Reverse component¶

class Reverse(current_round_number, current_round_number_of_components, input_id_links, input_bit_positions, output_bit_size)¶

Bases: LinearLayer

algebraic_polynomials(model)¶

Return a list of polynomials for LINEAR LAYER.

INPUT:

model – model object; a model instance

EXAMPLES:

sage: from claasp.ciphers.toys.fancy_block_cipher import FancyBlockCipher
sage: from claasp.cipher_modules.models.algebraic.algebraic_model import AlgebraicModel
sage: fancy = FancyBlockCipher(number_of_rounds=1)
sage: linear_layer_component = fancy.get_component_from_id("linear_layer_0_6")
sage: algebraic = AlgebraicModel(fancy)
sage: L = linear_layer_component.algebraic_polynomials(algebraic)
sage: L[0]
linear_layer_0_6_y0 + linear_layer_0_6_x23 + linear_layer_0_6_x19 + linear_layer_0_6_x18 + linear_layer_0_6_x16 + linear_layer_0_6_x15 + linear_layer_0_6_x14 + linear_layer_0_6_x12 + linear_layer_0_6_x9 + linear_layer_0_6_x8 + linear_layer_0_6_x6 + linear_layer_0_6_x3

as_python_dictionary()¶

check_output_size(available_word_sizes, fixed, word_size)¶

cms_constraints()¶

Return a list of variables and a list of clauses for LINEAR LAYER in CMS CIPHER model.

See also

CMS CIPHER model for the format.

INPUT:

None

EXAMPLES:

sage: from claasp.ciphers.toys.fancy_block_cipher import FancyBlockCipher
sage: fancy = FancyBlockCipher(number_of_rounds=3)
sage: linear_layer_component = fancy.component_from(0,6)
sage: linear_layer_component.cms_constraints()
(['linear_layer_0_6_0',
  'linear_layer_0_6_1',
  'linear_layer_0_6_2',
  ...
  'x -linear_layer_0_6_21 sbox_0_0_1 sbox_0_1_2 sbox_0_1_3 sbox_0_2_0 sbox_0_2_1 sbox_0_2_3 sbox_0_3_1 sbox_0_3_2 sbox_0_4_1 sbox_0_4_2 sbox_0_5_1 sbox_0_5_3',
  'x -linear_layer_0_6_22 sbox_0_0_2 sbox_0_2_2 sbox_0_3_2 sbox_0_4_3 sbox_0_5_0 sbox_0_5_1 sbox_0_5_3',
  'x -linear_layer_0_6_23 sbox_0_0_0 sbox_0_0_1 sbox_0_0_2 sbox_0_0_3 sbox_0_1_3 sbox_0_2_1 sbox_0_3_1 sbox_0_3_2 sbox_0_3_3 sbox_0_4_1 sbox_0_4_2 sbox_0_4_3 sbox_0_5_1 sbox_0_5_2 sbox_0_5_3'])

cms_xor_differential_propagation_constraints(model)¶

cms_xor_linear_mask_propagation_constraints(model=None)¶

Return a list of variables and a list of clauses for LINEAR LAYER in CMS XOR LINEAR model.

See also

SAT standard of Cipher for the format.

INPUT:

model – model object (default: None); a model instance

EXAMPLES:

sage: from claasp.ciphers.toys.fancy_block_cipher import FancyBlockCipher
sage: fancy = FancyBlockCipher(number_of_rounds=3)
sage: linear_layer_component = fancy.component_from(0,6)
sage: linear_layer_component.cms_xor_linear_mask_propagation_constraints()
(['linear_layer_0_6_0_i',
  'linear_layer_0_6_1_i',
  'linear_layer_0_6_2_i',
  ...
  'x -linear_layer_0_6_21_o dummy_0_linear_layer_0_6_21_o dummy_1_linear_layer_0_6_21_o dummy_2_linear_layer_0_6_21_o dummy_3_linear_layer_0_6_21_o dummy_4_linear_layer_0_6_21_o dummy_5_linear_layer_0_6_21_o dummy_6_linear_layer_0_6_21_o dummy_8_linear_layer_0_6_21_o dummy_9_linear_layer_0_6_21_o dummy_10_linear_layer_0_6_21_o dummy_11_linear_layer_0_6_21_o dummy_12_linear_layer_0_6_21_o dummy_18_linear_layer_0_6_21_o dummy_19_linear_layer_0_6_21_o dummy_23_linear_layer_0_6_21_o',
  'x -linear_layer_0_6_22_o dummy_0_linear_layer_0_6_22_o dummy_1_linear_layer_0_6_22_o dummy_2_linear_layer_0_6_22_o dummy_3_linear_layer_0_6_22_o dummy_4_linear_layer_0_6_22_o dummy_6_linear_layer_0_6_22_o dummy_9_linear_layer_0_6_22_o dummy_13_linear_layer_0_6_22_o dummy_14_linear_layer_0_6_22_o dummy_15_linear_layer_0_6_22_o dummy_16_linear_layer_0_6_22_o dummy_19_linear_layer_0_6_22_o dummy_20_linear_layer_0_6_22_o dummy_21_linear_layer_0_6_22_o',
  'x -linear_layer_0_6_23_o dummy_1_linear_layer_0_6_23_o dummy_5_linear_layer_0_6_23_o dummy_7_linear_layer_0_6_23_o dummy_8_linear_layer_0_6_23_o dummy_9_linear_layer_0_6_23_o dummy_14_linear_layer_0_6_23_o dummy_17_linear_layer_0_6_23_o dummy_18_linear_layer_0_6_23_o dummy_23_linear_layer_0_6_23_o'])

cp_constraints()¶

Return lists of declarations and constraints for LINEAR LAYER component for CP CIPHER model.

INPUT:

None

EXAMPLES:

sage: from claasp.ciphers.toys.fancy_block_cipher import FancyBlockCipher
sage: fancy = FancyBlockCipher(number_of_rounds=3)
sage: linear_layer_component = fancy.component_from(0, 6)
sage: linear_layer_component.cp_constraints()
([],
 ['constraint linear_layer_0_6[0] = (sbox_0_0[2] + sbox_0_0[3] + sbox_0_1[0] + sbox_0_1[1] + sbox_0_1[3] + sbox_0_2[0] + sbox_0_2[1] + sbox_0_3[1] + sbox_0_4[2] + sbox_0_5[1] + sbox_0_5[3]) mod 2;',
  ...
  'constraint linear_layer_0_6[23] = (sbox_0_0[0] + sbox_0_0[1] + sbox_0_0[2] + sbox_0_0[3] + sbox_0_1[3] + sbox_0_2[1] + sbox_0_3[1] + sbox_0_3[2] + sbox_0_3[3] + sbox_0_4[1] + sbox_0_4[2] + sbox_0_4[3] + sbox_0_5[1] + sbox_0_5[2] + sbox_0_5[3]) mod 2;'])

cp_deterministic_truncated_xor_differential_constraints()¶

Return lists declarations and constraints for LINEAR LAYER CP deterministic truncated xor differential model.

INPUT:

inverse – boolean (default: False)

EXAMPLES:

sage: from claasp.ciphers.toys.fancy_block_cipher import FancyBlockCipher
sage: fancy = FancyBlockCipher(number_of_rounds=3)
sage: linear_layer_component = fancy.component_from(0, 6)
sage: linear_layer_component.cp_deterministic_truncated_xor_differential_constraints()
([],
 ['constraint if ((sbox_0_0[2] < 2) /\\ (sbox_0_0[3] < 2) /\\ (sbox_0_1[0] < 2) /\\ (sbox_0_1[1] < 2) /\\ (sbox_0_1[3] < 2) /\\ (sbox_0_2[0] < 2) /\\ (sbox_0_2[1] < 2) /\\ (sbox_0_3[1] < 2) /\\ (sbox_0_4[2] < 2) /\\ (sbox_0_5[1] < 2) /\\ (sbox_0_5[3]< 2)) then linear_layer_0_6[0] = (sbox_0_0[2] + sbox_0_0[3] + sbox_0_1[0] + sbox_0_1[1] + sbox_0_1[3] + sbox_0_2[0] + sbox_0_2[1] + sbox_0_3[1] + sbox_0_4[2] + sbox_0_5[1] + sbox_0_5[3]) mod 2 else linear_layer_0_6[0] = 2 endif;',
  ...
  'constraint if ((sbox_0_0[0] < 2) /\\ (sbox_0_0[1] < 2) /\\ (sbox_0_0[2] < 2) /\\ (sbox_0_0[3] < 2) /\\ (sbox_0_1[3] < 2) /\\ (sbox_0_2[1] < 2) /\\ (sbox_0_3[1] < 2) /\\ (sbox_0_3[2] < 2) /\\ (sbox_0_3[3] < 2) /\\ (sbox_0_4[1] < 2) /\\ (sbox_0_4[2] < 2) /\\ (sbox_0_4[3] < 2) /\\ (sbox_0_5[1] < 2) /\\ (sbox_0_5[2] < 2) /\\ (sbox_0_5[3]< 2)) then linear_layer_0_6[23] = (sbox_0_0[0] + sbox_0_0[1] + sbox_0_0[2] + sbox_0_0[3] + sbox_0_1[3] + sbox_0_2[1] + sbox_0_3[1] + sbox_0_3[2] + sbox_0_3[3] + sbox_0_4[1] + sbox_0_4[2] + sbox_0_4[3] + sbox_0_5[1] + sbox_0_5[2] + sbox_0_5[3]) mod 2 else linear_layer_0_6[23] = 2 endif;'])

cp_deterministic_truncated_xor_differential_trail_constraints()¶

cp_wordwise_deterministic_truncated_xor_differential_constraints(model)¶

Return lists declarations and constraints for LINEAR LAYER CP deterministic truncated xor differential model.

INPUT:

inverse – boolean (default: False)

EXAMPLES:

sage: from claasp.ciphers.toys.fancy_block_cipher import FancyBlockCipher
sage: fancy = FancyBlockCipher(number_of_rounds=3)
sage: linear_layer_component = fancy.component_from(0, 6)
sage: linear_layer_component.cp_deterministic_truncated_xor_differential_constraints()
([],
 ['constraint if ((sbox_0_0[2] < 2) /\\ (sbox_0_0[3] < 2) /\\ (sbox_0_1[0] < 2) /\\ (sbox_0_1[1] < 2) /\\ (sbox_0_1[3] < 2) /\\ (sbox_0_2[0] < 2) /\\ (sbox_0_2[1] < 2) /\\ (sbox_0_3[1] < 2) /\\ (sbox_0_4[2] < 2) /\\ (sbox_0_5[1] < 2) /\\ (sbox_0_5[3]< 2)) then linear_layer_0_6[0] = (sbox_0_0[2] + sbox_0_0[3] + sbox_0_1[0] + sbox_0_1[1] + sbox_0_1[3] + sbox_0_2[0] + sbox_0_2[1] + sbox_0_3[1] + sbox_0_4[2] + sbox_0_5[1] + sbox_0_5[3]) mod 2 else linear_layer_0_6[0] = 2 endif;',
  ...
  'constraint if ((sbox_0_0[0] < 2) /\\ (sbox_0_0[1] < 2) /\\ (sbox_0_0[2] < 2) /\\ (sbox_0_0[3] < 2) /\\ (sbox_0_1[3] < 2) /\\ (sbox_0_2[1] < 2) /\\ (sbox_0_3[1] < 2) /\\ (sbox_0_3[2] < 2) /\\ (sbox_0_3[3] < 2) /\\ (sbox_0_4[1] < 2) /\\ (sbox_0_4[2] < 2) /\\ (sbox_0_4[3] < 2) /\\ (sbox_0_5[1] < 2) /\\ (sbox_0_5[2] < 2) /\\ (sbox_0_5[3]< 2)) then linear_layer_0_6[23] = (sbox_0_0[0] + sbox_0_0[1] + sbox_0_0[2] + sbox_0_0[3] + sbox_0_1[3] + sbox_0_2[1] + sbox_0_3[1] + sbox_0_3[2] + sbox_0_3[3] + sbox_0_4[1] + sbox_0_4[2] + sbox_0_4[3] + sbox_0_5[1] + sbox_0_5[2] + sbox_0_5[3]) mod 2 else linear_layer_0_6[23] = 2 endif;'])

cp_xor_differential_propagation_constraints(model)¶

cp_xor_linear_mask_propagation_constraints(model=None)¶

Return lists of declarations and constraints for LINEAR LAYER for CP xor linear model.

INPUT:

model – model object (default: None); a model instance

EXAMPLES:

sage: from claasp.ciphers.toys.fancy_block_cipher import FancyBlockCipher
sage: fancy = FancyBlockCipher()
sage: linear_layer_component = fancy.component_from(0, 6)
sage: linear_layer_component.cp_xor_linear_mask_propagation_constraints()
(['array[0..23] of var 0..1:linear_layer_0_6_i;',
'array[0..23] of var 0..1:linear_layer_0_6_o;'],
['constraint linear_layer_0_6_i[0]=(linear_layer_0_6_o[3]+linear_layer_0_6_o[6]+linear_layer_0_6_o[8]+linear_layer_0_6_o[9]+linear_layer_0_6_o[12]+linear_layer_0_6_o[14]+linear_layer_0_6_o[15]+linear_layer_0_6_o[16]+linear_layer_0_6_o[18]+linear_layer_0_6_o[19]+linear_layer_0_6_o[23]) mod 2;',
...
'constraint linear_layer_0_6_i[23]=(linear_layer_0_6_o[0]+linear_layer_0_6_o[1]+linear_layer_0_6_o[2]+linear_layer_0_6_o[3]+linear_layer_0_6_o[4]+linear_layer_0_6_o[7]+linear_layer_0_6_o[8]+linear_layer_0_6_o[11]+linear_layer_0_6_o[13]+linear_layer_0_6_o[14]+linear_layer_0_6_o[15]+linear_layer_0_6_o[18]+linear_layer_0_6_o[19]+linear_layer_0_6_o[20]+linear_layer_0_6_o[21]+linear_layer_0_6_o[22]+linear_layer_0_6_o[23]) mod 2;'])

property description¶

get_bit_based_c_code(verbosity)¶

get_bit_based_vectorized_python_code(params, convert_output_to_bytes)¶

get_byte_based_vectorized_python_code(params)¶

get_graph_representation()¶

property id¶

property input_bit_positions¶

property input_bit_size¶

property input_id_links¶

is_forbidden(forbidden_types, forbidden_descriptions)¶

is_id_equal_to(component_id)¶

is_power_of_2_word_based(dto)¶

milp_bitwise_deterministic_truncated_xor_differential_binary_constraints(model)¶

Returns a list of variables and a list of constraints for linear layer component in deterministic truncated XOR differential model.

INPUT:

model – model object; a model instance

EXAMPLES:

sage: from claasp.ciphers.permutations.ascon_sbox_sigma_permutation import AsconSboxSigmaPermutation
sage: from claasp.cipher_modules.models.milp.milp_models.milp_bitwise_deterministic_truncated_xor_differential_model import MilpBitwiseDeterministicTruncatedXorDifferentialModel
sage: ascon = AsconSboxSigmaPermutation(number_of_rounds=1)
sage: milp = MilpBitwiseDeterministicTruncatedXorDifferentialModel(ascon)
sage: milp.init_model_in_sage_milp_class()
sage: linear_layer_component = ascon.component_from(0, 68)
sage: variables, constraints = linear_layer_component.milp_bitwise_deterministic_truncated_xor_differential_binary_constraints(milp)

milp_bitwise_deterministic_truncated_xor_differential_constraints(model)¶

Returns a list of variables and a list of constraints for linear layer component in deterministic truncated XOR differential model.

INPUT:

model – model object; a model instance

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.present_block_cipher import PresentBlockCipher
sage: from claasp.cipher_modules.models.milp.milp_models.milp_bitwise_deterministic_truncated_xor_differential_model import MilpBitwiseDeterministicTruncatedXorDifferentialModel
sage: present = PresentBlockCipher(number_of_rounds=6)
sage: milp = MilpBitwiseDeterministicTruncatedXorDifferentialModel(present)
sage: milp.init_model_in_sage_milp_class()
sage: linear_layer_component = present.component_from(0, 17)
sage: variables, constraints = linear_layer_component.milp_bitwise_deterministic_truncated_xor_differential_constraints(milp)
sage: variables
[('x_class[sbox_0_1_0]', x_0),
 ('x_class[sbox_0_1_1]', x_1),
 ...
 ('x_class[linear_layer_0_17_62]', x_126),
 ('x_class[linear_layer_0_17_63]', x_127)]
sage: constraints
[x_64 == x_0,
 x_65 == x_4,
 ...
 x_126 == x_59,
 x_127 == x_63]

milp_constraints(model)¶

Return lists of variables and constrains modeling a component of type LINEAR LAYER for MILP CIPHER model.

INPUT:

model – model object (default: None); a model instance

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.present_block_cipher import PresentBlockCipher
sage: from claasp.cipher_modules.models.milp.milp_model import MilpModel
sage: present = PresentBlockCipher(number_of_rounds=6)
sage: milp = MilpModel(present)
sage: milp.init_model_in_sage_milp_class()
sage: linear_layer_component = present.component_from(0, 17)
sage: variables, constraints = linear_layer_component.milp_constraints(milp) # long
sage: variables # long
[('x[sbox_0_1_0]', x_0),
('x[sbox_0_1_1]', x_1),
...
('x[linear_layer_0_17_62]', x_126),
('x[linear_layer_0_17_63]', x_127)]
sage: constraints # long
[x_64 == x_0,
x_65 == x_4,
...
x_126 == x_59,
x_127 == x_63]

milp_wordwise_deterministic_truncated_xor_differential_constraints(model)¶

Returns a list of variables and a list of constraints for linear layer component in deterministic truncated XOR differential model.

INPUT:

model – model object; a model instance

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.midori_block_cipher import MidoriBlockCipher
sage: from claasp.cipher_modules.models.milp.milp_models.milp_wordwise_deterministic_truncated_xor_differential_model import MilpWordwiseDeterministicTruncatedXorDifferentialModel
sage: cipher = MidoriBlockCipher(number_of_rounds=2)
sage: milp = MilpWordwiseDeterministicTruncatedXorDifferentialModel(cipher)
sage: milp.init_model_in_sage_milp_class()
sage: linear_layer_component = cipher.component_from(0, 21)
sage: variables, constraints = linear_layer_component.milp_wordwise_deterministic_truncated_xor_differential_constraints(milp) # random
sage: variables
[('x[mix_column_0_20_word_0_class_bit_0]', x_0),
 ('x[mix_column_0_20_word_0_class_bit_1]', x_1),
...
 ('x[mix_column_0_21_14]', x_46),
 ('x[mix_column_0_21_15]', x_47)]
sage: constraints
[1 <= 1 + x_6 + x_8 + x_9 + x_10 + x_11 + x_13 + x_18 + x_19 - x_25,
 1 <= 1 + x_6 + x_8 + x_9 + x_10 + x_11 + x_12 + x_13 + x_19 - x_25,
...
 1 <= 1 + x_7 - x_8,
 1 <= 1 + x_1 - x_2]

milp_xor_differential_propagation_constraints(model)¶

milp_xor_linear_mask_propagation_constraints(model)¶

Return lists of variables and constraints for LINEAR LAYER component for the MILP xor linear model.

INPUT:

model – model object; a model instance

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.present_block_cipher import PresentBlockCipher
sage: from claasp.cipher_modules.models.milp.milp_model import MilpModel
sage: present = PresentBlockCipher(number_of_rounds=6)
sage: milp = MilpModel(present)
sage: milp.init_model_in_sage_milp_class()
sage: linear_layer_component = present.component_from(0, 17)
sage: variables, constraints = linear_layer_component.milp_xor_linear_mask_propagation_constraints(milp) # long
sage: variables # long
[('x[linear_layer_0_17_0_i]', x_0),
('x[linear_layer_0_17_1_i]', x_1),
...
('x[linear_layer_0_17_62_o]', x_126),
('x[linear_layer_0_17_63_o]', x_127)]
sage: constraints # long
[x_64 == x_0,
x_65 == x_4,
...
x_126 == x_59,
x_127 == x_63]

property output_bit_size¶

output_size_for_concatenate(available_word_sizes, fixed, word_size)¶

print()¶

print_as_python_dictionary()¶

print_values(code)¶

print_word_values(code)¶

sat_bitwise_deterministic_truncated_xor_differential_constraints()¶

Return a list of variables and a list of clauses representing LINEAR LAYER for SAT DETERMINISTIC TRUNCATED XOR DIFFERENTIAL model

A LINEAR LAYER is just a system of additions in GF(2), thus, they are modeled as a list of XOR equalities.

See also

SAT standard of Cipher for the format.

INPUT:

None

EXAMPLES:

sage: from claasp.ciphers.toys.fancy_block_cipher import FancyBlockCipher
sage: fancy = FancyBlockCipher(number_of_rounds=3)
sage: linear_layer_component = fancy.component_from(0, 6)
sage: variables, constraints = linear_layer_component.sat_bitwise_deterministic_truncated_xor_differential_constraints()
sage: constraints[-1]
'linear_layer_0_6_23_0 -inter_12_linear_layer_0_6_23_1 -sbox_0_5_3_1 -linear_layer_0_6_23_1'

sat_constraints()¶

Return a list of variables and a list of clauses representing LINEAR LAYER for SAT CIPHER model

A LINEAR LAYER is just a system of additions in GF(2), thus, they are modeled as a list of XOR equalities.

See also

SAT standard of Cipher for the format.

INPUT:

None

EXAMPLES:

sage: from claasp.ciphers.toys.fancy_block_cipher import FancyBlockCipher
sage: fancy = FancyBlockCipher(number_of_rounds=3)
sage: linear_layer_component = fancy.component_from(0, 6)
sage: variables, constraints = linear_layer_component.sat_constraints()
sage: constraints[-1]
'linear_layer_0_6_23 -sbox_0_0_0 -sbox_0_0_1 -sbox_0_0_2 -sbox_0_0_3 -sbox_0_1_3 -sbox_0_2_1 -sbox_0_3_1 -sbox_0_3_2 -sbox_0_3_3 -sbox_0_4_1 -sbox_0_4_2 -sbox_0_4_3 -sbox_0_5_1 -sbox_0_5_2 -sbox_0_5_3'

sat_xor_differential_propagation_constraints(model=None)¶

Return a list of variables and a list of clauses representing LINEAR LAYER for SAT XOR DIFFERENTIAL model

A LINEAR LAYER is just a system of additions in GF(2), thus, they are modeled as a list of XOR equalities.

See also

SAT standard of Cipher for the format.

INPUT:

None

EXAMPLES:

sage: from claasp.ciphers.toys.fancy_block_cipher import FancyBlockCipher
sage: fancy = FancyBlockCipher(number_of_rounds=3)
sage: linear_layer_component = fancy.component_from(0, 6)
sage: variables, constraints = linear_layer_component.sat_xor_differential_propagation_constraints()
sage: constraints[-1]
'linear_layer_0_6_23 -sbox_0_0_0 -sbox_0_0_1 -sbox_0_0_2 -sbox_0_0_3 -sbox_0_1_3 -sbox_0_2_1 -sbox_0_3_1 -sbox_0_3_2 -sbox_0_3_3 -sbox_0_4_1 -sbox_0_4_2 -sbox_0_4_3 -sbox_0_5_1 -sbox_0_5_2 -sbox_0_5_3'

sat_xor_linear_mask_propagation_constraints(model=None)¶

Return a list of variables and a list of clauses representing LINEAR LAYER for SAT XOR LINEAR model

A LINEAR LAYER is just a system of additions in GF(2), thus, they are modeled as a list of XOR equalities.

See also

SAT standard of Cipher for the format.

INPUT:

model – model object (default: None); a model instance

EXAMPLES:

sage: from claasp.ciphers.toys.fancy_block_cipher import FancyBlockCipher
sage: fancy = FancyBlockCipher(number_of_rounds=3)
sage: linear_layer_component = fancy.component_from(0, 6)
sage: variables, constraints = linear_layer_component.sat_xor_linear_mask_propagation_constraints()
sage: constraints[-1]
'linear_layer_0_6_23_o -dummy_1_linear_layer_0_6_23_o -dummy_5_linear_layer_0_6_23_o -dummy_7_linear_layer_0_6_23_o -dummy_8_linear_layer_0_6_23_o -dummy_9_linear_layer_0_6_23_o -dummy_14_linear_layer_0_6_23_o -dummy_17_linear_layer_0_6_23_o -dummy_18_linear_layer_0_6_23_o -dummy_23_linear_layer_0_6_23_o'

select_bits(code)¶

select_words(code, word_size, input=True)¶

set_description(description)¶

set_id(id_string)¶

set_input_bit_positions(bit_positions)¶

set_input_id_links(input_id_links)¶

smt_constraints()¶

Return a variable list and SMT-LIB list asserts representing LINEAR LAYER for SMT CIPHER model

A LINEAR LAYER is just a system of additions in GF(2), thus, they are modeled as a list of XOR equalities.

INPUT:

None

EXAMPLES:

sage: from claasp.ciphers.toys.fancy_block_cipher import FancyBlockCipher
sage: fancy = FancyBlockCipher(number_of_rounds=3)
sage: linear_layer_component = fancy.component_from(0, 6)
sage: vairables, constraints = linear_layer_component.smt_constraints()
sage: constraints[-1]
'(assert (= linear_layer_0_6_23 (xor sbox_0_0_0 sbox_0_0_1 sbox_0_0_2 sbox_0_0_3 sbox_0_1_3 sbox_0_2_1 sbox_0_3_1 sbox_0_3_2 sbox_0_3_3 sbox_0_4_1 sbox_0_4_2 sbox_0_4_3 sbox_0_5_1 sbox_0_5_2 sbox_0_5_3)))'

smt_xor_differential_propagation_constraints(model)¶

Return a variable list and SMT-LIB list asserts representing LINEAR LAYER for SMT XOR DIFFERENTIAL model

A LINEAR LAYER is just a system of additions in GF(2), thus, they are modeled as a list of XOR equalities.

INPUT:

None

EXAMPLES:

sage: from claasp.ciphers.toys.fancy_block_cipher import FancyBlockCipher
sage: fancy = FancyBlockCipher(number_of_rounds=3)
sage: linear_layer_component = fancy.component_from(0, 6)
sage: variables, constraints = linear_layer_component.smt_constraints()
sage: constraints[-1]
'(assert (= linear_layer_0_6_23 (xor sbox_0_0_0 sbox_0_0_1 sbox_0_0_2 sbox_0_0_3 sbox_0_1_3 sbox_0_2_1 sbox_0_3_1 sbox_0_3_2 sbox_0_3_3 sbox_0_4_1 sbox_0_4_2 sbox_0_4_3 sbox_0_5_1 sbox_0_5_2 sbox_0_5_3)))'

smt_xor_linear_mask_propagation_constraints(model=None)¶

Return a variable list and SMT-LIB list asserts representing LINEAR LAYER for SMT XOR LINEAR model.

A LINEAR LAYER is just a system of additions in GF(2), thus, they are modeled as a list of XOR equalities.

INPUT:

model – model object (default: None); a model instance

EXAMPLES:

sage: from claasp.ciphers.toys.fancy_block_cipher import FancyBlockCipher
sage: fancy = FancyBlockCipher(number_of_rounds=3)
sage: linear_layer_component = fancy.component_from(0, 6)
sage: variables, constraints = linear_layer_component.smt_xor_linear_mask_propagation_constraints()
sage: constraints[-1]
'(assert (= linear_layer_0_6_23_o (xor dummy_1_linear_layer_0_6_23_o dummy_5_linear_layer_0_6_23_o dummy_7_linear_layer_0_6_23_o dummy_8_linear_layer_0_6_23_o dummy_9_linear_layer_0_6_23_o dummy_14_linear_layer_0_6_23_o dummy_17_linear_layer_0_6_23_o dummy_18_linear_layer_0_6_23_o dummy_23_linear_layer_0_6_23_o)))'

property suffixes¶

property type¶

Reverse component¶

Previous topic

Next topic

This Page