3 * $Id: serpent-sbox.h,v 1.1 2000/06/17 12:08:43 mdw Exp $
5 * Bitslice S-box implementations
7 * (c) 2000 Straylight/Edgeware
10 /*----- Licensing notice --------------------------------------------------*
12 * This file is part of Catacomb.
14 * Catacomb is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU Library General Public License as
16 * published by the Free Software Foundation; either version 2 of the
17 * License, or (at your option) any later version.
19 * Catacomb is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU Library General Public License for more details.
24 * You should have received a copy of the GNU Library General Public
25 * License along with Catacomb; if not, write to the Free
26 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
30 /*----- Revision history --------------------------------------------------*
32 * $Log: serpent-sbox.h,v $
33 * Revision 1.1 2000/06/17 12:08:43 mdw
38 /*----- Credit where it's due ---------------------------------------------*
40 * These S-box expressions are taken from the paper `Speeding up Serpent', by
41 * Dag Arne Osvik, submitted to AES3.
44 #ifndef CATACOMB_SERPENT_SBOX_H
45 #define CATACOMB_SERPENT_SBOX_H
51 /*----- Header files ------------------------------------------------------*/
53 #include <mLib/bits.h>
55 /*----- Macros provided ---------------------------------------------------*/
59 #define S0(r0, r1, r2, r3) do { \
61 r3 ^= r0; r4 = r1; r1 &= r3; r4 ^= r2; \
62 r1 ^= r0; r0 |= r3; r0 ^= r4; r4 ^= r3; \
63 r3 ^= r2; r2 |= r1; r2 ^= r4; r4 = ~r4; \
64 r4 |= r1; r1 ^= r3; r1 ^= r4; r3 |= r0; \
66 r3 = r0; r0 = r1; r1 = r4; \
69 #define IS0(r0, r1, r2, r3) do { \
71 r2 = ~r2; r4 = r1; r1 |= r0; r4 = ~r4; \
72 r1 ^= r2; r2 |= r4; r1 ^= r3; r0 ^= r4; \
73 r2 ^= r0; r0 &= r3; r4 ^= r0; r0 |= r1; \
74 r0 ^= r2; r3 ^= r4; r2 ^= r1; r3 ^= r0; \
75 r3 ^= r1; r2 &= r3; r4 ^= r2; \
81 #define S1(r0, r1, r2, r3) do { \
83 r0 = ~r0; r2 = ~r2; r4 = r0; r0 &= r1; \
84 r2 ^= r0; r0 |= r3; r3 ^= r2; r1 ^= r0; \
85 r0 ^= r4; r4 |= r1; r1 ^= r3; r2 |= r0; \
86 r2 &= r4; r0 ^= r1; r1 &= r2; r1 ^= r0; \
88 r4 = r0; r0 = r2; r2 = r3; r3 = r1; r1 = r4; \
91 #define IS1(r0, r1, r2, r3) do { \
93 r4 = r1; r1 ^= r3; r3 &= r1; r4 ^= r2; \
94 r3 ^= r0; r0 |= r1; r2 ^= r3; r0 ^= r4; \
95 r0 |= r2; r1 ^= r3; r0 ^= r1; r1 |= r3; \
96 r1 ^= r0; r4 = ~r4; r4 ^= r1; r1 |= r0; \
97 r1 ^= r0; r1 |= r4; r3 ^= r1; \
98 r1 = r0; r0 = r4; r4 = r2; r2 = r3; r3 = r4; \
103 #define S2(r0, r1, r2, r3) do { \
105 r4 = r0; r0 &= r2; r0 ^= r3; r2 ^= r1; \
106 r2 ^= r0; r3 |= r4; r3 ^= r1; r4 ^= r2; \
107 r1 = r3; r3 |= r4; r3 ^= r0; r0 &= r1; \
108 r4 ^= r0; r1 ^= r3; r1 ^= r4; r4 = ~r4; \
109 r0 = r2; r2 = r1; r1 = r3; r3 = r4; \
112 #define IS2(r0, r1, r2, r3) do { \
114 r2 ^= r3; r3 ^= r0; r4 = r3; r3 &= r2; \
115 r3 ^= r1; r1 |= r2; r1 ^= r4; r4 &= r3; \
116 r2 ^= r3; r4 &= r0; r4 ^= r2; r2 &= r1; \
117 r2 |= r0; r3 = ~r3; r2 ^= r3; r0 ^= r3; \
118 r0 &= r1; r3 ^= r4; r3 ^= r0; \
124 #define S3(r0, r1, r2, r3) do { \
126 r4 = r0; r0 |= r3; r3 ^= r1; r1 &= r4; \
127 r4 ^= r2; r2 ^= r3; r3 &= r0; r4 |= r1; \
128 r3 ^= r4; r0 ^= r1; r4 &= r0; r1 ^= r3; \
129 r4 ^= r2; r1 |= r0; r1 ^= r2; r0 ^= r3; \
130 r2 = r1; r1 |= r3; r1 ^= r0; \
131 r0 = r1; r1 = r2; r2 = r3; r3 = r4; \
134 #define IS3(r0, r1, r2, r3) do { \
136 r4 = r2; r2 ^= r1; r0 ^= r2; r4 &= r2; \
137 r4 ^= r0; r0 &= r1; r1 ^= r3; r3 |= r4; \
138 r2 ^= r3; r0 ^= r3; r1 ^= r4; r3 &= r2; \
139 r3 ^= r1; r1 ^= r0; r1 |= r2; r0 ^= r3; \
140 r1 ^= r4; r0 ^= r1; \
141 r4 = r0; r0 = r2; r2 = r3; r3 = r4; \
146 #define S4(r0, r1, r2, r3) do { \
148 r1 ^= r3; r3 = ~r3; r2 ^= r3; r3 ^= r0; \
149 r4 = r1; r1 &= r3; r1 ^= r2; r4 ^= r3; \
150 r0 ^= r4; r2 &= r4; r2 ^= r0; r0 &= r1; \
151 r3 ^= r0; r4 |= r1; r4 ^= r0; r0 |= r3; \
152 r0 ^= r2; r2 &= r3; r0 = ~r0; r4 ^= r2; \
153 r2 = r0; r0 = r1; r1 = r4; \
156 #define IS4(r0, r1, r2, r3) do { \
158 r4 = r2; r2 &= r3; r2 ^= r1; r1 |= r3; \
159 r1 &= r0; r4 ^= r2; r4 ^= r1; r1 &= r2; \
160 r0 = ~r0; r3 ^= r4; r1 ^= r3; r3 &= r0; \
161 r3 ^= r2; r0 ^= r1; r2 &= r0; r3 ^= r0; \
162 r2 ^= r4, r2 |= r3; r3 ^= r0; r2 ^= r1; \
168 #define S5(r0, r1, r2, r3) do { \
170 r0 ^= r1; r1 ^= r3; r3 = ~r3; r4 = r1; \
171 r1 &= r0; r2 ^= r3; r1 ^= r2; r2 |= r4; \
172 r4 ^= r3; r3 &= r1; r3 ^= r0; r4 ^= r1; \
173 r4 ^= r2; r2 ^= r0; r0 &= r3; r2 = ~r2; \
174 r0 ^= r4; r4 |= r3; r2 ^= r4; \
175 r4 = r3; r3 = r2; r2 = r0; r0 = r1; r1 = r4; \
178 #define IS5(r0, r1, r2, r3) do { \
180 r1 = ~r1; r4 = r3; r2 ^= r1; r3 |= r0; \
181 r3 ^= r2; r2 |= r1; r2 &= r0; r4 ^= r3; \
182 r2 ^= r4; r4 |= r0; r4 ^= r1; r1 &= r2; \
183 r1 ^= r3; r4 ^= r2; r3 &= r4; r4 ^= r1; \
184 r3 ^= r4; r4 = ~r4; r3 ^= r0; \
185 r0 = r1; r1 = r4; r4 = r3; r3 = r2; r2 = r4; \
190 #define S6(r0, r1, r2, r3) do { \
192 r2 = ~r2; r4 = r3; r3 &= r0; r0 ^= r4; \
193 r3 ^= r2; r2 |= r4; r1 ^= r3; r2 ^= r0; \
194 r0 |= r1; r2 ^= r1; r4 ^= r0; r0 |= r3; \
195 r0 ^= r2; r4 ^= r3; r4 ^= r0; r3 = ~r3; \
196 r2 &= r4; r2 ^= r3; \
200 #define IS6(r0, r1, r2, r3) do { \
202 r0 ^= r2; r4 = r2; r2 &= r0; r4 ^= r3; \
203 r2 = ~r2; r3 ^= r1; r2 ^= r3; r4 |= r0; \
204 r0 ^= r2; r3 ^= r4; r4 ^= r1; r1 &= r3; \
205 r1 ^= r0; r0 ^= r3; r0 |= r2; r3 ^= r1; \
207 r0 = r1; r1 = r2; r2 = r4; \
212 #define S7(r0, r1, r2, r3) do { \
214 r4 = r1; r1 |= r2; r1 ^= r3; r4 ^= r2; \
215 r2 ^= r1; r3 |= r4; r3 &= r0; r4 ^= r2; \
216 r3 ^= r1; r1 |= r4; r1 ^= r0; r0 |= r4; \
217 r0 ^= r2; r1 ^= r4; r2 ^= r1; r1 &= r0; \
218 r1 ^= r4; r2 = ~r2; r2 |= r0; r4 ^= r2; \
219 r2 = r1; r1 = r3; r3 = r0; r0 = r4; \
222 #define IS7(r0, r1, r2, r3) do { \
224 r4 = r2; r2 ^= r0; r0 &= r3; r4 |= r3; \
225 r2 = ~r2; r3 ^= r1; r1 |= r0; r0 ^= r2; \
226 r2 &= r4; r3 &= r4; r1 ^= r2; r2 ^= r0; \
227 r0 |= r2; r4 ^= r1; r0 ^= r3; r3 ^= r4; \
228 r4 |= r0; r3 ^= r2; r4 ^= r2; \
229 r2 = r1; r1 = r0; r0 = r3; r3 = r4; \
232 /*----- That's all, folks -------------------------------------------------*/