yaole
77 lines
1.7 KiB
Markdown
77 lines
1.7 KiB
Markdown
sage: G.<b> = GF(2**8, name='b', modulus=x^8+x^7+x^6+x^5+x^4+x^2+1)
|
|
sage: K.<b> = GF(2**8, name='b', modulus=x^8+x^4+x^3+x+1)
|
|
sage: B = GF(2)
|
|
sage: R.<x> = PolynomialRing(B)
|
|
sage: G.<a> = GF(2**8, name='a', modulus=x^8+x^7+x^6+x^5+x^4+x^2+1)
|
|
sage: from sage.rings.finite_rings.hom_finite_field import FiniteFieldHomomorphism_generic
|
|
sage: F = FiniteFieldHomomorphism_generic(Hom(G, K))
|
|
sage: F
|
|
Ring morphism:
|
|
From: Finite Field in a of size 2^8
|
|
To: Finite Field in b of size 2^8
|
|
Defn: a |--> b^5 + b + 1
|
|
sage:F.inverse()
|
|
|
|
|
|
rho = MS.matrix(
|
|
[1, 1, 1, 0, 0, 0, 1, 1,
|
|
0, 1, 0, 0, 1, 1, 1, 0,
|
|
0, 0, 0, 1, 1, 0, 1, 1,
|
|
0, 0, 1, 0, 0, 1, 0, 1,
|
|
0, 0, 0, 1, 0, 1, 0, 1,
|
|
0, 1, 1, 1, 0, 1, 1, 1,
|
|
0, 0, 1, 0, 0, 1, 1, 1,
|
|
0, 0, 0, 0, 1, 1, 0, 1],
|
|
)
|
|
|
|
B = MS.matrix(
|
|
[1, 1, 1, 0, 0, 1, 0, 1,
|
|
1, 1, 1, 1, 0, 0, 1, 0,
|
|
0, 1, 1, 1, 1, 0, 0, 1,
|
|
1, 0, 1, 1, 1, 1, 0, 0,
|
|
0, 1, 0, 1, 1, 1, 1, 0,
|
|
0, 0, 1, 0, 1, 1, 1, 1,
|
|
1, 0, 0, 1, 0, 1, 1, 1,
|
|
1, 1, 0, 0, 1, 0, 1, 1],
|
|
)
|
|
|
|
|
|
SM4-S(x) = A2(AES-S(A1(x))
|
|
A1(x) = M1*x + C1
|
|
A2(x) = M2*x + C2
|
|
|
|
M1 = rho * B =
|
|
[0 0 1 1 0 0 1 0]
|
|
[0 0 0 1 0 1 0 0]
|
|
[1 0 1 1 1 1 1 0]
|
|
[1 0 0 1 1 1 0 1]
|
|
[0 1 0 1 1 0 0 0]
|
|
[0 1 0 0 0 1 0 0]
|
|
[0 0 0 0 1 0 1 0]
|
|
[1 0 1 1 1 0 1 0]
|
|
|
|
C1 = rho(D) = [0 1 1 1 1 1 0 0]
|
|
|
|
|
|
A = MS.matrix(
|
|
[1, 0, 0, 0, 1, 1, 1, 1,
|
|
1, 1, 0, 0, 0, 1, 1, 1,
|
|
1, 1, 1, 0, 0, 0, 1, 1,
|
|
1, 1, 1, 1, 0, 0, 0, 1,
|
|
1, 1, 1, 1, 1, 0, 0, 0,
|
|
0, 1, 1, 1, 1, 1, 0, 0,
|
|
0, 0, 1, 1, 1, 1, 1, 0,
|
|
0, 0, 0, 1, 1, 1, 1, 1],
|
|
)
|
|
|
|
M2 = B * rho^{-1} * A^{-1} =
|
|
[0 0 0 1 0 0 1 0]
|
|
[0 1 1 1 0 0 0 0]
|
|
[0 0 1 1 0 0 1 0]
|
|
[1 1 1 0 0 0 1 0]
|
|
[1 0 1 0 0 1 1 0]
|
|
[1 0 1 1 1 0 0 0]
|
|
[0 1 0 1 1 1 0 1]
|
|
[1 1 0 0 1 0 1 1]
|
|
|
|
C2 = B * A^{-1} * rho^{-1} C + D = [0 1 1 0 1 1 0 1] |