Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use 4 AES rounds for program generation #46

Merged
merged 3 commits into from Jun 1, 2019

Conversation

Projects
None yet
2 participants
@tevador
Copy link
Owner

commented May 27, 2019

This improves the quality of the RNG without any measurable impact on performance.

Note: Scratchpad initialization still uses only 1 round for performance reasons.

state1 = aesenc<softAes>(state1, key0);
state2 = aesdec<softAes>(state2, key0);
state3 = aesenc<softAes>(state3, key0);

This comment has been minimized.

Copy link
@SChernykh

SChernykh May 27, 2019

state0 is encrypted with k0->k0->...->k0->k0->k1->k2->k3->k0->k1->... sequence
state1 is encrypted with k1->k1->...->k1->k0->k1->k2->k3->k0->k1->... sequence
state2 is encrypted with k2->k2->...->k2->k0->k1->k2->k3->k0->k1->... sequence
state3 is encrypted with k3->k3->...->k3->k0->k1->k2->k3->k0->k1->... sequence

It doesn't seem safe to me that k1 is used twice in "k1->k0->k1" sequence for example. I prefer to separate two uses of the same key when we start filling entropy. Maybe change key sequences so they don't all reset to k0 at the same iteration, i.e. do

	state0 = aesdec<softAes>(state0, key0);
	state1 = aesenc<softAes>(state1, key1);
	state2 = aesdec<softAes>(state2, key2);
	state3 = aesenc<softAes>(state3, key3);

	state0 = aesdec<softAes>(state0, key1);
	state1 = aesenc<softAes>(state1, key2);
	state2 = aesdec<softAes>(state2, key3);
	state3 = aesenc<softAes>(state3, key0);

and so on.

This comment has been minimized.

Copy link
@tevador

tevador May 27, 2019

Author Owner

OK, we can rotate the keys, but I don't think there is any difference in security. The 1-round generator always reuses the same key anyways.

Or we could generate a completely new set of 4 round keys for this generator.

This comment has been minimized.

Copy link
@tevador

tevador May 29, 2019

Author Owner

I changed AesGenerator4R to use a different set of round keys than AesGenerator1R.

Use a different set of round keys for AesGenerator4R
Redefined all AES constants using simpler rules

@tevador tevador merged commit f7c99c5 into master Jun 1, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.