mirror/gmsm
1
0
Fork 0
mirror of https://github.com/emmansun/gmsm.git synced 2025-05-10 19:16:18 +08:00
Code Issues Packages Projects Releases Wiki Activity
Page: SM3中的FF2和GG2函数
Pages
Armv8.2 SM3和SM4 Efficient Software Implementations of ZUC GCM for SM4 Golang ppc64x asm Reference Golang s390x asm Reference High‐Throughput Elliptic Curve Cryptography using AVX2 Vector Instructions High‐assurance field inversion for curve‐based cryptography Home Intel CPU supports SM3 SM4 PQC: ML‐DSA PQC: ML‐KEM PQC: SLH‐DSA SM2 WWMM (2) SM2 WWMM SM2加解密性能 SM2性能优化 SM2性能优化(续) SM3中的FF2和GG2函数 SM3性能优化 SM4 with AESENCLAST SM4 with GFNI SM4性能优化 SM9实现及优化 go crypto and BoringCrypto is my code constant time? sbox generation stealth addresses (隐身地址) 关于CTR模式 关于证书和TLS支持 实现Kyber所需的多项式和线性代数知识 实现ML‐DSA所需的多项式和线性代数知识 无进位乘法和GHASH 门限签名
Clone
29
SM3中的FF2和GG2函数
Sun Yimin edited this page 2023-09-26 16:02:31 +08:00
Unescape Escape
Table of Contents
This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

定义

FF2(X, Y, Z) = (X \land Y) \lor (X \land Z) \lor (Y \land Z)
GG2(X, Y, Z) = (X \land Y) \lor (\lnot X \land Z)

等价公式

FF2(X, Y, Z) = (X \land Y) \bigoplus (X \land Z) \bigoplus (Y \land Z)
GG2(X, Y, Z) = (X \land Y) \bigoplus (\lnot X \land Z) = (X \land Y) \bigoplus ((1 \bigoplus X) \land Z) = (X \land Y) \bigoplus (X \land Z) \bigoplus Z = (Y \bigoplus Z) \land X \bigoplus Z

GG2等价公式初次见于Intel® Integrated Performance Primitives Cryptography

应用

特别是GG2其等价公式相比原来的公式因其简单具有一点点性能优势不明显也可以省一个寄存器还有就是ANDN指令属于BMI1,有些老机器不支持。

原公式:

	MOVL     f, y3;                              \
	ANDL     e, y3;                              \ // y3 = e AND f
	ANDNL    g, e, y1;                           \ // y1 = NOT(e) AND g
	ORL      y3, y1;                             \ // y1 = (e AND f) OR (NOT(e) AND g)

等价公式:

	MOVL     f, y1;                              \
	XORL     g, y1;                              \
	ANDL     e, y1;                              \
	XORL     g, y1;                              \ // y1 = GG2(e, f, g)

验证

X Y Z (X \land Y) \lor (X \land Z) \lor (Y \land Z) (X \land Y) \bigoplus (X \land Z) \bigoplus (Y \land Z) (X \land Y) \lor (\lnot X \land Z) (Y \bigoplus Z) \land X \bigoplus Z
0 0 0 0 0 0 0
0 0 1 0 0 1 1
0 1 0 0 0 0 0
0 1 1 1 1 1 1
1 0 0 0 0 0 0
1 0 1 1 1 0 0
1 1 0 1 1 1 1
1 1 1 1 1 1 1

证明

Ask help https://math.stackexchange.com/questions/4775054/how-to-prove-below-two-logic-formulas
GG2(X,Y,Z)
= (X \land Y) \bigoplus (\lnot X \land Z)
= (\lnot (X \land Y) \land (\lnot X \land Z)) \lor ((X \land Y) \land (\lnot (\lnot X \land Z)))
= ((\lnot X \lor \lnot Y) \land (\lnot X \land Z)) \lor ((X \land Y) \land (X \lor \lnot Z))
= (\lnot X \land Z) \lor (\lnot X \land \lnot Y \land Z) \lor (X \land Y) \lor (X \land Y \land \lnot Z)
= ((\lnot X \land Z) \lor (\lnot X \land Z \land \lnot Y)) \lor ((X \land Y) \lor (X \land Y \land \lnot Z))
= ((X \land Y) \land (1 \lor \lnot Z)) \lor ((\lnot X \land Z) \land (1 \lor \lnot Y))
= (X \land Y) \lor (\lnot X \land Z)

FF2(X, Y, Z) = (X \land Y) \bigoplus (X \land Z) \bigoplus (Y \land Z)
(X \land Y) \bigoplus (X \land Z)
= X \land (Y \bigoplus Z)
= X \land ((Y \land \lnot Z) \lor (\lnot Y \land Z))
= (X \land Y \land \lnot Z) \lor (X \land Z \land \lnot Y)

(X \land Y) \bigoplus (X \land Z) \bigoplus (Y \land Z)
= (\lnot((X \land Y \land \lnot Z) \lor (X \land Z \land \lnot Y)) \land (Y \land Z)) \lor (((X \land Y \land \lnot Z) \lor (X \land Z \land \lnot Y)) \land (\lnot Y \lor \lnot Z))

\lnot((X \land Y \land \lnot Z) \lor (X \land Z \land \lnot Y)) \land (Y \land Z)
= \lnot(X \land Y \land \lnot Z) \land \lnot(X \land Z \land \lnot Y) \land (Y \land Z)
= (\lnot X \lor \lnot Y \lor Z) \land (\lnot X \lor \lnot Z \lor Y) \land (Y \land Z)
= (\lnot X \lor (\lnot X \land \lnot Z) \lor (\lnot X \land Y) \lor (\lnot X \land \lnot Y) \lor (\lnot Z \land \lnot Y) \lor (Z \land \lnot X) \lor (Z \land Y)) \land (Y \land Z)
= $(\lnot X \lor (\lnot X \land \lnot Z) \lor (Z \land \lnot X) \lor (\lnot X \land Y) \lor (\lnot X \land \lnot Y) \lor (\lnot Z \land \lnot Y) \lor (Z \land Y)) \land (Y \land Z) $
= (\lnot X \lor ((\lnot X \land \lnot Z) \lor (Z \land \lnot X)) \lor ((\lnot X \land Y) \lor (\lnot X \land \lnot Y)) \lor (\lnot Z \land \lnot Y) \lor (Z \land Y)) \land (Y \land Z)
= (\lnot X \lor (\lnot Z \land \lnot Y) \lor (Z \land Y)) \land (Y \land Z)
= (Y \land Z)

((X \land Y \land \lnot Z) \lor (X \land Z \land \lnot Y)) \land (\lnot Y \lor \lnot Z)
= (X \land Y \land \lnot Z) \lor (X \land Z \land \lnot Y)

(X \land Y \land \lnot Z) \lor (X \land Z \land \lnot Y) \lor (Y \land Z)
= (X \land Y \land \lnot Z) \lor (X \land Z \land \lnot Y) \lor (Y \land Z) \lor (X \land Y \land Z) \lor (X \land Y \land Z)
= (X \land Y \land \lnot Z) \lor (X \land Y \land Z) \lor (X \land Z \land \lnot Y) \lor (X \land Y \land Z) \lor (Y \land Z)
= (X \land Y) \lor (X \land Z) \lor (Y \land Z)

相关知识: