Skip to content

Latest commit

 

History

History

without-decomposition

README.md

Distribution of Boolean Monomials (No Decomposition)

  • no-decomposition.py: Code to generate sharing of monomials based threshold for a given SBox.

    Options/Parameters:

    • target_sbx (at or near line 301, default: 3-bit SBox 03214756): in sage.crypto.sbox.SBox format. It is tested for up to some 5-bit SBox, though it should be able to run larger SBox.
    • ti_order (at or near line 303, default: 1) Positive integer to indicate the number of shares (which is calculated as the algebraic degree $+$ ti_order).
    • logfile (at or near line 305, default: "wo_decomp_log.txt" in "a+" mode): File used for logging.
    • shuffle_y (at or near line 307, default: True): Whether or not to shuffle the sequence of $y_{\cdot,j}$ variables when its RHS is assigned with the monomials.
    • shuffle_rhs (at or near line 307, default: True): Whether or not ordering of the collection of the monomials yet to be assigned is shuffled.
    • uniformity_enforced (at or near line 307, default: False): Whether uniformity is enforced; if True and fails the first time then the next iteration will internally set shuffle_y = True, shuffle_rhs = True and shuffle_conflict_X = True.
    • uniformity_immediate_abort (at or near line 307, default: True): To check if uniformity is satisfied for each row and abort checking immediately if one is dissatisfied, ignored if uniformity_enforced is set to False.
    • shuffle_conflict_X (at or near line 307, default: False): Whether or not to Shuffle of $x_{\cdot,j}$ varbiles which will be absent in the RHS of $y_{\cdot,j}$.

  • uniformity-table-generator.py: Code to generate Table 1(a) of the paper (which shows that the uniformity condition is dissatisfied for $y=x_0x_1$ with respect to the given sharing in Example 3).

  • sample_wo_decomp_log.txt: Sample log file generated by no-decomposition.py for the default 3-bit SBox 03214756 (slightly outdated as the number of monomials is not printed).

  • default-ls.txt: An example with DEFAULT-LS SBox (037ED4A9CF18B265) for threshold order 1 (the SBox being quadratic, it means that the number of shares = 3). Each $y_{\cdot,j}$ variable is missing $x_{\cdot, j}$ for $j=0,1,2$; thereby satisfying the non-completeness condition.