This repository contains the code for creating the MILP model to count the number of active SBoxes in each round of Keccak-p with block size of 400 bits. The constraints are created by mostly following the method proposed by Mouha et. al. and its S-bP extension proposed by Sun et. al.
The "experiment" are the additional constraints on the XOR operation which help increase the accuracy of the predictions but seem to come at a cost. More on this later...
mew.py spits out a .lp file, which I fed into the Gurobi Optimizer to get the values of the optimized objective.
keccak.py is my implementation of Keccak which is in no way optimized for anything. I basically used it to check the validity of the results I was getting.
The table below shows the results visualised for 1 Round of Keccak-p[400]
| x values | y values | z values |
|---|---|---|
|
|
|
python mew.py --r [no. of rounds] > rounds.lpThis will output a file in the LP Format which can be used as input to a suitable solver. I used Gurobi.
$ gurobi_cl ResultFile='<resultfile.sol>' <modelfile.lp>
I can see why this is not of much consequence🤦
r |
Best Objective |
milp_model_1 |
milp_model_2 |
|---|---|---|---|
1 |
1 |
8.33s (c) |
7.21s (c) |
2 |
4 |
250.4s (in) |
137.94s (c) |
3 |
10 |
1121.38s (in) |
|
4 |
102 |
940s (in) |
completed(c), incomplete(in) ▲ The incomplete(in) times are Gurobi run-times
For
model_1apart from ther=1run, all other runs were interrupted runs. Looking for some serious computing power 🚀
- Results from
milp_model_2_gen.pyare wayyy faster thanmilp_model_1_gen.pyas some constraints have been optimized. model_3performance is not upto expectations