44 lines
1.2 KiB
Plaintext
44 lines
1.2 KiB
Plaintext
module AsconCipher where
|
|
|
|
import Ascon
|
|
|
|
// 4. Authenticated Encryption Schema: Ascon-AEAD128
|
|
|
|
Ascon_AEAD128 : {a, p} (fin a, fin p) => [128] -> [128] -> [a] -> [p] -> [p + 128]
|
|
Ascon_AEAD128 (Khi_ # Klo_) (Nhi_ # Nlo_) A P = C # reverse T
|
|
where
|
|
Khi = reverse Khi_
|
|
Klo = reverse Klo_
|
|
Nhi = reverse Nhi_
|
|
Nlo = reverse Nlo_
|
|
|
|
S0 = Ascon_p`{12} [Ascon_AEAD128_IV, Khi, Klo, Nhi, Nlo]
|
|
^ [0, 0, 0, Khi, Klo]
|
|
|
|
SA = AddAD S0 A
|
|
|
|
SCs = zipWith XorBlock (take ([SA] # map Ascon_p`{8} SCs)) (toBlocks P)
|
|
|
|
C = take (join [reverse s0 # reverse s1 | [s0, s1, _, _, _] <- SCs])
|
|
|
|
ST = Ascon_p`{12} (last SCs ^ [0, 0, Khi, Klo, 0])
|
|
T = ST@(4:[3]) # ST@(3:[3])
|
|
^ Klo # Khi
|
|
|
|
AddAD : {a} (fin a) => State -> [a] -> State
|
|
AddAD S A
|
|
| a == 0 => DomainSep S
|
|
| a > 0 => DomainSep (foldl AbsorbBlock S (toBlocks A))
|
|
|
|
XorBlock : State -> [128] -> State
|
|
XorBlock [s0, s1, s2, s3, s4] (x0 # x1) = [s0 ^ reverse x0, s1 ^ reverse x1, s2, s3, s4]
|
|
|
|
AbsorbBlock : State -> [128] -> State
|
|
AbsorbBlock S X = Ascon_p`{8} (XorBlock S X)
|
|
|
|
DomainSep : State -> State
|
|
DomainSep [s0, s1, s2, s3, s4] = [s0, s1, s2, s3, s4 ^ 0b1 # 0]
|
|
|
|
Ascon_AEAD128_IV : [64]
|
|
Ascon_AEAD128_IV = 0x00001000808c0001
|