internal-ascon-m2.h File Reference

Masked implementation of the ASCON permutation with 2 shares. More...

#include "internal-ascon.h"

Go to the source code of this file.

Data Structures
struct	ascon_masked_state_x2_t
	Structure of the internal state of the masked ASCON permutation with two shares. More...
union	ascon_masked_key_x2_t
	Structure of an ASCON key that has been masked with 2 shares. More...

Macros
#define	ascon_masked_separator_x2(state)   ((state)->a.W[8] ^= 0x01)
	Absorb the domain separator between associated data and plaintext. More...

Functions
void	ascon_permute_masked_x2 (ascon_masked_state_x2_t *state, uint8_t first_round)
	Permutes the 2-share version of the masked ASCON state. More...
void	ascon_mask_key_128_x2 (ascon_masked_key_x2_t *mk, uint64_t iv, const unsigned char *k)
	Masks a 128-bit key plus a 64-bit initialization vector. More...
void	ascon_mask_key_160_x2 (ascon_masked_key_x2_t *mk, uint32_t iv, const unsigned char *k)
	Masks a 160-bit key plus a 32-bit initialization vector. More...
void	ascon_masked_init_key_x2 (ascon_masked_state_x2_t *state, const ascon_masked_key_x2_t *mk, const unsigned char *npub, int is_160_bit)
	Initializes the 2-share version of a masked ASCON state with a 128-bit key and a 128-bit nonce. More...
void	ascon_masked_finalize_128_x2 (ascon_masked_state_x2_t *state, const ascon_masked_key_x2_t *mk, unsigned char tag[16])
	Finalizes the 2-share version of a masked ASCON state and computes the final authentication tag for ASCON-128. More...
void	ascon_masked_finalize_128a_x2 (ascon_masked_state_x2_t *state, const ascon_masked_key_x2_t *mk, unsigned char tag[16])
	Finalizes the 2-share version of a masked ASCON state and computes the final authentication tag for ASCON-128a. More...
void	ascon_masked_finalize_80pq_x2 (ascon_masked_state_x2_t *state, const ascon_masked_key_x2_t *mk, unsigned char tag[16])
	Finalizes the 2-share version of a masked ASCON state and computes the final authentication tag for ASCON-80pq. More...
void	ascon_masked_absorb_8_x2 (ascon_masked_state_x2_t *state, const unsigned char *data, size_t len, uint8_t first_round)
	Absorbs data into a 2-share masked ASCON state with an 8-byte block rate. More...
void	ascon_masked_absorb_16_x2 (ascon_masked_state_x2_t *state, const unsigned char *data, size_t len, uint8_t first_round)
	Absorbs data into a 2-share masked ASCON state with a 16-byte block rate. More...
void	ascon_masked_encrypt_8_x2 (ascon_masked_state_x2_t *state, unsigned char *dest, const unsigned char *src, size_t len, uint8_t first_round)
	Encrypts a block of data with a 2-share masked ASCON state and an 8-byte block rate. More...
void	ascon_masked_decrypt_8_x2 (ascon_masked_state_x2_t *state, unsigned char *dest, const unsigned char *src, size_t len, uint8_t first_round)
	Decrypts a block of data with a 2-share masked ASCON state and an 8-byte block rate. More...
void	ascon_masked_encrypt_16_x2 (ascon_masked_state_x2_t *state, unsigned char *dest, const unsigned char *src, size_t len, uint8_t first_round)
	Encrypts a block of data with a 2-share masked ASCON state and a 16-byte block rate. More...
void	ascon_masked_decrypt_16_x2 (ascon_masked_state_x2_t *state, unsigned char *dest, const unsigned char *src, size_t len, uint8_t first_round)
	Decrypts a block of data with a 2-share masked ASCON state and a 16-byte block rate. More...
void	ascon_masked_refresh_x2 (ascon_masked_state_x2_t *state)
	Refreshes the randomness in a 2-share masked ASCON state. More...
void	ascon_masked_key_refresh_x2 (ascon_masked_key_x2_t *mk)
	Refreshes the randomness in aa 2-share masked ASCON key. More...

Detailed Description

Masked implementation of the ASCON permutation with 2 shares.

References: http://competitions.cr.yp.to/round3/asconv12.pdf, http://ascon.iaik.tugraz.at/

Macro Definition Documentation

#define ascon_masked_separator_x2

(

state

)

((state)->a.W[8] ^= 0x01)

Absorb the domain separator between associated data and plaintext.

Parameters

state

The masked ASCON state.

Function Documentation

void ascon_mask_key_128_x2	(	ascon_masked_key_x2_t *	mk,
		uint64_t	iv,
		const unsigned char *	k
	)

Masks a 128-bit key plus a 64-bit initialization vector.

Parameters

mk	Masked version of the key.
iv	Initialization vector which identifies the AEAD variant.
k	Points to the 128 bits of the key.

void ascon_mask_key_160_x2	(	ascon_masked_key_x2_t *	mk,
		uint32_t	iv,
		const unsigned char *	k
	)

Masks a 160-bit key plus a 32-bit initialization vector.

Parameters

mk	Masked version of the key.
iv	Initialization vector which identifies the AEAD variant.
k	Points to the 160 bits of the key.

void ascon_masked_absorb_16_x2	(	ascon_masked_state_x2_t *	state,
		const unsigned char *	data,
		size_t	len,
		uint8_t	first_round
	)

Absorbs data into a 2-share masked ASCON state with a 16-byte block rate.

Parameters

state	The state to absorb the data into.
data	Points to the data to be absorbed.
len	Length of the data to be absorbed.
first_round	First round of the permutation to apply each block.

Each 16-byte block of data is XOR'ed with the state and then a permutation call is performed. The last block is padded.

void ascon_masked_absorb_8_x2	(	ascon_masked_state_x2_t *	state,
		const unsigned char *	data,
		size_t	len,
		uint8_t	first_round
	)

Absorbs data into a 2-share masked ASCON state with an 8-byte block rate.

Parameters

state	The state to absorb the data into.
data	Points to the data to be absorbed.
len	Length of the data to be absorbed.
first_round	First round of the permutation to apply each block.

Each 8-byte block of data is XOR'ed with the state and then a permutation call is performed. The last block is padded.

void ascon_masked_decrypt_16_x2	(	ascon_masked_state_x2_t *	state,
		unsigned char *	dest,
		const unsigned char *	src,
		size_t	len,
		uint8_t	first_round
	)

Decrypts a block of data with a 2-share masked ASCON state and a 16-byte block rate.

Parameters

state	The state to encrypt with.
dest	Points to the destination buffer.
src	Points to the source buffer.
len	Length of the data to decrypt from src into dest.
first_round	First round of the permutation to apply each block.

void ascon_masked_decrypt_8_x2	(	ascon_masked_state_x2_t *	state,
		unsigned char *	dest,
		const unsigned char *	src,
		size_t	len,
		uint8_t	first_round
	)

Decrypts a block of data with a 2-share masked ASCON state and an 8-byte block rate.

Parameters

state	The state to encrypt with.
dest	Points to the destination buffer.
src	Points to the source buffer.
len	Length of the data to decrypt from src into dest.
first_round	First round of the permutation to apply each block.

void ascon_masked_encrypt_16_x2	(	ascon_masked_state_x2_t *	state,
		unsigned char *	dest,
		const unsigned char *	src,
		size_t	len,
		uint8_t	first_round
	)

Encrypts a block of data with a 2-share masked ASCON state and a 16-byte block rate.

Parameters

state	The state to encrypt with.
dest	Points to the destination buffer.
src	Points to the source buffer.
len	Length of the data to encrypt from src into dest.
first_round	First round of the permutation to apply each block.

void ascon_masked_encrypt_8_x2	(	ascon_masked_state_x2_t *	state,
		unsigned char *	dest,
		const unsigned char *	src,
		size_t	len,
		uint8_t	first_round
	)

Encrypts a block of data with a 2-share masked ASCON state and an 8-byte block rate.

Parameters

state	The state to encrypt with.
dest	Points to the destination buffer.
src	Points to the source buffer.
len	Length of the data to encrypt from src into dest.
first_round	First round of the permutation to apply each block.

void ascon_masked_finalize_128_x2	(	ascon_masked_state_x2_t *	state,
		const ascon_masked_key_x2_t *	mk,
		unsigned char	tag[16]
	)

Finalizes the 2-share version of a masked ASCON state and computes the final authentication tag for ASCON-128.

Parameters

state	The masked ASCON state to be finalized.
mk	Points to the masked key value.
tag	Points to the buffer to receive the authentication tag.

void ascon_masked_finalize_128a_x2	(	ascon_masked_state_x2_t *	state,
		const ascon_masked_key_x2_t *	mk,
		unsigned char	tag[16]
	)

Finalizes the 2-share version of a masked ASCON state and computes the final authentication tag for ASCON-128a.

Parameters

state	The masked ASCON state to be finalized.
mk	Points to the masked key value.
tag	Points to the buffer to receive the authentication tag.

void ascon_masked_finalize_80pq_x2	(	ascon_masked_state_x2_t *	state,
		const ascon_masked_key_x2_t *	mk,
		unsigned char	tag[16]
	)

Finalizes the 2-share version of a masked ASCON state and computes the final authentication tag for ASCON-80pq.

Parameters

state	The masked ASCON state to be finalized.
mk	Points to the masked key value.
tag	Points to the buffer to receive the authentication tag.

void ascon_masked_init_key_x2	(	ascon_masked_state_x2_t *	state,
		const ascon_masked_key_x2_t *	mk,
		const unsigned char *	npub,
		int	is_160_bit
	)

Initializes the 2-share version of a masked ASCON state with a 128-bit key and a 128-bit nonce.

Parameters

state	The masked ASCON state to be initialized.
mk	Points to the masked key value.
npub	Points to the 128 bits of the nonce.
is_160_bit	Non-zero if the key is 160 bits in size.

void ascon_masked_key_refresh_x2

(

ascon_masked_key_x2_t *

mk

)

Refreshes the randomness in aa 2-share masked ASCON key.

Parameters

mk	The masked key to be refreshed.

void ascon_masked_refresh_x2

(

ascon_masked_state_x2_t *

state

)

Refreshes the randomness in a 2-share masked ASCON state.

Parameters

state

The masked ASCON state to be refreshed.

void ascon_permute_masked_x2	(	ascon_masked_state_x2_t *	state,
		uint8_t	first_round
	)

Permutes the 2-share version of the masked ASCON state.

Parameters

state	The masked ASCON state to be permuted.
first_round	The first round (of 12) to be performed; 0, 4, or 6.

The input and output state will be in host byte order.