# Speck

## 预备代码

In [2]:
import numpy as np
from os import urandom
import speck as sp
from math import sqrt, log, log2

In [12]:
# def WORD_SIZE():
#     return 16

def convert_to_binary(arr):
    X = np.zeros((4 * WORD_SIZE(), len(arr[0])), dtype=np.uint8)
    # zeros(shape, dtype=float, order='C')
    for i in range(4 * WORD_SIZE()):
        index = i // WORD_SIZE()
        offset = WORD_SIZE() - (i % WORD_SIZE()) - 1
        X[i] = (arr[index] >> offset) & 1
    # 对于二维ndarray，transpose在不指定参数是默认是矩阵转置
    X = X.transpose()
    return (X)


### gen_plain(n)

In [13]:
def gen_plain(n):
    """
    生成n个明文对(pt0, pt1)，pt0/1是存储明文对的左/右半部分的16位，
    @para:  n - 明文对个数
    """
    pt0 = np.frombuffer(urandom(2*n), dtype=np.uint16)
    pt1 = np.frombuffer(urandom(2*n), dtype=np.uint16)
    return (pt0, pt1)

In [26]:
# 生成n个16位的明文对
n = 5
gen_plain(n)

(array([13718, 57013, 45561, 48155, 15107], dtype=uint16),
 array([58777, 28943, 28650, 57805, 41749], dtype=uint16))

### make_structure(pt0, pt1, diff=(0x211, 0xa04), neutral_bits=[]):

In [15]:
def make_structure(pt0, pt1, diff=(0x211, 0xa04), neutral_bits=[20, 21, 22, 14, 15]):
    """生成明文结构
    @para:  (pt0,pt1) - 明文对
    @example: 
        pt0, pt1 = gen_plain(n)
        pt0a, pt1a, pt0b, pt1b = make_structure(pt0, pt1, diff=diff, neutral_bits=neutral_bits)
    """
    p0 = np.copy(pt0)
    p1 = np.copy(pt1)
    # 拉成一列
    p0 = p0.reshape(-1, 1)
    p1 = p1.reshape(-1, 1)

    # i 需要区分大于16和小于16的情况
    # 如果i在左边，i>15,那么左移16位，d0就挪到左边的p0对应的下标，d&0xffff全部为0，d1异或不影响
    # 如果i在右边，i<15,那么左移16位，d0就为0，异或无影响，d&111...11,保留右边的p1对应下标
    for i in neutral_bits:
        d = 1 << i
        d0 = d >> 16
        d1 = d & 0xffff
        p0 = np.concatenate([p0, p0 ^ d0], axis=1)
        p1 = np.concatenate([p1, p1 ^ d1], axis=1)
    p0b = p0 ^ diff[0]
    p1b = p1 ^ diff[1]
    # (x, y, x', y')
    return (p0, p1, p0b, p1b)

In [38]:
def test_make_structure(pt0, pt1, diff=(0x211, 0xa04), neutral_bits=[20, 21, 22, 14, 15]):
    """生成明文结构
    @para:  (pt0,pt1) - 明文对
    @example: 
        pt0, pt1 = gen_plain(n)
        pt0a, pt1a, pt0b, pt1b = make_structure(pt0, pt1, diff=diff, neutral_bits=neutral_bits)
    """
    p0 = np.copy(pt0)
    p1 = np.copy(pt1)
    print("====>p0,p1\n",p0,p1)
    # 拉成一列
    p0 = p0.reshape(-1, 1)
    p1 = p1.reshape(-1, 1)
    print("====>p0,p1\n",p0,"\n",p1)
    # i 需要区分大于16和小于16的情况
    # 如果i在左边，i>15,那么左移16位，d0就挪到左边的p0对应的下标，d&0xffff全部为0，d1异或不影响
    # 如果i在右边，i<15,那么左移16位，d0就为0，异或无影响，d&111...11,保留右边的p1对应下标
    for i in neutral_bits:
        d = 1 << i
        d0 = d >> 16
        d1 = d & 0xffff
        p0 = np.concatenate([p0, p0 ^ d0], axis=1)
        p1 = np.concatenate([p1, p1 ^ d1], axis=1)
    print("====>p0,p1\n",p0,"\n",p1)
    p0b = p0 ^ diff[0]
    p1b = p1 ^ diff[1]
    print("====>p0b,p1b\n",p0b,"\n",p1b)
    # (x, y, x', y')
    return (p0, p1, p0b, p1b)

In [44]:
test_make_structure_x ,test_make_structure_y = gen_plain(5)
test_make_structure_x ,test_make_structure_y

(array([24751, 65224, 11304, 57696, 57673], dtype=uint16),
 array([  494,  3954, 41156, 51129, 44665], dtype=uint16))

In [45]:
test_make_structure(test_make_structure_x ,test_make_structure_y, diff=(0x211, 0xa04), neutral_bits=[1,15])

====>p0,p1
 [24751 65224 11304 57696 57673] [  494  3954 41156 51129 44665]
====>p0,p1
 [[24751]
 [65224]
 [11304]
 [57696]
 [57673]] 
 [[  494]
 [ 3954]
 [41156]
 [51129]
 [44665]]
====>p0,p1
 [[24751 24751 24751 24751]
 [65224 65224 65224 65224]
 [11304 11304 11304 11304]
 [57696 57696 57696 57696]
 [57673 57673 57673 57673]] 
 [[  494   492 33262 33260]
 [ 3954  3952 36722 36720]
 [41156 41158  8388  8390]
 [51129 51131 18361 18363]
 [44665 44667 11897 11899]]
====>p0b,p1b
 [[25278 25278 25278 25278]
 [64729 64729 64729 64729]
 [11833 11833 11833 11833]
 [58225 58225 58225 58225]
 [58200 58200 58200 58200]] 
 [[ 3050  3048 35818 35816]
 [ 1398  1396 34166 34164]
 [43712 43714 10944 10946]
 [52669 52671 19901 19903]
 [42109 42111  9341  9343]]


(array([[24751, 24751, 24751, 24751],
        [65224, 65224, 65224, 65224],
        [11304, 11304, 11304, 11304],
        [57696, 57696, 57696, 57696],
        [57673, 57673, 57673, 57673]], dtype=uint16),
 array([[  494,   492, 33262, 33260],
        [ 3954,  3952, 36722, 36720],
        [41156, 41158,  8388,  8390],
        [51129, 51131, 18361, 18363],
        [44665, 44667, 11897, 11899]], dtype=uint16),
 array([[25278, 25278, 25278, 25278],
        [64729, 64729, 64729, 64729],
        [11833, 11833, 11833, 11833],
        [58225, 58225, 58225, 58225],
        [58200, 58200, 58200, 58200]], dtype=uint16),
 array([[ 3050,  3048, 35818, 35816],
        [ 1398,  1396, 34166, 34164],
        [43712, 43714, 10944, 10946],
        [52669, 52671, 19901, 19903],
        [42109, 42111,  9341,  9343]], dtype=uint16))

In [24]:
pt0, pt1 = gen_plain(3)
pt0,pt1

(array([61708, 38737, 34253], dtype=uint16),
 array([61732, 22460, 14909], dtype=uint16))

In [28]:
# make_structure(pt0, pt1, diff=(0x211, 0xa04), neutral_bits=[20, 21, 22, 14, 15])
make_structure(pt0, pt1, diff=(0x211, 0xa04), neutral_bits=[20, 21])

(array([[61708, 61724, 61740, 61756],
        [38737, 38721, 38769, 38753],
        [34253, 34269, 34285, 34301]], dtype=uint16),
 array([[61732, 61732, 61732, 61732],
        [22460, 22460, 22460, 22460],
        [14909, 14909, 14909, 14909]], dtype=uint16),
 array([[62237, 62221, 62269, 62253],
        [38208, 38224, 38240, 38256],
        [34780, 34764, 34812, 34796]], dtype=uint16),
 array([[64288, 64288, 64288, 64288],
        [23992, 23992, 23992, 23992],
        [12345, 12345, 12345, 12345]], dtype=uint16))

### make_train_data(n, nr, diff=(0x0040,0))

In [17]:
#baseline training data generator   
def make_train_data(n, nr, diff=(0x0040, 0)):
    """
    生成训练数据, 返回(X,Y), 16位的二进制([ctdata0l, ctdata0r, ctdata1l, ctdata1r])
    @para:  n   - 生成的数据数量
            nr  - 加密轮数
    """
    Y = np.frombuffer(urandom(n), dtype=np.uint8)
    # numpy.frombuffer 用于实现动态数组。接受 buffer 输入参数，以流的形式读入转化成 ndarray 对象。
    # numpy.frombuffer(buffer, dtype = float[返回数组的数据类型], count = -1, offset = 0)
    # urandom(n),返回大小为 n 的字节串，它是适合加密使用的随机字节。
    Y = Y & 1  # 取最后一位，Y变成长为n的0，1的numpy.ndarray

    # 随机生成主密钥，满足固定差分diff的明文对（plain0，plain1）
    keys = np.frombuffer(urandom(8*n), dtype=np.uint16).reshape(4, -1)
    plain0l = np.frombuffer(urandom(2*n), dtype=np.uint16)
    plain0r = np.frombuffer(urandom(2*n), dtype=np.uint16)
    plain1l = plain0l ^ diff[0]
    plain1r = plain0r ^ diff[1]

    num_rand_samples = np.sum(Y == 0)
    # 如果Y=0，就用新生成的随机明文代替Plain1（第二个明文）
    plain1l[Y == 0] = np.frombuffer(
        urandom(2*num_rand_samples), dtype=np.uint16)
    plain1r[Y == 0] = np.frombuffer(
        urandom(2*num_rand_samples), dtype=np.uint16)

    ks = expand_key(keys, nr)   # 生成nr个字密钥
    # 然后对所有的明文对进行nr轮加密
    ctdata0l, ctdata0r = encrypt((plain0l, plain0r), ks)
    ctdata1l, ctdata1r = encrypt((plain1l, plain1r), ks)
    X = convert_to_binary([ctdata0l, ctdata0r, ctdata1l, ctdata1r])
    return (X, Y)


In [46]:
X,Y = make_structure(5,3)
X,Y

ValueError: too many values to unpack (expected 2)