|
Skinny-C
|
|
Skinny-C
|
MANTIS tweakable block cipher with 64-bit blocks. More...
Data Structures | |
| union | MantisCells_t |
| Union that describes a 64-bit 4x4 array of cells. More... | |
| struct | MantisKey_t |
| Key schedule for Mantis block ciphers. More... | |
| struct | MantisCTR_t |
| State information for Mantis in CTR mode. More... | |
| struct | MantisParallelECB_t |
| State information for Mantis in parallel ECB mode. More... | |
Macros | |
| #define | MANTIS_BLOCK_SIZE 8 |
| Size of a block for Mantis block ciphers. | |
| #define | MANTIS_KEY_SIZE 16 |
| Size of a Mantis block cipher key. | |
| #define | MANTIS_TWEAK_SIZE 8 |
| Size of a Mantis block cipher tweak. | |
| #define | MANTIS_MIN_ROUNDS 5 |
| Minimum number of rounds for Mantis block ciphers. More... | |
| #define | MANTIS_MAX_ROUNDS 8 |
| Maximum number of rounds for Mantis block ciphers. | |
| #define | MANTIS_ENCRYPT 1 |
| Mode that selects Mantis encryption when the key schedule is setup. | |
| #define | MANTIS_DECRYPT 0 |
| Mode that selects Mantis decryption when the key schedule is setup. | |
Functions | |
| int | mantis_set_key (MantisKey_t *ks, const void *key, unsigned size, unsigned rounds, int mode) |
| Sets the key schedule for a Mantis block cipher. More... | |
| int | mantis_set_tweak (MantisKey_t *ks, const void *tweak, unsigned size) |
| Sets the tweak value for a previously-initialized key schedule. More... | |
| void | mantis_swap_modes (MantisKey_t *ks) |
| Swaps the encryption and decryption modes on a Mantis key schedule. More... | |
| void | mantis_ecb_crypt (void *output, const void *input, const MantisKey_t *ks) |
| Encrypts or decrypts a single block using the Mantis block cipher in ECB mode. More... | |
| void | mantis_ecb_crypt_tweaked (void *output, const void *input, const void *tweak, const MantisKey_t *ks) |
| Encrypts or decrypts a single block using the Mantis block cipher in ECB mode, with the tweak supplied explicitly. More... | |
| int | mantis_ctr_init (MantisCTR_t *ctr) |
| Initializes Mantis in CTR mode. More... | |
| void | mantis_ctr_cleanup (MantisCTR_t *ctr) |
| Cleans up a CTR control block for Mantis. More... | |
| int | mantis_ctr_set_key (MantisCTR_t *ctr, const void *key, unsigned size, unsigned rounds) |
| Sets the key schedule for a Mantis block cipher in CTR mode. More... | |
| int | mantis_ctr_set_tweak (MantisCTR_t *ctr, const void *tweak, unsigned tweak_size) |
| Changes the tweak value for a previously-initialized key schedule. More... | |
| int | mantis_ctr_set_counter (MantisCTR_t *ctr, const void *counter, unsigned size) |
| Sets the counter value in a Mantis CTR control block. More... | |
| int | mantis_ctr_encrypt (void *output, const void *input, size_t size, MantisCTR_t *ctr) |
| Encrypt a block of data using Mantis in CTR mode. More... | |
| int | mantis_parallel_ecb_init (MantisParallelECB_t *ecb) |
| Initializes Mantis in parallel ECB mode. More... | |
| void | mantis_parallel_ecb_cleanup (MantisParallelECB_t *ecb) |
| Cleans up a parallel ECB control block for Mantis. More... | |
| int | mantis_parallel_ecb_set_key (MantisParallelECB_t *ecb, const void *key, unsigned size, unsigned rounds, int mode) |
| Sets the key schedule for a Mantis block cipher in parallel ECB mode. More... | |
| void | mantis_parallel_ecb_swap_modes (MantisParallelECB_t *ecb) |
| Swaps the encryption and decryption modes on a parallel Mantis key schedule. More... | |
| int | mantis_parallel_ecb_crypt (void *output, const void *input, const void *tweak, size_t size, const MantisParallelECB_t *ecb) |
| Encrypts or decrypts a block of data using Mantis in parallel ECB mode. More... | |
MANTIS tweakable block cipher with 64-bit blocks.
Mantis is a tweakable block cipher with 64-bit blocks, a 128-bit key, and a 64-bit tweak. It is a variant of SKINNY that is designed for memory encryption. Typically, memory is encrypted in 8-byte blocks in ECB mode with the memory address of each block supplied to the cipher as the tweak.
Mantis comes in variants with round counts between 5 and 8. The authors advise that there is a known efficient attack against Mantis-5. They recommend using at least Mantis-7. For an even larger security margin, use Skinny-64 or Skinny-128 instead of Mantis.
In Mantis, ECB encryption and decryption are provided by the same function mantis_ecb_crypt(). The initial mode is selected by an argument to mantis_set_key() and can be changed to the other mode on the fly without a new key setup by calling mantis_swap_modes().
| #define MANTIS_MIN_ROUNDS 5 |
Minimum number of rounds for Mantis block ciphers.
Definition at line 77 of file mantis-cipher.h.
| void mantis_ctr_cleanup | ( | MantisCTR_t * | ctr | ) |
Cleans up a CTR control block for Mantis.
| ctr | Points to the CTR control block to clean up. |
Definition at line 205 of file mantis-ctr.c.
| int mantis_ctr_encrypt | ( | void * | output, |
| const void * | input, | ||
| size_t | size, | ||
| MantisCTR_t * | ctr | ||
| ) |
Encrypt a block of data using Mantis in CTR mode.
| output | The output buffer for the ciphertext. |
| input | The input buffer containing the plaintext. |
| size | The number of bytes to be encrypted. |
| ctr | The CTR control block to use and update. |
This function can also be used for CTR mode decryption.
Definition at line 245 of file mantis-ctr.c.
| int mantis_ctr_init | ( | MantisCTR_t * | ctr | ) |
Initializes Mantis in CTR mode.
| ctr | Points to the CTR control block to initialize. |
The counter block is initially set to all-zeroes.
Definition at line 187 of file mantis-ctr.c.
| int mantis_ctr_set_counter | ( | MantisCTR_t * | ctr, |
| const void * | counter, | ||
| unsigned | size | ||
| ) |
Sets the counter value in a Mantis CTR control block.
| ctr | The CTR control block to modify. |
| counter | The counter value to set, which may be NULL to specify an all-zeroes counter. |
| size | The size of the counter in bytes, between 0 and MANTIS_BLOCK_SIZE. Short counter blocks are padded on the left with zeroes to make up a full MANTIS_BLOCK_SIZE bytes. |
The counter is assumed to be in big-endian order, incremented from the right-most byte forward, as in the standard AES-CTR mode. Often the counter block will contain a packet sequence number or equivalent in the left-most bytes with the right-most bytes used to count blocks within the specified packet.
Calling this function will also reset the keystream position so that the next call to mantis_ctr_encrypt() will start with the new counter value. Usually this occurs at the start of a packet.
Definition at line 235 of file mantis-ctr.c.
| int mantis_ctr_set_key | ( | MantisCTR_t * | ctr, |
| const void * | key, | ||
| unsigned | size, | ||
| unsigned | rounds | ||
| ) |
Sets the key schedule for a Mantis block cipher in CTR mode.
| ctr | The CTR control block to set the key on. |
| key | Points to the key. |
| size | Size of the key, which must be MANTIS_KEY_SIZE. |
| rounds | The number of rounds to use, between MANTIS_MIN_ROUNDS and MANTIS_MAX_ROUNDS. |
Calling this function will also reset the keystream position so that the next call to mantis_ctr_encrypt() will start with the new key. Usually this occurs at the start of a packet.
Definition at line 215 of file mantis-ctr.c.
| int mantis_ctr_set_tweak | ( | MantisCTR_t * | ctr, |
| const void * | tweak, | ||
| unsigned | tweak_size | ||
| ) |
Changes the tweak value for a previously-initialized key schedule.
| ctr | The CTR control block to set the tweak on. |
| tweak | The new tweak value, or NULL for a zero tweak. |
| tweak_size | Size of the new tweak value; between 1 and 16 bytes. |
This function modifies the key schedule to change the tweak from its previous value to the new value given by tweak.
Calling this function will also reset the keystream position so that the next call to mantis_ctr_encrypt() will start with the new counter value. Usually this occurs at the start of a packet.
Definition at line 225 of file mantis-ctr.c.
| void mantis_ecb_crypt | ( | void * | output, |
| const void * | input, | ||
| const MantisKey_t * | ks | ||
| ) |
Encrypts or decrypts a single block using the Mantis block cipher in ECB mode.
| output | The output block, which must contain at least MANTIS_BLOCK_SIZE bytes of space for the ciphertext. |
| input | The input block, which must contain at least MANTIS_BLOCK_SIZE bytes of plaintext data. |
| ks | The key schedule that was set up by mantis_set_key(). |
The input and output blocks are allowed to overlap.
The encryption or decryption mode is selected when the key schedule is setup by mantis_set_key(). The mode can also be altered on the fly by calling mantis_swap_modes().
Definition at line 400 of file mantis-cipher.c.
| void mantis_ecb_crypt_tweaked | ( | void * | output, |
| const void * | input, | ||
| const void * | tweak, | ||
| const MantisKey_t * | ks | ||
| ) |
Encrypts or decrypts a single block using the Mantis block cipher in ECB mode, with the tweak supplied explicitly.
| output | The output block, which must contain at least MANTIS_BLOCK_SIZE bytes of space for the ciphertext. |
| input | The input block, which must contain at least MANTIS_BLOCK_SIZE bytes of plaintext data. |
| tweak | The tweak block, which must contain at least MANTIS_BLOCK_SIZE bytes of tweak data. |
| ks | The key schedule that was set up by mantis_set_key(). |
The input and output blocks are allowed to overlap.
The encryption or decryption mode is selected when the key schedule is setup by mantis_set_key(). The mode can also be altered on the fly by calling mantis_swap_modes().
This function differs from mantis_ecb_crypt() in that the tweak is supplied explicitly to the function rather than via mantis_set_tweak(). This can be useful if every block that is encrypted or decrypted has its own block-specific tweak.
Definition at line 574 of file mantis-cipher.c.
| void mantis_parallel_ecb_cleanup | ( | MantisParallelECB_t * | ecb | ) |
Cleans up a parallel ECB control block for Mantis.
| ecb | Points to the parallel ECB control block to clean up. |
Definition at line 62 of file mantis-parallel.c.
| int mantis_parallel_ecb_crypt | ( | void * | output, |
| const void * | input, | ||
| const void * | tweak, | ||
| size_t | size, | ||
| const MantisParallelECB_t * | ecb | ||
| ) |
Encrypts or decrypts a block of data using Mantis in parallel ECB mode.
| output | The output buffer for the ciphertext. |
| input | The input buffer containing the plaintext. |
| tweak | A buffer containing the tweak values to use for each block in the input. |
| size | The number of bytes to be encrypted, which must be a multiple of MANTIS_BLOCK_SIZE. |
| ecb | The parallel ECB control block to use and update. |
For best performance, size should be a multiple of the parallel_size value in to the ecb structure.
The encryption or decryption mode is selected when the key schedule is setup by mantis_set_key(). The mode can also be altered on the fly by calling mantis_parallel_ecb_swap_modes().
Definition at line 92 of file mantis-parallel.c.
| int mantis_parallel_ecb_init | ( | MantisParallelECB_t * | ecb | ) |
Initializes Mantis in parallel ECB mode.
| ecb | Points to the parallel ECB control block to initialize. |
Definition at line 49 of file mantis-parallel.c.
| int mantis_parallel_ecb_set_key | ( | MantisParallelECB_t * | ecb, |
| const void * | key, | ||
| unsigned | size, | ||
| unsigned | rounds, | ||
| int | mode | ||
| ) |
Sets the key schedule for a Mantis block cipher in parallel ECB mode.
| ecb | The parallel ECB control block to set the key on. |
| key | Points to the key. |
| size | Size of the key, which must be MANTIS_KEY_SIZE. |
| rounds | The number of rounds to use, between MANTIS_MIN_ROUNDS and MANTIS_MAX_ROUNDS. |
| mode | MANTIS_ENCRYPT or MANTIS_DECRYPT to select the mode the use when mantis_ecb_crypt() is called. The mode can be altered later by calling mantis_parallel_ecb_swap_modes(). |
Definition at line 72 of file mantis-parallel.c.
| void mantis_parallel_ecb_swap_modes | ( | MantisParallelECB_t * | ecb | ) |
Swaps the encryption and decryption modes on a parallel Mantis key schedule.
| ecb | The parallel ECB control block to modify. |
Definition at line 82 of file mantis-parallel.c.
| int mantis_set_key | ( | MantisKey_t * | ks, |
| const void * | key, | ||
| unsigned | size, | ||
| unsigned | rounds, | ||
| int | mode | ||
| ) |
Sets the key schedule for a Mantis block cipher.
| ks | The key schedule structure to populate. |
| key | Points to the key. |
| size | Size of the key, which must be MANTIS_KEY_SIZE. |
| rounds | The number of rounds to use, between MANTIS_MIN_ROUNDS and MANTIS_MAX_ROUNDS. |
| mode | MANTIS_ENCRYPT or MANTIS_DECRYPT to select the mode the use when mantis_ecb_crypt() is called. The mode can be altered later by calling mantis_swap_modes(). |
The initial tweak value will be all-zeroes. Call mantis_set_tweak() after this function to set a different tweak.
Definition at line 157 of file mantis-cipher.c.
| int mantis_set_tweak | ( | MantisKey_t * | ks, |
| const void * | tweak, | ||
| unsigned | size | ||
| ) |
Sets the tweak value for a previously-initialized key schedule.
| ks | The key schedule to change. |
| tweak | The new tweak value, or NULL for a zero tweak. |
| size | Size of the tweak value; must be MANTIS_TWEAK_SIZE. |
Definition at line 205 of file mantis-cipher.c.
| void mantis_swap_modes | ( | MantisKey_t * | ks | ) |
Swaps the encryption and decryption modes on a Mantis key schedule.
| ks | The key schedule to change. |
Definition at line 225 of file mantis-cipher.c.
1.8.6
