: speck = SpeckBlockCipher(block_bit_size=32, key_bit_size=64, number_of_rounds=4)
sage: cp = MznImpossibleXorDifferentialModel(speck)
sage: fixed_variables = [set_fixed_variables('key', 'equal', range(64), integer_to_bit_list(0, 64, 'little'))]
sage: fixed_variables.append(set_fixed_variables('plaintext', 'not_equal', range(32), integer_to_bit_list(0, 32, 'little')))
sage: fixed_variables.append(set_fixed_variables('inverse_cipher_output_3_12', 'not_equal', range(32), integer_to_bit_list(0, 32, 'little')))
sage: trail = cp.find_one_impossible_xor_differential_cluster(4, fixed_variables, 'Chuffed', 1, 3, 4, intermediate_components = False)

find_one_impossible_xor_differential_trail(number_of_rounds=None, fixed_values=[], solver_name='Chuffed', initial_round=1, middle_round=None, final_round=None, intermediate_components=True, num_of_processors=None, timelimit=None, solve_with_API=False, solve_external=True)¶

Search for one impossible XOR differential trail of a cipher.

INPUT:

number_of_rounds – integer (default: None); number of rounds
fixed_values – list (default: []); dictionaries containing the variables to be fixed in standard format
initial_round – integer (default: 1); initial round of the impossible differential
middle_round – integer (default: 1); incosistency round of the impossible differential
final_round – integer (default: None); final round of the impossible differential
intermediate_components – Boolean (default: True); check inconsistency on intermediate components of the inconsistency round or only on outputs
num_of_processors – Integer (default: None); number of processors used for MiniZinc search
timelimit – Integer (default: None); time limit of MiniZinc search

EXAMPLES:

sage: from claasp.cipher_modules.models.cp.mzn_models.mzn_impossible_xor_differential_model import MznImpossibleXorDifferentialModel
sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: from claasp.cipher_modules.models.utils import set_fixed_variables, integer_to_bit_list
sage: speck = SpeckBlockCipher(block_bit_size=32, key_bit_size=64, number_of_rounds=4)
sage: cp = MznImpossibleXorDifferentialModel(speck)
sage: fixed_variables = [set_fixed_variables('key', 'equal', range(64), integer_to_bit_list(0, 64, 'little'))]
sage: fixed_variables.append(set_fixed_variables('plaintext', 'not_equal', range(32), integer_to_bit_list(0, 32, 'little')))
sage: fixed_variables.append(set_fixed_variables('inverse_cipher_output_3_12', 'not_equal', range(32), integer_to_bit_list(0, 32, 'little')))
sage: trail = cp.find_one_impossible_xor_differential_trail(4, fixed_variables, 'Chuffed', 1, 3, 4, intermediate_components = False)

find_one_impossible_xor_differential_trail_with_extensions(number_of_rounds=None, fixed_values=[], solver_name='Chuffed', initial_round=1, middle_round=None, final_round=None, intermediate_components=True, num_of_processors=None, timelimit=None, solve_with_API=False, solve_external=True)¶

Search for one impossible XOR differential trail of a cipher with forward and backward deterministic extensions for key recovery.

INPUT:

number_of_rounds – integer (default: None); number of rounds
fixed_values – list (default: []); dictionaries containing the variables to be fixed in standard format
initial_round – integer (default: 1); initial round of the impossible differential
middle_round – integer (default: 1); incosistency round of the impossible differential
final_round – integer (default: None); final round of the impossible differential
intermediate_components – Boolean (default: True); check inconsistency on intermediate components of the inconsistency round or only on outputs
num_of_processors – Integer (default: None); number of processors used for MiniZinc search
timelimit – Integer (default: None); time limit of MiniZinc search

EXAMPLES:

sage: from claasp.cipher_modules.models.cp.mzn_models.mzn_impossible_xor_differential_model import MznImpossibleXorDifferentialModel
sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: from claasp.cipher_modules.models.utils import set_fixed_variables, integer_to_bit_list
sage: speck = SpeckBlockCipher(block_bit_size=32, key_bit_size=64, number_of_rounds=7)
sage: cp = MznImpossibleXorDifferentialModel(speck)
sage: fixed_variables = [set_fixed_variables('key', 'equal', range(64), integer_to_bit_list(0, 64, 'little'))]
sage: fixed_variables.append(set_fixed_variables('plaintext', 'not_equal', range(32), integer_to_bit_list(0, 32, 'little')))
sage: fixed_variables.append(set_fixed_variables('cipher_output_6_12', 'not_equal', range(32), integer_to_bit_list(0, 32, 'little')))
sage: trail = cp.find_one_impossible_xor_differential_trail_with_extensions(7, fixed_variables, 'Chuffed', 2, 4, 6, intermediate_components = False)

find_possible_number_of_active_sboxes(weight)¶

Return a set whose numbers are the possible numbers of active S-boxes.

INPUT:

weight – integer; the fixed weight that must be able to be obtained with the found numbers of active S-boxes

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.midori_block_cipher import MidoriBlockCipher
sage: from claasp.cipher_modules.models.cp.mzn_model import MznModel
sage: midori = MidoriBlockCipher()
sage: cp = MznModel(midori)
sage: model = cp.find_possible_number_of_active_sboxes(9)
sage: model
{3, 4}

fix_variables_value_constraints(fixed_variables=[], step='full_model')¶

Return a list of CP constraints that fix the input variables to a specific value.

INPUT:

fixed_variables – list (default: []); dictionaries containing name, bit_size, value (as integer) for the variables that need to be fixed to a certain value:

{
‘component_id’: ‘plaintext’,

‘constraint_type’: ‘equal’/’not_equal’

‘bit_size’: 32,

‘value’: 753

}
step – string (default: full_model)

EXAMPLES:

sage: from claasp.cipher_modules.models.cp.mzn_model import MznModel
sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: from claasp.cipher_modules.models.utils import set_fixed_variables, integer_to_bit_list
sage: speck = SpeckBlockCipher(block_bit_size=32, key_bit_size=64, number_of_rounds=4)
sage: cp = MznModel(speck)
sage: cp.fix_variables_value_constraints([set_fixed_variables('plaintext', 'equal', range(4), integer_to_bit_list(5, 4, 'big'))])
['constraint plaintext[0] = 0 /\\ plaintext[1] = 1 /\\ plaintext[2] = 0 /\\ plaintext[3] = 1;']
sage: cp.fix_variables_value_constraints([set_fixed_variables('plaintext', 'not_equal', list(range(4)), integer_to_bit_list(5, 4, 'big'))])
['constraint plaintext[0] != 0 \\/ plaintext[1] != 1 \\/ plaintext[2] != 0 \\/ plaintext[3] != 1;']

fix_variables_value_constraints_for_ARX(fixed_variables=[])¶

Return a list of constraints that fix the input variables to a specific value.

INPUT:

fixed_variables – list (default: []); the variables to be fixed in standard format

See also

set_fixed_variables()

EXAMPLES:

sage: from claasp.cipher_modules.models.cp.mzn_models.mzn_xor_differential_model_arx_optimized import MznXorDifferentialModelARXOptimized
sage: from claasp.ciphers.block_ciphers.raiden_block_cipher import RaidenBlockCipher
sage: raiden = RaidenBlockCipher(number_of_rounds=1)
sage: minizinc = MznXorDifferentialModelARXOptimized(raiden)
sage: minizinc.build_xor_differential_trail_model()
sage: fixed_variables = [{
....:     'component_id': 'key',
....:     'constraint_type': 'equal',
....:     'bit_positions': [0, 1, 2, 3],
....:     'bit_values': [0, 1, 0, 1]
....: }]
sage: minizinc.fix_variables_value_constraints_for_ARX(fixed_variables)[0]
'constraint key_y0 = 0;'

sage: fixed_variables = [{ 'component_id': 'plaintext',
....:     'constraint_type': 'sum',
....:     'bit_positions': [0, 1, 2, 3],
....:     'operator': '>',
....:     'value': '0' }]
sage: minizinc.fix_variables_value_constraints_for_ARX(fixed_variables)[0]
'constraint plaintext_y0+plaintext_y1+plaintext_y2+plaintext_y3>0;'

property float_and_lat_values¶

format_component_value(component_id, string)¶

get_command_for_solver_process(input_file_path, model_type, solver_name, num_of_processors, timelimit)¶

get_component_from_id(id_link, curr_cipher)¶

get_component_round(id_link)¶

get_direct_component_correspondance(forward_component)¶

get_inverse_component_correspondance(backward_component)¶

get_inverse_state_key_bits_positions()¶

get_mix_column_all_inputs(input_bit_positions_1, input_id_link_1, numb_of_inp_1)¶

get_state_key_bits_positions()¶

get_total_weight(string_total_weight)¶

initialise_model()¶

input_deterministic_truncated_xor_differential_constraints()¶

Return a list of CP constraints for the inputs of the cipher for the first step model.

INPUT:

number_of_rounds – integer; number of rounds
inverse – boolean (default: False)

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.aes_block_cipher import AESBlockCipher
sage: from claasp.cipher_modules.models.cp.mzn_models.mzn_deterministic_truncated_xor_differential_model import MznDeterministicTruncatedXorDifferentialModel
sage: aes = AESBlockCipher()
sage: cp = MznDeterministicTruncatedXorDifferentialModel(aes)
sage: cp.input_deterministic_truncated_xor_differential_constraints()
(['array[0..127] of var 0..2: key;',
  'array[0..127] of var 0..2: plaintext;',
   ...
  'constraint count(plaintext,1) > 0;'])

input_impossible_constraints(number_of_rounds=None, middle_round=None)¶

input_impossible_constraints_with_extensions(number_of_rounds=None, initial_round=None, middle_round=None, final_round=None)¶

is_cross_round_component(component, discarded_ids)¶

link_constraints_for_trail_with_extensions(components_to_link)¶

property model_constraints¶

Return the model specified by model_type.

INPUT:

model_type – string; the model to retrieve

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: from claasp.cipher_modules.models.cp.mzn_model import MznModel
sage: speck = SpeckBlockCipher(number_of_rounds=4)
sage: cp = MznModel(speck)
sage: cp.model_constraints()
Traceback (most recent call last):
...
ValueError: No model generated

output_constraints(component)¶

Return lists of declarations and constraints for CP output component (both intermediate and cipher).

INPUT:

component – Component object; the output component (intermediate or cipher) in Cipher

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: from claasp.cipher_modules.models.cp.mzn_models.mzn_deterministic_truncated_xor_differential_model import MznDeterministicTruncatedXorDifferentialModel
sage: speck = SpeckBlockCipher(number_of_rounds=3)
sage: cp = MznDeterministicTruncatedXorDifferentialModel(speck)
sage: output_component = speck.component_from(0, 5)
sage: cp.output_constraints(output_component)
([],
 ['constraint intermediate_output_0_5[0] = key[48];',
 ...
  'constraint intermediate_output_0_5[15] = key[63];'])

output_inverse_constraints(component)¶

Return lists of declarations and constraints for CP output component (both intermediate and cipher).

INPUT:

component – Component object; the output component (intermediate or cipher)

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: from claasp.cipher_modules.models.cp.mzn_models.mzn_deterministic_truncated_xor_differential_model import MznDeterministicTruncatedXorDifferentialModel
sage: speck = SpeckBlockCipher(number_of_rounds=3)
sage: cp = MznDeterministicTruncatedXorDifferentialModel(speck)
sage: output_component = speck.component_from(0, 5)
sage: cp.output_inverse_constraints(output_component)
([],
 ['constraint intermediate_output_0_5_inverse[0] = key[48];',
   ...
  'constraint intermediate_output_0_5_inverse[15] = key[63];'])

output_probability_per_round()¶

parse_solver_information(output_to_parse, truncated=False, solve_external=True)¶

propagate_deterministically(component, wordwise=False, inverse=False)¶

set_component_solution_value(component_solution, truncated, value)¶

set_inverse_component_id_in_constraints(component, inverse_variables, inverse_constraints)¶

solve(model_type, solver_name=None, number_of_rounds=None, initial_round=1, middle_round=None, final_round=None, processes_=None, timeout_in_seconds_=None, all_solutions_=False, solve_external=False)¶

Return the solution of the model.

INPUT:

model_type – string; the model to solve:
- ‘cipher’
- ‘xor_differential’
- ‘xor_differential_one_solution’
- ‘xor_linear’
- ‘xor_linear_one_solution’
- ‘deterministic_truncated_xor_differential’
- ‘deterministic_truncated_xor_differential_one_solution’
- ‘impossible_xor_differential’
solver_name – string (default: None); the name of the solver. Available values are:
- 'Chuffed'
- 'Gecode'
- 'COIN-BC'
num_of_processors – integer; the number of processors to be used
timelimit – integer; time limit to output a result

EXAMPLES:

sage: from claasp.cipher_modules.models.cp.mzn_models.mzn_xor_differential_model import MznXorDifferentialModel
sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: from claasp.cipher_modules.models.utils import set_fixed_variables, integer_to_bit_list
sage: speck = SpeckBlockCipher(block_bit_size=32, key_bit_size=64, number_of_rounds=4)
sage: cp = MznXorDifferentialModel(speck)
sage: fixed_variables = [set_fixed_variables('key', 'equal', list(range(64)), integer_to_bit_list(0, 64, 'little')), set_fixed_variables('plaintext', 'not_equal', list(range(32)), integer_to_bit_list(0, 32, 'little'))]
sage: cp.build_xor_differential_trail_model(-1, fixed_variables)
sage: cp.solve('xor_differential', 'chuffed') # random
[{'cipher_id': 'speck_p32_k64_o32_r4',
   ...
  'total_weight': '5.0'}]

solve_for_ARX(solver_name=None, timeout_in_seconds_=30, processes_=4, nr_solutions_=None, random_seed_=None, all_solutions_=False, intermediate_solutions_=False, free_search_=False, optimisation_level_=None)¶

Solve the model passed in str_model_path by using MiniZinc and str_solver.

INPUT:

model_type – string; the type of the model that has been solved

solver_name – string (default: None); name of the solver to be used together with MiniZinc

timeout_in_seconds_ – integer (default: 30); time in seconds to interrupt the solving process

processes_ – integer (default: 4); set the number of processes the solver can use. (Only available when the -p flag is supported by the solver)

nr_solutions_ – integer (default: None); the requested number of solution. (Only available on satisfaction problems and when the -n flag is supported by the solver)

random_seed_ – integer (default: None); set the random seed for solver. (Only available when the -r flag is supported by the solver)

intermediate_solutions_ – boolean (default: False); request the solver to output any intermediate solutions that are found during the solving process. (Only available on optimisation problems and when the -a flag is supported by the solver)

all_solutions_ – boolean (default: False); request to solver to find all solutions. (Only available on satisfaction problems and when the -a flag is supported by the solver)

free_search – boolean (default: False); allow the solver to ignore the search definition within the instance (Only available when the -f flag is supported by the solver)

optimisation_level_ – integer (default: None); set the MiniZinc compiler optimisation level

0: Disable optimisation

1: Single pass optimisation (default)

2: Flatten twice to improve flattening decisions

3: Perform root-node-propagation

4: Probe bounds of all variables at the root node

5: Probe values of all variables at the root node

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: from claasp.cipher_modules.models.cp.mzn_models.mzn_xor_differential_model_arx_optimized import MznXorDifferentialModelARXOptimized
sage: speck = SpeckBlockCipher(number_of_rounds=5, block_bit_size=32, key_bit_size=64)
sage: minizinc = MznXorDifferentialModelARXOptimized(speck)
sage: bit_positions = [i for i in range(speck.output_bit_size)]
sage: bit_positions_key = list(range(64))
sage: fixed_variables = [{ 'component_id': 'plaintext',
....:     'constraint_type': 'sum',
....:     'bit_positions': bit_positions,
....:     'operator': '>',
....:     'value': '0' }]
sage: fixed_variables.append({ 'component_id': 'key',
....:     'constraint_type': 'sum',
....:     'bit_positions': bit_positions_key,
....:     'operator': '=',
....:     'value': '0' })
sage: minizinc.build_xor_differential_trail_model(-1, fixed_variables)
sage: result = minizinc.solve_for_ARX('Xor')
sage: result.statistics['nSolutions']
1

solver_names(verbose=False)¶

weight_constraints(weight)¶

Return a list of CP constraints that fix the total weight to a specific value.

INPUT:

weight – integer; a specific weight. If set to non-negative integer, fixes the XOR trail weight

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: from claasp.cipher_modules.models.cp.mzn_model import MznModel
sage: speck = SpeckBlockCipher(block_bit_size=32, key_bit_size=64, number_of_rounds=4)
sage: cp = MznModel(speck)
sage: cp.weight_constraints(10)
(['constraint weight = 1000;'], [])

write_minizinc_model_to_file(file_path, prefix='')¶

Write the MiniZinc model into a file inside file_path.

INPUT:

file_path – string; the path of the file that will contain the model
prefix – str (default: ``)

Mzn impossible xor differential model¶

Previous topic

Next topic

This Page