static
void aes_enc_round(aes_cipher_state_t *state, const aes_roundkey_t *k, uint8_t countermeasures)
{
uint8_t tmp[16], t;
uint8_t i;
volatile uint16_t loop;
/* subBytes */
for (i = 0; i < 16; ++i) {
tmp[i] = pgm_read_byte(aes_sbox + state->s[i]);
}
/* shiftRows */
aes_shiftcol(tmp + 1, 1);
aes_shiftcol(tmp + 2, 2);
aes_shiftcol(tmp + 3, 3);
/* mixColums */
for (i = 0; i < 4; ++i) {
t = tmp[4 * i + 0] ^ tmp[4 * i + 1] ^ tmp[4 * i + 2] ^ tmp[4 * i + 3];
if (countermeasures == 1) {
for (loop = random() & 0x00003FF; loop>0; loop--) {
}
}
state->s[4 * i + 0] =
GF256MUL_2(tmp[4*i+0]^tmp[4*i+1])
^ tmp[4 * i + 0]
^ t;
state->s[4 * i + 1] =
GF256MUL_2(tmp[4*i+1]^tmp[4*i+2])
^ tmp[4 * i + 1]
^ t;
if (countermeasures == 1) {
for (loop = random() & 0x00003FF; loop>0; loop--) {
}
}
state->s[4 * i + 2] =
GF256MUL_2(tmp[4*i+2]^tmp[4*i+3])
^ tmp[4 * i + 2]
^ t;
state->s[4 * i + 3] =
GF256MUL_2(tmp[4*i+3]^tmp[4*i+0])
^ tmp[4 * i + 3]
^ t;
}
/* addKey */
for (i = 0; i < 16; ++i) {
state->s[i] ^= k->ks[i];
}
}
static
void aes_enc_round(aes_cipher_state_t* state, const aes_roundkey_t* k, uint8_t round){
uint8_t tmp[16], t;
uint8_t i;
/* subBytes */
// Photon-DA Trigger
if(round == 1) {
#if DELAY > 0
_delay_us(DELAY);
#endif
pda_trigger();
}
for(i=0; i<16; ++i){
tmp[i] = aes_sbox[state->s[i]];
}
// Reset Photon-DA Trigger
if(round == 1) {
#if DELAY > 0
_delay_us(DELAY);
#endif
pda_reset_trigger();
}
/* shiftRows */
aes_shiftcol(tmp+1, 1);
aes_shiftcol(tmp+2, 2);
aes_shiftcol(tmp+3, 3);
/* mixColums */
for(i=0; i<4; ++i){
t = tmp[4*i+0] ^ tmp[4*i+1] ^ tmp[4*i+2] ^ tmp[4*i+3];
state->s[4*i+0] =
GF256MUL_2(tmp[4*i+0]^tmp[4*i+1])
^ tmp[4*i+0]
^ t;
state->s[4*i+1] =
GF256MUL_2(tmp[4*i+1]^tmp[4*i+2])
^ tmp[4*i+1]
^ t;
state->s[4*i+2] =
GF256MUL_2(tmp[4*i+2]^tmp[4*i+3])
^ tmp[4*i+2]
^ t;
state->s[4*i+3] =
GF256MUL_2(tmp[4*i+3]^tmp[4*i+0])
^ tmp[4*i+3]
^ t;
}
/* addKey */
for(i=0; i<16; ++i){
state->s[i] ^= k->ks[i];
}
}
static
void aes_enc_round(aes_cipher_state_t* state, const aes_roundkey_t* k){
uint8_t tmp[16], t;
uint8_t i;
/* subBytes */
for(i=0; i<16; ++i){
tmp[i] = aes_sbox[state->s[i]];
}
/* shiftRows */
aes_shiftcol(tmp+1, 1);
aes_shiftcol(tmp+2, 2);
aes_shiftcol(tmp+3, 3);
/* mixColums */
for(i=0; i<4; ++i){
t = tmp[4*i+0] ^ tmp[4*i+1] ^ tmp[4*i+2] ^ tmp[4*i+3];
state->s[4*i+0] =
GF256MUL_2(tmp[4*i+0]^tmp[4*i+1])
^ tmp[4*i+0]
^ t;
state->s[4*i+1] =
GF256MUL_2(tmp[4*i+1]^tmp[4*i+2])
^ tmp[4*i+1]
^ t;
state->s[4*i+2] =
GF256MUL_2(tmp[4*i+2]^tmp[4*i+3])
^ tmp[4*i+2]
^ t;
state->s[4*i+3] =
GF256MUL_2(tmp[4*i+3]^tmp[4*i+0])
^ tmp[4*i+3]
^ t;
}
/* addKey */
for(i=0; i<16; ++i){
state->s[i] ^= k->ks[i];
}
}
static void mugi_f(uint64_t *dest, uint64_t *a, uint64_t *b){
uint64_t t;
uint8_t i,x;
t = (*a);
if(b)
t ^= (*b);
for(i=0; i<8; ++i)
T(i) = pgm_read_byte(aes_sbox+T(i));
x = T(0) ^ T(1) ^ T(2) ^ T(3);
D(4) =
GF256MUL_2(T(0)^T(1))
^ T(0)
^ x;
D(5) =
GF256MUL_2(T(1)^T(2))
^ T(1)
^ x;
D(2) =
GF256MUL_2(T(2)^T(3))
^ T(2)
^ x;
D(3) =
GF256MUL_2(T(3)^T(0))
^ T(3)
^ x;
x = T(4) ^ T(5) ^ T(6) ^ T(7);
D(0) =
GF256MUL_2(T(4)^T(5))
^ T(4)
^ x;
D(1) =
GF256MUL_2(T(5)^T(6))
^ T(5)
^ x;
D(6) =
GF256MUL_2(T(6)^T(7))
^ T(6)
^ x;
D(7) =
GF256MUL_2(T(7)^T(4))
^ T(7)
^ x;
}
