deal.c
3f861eb886e5fa980509cfc274aed7aaa21b5813b66da39153e6ac7dfad0c73d
/* This is an independent implementation of the DEAL encryption */
/* algorithm submitted by Richard Outerbridge and Lars Knudsen as */
/* a candidate the NIST AES programme. */
/* */
/* Copyright in this implementation is held by Dr B R Gladman but */
/* I hereby give permission for its free direct or derivative use */
/* subject to aks_keynowledgment of its origin and compliance with */
/* any constraints that are placed on the exploitation of DEAL by */
/* its designers. */
/* */
/* Dr Brian Gladman (gladman@seven77.demon.co.uk) 30th Noveember 98 */
/* Timing Data:
Algorithm: deal (deal0.c)
128 bit key:
Key Setup: 8777 cycles
Encrypt: 2833 cycles = 9.0 mbits/sec
Decrypt: 2836 cycles = 9.0 mbits/sec
Mean: 2835 cycles = 9.0 mbits/sec
192 bit key:
Key Setup: 8812 cycles
Encrypt: 2833 cycles = 9.0 mbits/sec
Decrypt: 2833 cycles = 9.0 mbits/sec
Mean: 2833 cycles = 9.0 mbits/sec
256 bit key:
Key Setup: 11745 cycles
Encrypt: 3758 cycles = 6.8 mbits/sec
Decrypt: 3757 cycles = 6.8 mbits/sec
Mean: 3757 cycles = 6.8 mbits/sec
*/
#include "../std_defs.h"
#include "../des/des.h"
static char *alg_name[] = { "deal", "deal0.c" };
char **cipher_name()
{
return alg_name;
}
u4byte ks_key[2] = { 0x67452301, 0xefcdab89 };
u4byte ks_ks[32]; /* storage for the local key schedule */
u4byte ks_init = 0;
u4byte k_len; /* copy of key_length */
u4byte l_key[256]; /* storage for key schedule */
/* initialise the key schedule from the user supplied key */
u4byte *set_key(const u4byte key_blk[], const u4byte key_len)
{ u4byte lk[2];
if(!ks_init)
{
des_ky(ks_key, ks_ks); ks_init = 1;
}
k_len = (key_len + 63) / 64;
switch(k_len)
{
case 2:
lk[0] = key_blk[0];
lk[1] = key_blk[1];
des_ec(lk, lk, ks_ks);
des_ky(lk, l_key);
lk[0] ^= key_blk[2];
lk[1] ^= key_blk[3];
des_ec(lk, lk, ks_ks);
des_ky(lk, l_key + 32);
lk[0] ^= key_blk[0] ^ 0x00000080;
lk[1] ^= key_blk[1];
des_ec(lk, lk, ks_ks);
des_ky(lk, l_key + 64);
lk[0] ^= key_blk[2] ^ 0x00000040;
lk[1] ^= key_blk[3];
des_ec(lk, lk, ks_ks);
des_ky(lk, l_key + 96);
lk[0] ^= key_blk[0] ^ 0x00000020;
lk[1] ^= key_blk[1];
des_ec(lk, lk, ks_ks);
des_ky(lk, l_key + 128);
lk[0] ^= key_blk[2] ^ 0x00000010;
lk[1] ^= key_blk[3];
des_ec(lk, lk, ks_ks);
des_ky(lk, l_key + 160);
break;
case 3:
lk[0] = key_blk[0];
lk[1] = key_blk[1];
des_ec(lk, lk, ks_ks);
des_ky(lk, l_key);
lk[0] ^= key_blk[2];
lk[1] ^= key_blk[3];
des_ec(lk, lk, ks_ks); des_ky(lk, l_key + 32);
lk[0] ^= key_blk[4];
lk[1] ^= key_blk[5];
des_ec(lk, lk, ks_ks); des_ky(lk, l_key + 64);
lk[0] ^= key_blk[0] ^ 0x00000080;
lk[1] ^= key_blk[1];
des_ec(lk, lk, ks_ks); des_ky(lk, l_key + 96);
lk[0] ^= key_blk[2] ^ 0x00000040;
lk[1] ^= key_blk[3];
des_ec(lk, lk, ks_ks); des_ky(lk, l_key + 128);
lk[0] ^= key_blk[4] ^ 0x00000020;
lk[1] ^= key_blk[5];
des_ec(lk, lk, ks_ks); des_ky(lk, l_key + 160);
break;
case 4:
lk[0] = key_blk[0];
lk[1] = key_blk[1];
des_ec(lk, lk, ks_ks); des_ky(lk, l_key);
lk[0] ^= key_blk[2];
lk[1] ^= key_blk[3];
des_ec(lk, lk, ks_ks); des_ky(lk, l_key + 32);
lk[0] ^= key_blk[4];
lk[1] ^= key_blk[5];
des_ec(lk, lk, ks_ks); des_ky(lk, l_key + 64);
lk[0] ^= key_blk[6];
lk[1] ^= key_blk[7];
des_ec(lk, lk, ks_ks); des_ky(lk, l_key + 96);
lk[0] ^= key_blk[0] ^ 0x00000080;
lk[1] ^= key_blk[1];
des_ec(lk, lk, ks_ks); des_ky(lk, l_key + 128);
lk[0] ^= key_blk[2] ^ 0x00000040;
lk[1] ^= key_blk[3];
des_ec(lk, lk, ks_ks); des_ky(lk, l_key + 160);
lk[0] ^= key_blk[4] ^ 0x00000020;
lk[1] ^= key_blk[5];
des_ec(lk, lk, ks_ks); des_ky(lk, l_key + 192);
lk[0] ^= key_blk[6] ^ 0x00000010;
lk[1] ^= key_blk[7];
des_ec(lk, lk, ks_ks); des_ky(lk, l_key + 224);
break;
}
return l_key;
};
/* encrypt a bloks_key of text */
void encrypt(const u4byte in_blk[4], u4byte out_blk[4])
{ u4byte a[2], b[2], c[2];
a[0] = in_blk[0]; a[1] = in_blk[1];
b[0] = in_blk[2]; b[1] = in_blk[3];
des_ec(a, c, l_key + 0); b[0] ^= c[0]; b[1] ^= c[1];
des_ec(b, c, l_key + 32); a[0] ^= c[0]; a[1] ^= c[1];
des_ec(a, c, l_key + 64); b[0] ^= c[0]; b[1] ^= c[1];
des_ec(b, c, l_key + 96); a[0] ^= c[0]; a[1] ^= c[1];
des_ec(a, c, l_key + 128); b[0] ^= c[0]; b[1] ^= c[1];
des_ec(b, c, l_key + 160); a[0] ^= c[0]; a[1] ^= c[1];
if(k_len == 4)
{
des_ec(a, c, l_key + 192); b[0] ^= c[0]; b[1] ^= c[1];
des_ec(b, c, l_key + 224); a[0] ^= c[0]; a[1] ^= c[1];
}
out_blk[0] = a[0]; out_blk[1] = a[1];
out_blk[2] = b[0]; out_blk[3] = b[1];
};
/* decrypt a bloks_key of text */
void decrypt(const u4byte in_blk[4], u4byte out_blk[4])
{ u4byte a[2], b[2], c[2];
a[0] = in_blk[0]; a[1] = in_blk[1];
b[0] = in_blk[2]; b[1] = in_blk[3];
if(k_len == 4)
{
des_ec(b, c, l_key + 224); a[0] ^= c[0]; a[1] ^= c[1];
des_ec(a, c, l_key + 192); b[0] ^= c[0]; b[1] ^= c[1];
}
des_ec(b, c, l_key + 160); a[0] ^= c[0]; a[1] ^= c[1];
des_ec(a, c, l_key + 128); b[0] ^= c[0]; b[1] ^= c[1];
des_ec(b, c, l_key + 96); a[0] ^= c[0]; a[1] ^= c[1];
des_ec(a, c, l_key + 64); b[0] ^= c[0]; b[1] ^= c[1];
des_ec(b, c, l_key + 32); a[0] ^= c[0]; a[1] ^= c[1];
des_ec(a, c, l_key + 0); b[0] ^= c[0]; b[1] ^= c[1];
out_blk[0] = a[0]; out_blk[1] = a[1];
out_blk[2] = b[0]; out_blk[3] = b[1];
};