-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathSHACAL.cry
97 lines (66 loc) · 4 KB
/
SHACAL.cry
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
/* Cryptol SHACAL Implementation
@copyright Galois Inc. 2018
@author Ajay Kumar Eeralla
@editor Nichole Schmanski <[email protected]>
@editor Brian Huffman
@editor Aaron Tomb
@editor Iavor Diatchki <[email protected]>
www.cryptol.net
Source: https://www.cosic.esat.kuleuven.be/nessie/tweaks.html
SHACAL: SHACAL-1, blocksize: 160bits, keysize: 512bits, uses SHA-1 (160bits);
SHACAL-2, block size: 256bits, key size: 512bits, uses SHA-2 (256bits)
*/
module Primitive::Symmetric::Cipher::Block::SHACAL where
import Primitive::Keyless::Hash::SHA2Internal::SHA256
import Primitive::Keyless::Hash::SHA1
/**SHACAL1**/
type shacal1Block = 160
type shacal1Key = 512
shacal1Encrypt : ([shacal1Key], [shacal1Block]) -> [shacal1Block]
shacal1Encrypt (key, pt) = join (block (pt', key'))
where pt' = split pt : [5][32]
key' = split key : [16][32]
// Helper function to analyse the PGV hash function constructions
shacal1Encrypt160 : ([shacal1Block], [shacal1Block]) -> [shacal1Block]
shacal1Encrypt160 (key, pt) = shacal1Encrypt(key#zero, pt)
shacal1Encrypt512 : ([shacal1Key], [shacal1Key]) -> [shacal1Key]
shacal1Encrypt512 (key, pt) = shacal1Encrypt(key, (take`{160} pt))#zero
//Testing
// //Added 10 test vectors for more vectors, please visit: https://www.cosic.esat.kuleuven.be/nessie/tweaks.html
property shacal1TestsPass = and [shacal1Encrypt(key, plain) == cipher | (key, plain, cipher) <- tVector1]
tVector1 = [ (0x8#zero, zero, 0x0FFD8D43B4E33C7C53461BD10F27A5461050D90D)
, (0x4#zero, zero, 0xB9C60AA972B49CA04D5A0D9B9E08B2A2BA138C93)
, (0x2#zero, zero, 0x3FA618501A3D10E3CAEB3CA06B8B47A16F8E3D9E)
, (0x1#zero, zero, 0x2B4AFB3268C32F86B89BB745EC85F24702B38498)
, (0x08#zero, zero, 0x58E782A1D205E53DD2901F0F302F8894D0A3B05B)
, (0x04#zero, zero, 0xB345AD4DC877D0BFCF760EE25056D21C7DB2F868)
, (0x02#zero, zero, 0x334C5A595919EA33E5EB467657AAE3ED825207D3)
, (0x01#zero, zero, 0x5F686F27819DF939F877099A222D01EE955F6E66)
, (0x008#zero, zero, 0x62BE68D266A28F7E6B44A83E62A476FFD627AF0E)
, (0x004#zero, zero, 0x2D5265CD2E72B52B6477F341816F2BB554428BC5)]
/**SHACAL2**/
type shacal2Block = 256
type shacal2Key = 512
// Encryption
shacal2Encrypt : ([shacal2Key], [shacal2Block]) -> [shacal2Block]
shacal2Encrypt (key, pt) = join (processBlock_Common pt' key')
where pt' = split pt : [8][32]
key' = split key : [16][32]
// Helper function to analyse the PGV hash function constructions
shacal2Encrypt256 : ([shacal2Block], [shacal2Block]) -> [shacal2Block]
shacal2Encrypt256 (key, pt) = shacal2Encrypt(key#zero, pt)
shacal2Encrypt512 : ([shacal2Key], [shacal2Key]) -> [shacal2Key]
shacal2Encrypt512 (key, pt) = shacal2Encrypt(key, (take`{256} pt))#zero
//Testing
//Added 10 test vectors for more vectors, please visit: https://www.cosic.esat.kuleuven.be/nessie/tweaks.html
property shacal2TestsPass = and [shacal2Encrypt(key, plain) == cipher | (key, plain, cipher) <- tVector2]
tVector2 = [ (0x8#zero, zero, 0x361AB6322FA9E7A7BB23818D839E01BDDAFDF47305426EDD297AEDB9F6202BAE)
, (0x4#zero, zero, 0xF3BAF53E5301E08813F8BE6F651BB19E9722151FF15063BA42A6FEF7CF3BF3D7)
, (0x1#zero, zero, 0xAE70E355CB7E26FF12421F46CDAD5CB98367FE0E86CC234EDF97481765CD1AD9)
, (0x08#zero, zero, 0x00CECD0B01311F881018E7A20BCE169766C089D91FF161346C4E1BD122EA199F)
, (0x08#zero, zero, 0x00CECD0B01311F881018E7A20BCE169766C089D91FF161346C4E1BD122EA199F)
, (0x04#zero, zero, 0x47A879CB6785AD37119C450CD50E9A36FE318FA8E7B6C6E0FA963430122F33CD)
, (0x02#zero, zero, 0xCF3D53B9F9F7CA2C66738A4C09CEA9212C056F525BDC26F263FBA1B482EDF503)
, (0x01#zero, zero, 0xA274D404E83E82817389A2CB7B528C792A0E80DE879A5A67DE633B0B7DD57B7B)
, (0x008#zero, zero, 0x09B3AB9332301D4E3C239D192A4221AFD43F6829A705D396FA96BDE1E716BC38)
, (0x004#zero, zero, 0xD3B9AB867A6868C4400D200979055C8F9E3A6BFB40D1F9E376B9EC89223D7050)]