Added Serpent

[Slals]

Serpent1 first implementation. Some work to do for optimization.

Bitslicing implemented.
No benchmark.

Tested on 128bits, 192bits and 256bits key official vectors.

There is one panic in the code (in round and round_inverse), should it returns an Err instead?

EDIT : Bitslicing is now implemented. No more panic in the code.

[imclint21]

Awesome, it will be really useful for Lucid!

[tarcieri]

Bitslicing not implemented.

I'd be wary of merging this until that's implemented as generally all implementations we currently provide at least attempt to be constant-time.

Curious what @newpavlov thinks.

[Slals]

Hello @newpavlov @tarcieri

I'm currently implementing bitslicing (this code includes bitslicing in key schedule already).

I have a question about it though, do we let users to choose to be in bitslice mode?

[tarcieri]

IMO it should always use the bitsliced version to ensure consant time(ish) operation

[imclint21]

When it will be merged? I'll need it in the next week! 🎉

Thanks

[tarcieri]

I'll try to review it this weekend. I'm not terribly familiar with Serpent for anything other than its historical place in the AES competition, but I'm wary to merge any cipher implementations that haven't been thoroughly reviewed.

Hopefully @newpavlov can take a look as well, and we'll need him to release the serpent crate for use.

@clintnetwork in the meantime can you use a git dependency?

[imclint21]

Oh very nice! Don't worry @tarcieri do as you can :)

[imclint21]

Hey @tarcieri, any news about Serpent? 🐍

[Slals]

@newpavlov Sorry to bother you, you might be needed for this : Serpent Implementation.

Are you guys busy? How can I help you in order to make it merge?

[tarcieri]

I'm flying home from the RealWorldCrypto conference today, and @newpavlov is working on his PhD defense, so yes we're both busy.

I should hopefully have some time this weekend to review (I know that's what I said over a month ago, mea culpa), but I'm not familiar with Serpent internals so I would need to study up first.

If you're looking for something to do in the interim to improve confidence in the implementation, you could use e.g. proptest or quickcheck to compare it against a well-known reference implementation.

You could also run cargo rustc --release -- --emit asm (or put the code in Godbolt with -C opt-level=3) and inspect the generated assembly for branch instructions.

[imclint21]

Hi @tarcieri, I think it's time to merge!

@Slals All works fine? I tried but I've some issues.

[tarcieri]

Alright, I did a few passes on it and I don't see anything obviously wrong with it, so I can go ahead and merge.

Would appreciate if @newpavlov can do a second pass. He's also the only one with access to publish the crate.

[tarcieri]

I just released serpent v0.0.1: #75

[imclint21]

Thank you!