diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2022-10-12 23:11:38 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2022-10-12 23:11:38 +0700 |
| commit | 6850fa9083d5d51b3e2ae35a021962148b8f9878 (patch) | |
| tree | d123f47ad8c1646caa33f3a285d44ff1b7d4b60c | |
| parent | Refactoring SphincsPlus (performance) (diff) | |
| download | BouncyCastle.NET-ed25519-6850fa9083d5d51b3e2ae35a021962148b8f9878.tar.xz | |
Skip redundant cipher init in Frodo-AES
| -rw-r--r-- | crypto/src/pqc/crypto/frodo/FrodoMatrixGenerator.cs | 30 | ||||
| -rw-r--r-- | crypto/test/src/pqc/crypto/test/FrodoVectorTest.cs | 81 |
2 files changed, 35 insertions, 76 deletions
diff --git a/crypto/src/pqc/crypto/frodo/FrodoMatrixGenerator.cs b/crypto/src/pqc/crypto/frodo/FrodoMatrixGenerator.cs index 468e00fbd..ce985c9ab 100644 --- a/crypto/src/pqc/crypto/frodo/FrodoMatrixGenerator.cs +++ b/crypto/src/pqc/crypto/frodo/FrodoMatrixGenerator.cs @@ -1,9 +1,7 @@ - - using System; + using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.Digests; -using Org.BouncyCastle.Crypto.Engines; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Crypto.Utilities; using Org.BouncyCastle.Utilities; @@ -62,17 +60,19 @@ namespace Org.BouncyCastle.Pqc.Crypto.Frodo internal class Aes128MatrixGenerator : FrodoMatrixGenerator { - BufferedBlockCipher cipher; + private readonly IBlockCipher m_cipher; public Aes128MatrixGenerator(int n, int q) : base(n, q) { - cipher = new BufferedBlockCipher(AesUtilities.CreateEngine()); - + m_cipher = AesUtilities.CreateEngine(); } internal override short[] GenMatrix(byte[] seedA) { + KeyParameter kp = new KeyParameter(seedA); + m_cipher.Init(true, kp); + // """Generate matrix A using AES-128 (FrodoKEM specification, Algorithm 7)""" // A = [[None for j in range(self.n)] for i in range(self.n)] short[] A = new short[n * n]; @@ -96,7 +96,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Frodo // struct.pack_into('<H', b, 0, i) // struct.pack_into('<H', b, 2, j) // 4. c = AES128(seedA, b) - Aes128(c, seedA, b); + m_cipher.ProcessBlock(b, 0, c, 0); // 5. for k = 0; k < 8; k += 1 for (int k = 0; k < 8; k++) { @@ -108,22 +108,6 @@ namespace Org.BouncyCastle.Pqc.Crypto.Frodo return A; } - - void Aes128(byte[] output, byte[] keyBytes, byte[] msg) - { - try - { - KeyParameter kp = new KeyParameter(keyBytes); - cipher.Init(true, kp); - int len = cipher.ProcessBytes(msg, 0, msg.Length, output, 0); - cipher.DoFinal(output, len); - } - catch (InvalidCipherTextException e) - { - throw new Exception(e.ToString(), e); - } - - } } } } \ No newline at end of file diff --git a/crypto/test/src/pqc/crypto/test/FrodoVectorTest.cs b/crypto/test/src/pqc/crypto/test/FrodoVectorTest.cs index 311a5cd3a..1c8c768d2 100644 --- a/crypto/test/src/pqc/crypto/test/FrodoVectorTest.cs +++ b/crypto/test/src/pqc/crypto/test/FrodoVectorTest.cs @@ -18,14 +18,13 @@ namespace Org.BouncyCastle.Pqc.Crypto.Tests [Test] public void TestParameters() { - FrodoParameters[] parameters = { - FrodoParameters.frodokem19888r3, - FrodoParameters.frodokem19888shaker3, - FrodoParameters.frodokem31296r3, - FrodoParameters.frodokem31296shaker3, - FrodoParameters.frodokem43088r3, - FrodoParameters.frodokem43088shaker3 + FrodoParameters.frodokem19888r3, + FrodoParameters.frodokem19888shaker3, + FrodoParameters.frodokem31296r3, + FrodoParameters.frodokem31296shaker3, + FrodoParameters.frodokem43088r3, + FrodoParameters.frodokem43088shaker3 }; Assert.AreEqual(128, FrodoParameters.frodokem19888r3.DefaultKeySize); @@ -39,43 +38,24 @@ namespace Org.BouncyCastle.Pqc.Crypto.Tests [Test] public void TestVectors() { - // bool full = System.getProperty("test.full", "false").equals("true"); - bool full = false; + string[] files = { + "PQCkemKAT_19888.rsp", + "PQCkemKAT_31296.rsp", + "PQCkemKAT_43088.rsp", + "PQCkemKAT_19888_shake.rsp", + "PQCkemKAT_31296_shake.rsp", + "PQCkemKAT_43088_shake.rsp" + }; + + FrodoParameters[] parameters = { + FrodoParameters.frodokem19888r3, + FrodoParameters.frodokem31296r3, + FrodoParameters.frodokem43088r3, + FrodoParameters.frodokem19888shaker3, + FrodoParameters.frodokem31296shaker3, + FrodoParameters.frodokem43088shaker3 + }; - string[] files; - FrodoParameters[] parameters; - if (full) - { - files = new []{ - "PQCkemKAT_19888.rsp", - "PQCkemKAT_31296.rsp", - "PQCkemKAT_43088.rsp", - "PQCkemKAT_19888_shake.rsp", - "PQCkemKAT_31296_shake.rsp", - "PQCkemKAT_43088_shake.rsp" - }; - - parameters = new []{ - FrodoParameters.frodokem19888r3, - FrodoParameters.frodokem31296r3, - FrodoParameters.frodokem43088r3, - FrodoParameters.frodokem19888shaker3, - FrodoParameters.frodokem31296shaker3, - FrodoParameters.frodokem43088shaker3 - }; - } - else - { - files = new[]{ - "PQCkemKAT_19888.rsp", - "PQCkemKAT_19888_shake.rsp", - }; - - parameters = new[]{ - FrodoParameters.frodokem19888r3, - FrodoParameters.frodokem19888shaker3, - }; - } TestSampler sampler = new TestSampler(); for (int fileIndex = 0; fileIndex != files.Length; fileIndex++) { @@ -96,17 +76,12 @@ namespace Org.BouncyCastle.Pqc.Crypto.Tests } if (line.Length == 0) { - if (buf.Count > 0 && !sampler.SkipTest(buf["count"])) + if (buf.Count > 0) { - String count = buf["count"]; - if (!"0".Equals(count)) - { - // randomly skip tests after zero. - // if (rnd.nextBoolean()) - // { - // continue; - // } - } + string count = buf["count"]; + if (sampler.SkipTest(count)) + continue; + Console.Write($"test case: {count}"); byte[] seed = Hex.Decode(buf["seed"]); // seed for nist secure random |