Xor component¶

class XOR(current_round_number, current_round_number_of_components, input_id_links, input_bit_positions, output_bit_size)¶

Bases: Component

algebraic_polynomials(model)¶

Return polynomials for Boolean XOR.

INPUT:

model – model object; a model instance

EXAMPLES:

sage: from claasp.ciphers.toys.fancy_block_cipher import FancyBlockCipher
sage: from claasp.cipher_modules.models.algebraic.algebraic_model import AlgebraicModel
sage: fancy = FancyBlockCipher(number_of_rounds=1)
sage: xor_component = fancy.get_component_from_id("xor_0_7")
sage: algebraic = AlgebraicModel(fancy)
sage: xor_component.algebraic_polynomials(algebraic)
[xor_0_7_y0 + xor_0_7_x12 + xor_0_7_x0,
 xor_0_7_y1 + xor_0_7_x13 + xor_0_7_x1,
 xor_0_7_y2 + xor_0_7_x14 + xor_0_7_x2,
 xor_0_7_y3 + xor_0_7_x15 + xor_0_7_x3,
 xor_0_7_y4 + xor_0_7_x16 + xor_0_7_x4,
 xor_0_7_y5 + xor_0_7_x17 + xor_0_7_x5,
 xor_0_7_y6 + xor_0_7_x18 + xor_0_7_x6,
 xor_0_7_y7 + xor_0_7_x19 + xor_0_7_x7,
 xor_0_7_y8 + xor_0_7_x20 + xor_0_7_x8,
 xor_0_7_y9 + xor_0_7_x21 + xor_0_7_x9,
 xor_0_7_y10 + xor_0_7_x22 + xor_0_7_x10,
 xor_0_7_y11 + xor_0_7_x23 + xor_0_7_x11]

as_python_dictionary()¶

check_output_size(available_word_sizes, fixed, word_size)¶

cms_constraints()¶

Return a list of variables and a list of clauses for XOR operation in CMS CIPHER model.

See also

CMS CIPHER model for the format.

INPUT:

None

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: speck = SpeckBlockCipher(number_of_rounds=3)
sage: xor_component = speck.component_from(0,2)
sage: xor_component.cms_constraints()
(['xor_0_2_0',
  'xor_0_2_1',
  'xor_0_2_2',
  ...
  'x -xor_0_2_13 modadd_0_1_13 key_61',
  'x -xor_0_2_14 modadd_0_1_14 key_62',
  'x -xor_0_2_15 modadd_0_1_15 key_63'])

cms_xor_differential_propagation_constraints(model=None)¶

cms_xor_linear_mask_propagation_constraints(model=None)¶

cp_constraints()¶

Return a list of CP declarations and a list of CP constraints for XOR component for CP CIPHER model.

INPUT:

None

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: speck = SpeckBlockCipher(number_of_rounds=5)
sage: xor_component = speck.component_from(0, 2)
sage: xor_component.cp_constraints()
([],
 ['constraint xor_0_2[0] = (modadd_0_1[0] + key[48]) mod 2;',
  ...
  'constraint xor_0_2[15] = (modadd_0_1[15] + key[63]) mod 2;'])

cp_deterministic_truncated_xor_differential_constraints()¶

Return list declarations and constraints for XOR component CP deterministic truncated XOR differential model.

INPUT:

inverse – boolean (default: False)

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: speck = SpeckBlockCipher(number_of_rounds=5)
sage: xor_component = speck.component_from(0, 2)
sage: xor_component.cp_deterministic_truncated_xor_differential_constraints()
([],
 ['constraint if ((modadd_0_1[0] < 2) /\\ (key[48]< 2)) then xor_0_2[0] = (modadd_0_1[0] + key[48]) mod 2 else xor_0_2[0] = 2 endif;',
   ...
  'constraint if ((modadd_0_1[15] < 2) /\\ (key[63]< 2)) then xor_0_2[15] = (modadd_0_1[15] + key[63]) mod 2 else xor_0_2[15] = 2 endif;'])

cp_deterministic_truncated_xor_differential_trail_constraints()¶

cp_hybrid_deterministic_truncated_xor_differential_constraints()¶

Return list declarations and constraints for XOR component in the hybrid CP deterministic truncated XOR differential model.

INPUT:

None

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: speck = SpeckBlockCipher(number_of_rounds=5)
sage: xor_component = speck.component_from(0, 2)
sage: xor_component.cp_hybrid_deterministic_truncated_xor_differential_constraints()
([],
 ['constraint if (modadd_0_1[0] < 2) /\\ (key[48] < 2) then xor_0_2[0] = (modadd_0_1[0] + key[48]) mod 2 elseif (modadd_0_1[0] + key[48] = modadd_0_1[0]) then xor_0_2[0] = modadd_0_1[0] elseif (modadd_0_1[0] + key[48] = key[48]) then xor_0_2[0] = key[48] else xor_0_2[0] = 2 endif;',
   ...
  'constraint if (modadd_0_1[15] < 2) /\\ (key[63] < 2) then xor_0_2[15] = (modadd_0_1[15] + key[63]) mod 2 elseif (modadd_0_1[15] + key[63] = modadd_0_1[15]) then xor_0_2[15] = modadd_0_1[15] elseif (modadd_0_1[15] + key[63] = key[63]) then xor_0_2[15] = key[63] else xor_0_2[15] = 2 endif;'])

cp_transform_xor_components_for_first_step(model)¶

Transform a XOR component into components involving only one byte for CP.

INPUT:

model – model object; a model instance

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.aes_block_cipher import AESBlockCipher
sage: from claasp.cipher_modules.models.cp.mzn_model import MznModel
sage: aes = AESBlockCipher(number_of_rounds=3)
sage: cp = MznModel(aes)
sage: xor_component = aes.component_from(0, 31)
sage: xor_component.cp_transform_xor_components_for_first_step(cp)
(['array[0..3] of var 0..1: xor_0_31;'], [])

cp_wordwise_deterministic_truncated_xor_differential_constraints(model)¶

Return lists declarations and constraints for XOR component CP wordwise deterministic truncated XOR differential model.

INPUT:

model – model object; a model instance

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.aes_block_cipher import AESBlockCipher
sage: from claasp.cipher_modules.models.cp.mzn_model import MznModel
sage: aes = AESBlockCipher(number_of_rounds=5)
sage: cp = MznModel(aes)
sage: xor_component = aes.component_from(0, 0)
sage: xor_component.cp_wordwise_deterministic_truncated_xor_differential_constraints(cp)
(['var -2..255: xor_0_0_temp_0_0_value;',
  ...
  'var 0..9: xor_0_0_bound_value_0_15 = if xor_0_0_temp_0_15_value + xor_0_0_temp_1_15_value > 0 then ceil(log2(xor_0_0_temp_0_15_value + xor_0_0_temp_1_15_value)) else 0 endif;'],
 ['constraint xor_0_0_temp_0_0_value = key_value[0] /\\ xor_0_0_temp_0_0_active = key_active[0];',
   ...
  'constraint if xor_0_0_temp_0_15_active + xor_0_0_temp_1_15_active > 2 then xor_0_0_active[15] == 3 /\\ xor_0_0_value[15] = -2 elseif xor_0_0_temp_0_15_active + xor_0_0_temp_1_15_active == 1 then xor_0_0_active[15] = 1 /\\ xor_0_0_value[15] = xor_0_0_temp_0_15_value + xor_0_0_temp_1_15_value elseif xor_0_0_temp_0_15_active + xor_0_0_temp_1_15_active == 0 then xor_0_0_active[15] = 0 /\\ xor_0_0_value[15] = 0 elseif xor_0_0_temp_0_15_value + xor_0_0_temp_1_15_value < 0 then xor_0_0_active[15] = 2 /\\ xor_0_0_value[15] = -1 elseif xor_0_0_temp_0_15_value == xor_0_0_temp_1_15_value then xor_0_0_active[15] = 0 /\\ xor_0_0_value[15] = 0 else xor_0_0_active[15] = 1 /\\ xor_0_0_value[15] = sum([(((floor(xor_0_0_temp_0_15_value/pow(2,j)) + floor(xor_0_0_temp_1_15_value/pow(2,j))) mod 2) * pow(2,j)) | j in 0..xor_0_0_bound_value_0_15]) endif;'])

cp_xor_differential_propagation_constraints(model=None)¶

cp_xor_differential_propagation_first_step_constraints(model, variables_list=None)¶

Return lists of declarations and constraints for XOR component for the CP xor differential first step model.

INPUT:

model – model object; a model type
variables_list – list (default: None)

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.aes_block_cipher import AESBlockCipher
sage: from claasp.cipher_modules.models.cp.mzn_model import MznModel
sage: aes = AESBlockCipher(number_of_rounds=3)
sage: cp = MznModel(aes)
sage: xor_component = aes.component_from(2, 31)
sage: xor_component.cp_xor_differential_propagation_first_step_constraints(cp, cp._variables_list)
(['array[0..1, 1..2] of int: xor_truncated_table_2 = array2d(0..1, 1..2, [0,0,1,1]);'],
 'constraint table([rot_2_16[0]]++[xor_2_26[0]], xor_truncated_table_2);')

cp_xor_linear_mask_propagation_constraints(model=None)¶

Return lists of declarations and constraints for XOR component for CP xor linear model.

INPUT:

model – model object (default: None); a model instance

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: speck = SpeckBlockCipher(block_bit_size=32, key_bit_size=64, number_of_rounds=22)
sage: xor_component = speck.component_from(0, 2)
sage: xor_component.cp_xor_linear_mask_propagation_constraints()
(['array[0..31] of var 0..1: xor_0_2_i;',
  'array[0..15] of var 0..1: xor_0_2_o;'],
 ['constraint xor_0_2_o[0] = xor_0_2_i[0];',
  ...
  'constraint xor_0_2_o[15] = xor_0_2_i[31];'])

property description¶

get_bit_based_vectorized_python_code(params, convert_output_to_bytes)¶

get_byte_based_vectorized_python_code(params)¶

get_graph_representation()¶

get_word_operation_sign(constants, sign, solution)¶

property id¶

property input_bit_positions¶

property input_bit_size¶

property input_id_links¶

is_forbidden(forbidden_types, forbidden_descriptions)¶

is_id_equal_to(component_id)¶

is_power_of_2_word_based(dto)¶

milp_bitwise_deterministic_truncated_xor_differential_binary_constraints(model)¶

Returns a list of variables and a list of constraints for the XOR for two inputs in deterministic truncated XOR differential model.

This method uses a binary encoding (where each variable v is seen as a binary tuple (v0, v1), where v0 is the MSB) to model the result c of the truncated XOR between inputs a and b.

a | b | c

0 | 0 | 0 0 | 1 | 1 0 | 2 | 2 1 | 0 | 1 1 | 1 | 0 1 | 2 | 2 2 | 0 | 2 2 | 1 | 2 2 | 2 | 2

Espresso was used to reduce the number of constraints to 10 inequalities. A k-input XOR is then split into k-1 2-input sequential XORs, for wich the results are stored in intermediate variables.

INPUTS:

model – model object; a model instance

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.simon_block_cipher import SimonBlockCipher
sage: from claasp.cipher_modules.models.milp.milp_models.milp_bitwise_deterministic_truncated_xor_differential_model import MilpBitwiseDeterministicTruncatedXorDifferentialModel
sage: cipher = SimonBlockCipher(block_bit_size=32, key_bit_size=64, number_of_rounds=2)
sage: milp = MilpBitwiseDeterministicTruncatedXorDifferentialModel(cipher)
sage: milp.init_model_in_sage_milp_class()
sage: xor_component = cipher.get_component_from_id("xor_0_5")
sage: variables, constraints = xor_component.milp_bitwise_deterministic_truncated_xor_differential_binary_constraints(milp)
sage: variables
[('x[and_0_4_0_class_bit_0]', x_0),
 ('x[and_0_4_0_class_bit_1]', x_1),
 ...
 ('x[xor_0_5_15_class_bit_0]', x_94),
 ('x[xor_0_5_15_class_bit_1]', x_95)]
sage: constraints
[x_96 == 2*x_0 + x_1,
 x_97 == 2*x_2 + x_3,
 ...
 1 <= 1 - x_30 + x_94,
 1 <= 2 - x_62 - x_63]

milp_bitwise_deterministic_truncated_xor_differential_constraints(model)¶

Returns a list of variables and a list of constraints for XOR component in deterministic truncated XOR differential model.

INPUTS:

model – model object; a model instance

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.simon_block_cipher import SimonBlockCipher
sage: cipher = SimonBlockCipher(block_bit_size=32, key_bit_size=64, number_of_rounds=2)
sage: from claasp.cipher_modules.models.milp.milp_models.milp_bitwise_deterministic_truncated_xor_differential_model import MilpBitwiseDeterministicTruncatedXorDifferentialModel
sage: milp = MilpBitwiseDeterministicTruncatedXorDifferentialModel(cipher)
sage: milp.init_model_in_sage_milp_class()
sage: xor_component = cipher.get_component_from_id("xor_0_5")
sage: variables, constraints = xor_component.milp_bitwise_deterministic_truncated_xor_differential_constraints(milp)
sage: variables
[('x_class[and_0_4_0]', x_0),
 ('x_class[and_0_4_1]', x_1),
...
 ('x_class[xor_0_5_14]', x_46),
 ('x_class[xor_0_5_15]', x_47)]
sage: constraints
[x_0 <= 3 - 2*x_48,
 2 - 2*x_48 <= x_0,
...
x_47 <= 2 + 4*x_95,
2 <= x_47 + 4*x_95]

milp_constraints(model)¶

Return a list of variables and a list of constrains modeling a component of type XOR for MILP CIPHER model.

INPUT:

model – model object; a model type

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.simon_block_cipher import SimonBlockCipher
sage: from claasp.cipher_modules.models.milp.milp_model import MilpModel
sage: simon = SimonBlockCipher(block_bit_size=32, key_bit_size=64, number_of_rounds=2)
sage: milp = MilpModel(simon)
sage: milp.init_model_in_sage_milp_class()
sage: xor_component = simon.get_component_from_id("xor_0_5")
sage: variables, constraints = xor_component.milp_constraints(milp)
...
sage: variables
[('x[and_0_4_0]', x_0),
('x[and_0_4_1]', x_1),
...
('x[xor_0_5_14]', x_46),
('x[xor_0_5_15]', x_47)]
sage: constraints[:4]
[x_32 <= x_0 + x_16,
 x_16 <= x_0 + x_32,
 x_0 <= x_16 + x_32,
 x_0 + x_16 + x_32 <= 2]

milp_wordwise_deterministic_truncated_xor_differential_constraints(model)¶

Returns a list of variables and a list of constraints for XOR component in deterministic truncated XOR differential model.

This does not implement the XOR for more than 2 inputs in a sequential manner. Indeed, if Y = XOR(X_0, X_1, X_2), and the input patterns are:

delta_X_0 = 1 delta_X_1 = 2 delta_X_2 = 1

and X_0 = X_2, operating in a sequential way would yield delta_Y = 3. However, since X_0 and X_1 cancel each other out, it is possible to infer that delta_Y = 2. For this reason, we instead generate all valid combinations of input-output values D and use espresso to obtain a reduced set of inequalities modeling D.

INPUTS:

model – model object; a model instance

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.aes_block_cipher import AESBlockCipher
sage: cipher = AESBlockCipher(number_of_rounds=2)
sage: from claasp.cipher_modules.models.milp.milp_models.milp_wordwise_deterministic_truncated_xor_differential_model import MilpWordwiseDeterministicTruncatedXorDifferentialModel
sage: milp = MilpWordwiseDeterministicTruncatedXorDifferentialModel(cipher)
sage: milp.init_model_in_sage_milp_class()
sage: xor_component = cipher.get_component_from_id("xor_0_32")
sage: variables, constraints = xor_component.milp_wordwise_deterministic_truncated_xor_differential_constraints(milp)
sage: variables
[('x[xor_0_31_word_0_class_bit_0]', x_0),
 ('x[xor_0_31_word_0_class_bit_1]', x_1),
...
 ('x[xor_0_32_30]', x_118),
 ('x[xor_0_32_31]', x_119)]
sage: constraints
[1 <= 1 + x_0 + x_2 + x_3 + x_4 + x_5 + x_6 + x_7 + x_8 + x_9 + x_41 - x_81,
 1 <= 1 + x_1 + x_40 + x_42 + x_43 + x_44 + x_45 + x_46 + x_47 + x_48 + x_49 - x_81,
 ...
 1 <= 1 + x_31 - x_39,
 1 <= 2 - x_30 - x_39]

milp_wordwise_deterministic_truncated_xor_differential_sequential_constraints(model)¶

Returns a list of variables and a list of constraints for XOR component in deterministic truncated XOR differential model. It should perform the wordwise xor for multiple inputs faster than the xor_wordwise_deterministic_truncated_xor_differential_constraints() methods but skips some cases e.g. if DX1 = 1, DX2 = 2, DX3 = 1 and X1 = X3, then DY = XOR(DX1, DX2, DX3) = 2 but this method will return 3

INPUTS:

model – model object; a model instance

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.aes_block_cipher import AESBlockCipher
sage: cipher = AESBlockCipher(number_of_rounds=2)
sage: from claasp.cipher_modules.models.milp.milp_models.milp_wordwise_deterministic_truncated_xor_differential_model import MilpWordwiseDeterministicTruncatedXorDifferentialModel
sage: milp = MilpWordwiseDeterministicTruncatedXorDifferentialModel(cipher)
sage: milp.init_model_in_sage_milp_class()
sage: xor_component = cipher.get_component_from_id("xor_0_31")
sage: variables, constraints = xor_component.milp_wordwise_deterministic_truncated_xor_differential_sequential_constraints(milp)
sage: variables
[('x[sbox_0_26_word_0_class_bit_0]', x_0),
('x[sbox_0_26_word_0_class_bit_1]', x_1),
 ...
('x[xor_0_31_30]', x_158),
('x[xor_0_31_31]', x_159)]
sage: constraints
[1 <= 1 + x_0 + x_2 + x_3 + x_4 + x_5 + x_6 + x_7 + x_8 + x_9 + x_41 - x_161,
 1 <= 1 + x_1 + x_40 + x_42 + x_43 + x_44 + x_45 + x_46 + x_47 + x_48 + x_49 - x_161,
...
 1 <= 1 + x_111 - x_119,
 1 <= 2 - x_110 - x_119]

milp_wordwise_deterministic_truncated_xor_differential_simple_constraints(model)¶

Returns a list of variables and a list of constraints for XOR component in deterministic truncated XOR differential model.

It follows a simplified model: if dX0 + dX1 > 2

then dY = 3

elif dX0<2 / dX1<2: then zeta Y = zetaX0 ^ zetaX1

else dY = 2

INPUTS:

model – model object; a model instance

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.aes_block_cipher import AESBlockCipher
sage: cipher = AESBlockCipher(number_of_rounds=2)
sage: from claasp.cipher_modules.models.milp.milp_models.milp_wordwise_deterministic_truncated_xor_differential_model import MilpWordwiseDeterministicTruncatedXorDifferentialModel
sage: milp = MilpWordwiseDeterministicTruncatedXorDifferentialModel(cipher)
sage: milp.init_model_in_sage_milp_class()
sage: xor_component = cipher.get_component_from_id("xor_0_32")
sage: variables, constraints = xor_component.milp_wordwise_deterministic_truncated_xor_differential_simple_constraints(milp)

milp_xor_differential_propagation_constraints(model)¶

milp_xor_linear_constraints(model)¶

Return a list of variables and a list of constraints for XOR operation in MILP XOR LINEAR model.

INPUT:

model – model object; a model instance

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.simon_block_cipher import SimonBlockCipher
sage: from claasp.cipher_modules.models.milp.milp_model import MilpModel
sage: simon = SimonBlockCipher(block_bit_size=32, key_bit_size=64, number_of_rounds=2)
sage: milp = MilpModel(simon)
sage: milp.init_model_in_sage_milp_class()
sage: xor_component = simon.get_component_from_id("xor_0_5")
sage: variables, constraints = xor_component.milp_xor_linear_constraints(milp)
sage: variables
[('x[xor_0_5_0_i]', x_0),
('x[xor_0_5_1_i]', x_1),
...
('x[xor_0_5_14_o]', x_46),
('x[xor_0_5_15_o]', x_47)]
sage: constraints
[x_32 == x_0,
x_33 == x_1,
x_34 == x_2,
...
x_46 == x_30,
x_47 == x_31]

milp_xor_linear_mask_propagation_constraints(model)¶

minizinc_constraints(model)¶

Return variables and constraints for the XOR component for MINIZINC CIPHER model.

INPUT:

model – model object; a model instance

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: from claasp.cipher_modules.models.cp.mzn_model import MznModel
sage: speck = SpeckBlockCipher(number_of_rounds=22)
sage: minizinc = MznModel(speck)
sage: xor_component = speck.get_component_from_id("xor_0_2")
sage: _, xor_minizinc_constraints = xor_component.minizinc_constraints(minizinc)
sage: xor_minizinc_constraints[0]
'constraint xor_word(\narray1d(0..16-1, [xor_0_2_x16,xor_0_2_x17,xor_0_2_x18,xor_0_2_x19,xor_0_2_x20,xor_0_2_x21,xor_0_2_x22,xor_0_2_x23,xor_0_2_x24,xor_0_2_x25,xor_0_2_x26,xor_0_2_x27,xor_0_2_x28,xor_0_2_x29,xor_0_2_x30,xor_0_2_x31]),\narray1d(0..16-1, [xor_0_2_x0,xor_0_2_x1,xor_0_2_x2,xor_0_2_x3,xor_0_2_x4,xor_0_2_x5,xor_0_2_x6,xor_0_2_x7,xor_0_2_x8,xor_0_2_x9,xor_0_2_x10,xor_0_2_x11,xor_0_2_x12,xor_0_2_x13,xor_0_2_x14,xor_0_2_x15]),\narray1d(0..16-1, [xor_0_2_y0,xor_0_2_y1,xor_0_2_y2,xor_0_2_y3,xor_0_2_y4,xor_0_2_y5,xor_0_2_y6,xor_0_2_y7,xor_0_2_y8,xor_0_2_y9,xor_0_2_y10,xor_0_2_y11,xor_0_2_y12,xor_0_2_y13,xor_0_2_y14,xor_0_2_y15]))=true;\n'

minizinc_xor_differential_propagation_constraints(model)¶

property output_bit_size¶

output_size_for_concatenate(available_word_sizes, fixed, word_size)¶

print()¶

print_as_python_dictionary()¶

print_values(code)¶

print_word_values(code)¶

sat_bitwise_deterministic_truncated_xor_differential_constraints()¶

Return a list of variables and a list of clauses representing XOR for SAT DETERMINISTIC TRUNCATED XOR DIFFERENTIAL model

See also

SAT standard of Cipher for the format.
sat_constraints() for the model.

INPUT:

None

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: speck = SpeckBlockCipher(number_of_rounds=3)
sage: xor_component = speck.component_from(0, 2)
sage: xor_component.sat_bitwise_deterministic_truncated_xor_differential_constraints()
(['xor_0_2_0_0',
  'xor_0_2_1_0',
  ...
  'xor_0_2_14_1',
  'xor_0_2_15_1'],
 ['xor_0_2_0_0 -modadd_0_1_0_0',
  'xor_0_2_0_0 -key_48_0',
  ...
  'key_63_1 xor_0_2_15_0 xor_0_2_15_1 -modadd_0_1_15_1',
  'xor_0_2_15_0 -modadd_0_1_15_1 -key_63_1 -xor_0_2_15_1'])

sat_constraints()¶

Return a list of variables and a list of clauses representing XOR for SAT CIPHER model

This method translates in CNF the constraint z = Xor(x, y). In prefixed notation, it becomes: And(Or(z, Not(x), y), Or(z, x, Not(y)), Or(z, Not(x), Not(y)), Or(z, x, y)). This method supports XOR operation using more than two operands.

See also

SAT standard of Cipher for the format.

INPUT:

None

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: speck = SpeckBlockCipher(number_of_rounds=3)
sage: xor_component = speck.component_from(0, 2)
sage: xor_component.sat_constraints()
(['xor_0_2_0',
  'xor_0_2_1',
  ...
  'xor_0_2_14',
  'xor_0_2_15'],
 ['-xor_0_2_0 modadd_0_1_0 key_48',
  'xor_0_2_0 -modadd_0_1_0 key_48',
  ...
  'xor_0_2_15 modadd_0_1_15 -key_63',
  '-xor_0_2_15 -modadd_0_1_15 -key_63'])

sat_semi_deterministic_truncated_xor_differential_constraints()¶

sat_xor_differential_propagation_constraints(model=None)¶

Return a list of variables and a list of clauses representing XOR for SAT XOR DIFFERENTIAL model

See also

SAT standard of Cipher for the format.
sat_constraints() for the model.

INPUT:

None

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: speck = SpeckBlockCipher(number_of_rounds=3)
sage: xor_component = speck.component_from(0, 2)
sage: xor_component.sat_xor_differential_propagation_constraints()
(['xor_0_2_0',
  'xor_0_2_1',
  ...
  'xor_0_2_14',
  'xor_0_2_15'],
 ['-xor_0_2_0 modadd_0_1_0 key_48',
  'xor_0_2_0 -modadd_0_1_0 key_48',
  ...
  'xor_0_2_15 modadd_0_1_15 -key_63',
  '-xor_0_2_15 -modadd_0_1_15 -key_63'])

sat_xor_linear_mask_propagation_constraints(model=None)¶

Return a list of variables and a list of clauses representing XOR for SAT XOR LINEAR model

See also

SAT standard of Cipher for the format, [LWR2016] for the algorithm.

INPUT:

model – model object (default: None); a model instance

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: speck = SpeckBlockCipher(number_of_rounds=3)
sage: xor_component = speck.component_from(0, 2)
sage: xor_component.sat_xor_linear_mask_propagation_constraints()
(['xor_0_2_0_i',
  'xor_0_2_1_i',
  ...
  'xor_0_2_14_o',
  'xor_0_2_15_o'],
 ['xor_0_2_0_i -xor_0_2_0_o',
  'xor_0_2_16_i -xor_0_2_0_i',
  ...
  'xor_0_2_31_i -xor_0_2_15_i',
  'xor_0_2_15_o -xor_0_2_31_i'])

select_bits(code)¶

select_words(code, word_size, input=True)¶

set_description(description)¶

set_id(id_string)¶

set_input_bit_positions(bit_positions)¶

set_input_id_links(input_id_links)¶

smt_constraints()¶

Return a variable list and SMT-LIB list asserts representing XOR for SMT CIPHER model

Since the XOR operation is part of the SMT-LIB formalism, the operation can be modeled using the corresponding builtin operation, e.g. z = XOR(x, y) becomes (assert (= z (xor x y))). This method support XOR operation using more than two inputs.

INPUT:

None

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: speck = SpeckBlockCipher(number_of_rounds=3)
sage: xor_component = speck.component_from(0, 2)
sage: xor_component.smt_constraints()
(['xor_0_2_0',
  'xor_0_2_1',
  ...
  'xor_0_2_14',
  'xor_0_2_15'],
 ['(assert (= xor_0_2_0 (xor modadd_0_1_0 key_48)))',
  '(assert (= xor_0_2_1 (xor modadd_0_1_1 key_49)))',
  ...
  '(assert (= xor_0_2_14 (xor modadd_0_1_14 key_62)))',
  '(assert (= xor_0_2_15 (xor modadd_0_1_15 key_63)))'])

smt_xor_differential_propagation_constraints(model=None)¶

Return a variable list and SMT-LIB list asserts representing XOR for SMT XOR DIFFERENTIAL model

See also

smt_constraints() for the model.

INPUT:

None

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: speck = SpeckBlockCipher(number_of_rounds=3)
sage: xor_component = speck.component_from(0, 2)
sage: xor_component.smt_xor_differential_propagation_constraints()
(['xor_0_2_0',
  'xor_0_2_1',
  ...
  'xor_0_2_14',
  'xor_0_2_15'],
 ['(assert (= xor_0_2_0 (xor modadd_0_1_0 key_48)))',
  '(assert (= xor_0_2_1 (xor modadd_0_1_1 key_49)))',
  ...
  '(assert (= xor_0_2_14 (xor modadd_0_1_14 key_62)))',
  '(assert (= xor_0_2_15 (xor modadd_0_1_15 key_63)))'])

smt_xor_linear_mask_propagation_constraints(model=None)¶

Return a variable list and SMT-LIB list asserts representing XOR for SMT XOR LINEAR model

See also

[LWR2016] for the algorithm.

INPUT:

model – model object (default: None); a model instance

EXAMPLES:

sage: from claasp.ciphers.block_ciphers.speck_block_cipher import SpeckBlockCipher
sage: speck = SpeckBlockCipher(number_of_rounds=3)
sage: xor_component = speck.component_from(0, 2)
sage: xor_component.smt_xor_linear_mask_propagation_constraints()
(['xor_0_2_0_o',
  'xor_0_2_1_o',
  ...
  'xor_0_2_30_i',
  'xor_0_2_31_i'],
 ['(assert (= xor_0_2_0_o xor_0_2_0_i xor_0_2_16_i))',
  '(assert (= xor_0_2_1_o xor_0_2_1_i xor_0_2_17_i))',
  ...
  '(assert (= xor_0_2_14_o xor_0_2_14_i xor_0_2_30_i))',
  '(assert (= xor_0_2_15_o xor_0_2_15_i xor_0_2_31_i))'])

property suffixes¶

property type¶

cp_build_truncated_table(numadd)¶

Return a model that generates the list of possible input/output couples for the given XOR component.

INPUT:

numadd – integer; the number of addenda

EXAMPLES:

sage: from claasp.components.xor_component import cp_build_truncated_table
sage: cp_build_truncated_table(3)
'array[0..4, 1..3] of int: xor_truncated_table_3 = array2d(0..4, 1..3, [0,0,0,0,1,1,1,0,1,1,1,0,1,1,1]);'

generic_with_constant_sign_linear_constraints(constant, const_mask, input_bit_positions)¶

Return the constraints for finding the sign of an XOR component.

INPUT:

constant – list; the value of the constant
const_mask – list; the value of the mask applied to the constant
input_bit_positions – list; the bit positions of the constant taken in input by the xor

EXAMPLES:

sage: from claasp.components.xor_component import generic_with_constant_sign_linear_constraints
sage: constant = [0, 1, 1, 0, 0, 1, 1, 0]
sage: const_mask = [0, 1, 0, 1, 1, 0, 0, 0]
sage: input_bit_positions = [0,1,2,3,4,5,6,7]
sage: generic_with_constant_sign_linear_constraints(constant, const_mask, input_bit_positions)
-1

get_milp_constraints_from_inequalities(inequalities, input_vars, number_of_input_bits, output_vars, x)¶

get_transformed_xor_input_links_and_positions(word_size, all_inputs, i, input_len, numadd, numb_of_inp)¶

Xor component¶

Previous topic

Next topic

This Page