【发布时间】:2017-11-19 12:41:06
【问题描述】:
我在 Matlab 中实现 128 位 AES 加密算法,我在 C 中基于函数代码实现此代码,最大的问题是在 C 代码中所有变量都定义为 unsigned char 使其更容易为了进行操作,在 MatLab 中,我将所有变量声明为 uint8(未指定整数 8 位),部分加密几乎准备就绪,但是我遇到了一个问题,我正在运行代码并意识到某些值从矢量S-Box,调试代码我发现了问题,有一刻没有代码下面的一个字母返回值255:
for i = 1 : 16
stateU(i)= sboxU(bitxor(stateU(i),keyU(i))+1);
end
这个函数负责通过S-box的对应值来改变裸数据的值,在C中同样的函数用来做这个改变,但是C中的向量从索引0开始到255,在matlab中,向量从索引1开始并上升到256,这就是问题所在,当我的函数返回255时,由于从C到MatLab的索引差异,索引值总是加1,但是所有的变量是怎么定义的 8位大小的,不能把256的值存入变量中,所以代码存了255,导致变量的值不对。
预期的输出应该是(这是 C 中代码的正确输出,在 for 循环的第二次迭代后,范围为 1-16):
State[0] before shift: 207
State[1] before shift: 0
State[2] before shift: 152
State[3] before shift: 115
State[4] before shift: 237
State[5] before shift: 77
State[6] before shift: 148
State[7] before shift: 123
State[8] before shift: 22
State[9] before shift: 182
State[10] before shift: 122
State[11] before shift: 190
State[12] before shift: 130
State[13] before shift: 198
State[14] before shift: 29
State[15] before shift: 155
注意位置[8]是22,这个值是通过状态变量与变量键的位异或得到的,正如本文开头所说,在C中变量被定义为无符号char, 所以 , 值的大小没有问题。在 Matlab 中,我有以下输出:
State[0] before shift: 207
State[1] before shift: 0
State[2] before shift: 152
State[3] before shift: 115
State[4] before shift: 237
State[5] before shift: 77
State[6] before shift: 148
State[7] before shift: 123
State[8] before shift: 187
State[9] before shift: 182
State[10] before shift: 122
State[11] before shift: 190
State[12] before shift: 130
State[13] before shift: 198
State[14] before shift: 29
State[15] before shift: 155
注意MatLab中vector的位置[8]有不同的值,由于MatLab中定义了变量的类型为uint8,所以最多只能存储255的值,理论上应该取值S盒的第256位,但由于类型是uint8,它至少取一个位置的值(255 - 1111 1111),最多可以存储8位。
下面是分析的两个代码。
Galois_mul2 函数:
function galois_value = galois_mul2( value )
value = uint8(value);
temp = typecast(value, 'int8');
temp = bitshift(temp,-7);
hex = int8(hex2dec('1B'));
temp = bitand(temp,hex);
temp2 = typecast(bitshift(value,1),'int8');
galois_value = typecast(bitxor(temp2,temp),'uint8');
end
主要代码:
%Key
key = {'00','01','02','03','04','05','06','07','08','09','0a','0b','0c','0d','0e','0f'};
for n = 1 : 16
keyU(n)=uint8(hex2dec(key(n)));
end
%State
state = {'00','11','22','33','44','55','66','77','88','99','aa','bb','cc','dd','ee','ff'};
for n = 1 : 16
stateU(n)=uint8(hex2dec(state(n)));
end
%Sbox
sbox = {'63','7c','77','7b','f2','6b','6f','c5','30','01','67','2b','fe','d7','ab','76','ca','82','c9','7d','fa','59','47','f0','ad','d4','a2','af','9c','a4','72','c0','b7','fd','93','26','36','3f','f7','cc','34','a5','e5','f1','71','d8','31','15','04','c7','23','c3','18','96','05','9a','07','12','80','e2','eb','27','b2','75','09','83','2c','1a','1b','6e','5a','a0','52','3b','d6','b3','29','e3','2f','84','53','d1','00','ed','20','fc','b1','5b','6a','cb','be','39','4a','4c','58','cf','d0','ef','aa','fb','43','4d','33','85','45','f9','02','7f','50','3c','9f','a8','51','a3','40','8f','92','9d','38','f5','bc','b6','da','21','10','ff','f3','d2','cd','0c','13','ec','5f','97','44','17','c4','a7','7e','3d','64','5d','19','73','60','81','4f','dc','22','2a','90','88','46','ee','b8','14','de','5e','0b','db','e0','32','3a','0a','49','06','24','5c','c2','d3','ac','62','91','95','e4','79','e7','c8','37','6d','8d','d5','4e','a9','6c','56','f4','ea','65','7a','ae','08','ba','78','25','2e','1c','a6','b4','c6','e8','dd','74','1f','4b','bd','8b','8a','70','3e','b5','66','48','03','f6','0e','61','35','57','b9','86','c1','1d','9e','e1','f8','98','11','69','d9','8e','94','9b','1e','87','e9','ce','55','28','df','8c','a1','89','0d','bf','e6','42','68','41','99','2d','0f','b0','54','bb','16'};
for n = 1 : 256
sboxU(n)=uint8(hex2dec(sbox(n)));
end
%Rcon
rcon = {'01','02','04','08','10','20','40','80','1b','36'};
for n = 1 : 10
rconU(n)=uint8(hex2dec(rcon(n)));
end
%Main AES Data Loop
for round = 1 : 10
%Add key + sbox
for i = 1 : 16
stateU(i)= sboxU(bitxor(stateU(i),keyU(i))+1);
end
%Shift Rows
buf1 = stateU(2);
stateU(2) = stateU(6);
stateU(6) = stateU(10);
stateU(10) = stateU(14);
stateU(14) = buf1;
buf1 = stateU(3);
buf2 = stateU(7);
stateU(3) = stateU(11);
stateU(7) = stateU(15);
stateU(11) = buf1;
stateU(15) = buf2;
buf1 = stateU(16);
stateU(16) = stateU(12);
stateU(12) = stateU(8);
stateU(8) = stateU(4);
stateU(4) = buf1;
%Process mixcolumn for all rounds but the last one
if round < 10
for j = 0 : 3
%Compute the current index
buf4 = (bitshift(j,2));
%buf1
aux1 = bitxor(stateU(buf4+1),stateU(buf4+2));
aux2 = bitxor(stateU(buf4+3),stateU(buf4+4));
buf1 = bitxor(aux1,aux2);
%buf2
buf2 = stateU(buf4+1);
%buf3
buf3 = bitxor(stateU(buf4+1),stateU(buf4+2));
buf3 = galois_mul2(buf3);
%%%%%%%%%%%%%%%%%%%
aux = bitxor(stateU(buf4+1),buf3);
stateU(buf4+1) = bitxor (aux,buf1);
end
end
end
值得注意的是,当我发现错误时,我在 for 循环的第二次迭代中停止了调试,也就是说,出现的正确输出是 for 循环第二次迭代后从 0 开始的输出-16 也发布在 Top 中。在第一次迭代中,它起作用了,因为 bit-a-bit XOR 函数返回的值不大于 255 (1111 1111)。
我已经尝试将所有变量更改为 uint16 但是代码不起作用,它说类型必须是标量或 2 的倍数。
【问题讨论】:
-
不清楚当总和溢出 8 位时您想要发生什么。如果您想要大于 255 的值,请不要使用
uint8。 -
@beaker 就像我在问题上所说的那样,我尝试使用
uint16并且发生了同样的问题,当总和为 256 时,如果执行代码,则代码的位置为 255使用声明为uint16的所有向量,您会注意到这一点。 -
我无法重现您的错误。我在您的代码中用
uint16替换了uint8的所有实例,并收到了正确的输出,即stateU(9) = 22。也许您有一些导致问题的工作区变量? -
@beaker 我已经编辑了帖子给你看完整的代码。
-
我猜你需要
double(uint8(255))+1
标签: matlab vector unsigned-integer