[Hardware] The market of ASICs (One GigaKey / Second?)

Elektron elektron_rc5 at yahoo.ca
Sun Aug 8 23:43:31 EDT 2004


I'm sorry if this is a little spammy.

> Thanks, that's more like it !
> I will still have to go through the code to understand
> how it matches the algorithm... some of us (hard) are
> just not the programming type.
> The key question for me is, what is the interface? how
> does the program talk to the part that does the
> numerical computation.
> Also, before I jump and get wet with FIFOs and adders;
> which are the functional parts of the core? From what
> I understand there is a 'key table' generation step
> and a decrypting stage proper. Because in this project
> we're testing keys on only a few bytes, I suspect that
> the key table generation will be a significant portion
> of the computation.

Note that the ANSI code is highly unoptimised (even the 1-pipe) which 
makes it a bad starting point since you then have to figure out what 
can be easily optimised.

 From r72-ref.cpp:

   s32 rc5_72_unit_func_ansi_ref (RC5_72UnitWork *rc5_72unitwork, u32 
*iterations, void * /*memblk*/);

The interface calls rc5_72_unit_func_ansi_ref (or any other encryption 
function thing) with the work unit, the number of iterations, and a 
memory block, which doesn't seem to be used in most algorithms. The 
functions tries the next *iterations keys, and returns RESULT_NOTHING 
if it doesn't find anything, RESULT_FOUND if it finds a match (and 
returns how many keys were a negative result before the match). I don't 
know what happens if there are multiple matches in, say, a 4-pipe (or 
for that matter, a KKS7450)

   while (kiter--)
   {
// load the key
     L[2] = rc5_72unitwork->L0.hi;
     L[1] = rc5_72unitwork->L0.mid;
     L[0] = rc5_72unitwork->L0.lo;
//generate the s-boxes
     for (S[0] = P, i = 1; i < 26; i++)
       S[i] = S[i-1] + Q;
// play with the S-boxes
     for (A = B = i = j = k = 0;
          k < 3*26; k++, i = (i + 1) % 26, j = (j + 1) % 3)
     {
       A = S[i] = ROTL3(S[i]+(A+B));
       B = L[j] = ROTL(L[j]+(A+B),(A+B));
     }
// I think this is how it encrypts
     A = rc5_72unitwork->plain.lo + S[0];
     B = rc5_72unitwork->plain.hi + S[1];
     for (i=1; i<=12; i++)
     {
       A = ROTL(A^B,B)+S[2*i];
       B = ROTL(B^A,A)+S[2*i+1];
     }
// check ciphertext
     if (A == rc5_72unitwork->cypher.lo)
     {
       ++rc5_72unitwork->check.count;
       rc5_72unitwork->check.hi  = rc5_72unitwork->L0.hi;
       rc5_72unitwork->check.mid = rc5_72unitwork->L0.mid;
       rc5_72unitwork->check.lo  = rc5_72unitwork->L0.lo;
       if (B == rc5_72unitwork->cypher.hi)
       {
         *iterations -= (kiter + 1);
         return RESULT_FOUND;
       }
     }


- Purr



More information about the Hardware mailing list