├── README.md
├── constraint_programming
    ├── search_for_all_states
    │   ├── readme.txt
    │   ├── GastonS_diff.mzn
    │   ├── GastonS_linear.mzn
    │   ├── SBD_diff.mzn
    │   └── SBD_linear.mzn
    └── search_for_states_in_kenerl
    │   ├── readme.txt
    │   ├── diff.sh
    │   ├── linear.sh
    │   ├── start.py
    │   ├── The_states_in_the_kenerl
    │       └── Sbox_6.txt
    │   ├── diff_sample
    │   └── linear_sample
├── Hardware simulation VHDL
    ├── GastonS.v
    ├── Gaston.v
    └── SBD.v
└── implementation
    ├── test_vector.cpp
    ├── testspeed_x86.cpp
    └── testspeed_x86_ARM.cpp


/README.md:
--------------------------------------------------------------------------------
1 | This is the source codes for the paper "Symmetric Twin Column Parity Mixers and their Applications"
2 | 


--------------------------------------------------------------------------------
/constraint_programming/search_for_all_states/readme.txt:
--------------------------------------------------------------------------------
 1 | This is the  constraint programming used for search the best the differential and linear trails of Gaston-S and SBD for all states.
 2 | 
 3 | 
 4 | 
 5 | 
 6 | ## Usage of the codes 
 7 | 
 8 | 
 9 | minizinc --solver "chuffed" -a -D "nr = 3" --time-limit 720000000 --output-time --statistics xxx.mzn > xxx_result.txt
10 | 
11 | 
12 | ## Results
13 | 
14 | The results will be shown in _xxx_result.txt
15 | 
16 | 
17 | Note that the weights displayed in the results are multiplied by 100, for example 15500 means the weight of the tail is 155


--------------------------------------------------------------------------------
/constraint_programming/search_for_states_in_kenerl/readme.txt:
--------------------------------------------------------------------------------
 1 | This is the  constraint programming used for search the best the differential and linear trails of Gaston-S and SBD for the states in the kenerl with 6/8/10 active bits at first or second round.
 2 | 
 3 | 
 4 | ## Usage of the codes 
 5 | 
 6 | 'python start.py 1'  to search for the the best the differential and linear trails of Gaston-S for the states in the kenerl with 6/8/10
 7 | 
 8 | 'python start.py 2'  to search for the the best the differential and linear trails of SBD for the states in the kenerl with 6/8/10
 9 | 
10 | 
11 | ## Results
12 | 
13 | The results will be shown in the directory like "Gaston_S/diif/iterative_calls_3nr_6sbox/Our_results_..." 
14 | 
15 | Note that the weights displayed in the results are multiplied by 100, for example 15500 means the weight of the tail is 155


--------------------------------------------------------------------------------
/Hardware simulation VHDL/GastonS.v:
--------------------------------------------------------------------------------
 1 | module GastonS_TOP(
 2 |     input clk,
 3 |     input [319:0] Plaintext,
 4 |     output reg [319:0] Ciphertext
 5 | );
 6 | 
 7 |     reg [319:0] reg_in, reg_out;
 8 | 
 9 |     Oneround GastonS_instance (
10 |         .input_A(reg_in),
11 |         .output_B(reg_out)
12 |     );
13 | 
14 |     always @(posedge clk) begin
15 |         reg_in <= Plaintext;
16 |         Ciphertext <= reg_out;
17 |     end
18 | 
19 | endmodule
20 | module Oneround(
21 | input [319:0] input_A,
22 | output [319:0] output_B
23 | );
24 | wire [63:0] n1;
25 | wire [63:0] n2;
26 | wire [63:0] n3;
27 | wire [63:0] n4;
28 | wire [63:0] n5;
29 | wire [63:0] n6;
30 | wire [63:0] n7;
31 | wire [63:0] n8;
32 | wire [63:0] n9;
33 | wire [63:0] n10;
34 | wire [63:0] n11;
35 | wire [63:0] n12;
36 | wire [63:0] n13;
37 | wire [63:0] n14;
38 | wire [63:0] n15;
39 | wire [63:0] n16;
40 | wire [63:0] n17;
41 | wire [63:0] n18;
42 | wire [63:0] n19;
43 | wire [63:0] n20;
44 | wire [63:0] c0 = 240;
45 | assign {n1, n2, n3, n4, n5} = input_A;
46 | 
47 | assign n6={n1[57:0],n1[63:58]}^{n2[56:0],n2[63:57]}^{n3[51:0],n3[63:52]}^{n4[9:0],n4[63:10]}^{n5[58:0],n5[63:59]};
48 | 
49 | assign n7=n1^{n2[2:0],n2[63:3]}^{n3[14:0],n3[63:15]}^{n4[50:0],n4[63:51]}^{n5[44:0],n5[63:45]};
50 | 
51 | assign n8=n6^{n6[27:0],n6[63:28]};
52 | 
53 | assign n9=n7^{n7[62:0],n7[63:63]};
54 | 
55 | assign n10=n1^{n9[37:0],n9[63:38]}^{n8[31:0],n8[63:32]};
56 | assign n11={n2[5:0],n2[63:6]}^{n9[40:0],n9[63:41]}^{n8[30:0],n8[63:31]};
57 | assign n12={n3[29:0],n3[63:30]}^{n9[52:0],n9[63:53]}^{n8[25:0],n8[63:26]};
58 | assign n13={n4[37:0],n4[63:38]}^{n9[24:0],n9[63:25]}^{n8[47:0],n8[63:48]};
59 | assign n14={n5[25:0],n5[63:26]}^{n9[18:0],n9[63:19]}^{n8[32:0],n8[63:33]};
60 | 
61 | assign n15= n10 ^ c0;
62 | assign n16= n15^( (~n11)  & n12  ) ;
63 | assign n17= n11^( (~n12)  & n13  ) ;
64 | assign n18= n12^( (~n13)  & n14  ) ;
65 | assign n19= n13^( (~n14)  & n15  ) ;
66 | assign n20= n14^( (~n15)  & n11  ) ;
67 | assign output_B={n16, n17, n18, n19, n20};
68 |  
69 | endmodule
70 | 


--------------------------------------------------------------------------------
/Hardware simulation VHDL/Gaston.v:
--------------------------------------------------------------------------------
 1 | module Gaston_TOP(
 2 |     input clk,
 3 |     input [319:0] Plaintext,
 4 |     output reg [319:0] Ciphertext
 5 | );
 6 | 
 7 |     reg [319:0] reg_in, reg_out;
 8 | 
 9 |     Oneround Gaston_instance (
10 |         .input_A(reg_in),
11 |         .output_B(reg_out)
12 |     );
13 | 
14 |     always @(posedge clk) begin
15 |         reg_in <= Plaintext;
16 |         Ciphertext <= reg_out;
17 |     end
18 | 
19 | endmodule
20 | 
21 | module Oneround(
22 | input [319:0] input_A,
23 | output [319:0] output_B
24 | );
25 | wire [63:0] n1;
26 | wire [63:0] n2;
27 | wire [63:0] n3;
28 | wire [63:0] n4;
29 | wire [63:0] n5;
30 | wire [63:0] n6;
31 | wire [63:0] n7;
32 | wire [63:0] n8;
33 | wire [63:0] n9;
34 | wire [63:0] n10;
35 | wire [63:0] n11;
36 | wire [63:0] n12;
37 | wire [63:0] n13;
38 | wire [63:0] n14;
39 | wire [63:0] n15;
40 | wire [63:0] n16;
41 | wire [63:0] n17;
42 | wire [63:0] n18;
43 | wire [63:0] n19;
44 | wire [63:0] n20;
45 | wire [63:0] c0 = 240;
46 | assign {n1, n2, n3, n4, n5} = input_A;
47 | 
48 | assign n6={n1[38:0],n1[63:39]}^{n2[35:0],n2[63:36]}^{n3[53:0],n3[63:54]}^{n4[40:0],n4[63:41]}^{n5[60:0],n5[63:61]};
49 | 
50 | assign n7=n1^{n2[3:0],n2[63:4]}^{n3[41:0],n3[63:42]}^{n4[36:0],n4[63:37]}^{n5[59:0],n5[63:60]};
51 | 
52 | assign n8=n6^{n6[45:0],n6[63:46]};
53 | 
54 | assign n9=n7^{n7[62:0],n7[63:63]};
55 | 
56 | assign n10=n1^{n9[40:0],n9[63:41]}^{n8[40:0],n8[63:41]};
57 | assign n11={n2[11:0],n2[63:12]}^{n9[48:0],n9[63:49]}^{n8[48:0],n8[63:49]};
58 | assign n12={n3[10:0],n3[63:11]}^{n9[9:0],n9[63:10]}^{n8[9:0],n8[63:10]};
59 | assign n13={n4[54:0],n4[63:55]}^{n9[58:0],n9[63:59]}^{n8[58:0],n8[63:59]};
60 | assign n14={n5[16:0],n5[63:17]}^{n9[61:0],n9[63:62]}^{n8[61:0],n8[63:62]};
61 | 
62 | assign n15= n10 ^ c0;
63 | assign n16= n15^( (~n11)  & n12  ) ;
64 | assign n17= n11^( (~n12)  & n13  ) ;
65 | assign n18= n12^( (~n13)  & n14  ) ;
66 | assign n19= n13^( (~n14)  & n15  ) ;
67 | assign n20= n14^( (~n15)  & n11  ) ;
68 | assign output_B={n16, n17, n18, n19, n20};
69 |  
70 | endmodule
71 | 


--------------------------------------------------------------------------------
/Hardware simulation VHDL/SBD.v:
--------------------------------------------------------------------------------
  1 | module SBD_TOP(
  2 |     input clk,
  3 |     input [319:0] Plaintext,
  4 |     output reg [319:0] Ciphertext
  5 | );
  6 | 
  7 |     reg [319:0] reg_in, reg_out;
  8 | 
  9 |     Oneround SBD_instance (
 10 |         .input_A(reg_in),
 11 |         .output_B(reg_out)
 12 |     );
 13 | 
 14 |     always @(posedge clk) begin
 15 |         reg_in <= Plaintext;
 16 |         Ciphertext <= reg_out;
 17 |     end
 18 | 
 19 | endmodule
 20 | 
 21 | module Oneround(
 22 | input [319:0] input_A,
 23 | output [319:0] output_B
 24 | );
 25 | wire [63:0] n1;
 26 | wire [63:0] n2;
 27 | wire [63:0] n3;
 28 | wire [63:0] n4;
 29 | wire [63:0] n5;
 30 | wire [63:0] n6;
 31 | wire [63:0] n7;
 32 | wire [63:0] n8;
 33 | wire [63:0] n9;
 34 | wire [63:0] n10;
 35 | wire [63:0] n11;
 36 | wire [63:0] n12;
 37 | wire [63:0] n13;
 38 | wire [63:0] n14;
 39 | wire [63:0] n15;
 40 | wire [63:0] n16;
 41 | wire [63:0] n17;
 42 | wire [63:0] n18;
 43 | wire [63:0] n19;
 44 | wire [63:0] n20;
 45 | wire [63:0] n21;
 46 | wire [63:0] n22;
 47 | wire [63:0] n23;
 48 | wire [63:0] n24;
 49 | wire [63:0] n25;
 50 | wire [63:0] n26;
 51 | wire [63:0] n27;
 52 | wire [63:0] n28;
 53 | wire [63:0] n29;
 54 | wire [63:0] n30;
 55 | wire [63:0] n31;
 56 | wire [63:0] n32;
 57 | wire [63:0] n33;
 58 | wire [63:0] n34;
 59 | wire [63:0] n35;
 60 | wire [63:0] c0 = 240;
 61 | assign {n1, n2, n3, n4, n5} = input_A;
 62 | 
 63 | assign n6={n1[57:0],n1[63:58]}^{n2[56:0],n2[63:57]}^{n3[51:0],n3[63:52]}^{n4[9:0],n4[63:10]}^{n5[58:0],n5[63:59]};
 64 | 
 65 | assign n7=n1^{n2[2:0],n2[63:3]}^{n3[14:0],n3[63:15]}^{n4[50:0],n4[63:51]}^{n5[44:0],n5[63:45]};
 66 | 
 67 | assign n8=n6^{n6[27:0],n6[63:28]};
 68 | 
 69 | assign n9=n7^{n7[62:0],n7[63:63]};
 70 | 
 71 | assign n10=n1^{n9[37:0],n9[63:38]}^{n8[31:0],n8[63:32]};
 72 | assign n11={n2[5:0],n2[63:6]}^{n9[40:0],n9[63:41]}^{n8[30:0],n8[63:31]};
 73 | assign n12={n3[29:0],n3[63:30]}^{n9[52:0],n9[63:53]}^{n8[25:0],n8[63:26]};
 74 | assign n13={n4[37:0],n4[63:38]}^{n9[24:0],n9[63:25]}^{n8[47:0],n8[63:48]};
 75 | assign n14={n5[25:0],n5[63:26]}^{n9[18:0],n9[63:19]}^{n8[32:0],n8[63:33]};
 76 | 
 77 | assign n15= n10 ^ c0;
 78 | assign n16= ~(n15 & n11);
 79 | assign n17= ~(n12 & n13);
 80 | assign n18= ~(n15 & ~n12 & n14);
 81 | assign n19= ~(n14 & ~n15);
 82 | assign n20= ~(n11 & ~n12);
 83 | assign n21= ~(n14 & ~n11 & n13);
 84 | assign n22= ~(n13 & ~n14);
 85 | assign n23= ~( (~n11) & (~n15));
 86 | assign n24= ~(n13 & ~n12 & n15);
 87 | assign n25= ~((~n12) & (~n13));
 88 | assign n26= ~((~n14) & n15);
 89 | assign n27= ~(n14 & (~n12) & (~n11));
 90 | assign n28= ~(n12 & ~n11);
 91 | assign n29= ~(n14 & ~n13);
 92 | assign n30= ~(n13 & ~n11 & n15);
 93 | assign n31= ~(n16 & n17 & n18);
 94 | assign n32= ~(n19 & n20 & n21);
 95 | assign n33= ~(n22 & n23 & n24);
 96 | assign n34= ~(n25 & n26 & n27);
 97 | assign n35= ~(n28 & n29 & n30);
 98 | assign output_B={n31, n32, n33, n34, n35};
 99 |  
100 | endmodule
101 | 


--------------------------------------------------------------------------------
/constraint_programming/search_for_states_in_kenerl/diff.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | 
  3 | function max2 {
  4 |    while [ `jobs | wc -l` -ge 30 ]
  5 |    do
  6 |       sleep 1
  7 |    done
  8 | }
  9 | set -e
 10 | nr=3
 11 | sboxnum=$2
 12 | mkdir -p ./$1/diff
 13 | mkdir -p ./$1/diff/iterative_calls_${nr}nr_${sboxnum}sbox
 14 | mkdir -p ./$1/diff/iterative_calls_${nr}nr_${sboxnum}sbox/results
 15 | num=0
 16 | take=0
 17 | while read p; do
 18 | 
 19 | 	if [[ "$p" == *"-"* ]]; then
 20 | 		echo ${p}
 21 | 		echo $num
 22 | 		cp ./$1/diff.mzn ./$1/diff/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
 23 | 		take=1
 24 | 		continue
 25 | 
 26 | 	fi
 27 | 	if [[ ${take} -eq 1 ]]; then # this is the 1 line
 28 | 		for ((i=0;i<=${#p};i++)); do
 29 | 			if [[ ${p:$i:1} == 1 ]]; then
 30 | 				echo "constraint stateend[0,0,${i}] = 1;" >> ./$1/diff/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
 31 | 			fi
 32 | 			if [[ ${p:$i:1} == 0 ]]; then
 33 | 				echo "constraint stateend[0,0,${i}] = 0;" >> ./$1/diff/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
 34 | 			fi
 35 | 		done
 36 | 		take=2
 37 | 		continue
 38 | 	fi
 39 | 
 40 | 	if [[ ${take} -eq 2 ]]; then # this is the 2 line
 41 | 		for ((i=0;i<=${#p};i++)); do
 42 | 			if [[ ${p:$i:1} == 1 ]]; then
 43 | 				echo "constraint stateend[0,1,${i}] = 1;" >> ./$1/diff/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
 44 | 			fi
 45 | 			if [[ ${p:$i:1} == 0 ]]; then
 46 | 				echo "constraint stateend[0,1,${i}] = 0;" >> ./$1/diff/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
 47 | 			fi
 48 | 		done
 49 | 		take=3
 50 | 		continue
 51 | 	fi
 52 | 
 53 | 	if [[ ${take} -eq 3 ]]; then # this is the 3 line
 54 | 		for ((i=0;i<=${#p};i++)); do
 55 | 			if [[ ${p:$i:1} == 1 ]]; then
 56 | 				echo "constraint stateend[0,2,${i}] = 1;" >> ./$1/diff/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
 57 | 			fi
 58 | 			if [[ ${p:$i:1} == 0 ]]; then
 59 | 				echo "constraint stateend[0,2,${i}] = 0;" >> ./$1/diff/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
 60 | 			fi
 61 | 
 62 | 		done
 63 | 		take=4
 64 | 		continue
 65 | 	fi
 66 | 
 67 | 
 68 | 	if [[ ${take} -eq 4 ]]; then # this is the 4 line
 69 | 		for ((i=0;i<=${#p};i++)); do
 70 | 			if [[ ${p:$i:1} == 1 ]]; then
 71 | 				echo "constraint stateend[0,3,${i}] = 1;" >> ./$1/diff/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
 72 | 			fi
 73 | 			if [[ ${p:$i:1} == 0 ]]; then
 74 | 				echo "constraint stateend[0,3,${i}] = 0;" >> ./$1/diff/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
 75 | 			fi
 76 | 		done
 77 | 		take=5
 78 | 		continue
 79 | 	fi
 80 | 
 81 | 	if [[ ${take} -eq 5 ]]; then # this is the 5 line
 82 | 		for ((i=0;i<=${#p};i++)); do
 83 | 			if [[ ${p:$i:1} == 1 ]]; then
 84 | 				echo "constraint stateend[0,4,${i}] = 1;" >> ./$1/diff/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
 85 | 			fi
 86 | 			if [[ ${p:$i:1} == 0 ]]; then
 87 | 				echo "constraint stateend[0,4,${i}] = 0;" >> ./$1/diff/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
 88 | 			fi
 89 | 		done
 90 | 		take=6
 91 | 		continue
 92 | 	fi
 93 | 
 94 | 	if [[ ${take} -eq 6 ]]; then # this is the 1 line
 95 | 		for ((i=0;i<=${#p};i++)); do
 96 | 			if [[ ${p:$i:1} == 1 ]]; then
 97 | 				echo "constraint statestart[1,0,${i}] = 1;" >> ./$1/diff/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
 98 | 			fi
 99 | 			if [[ ${p:$i:1} == 0 ]]; then
100 | 				echo "constraint statestart[1,0,${i}] = 0;" >> ./$1/diff/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
101 | 			fi
102 | 
103 | 		done
104 | 		take=7
105 | 		continue
106 | 	fi
107 | 
108 | 	if [[ ${take} -eq 7 ]]; then # this is the 2 line
109 | 		for ((i=0;i<=${#p};i++)); do
110 | 			if [[ ${p:$i:1} == 1 ]]; then
111 | 				echo "constraint statestart[1,1,${i}] = 1;" >> ./$1/diff/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
112 | 			fi
113 | 			if [[ ${p:$i:1} == 0 ]]; then
114 | 				echo "constraint statestart[1,1,${i}] = 0;" >> ./$1/diff/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
115 | 			fi
116 | 		done
117 | 		take=8
118 | 		continue
119 | 	fi
120 | 
121 | 	if [[ ${take} -eq 8 ]]; then # this is the 3 line
122 | 		for ((i=0;i<=${#p};i++)); do
123 | 			if [[ ${p:$i:1} == 1 ]]; then
124 | 				echo "constraint statestart[1,2,${i}] = 1;" >> ./$1/diff/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
125 | 			fi
126 | 			if [[ ${p:$i:1} == 0 ]]; then
127 | 				echo "constraint statestart[1,2,${i}] = 0;" >> ./$1/diff/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
128 | 			fi
129 | 		done
130 | 		take=9
131 | 		continue
132 | 	fi
133 | 
134 | 
135 | 	if [[ ${take} -eq 9 ]]; then # this is the 4 line
136 | 		for ((i=0;i<=${#p};i++)); do
137 | 			if [[ ${p:$i:1} == 1 ]]; then
138 | 				echo "constraint statestart[1,3,${i}] = 1;" >> ./$1/diff/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
139 | 			fi
140 | 			if [[ ${p:$i:1} == 0 ]]; then
141 | 				echo "constraint statestart[1,3,${i}] = 0;" >> ./$1/diff/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
142 | 			fi
143 | 		done
144 | 		take=10
145 | 		continue
146 | 	fi
147 | 
148 | 
149 | 
150 | 	if [[ ${take} -eq 10 ]]; then # this is the 5 line
151 | 		for ((i=0;i<=${#p};i++)); do
152 | 			if [[ ${p:$i:1} == 1 ]]; then
153 | 				echo "constraint statestart[1,4,${i}] = 1;" >> ./$1/diff/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
154 | 			fi
155 | 			if [[ ${p:$i:1} == 0 ]]; then
156 | 				echo "constraint statestart[1,4,${i}] = 0;" >> ./$1/diff/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
157 | 			fi
158 | 		done
159 | 		take=0
160 | 		max2; minizinc --solver "chuffed" -a -D "nr = ${nr};" --time-limit 7200000 --output-time --statistics ./$1/diff/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn > ./$1/diff/iterative_calls_${nr}nr_${sboxnum}sbox/results/Our_results_${num}.txt &
161 | 		num=$((num + 1))
162 | 		echo num $num
163 | 	fi
164 | done < The_states_in_the_kenerl/Sbox_${sboxnum}.txt
165 | 
166 | 
167 | 
168 | 
169 | 


--------------------------------------------------------------------------------
/constraint_programming/search_for_states_in_kenerl/linear.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | 
  3 | function max2 {
  4 |    while [ `jobs | wc -l` -ge 30 ]
  5 |    do
  6 |       sleep 1
  7 |    done
  8 | }
  9 | set -e
 10 | nr=3
 11 | sboxnum=$2
 12 | mkdir -p ./$1/linear
 13 | mkdir -p ./$1/linear/iterative_calls_${nr}nr_${sboxnum}sbox
 14 | mkdir -p ./$1/linear/iterative_calls_${nr}nr_${sboxnum}sbox/results
 15 | num=0
 16 | take=0
 17 | while read p; do
 18 | 	if [[ "$p" == *"-"* ]]; then
 19 | 		echo ${p}
 20 | 		echo $num
 21 | 		cp ./$1/linear.mzn ./$1/linear/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
 22 | 		take=1
 23 | 		continue
 24 | 
 25 | 	fi
 26 | 	if [[ ${take} -eq 1 ]]; then # this is the 1 line
 27 | 		for ((i=0;i<=${#p};i++)); do
 28 | 			if [[ ${p:$i:1} == 1 ]]; then
 29 | 				echo "constraint stateend[0,0,63-${i}] = 1;" >> ./$1/linear/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
 30 | 			fi
 31 | 			if [[ ${p:$i:1} == 0 ]]; then
 32 | 				echo "constraint stateend[0,0,63-${i}] = 0;" >> ./$1/linear/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
 33 | 			fi
 34 | 		done
 35 | 		take=2
 36 | 		continue
 37 | 	fi
 38 | 
 39 | 	if [[ ${take} -eq 2 ]]; then # this is the 2 line
 40 | 		for ((i=0;i<=${#p};i++)); do
 41 | 			if [[ ${p:$i:1} == 1 ]]; then
 42 | 				echo "constraint stateend[0,1,63-${i}] = 1;" >> ./$1/linear/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
 43 | 			fi
 44 | 			if [[ ${p:$i:1} == 0 ]]; then
 45 | 				echo "constraint stateend[0,1,63-${i}] = 0;" >> ./$1/linear/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
 46 | 			fi
 47 | 		done
 48 | 		take=3
 49 | 		continue
 50 | 	fi
 51 | 
 52 | 	if [[ ${take} -eq 3 ]]; then # this is the 3 line
 53 | 		for ((i=0;i<=${#p};i++)); do
 54 | 			if [[ ${p:$i:1} == 1 ]]; then
 55 | 				echo "constraint stateend[0,2,63-${i}] = 1;" >> ./$1/linear/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
 56 | 			fi
 57 | 			if [[ ${p:$i:1} == 0 ]]; then
 58 | 				echo "constraint stateend[0,2,63-${i}] = 0;" >> ./$1/linear/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
 59 | 			fi
 60 | 
 61 | 		done
 62 | 		take=4
 63 | 		continue
 64 | 	fi
 65 | 
 66 | 
 67 | 	if [[ ${take} -eq 4 ]]; then # this is the 4 line
 68 | 		for ((i=0;i<=${#p};i++)); do
 69 | 			if [[ ${p:$i:1} == 1 ]]; then
 70 | 				echo "constraint stateend[0,3,63-${i}] = 1;" >> ./$1/linear/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
 71 | 			fi
 72 | 			if [[ ${p:$i:1} == 0 ]]; then
 73 | 				echo "constraint stateend[0,3,63-${i}] = 0;" >> ./$1/linear/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
 74 | 			fi
 75 | 		done
 76 | 		take=5
 77 | 		continue
 78 | 	fi
 79 | 
 80 | 	if [[ ${take} -eq 5 ]]; then # this is the 5 line
 81 | 		for ((i=0;i<=${#p};i++)); do
 82 | 			if [[ ${p:$i:1} == 1 ]]; then
 83 | 				echo "constraint stateend[0,4,63-${i}] = 1;" >> ./$1/linear/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
 84 | 			fi
 85 | 			if [[ ${p:$i:1} == 0 ]]; then
 86 | 				echo "constraint stateend[0,4,63-${i}] = 0;" >> ./$1/linear/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
 87 | 			fi
 88 | 		done
 89 | 		take=6
 90 | 		continue
 91 | 	fi
 92 | 
 93 | 
 94 | if [[ ${take} -eq 6 ]]; then # this is the 1 line
 95 | 		for ((i=0;i<=${#p};i++)); do
 96 | 			if [[ ${p:$i:1} == 1 ]]; then
 97 | 				echo "constraint statestart[1,0,63-${i}] = 1;" >> ./$1/linear/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
 98 | 			fi
 99 | 			if [[ ${p:$i:1} == 0 ]]; then
100 | 				echo "constraint statestart[1,0,63-${i}] = 0;" >> ./$1/linear/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
101 | 			fi
102 | 
103 | 		done
104 | 		take=7
105 | 		continue
106 | 	fi
107 | 
108 | 	if [[ ${take} -eq 7 ]]; then # this is the 2 line
109 | 		for ((i=0;i<=${#p};i++)); do
110 | 			if [[ ${p:$i:1} == 1 ]]; then
111 | 				echo "constraint statestart[1,1,63-${i}] = 1;" >> ./$1/linear/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
112 | 			fi
113 | 			if [[ ${p:$i:1} == 0 ]]; then
114 | 				echo "constraint statestart[1,1,63-${i}] = 0;" >> ./$1/linear/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
115 | 			fi
116 | 		done
117 | 		take=8
118 | 		continue
119 | 	fi
120 | 
121 | 	if [[ ${take} -eq 8 ]]; then # this is the 3 line
122 | 		for ((i=0;i<=${#p};i++)); do
123 | 			if [[ ${p:$i:1} == 1 ]]; then
124 | 				echo "constraint statestart[1,2,63-${i}] = 1;" >> ./$1/linear/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
125 | 			fi
126 | 			if [[ ${p:$i:1} == 0 ]]; then
127 | 				echo "constraint statestart[1,2,63-${i}] = 0;" >> ./$1/linear/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
128 | 			fi
129 | 		done
130 | 		take=9
131 | 		continue
132 | 	fi
133 | 
134 | 
135 | 	if [[ ${take} -eq 9 ]]; then # this is the 4 line
136 | 		for ((i=0;i<=${#p};i++)); do
137 | 			if [[ ${p:$i:1} == 1 ]]; then
138 | 				echo "constraint statestart[1,3,63-${i}] = 1;" >> ./$1/linear/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
139 | 			fi
140 | 			if [[ ${p:$i:1} == 0 ]]; then
141 | 				echo "constraint statestart[1,3,63-${i}] = 0;" >> ./$1/linear/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
142 | 			fi
143 | 		done
144 | 		take=10
145 | 		continue
146 | 	fi
147 | 
148 | 
149 | 
150 | 	if [[ ${take} -eq 10 ]]; then # this is the 5 line
151 | 		for ((i=0;i<=${#p};i++)); do
152 | 			if [[ ${p:$i:1} == 1 ]]; then
153 | 				echo "constraint statestart[1,4,63-${i}] = 1;" >> ./$1/linear/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
154 | 			fi
155 | 			if [[ ${p:$i:1} == 0 ]]; then
156 | 				echo "constraint statestart[1,4,63-${i}] = 0;" >> ./$1/linear/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn
157 | 			fi
158 | 		done
159 | 		take=0
160 | 		max2; minizinc --solver "chuffed" -a -D "nr = ${nr};" --time-limit 7200000 --output-time --statistics ./$1/linear/iterative_calls_${nr}nr_${sboxnum}sbox/Our_${nr}rd_${num}.mzn > ./$1/linear/iterative_calls_${nr}nr_${sboxnum}sbox/results/Our_results_${num}.txt &
161 | 		num=$((num + 1))
162 | 		echo num $num
163 | 	fi
164 | 
165 | done < The_states_in_the_kenerl/Sbox_${sboxnum}.txt
166 | 
167 | 
168 | 
169 | 
170 | 


--------------------------------------------------------------------------------
/constraint_programming/search_for_states_in_kenerl/start.py:
--------------------------------------------------------------------------------
  1 | import math
  2 | import os
  3 | import sys
  4 | 
  5 | 
  6 | Gaston_S_SBOX = [0,5,10,11,20,17,22,23,9,12,3,2,13,8,15,14,18,21,24,27,6,1,4,7,26,29,16,19,30,25,28,31]
  7 | SBD_SBOX = [6,15,4,14,5,13,21,29,10,11,12,8,0,9,20,24,2,19,7,31,3,1,23,25,26,27,30,28,18,17,22,16]
  8 | 
  9 | linear_sam = open("linear_sample",'r')
 10 | diff_sam = open("diff_sample",'r')
 11 | lines_linear_sam = linear_sam.readlines()
 12 | lines_diff_sam = diff_sam.readlines()
 13 | 
 14 | 
 15 | def search_diff(truth,name,theta):
 16 |     write = open(f"{name}/diff.mzn", 'w')
 17 | 
 18 |     for aline in lines_diff_sam:
 19 |         write.write(aline)
 20 |     pairs = [0]*pow(2,10)
 21 |     for input in range(0,32):
 22 |         for diff_in in range(0,32):
 23 |             out1 = truth[input]
 24 |             out2 = truth[diff_in^input]
 25 |             diff_out = out1 ^ out2
 26 |             index = (diff_in << 5) | diff_out
 27 |             pairs[index] = pairs[index] + 1
 28 | 
 29 |     leng = 0
 30 |     len3 = 0
 31 |     len4 = 0
 32 |     len2 = 0
 33 |     len1 = 0
 34 |     len241 = 0
 35 |     lenother = 0
 36 |     for i in range(0, 1024):
 37 |         pairs[i] = abs(pairs[i])
 38 |         if pairs[i] != 0:
 39 |             pairs[i] = int(100*math.log2(32 / pairs[i]))
 40 |             leng = leng + 1
 41 |             if pairs[i] == 100:
 42 |                 len1 = len1 + 1
 43 |             elif pairs[i] == 241:
 44 |                 len241 = len241 + 1
 45 |             elif pairs[i] == 200:
 46 |                 len2 = len2 + 1
 47 |             elif pairs[i] == 300:
 48 |                 len3 = len3 + 1
 49 |             elif pairs[i] == 400:
 50 |                 len4 = len4 + 1
 51 |             else:
 52 |                 lenother = pairs[i]
 53 |     write.write("\n")
 54 |     write.write(f"array [1..{leng}, 1..11] of int : DDT = array2d(1..{leng},1..11,[")
 55 |     write.write("0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0")
 56 |     for i in range(1, 32):
 57 |         for j in range(0,32):
 58 |             if pairs[i << 5 | j] != 0:
 59 |                 write.write(", ")
 60 |                 for k in range(0,5):
 61 |                     write.write(str((i >> (4-k))&0x1) + ', ')
 62 |                 for k in range(0,5):
 63 |                     write.write(str((j >> (4-k))&0x1) + ', ')
 64 |                 write.write(str(pairs[i<<5|j]))
 65 |     write.write("]);\n")
 66 |     write.close()
 67 |     os.system(f'sh diff.sh {name} {theta}')
 68 | 
 69 | 
 70 | 
 71 | 
 72 | 
 73 | 
 74 | def search_linear(truth,name,theta):
 75 |     os.system(f'mkdir {name}')
 76 |     write = open(f"{name}/linear.mzn", 'w')
 77 |     for aline in lines_linear_sam:
 78 |         write.write(aline)
 79 | 
 80 |     pairs = [0] * pow(2, 10)
 81 |     for mask_in in range(0, 32):
 82 |         for mask_out in range(0, 32):
 83 |             for plain_in in range(0, 32):
 84 |                 plain_out = truth[plain_in]
 85 | 
 86 |                 in_after_mask = plain_in & mask_in
 87 | 
 88 |                 in_dot_sum = 0
 89 |                 for num_i in range(0, 32):
 90 |                     if (in_after_mask >> num_i) & 0x1 == 1:
 91 |                         in_dot_sum = in_dot_sum + 1
 92 | 
 93 |                 out_after_mask = plain_out & mask_out
 94 | 
 95 |                 out_dot_sum = 0
 96 |                 for num_i in range(0, 32):
 97 |                     if (out_after_mask >> num_i) & 0x1 == 1:
 98 |                         out_dot_sum = out_dot_sum + 1
 99 | 
100 |                 in_dot_sum = in_dot_sum % 2
101 |                 out_dot_sum = out_dot_sum % 2
102 | 
103 |                 index = (mask_out << 5) | mask_in
104 | 
105 |                 if in_dot_sum == out_dot_sum:
106 |                     pairs[index] = pairs[index] + 1
107 | 
108 |     leng = 0
109 |     len3 = 0
110 |     len4 = 0
111 |     len2 = 0
112 |     len1 = 0
113 |     len241 = 0
114 |     lenother = 0
115 |     for i in range(0, 1024):
116 |         pairs[i] = pairs[i] - 16
117 |         pairs[i] = abs(pairs[i])
118 |         if pairs[i] != 0:
119 |             pairs[i] = int(100*math.log2(32 / pairs[i]))
120 |             leng = leng + 1
121 |             if pairs[i] == 100:
122 |                 len1 = len1 + 1
123 |             elif pairs[i] == 241:
124 |                 len241 = len241 + 1
125 |             elif pairs[i] == 200:
126 |                 len2 = len2 + 1
127 |             elif pairs[i] == 300:
128 |                 len3 = len3 + 1
129 |             elif pairs[i] == 400:
130 |                 len4 = len4 + 1
131 |             else:
132 |                 lenother = pairs[i]
133 | 
134 |     write.write("\n")
135 |     write.write(f"array [1..{leng}, 1..11] of int : DDT = array2d(1..{leng},1..11,[")
136 |     write.write("0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0")
137 |     for i in range(1, 32):
138 |         for j in range(0, 32):
139 |             if pairs[i << 5 | j] != 0:
140 |                 write.write(", ")
141 |                 for k in range(0, 5):
142 |                     write.write(str((i >> (4 - k)) & 0x1) + ', ')
143 |                 for k in range(0, 5):
144 |                     write.write(str((j >> (4 - k)) & 0x1) + ', ')
145 |                 write.write(str(pairs[i << 5 | j]))
146 |     write.write("]);\n")
147 |     write.close()
148 |     os.system(f'sh linear.sh {name} {theta}')
149 | 
150 | 
151 | 
152 | if len(sys.argv) == 1:
153 |     print("Missing parameter, one num is required, 1 means searching for tails of Gaston_S, 2 means searching for tails of SBD")
154 |     sys.exit()
155 | 
156 | if int(sys.argv[1]) == 1:
157 |     truth_num = Gaston_S_SBOX
158 |     name = "Gaston_S"
159 |     os.system(f'mkdir Gaston_S')
160 |     all_theta=[6,6]
161 |     for theta in all_theta:
162 |         search_linear(truth_num,name,theta)
163 |         search_diff(truth_num,name,theta)
164 | 
165 | elif int(sys.argv[1]) == 2:
166 |     truth_num = SBD_SBOX
167 |     name = "SBD"
168 |     os.system(f'mkdir SBD')
169 |     all_theta=[6,6]
170 |     for theta in all_theta:
171 |         search_linear(truth_num,name,theta)
172 |         search_diff(truth_num,name,theta)
173 | 
174 | 
175 | else:
176 |     print("Error num, 1 means searching for tails of Gaston_S, 2 means searching for tails of SBD")
177 | 
178 | 
179 | 
180 | 
181 | 
182 | 
183 | 
184 | 
185 | 
186 | 
187 | 
188 | 
189 | 
190 | 
191 | 
192 | 
193 | 
194 | 


--------------------------------------------------------------------------------
/constraint_programming/search_for_states_in_kenerl/The_states_in_the_kenerl/Sbox_6.txt:
--------------------------------------------------------------------------------
  1 | ----
  2 | 0000000000000000000000000000000000000000000000000000000000000000
  3 | 0000000000000000000000000000000000000000000000000000000000000000
  4 | 0000000000000000000000000000000000000000100000000100000000000000
  5 | 0000100000000000000000000001000000000000000000000000000000000000
  6 | 0000000000000000000100000000000001000000000000000000000000000000
  7 | 0000000000000000000000000000000000000000000000000000000000000000
  8 | 0000000000000000000000000000000000000000000000000000000000000000
  9 | 0000001000000001000000000000000000000000000000000000000000000000
 10 | 0100000000000000000000000000000000000000001000000000000000000000
 11 | 0000000000000000000000000000000000000000000001000000000000010000
 12 | ----
 13 | 0000000000000000000000000000000000000000000000000000000000000000
 14 | 0000000000000000000010000000000000000000000000000000000000000100
 15 | 0000000000000000000000000100000000000000000000000100000000000000
 16 | 0000000000000000000000000000000000000000000000000000000000000000
 17 | 0000000000000000000000000000000000000000001000000000000000010000
 18 | 0000000000000000000000000000000000000000000000000000000000000000
 19 | 0001000000000000000000000010000000000000000000000000000000000000
 20 | 0000000000000001000000000000000000000000000000000000000100000000
 21 | 0000000000000000000000000000000000000000000000000000000000000000
 22 | 0000100000000000000001000000000000000000000000000000000000000000
 23 | ----
 24 | 0000000000000000000000000000000000000000000000000000000000000000
 25 | 0000000000000000000000000000000000000000000000010000000000000100
 26 | 0010000000000000000000000000000000010000000000000000000000000000
 27 | 0000000000000100000000000000001000000000000000000000000000000000
 28 | 0000000000000000000000000000000000000000000000000000000000000000
 29 | 0000000000000000000000000000000000000000000000000000000000000000
 30 | 0001000000000000000000000000000000000000000000000000010000000000
 31 | 0100000000000000000000000000000010000000000000000000000000000000
 32 | 0000100000000000000000000000000000000000000000000001000000000000
 33 | 0000000000000000000000000000000000000000000000000000000000000000
 34 | ----
 35 | 0000000000000000000000000000000000000000000000000000000000000000
 36 | 0000000000000000000000000000000000000000000000000000100000000100
 37 | 0000000000000000000000000000000000000000000000000000000000000000
 38 | 0000100000000000000000000000000000000000000010000000000000000000
 39 | 0000000000000000000100000000000000000000000000000010000000000000
 40 | 0000000000000000000000000000000000000000000000000000000000000000
 41 | 0001000000000000000000000000000000000000000000000000000000100000
 42 | 0000000000000000000000000000000000000000000000000000000000000000
 43 | 0000000000000000001000000000000000000000001000000000000000000000
 44 | 0000000000001000000000000000000000000000000001000000000000000000
 45 | ----
 46 | 1000000000000010000000000000000000000000000000000000000000000000
 47 | 0000000000000000000000000000000000000000000000000000000000000000
 48 | 0000000000000000000010000000000000000000000000000100000000000000
 49 | 0000000000000000000000000001000000000000000000001000000000000000
 50 | 0000000000000000000000000000000000000000000000000000000000000000
 51 | 1000000000000010000000000000000000000000000000000000000000000000
 52 | 0000000000000000000000000000000000000000000000000000000000000000
 53 | 0000000000000001000000000000000000000000000000000010000000000000
 54 | 0100000000000000000000100000000000000000000000000000000000000000
 55 | 0000000000000000000000000000000000000000000000000000000000000000
 56 | ----
 57 | 1000000000000000010000000000000000000000000000000000000000000000
 58 | 0000000000000000001000000000000000000000000000000000000000000100
 59 | 0010001000000000000000000000000000000000000000000000000000000000
 60 | 0000000000000000000000000000000000000000000000000000000000000000
 61 | 0000000000000000000000000000000000000000000000000000000000000000
 62 | 1000000000000000010000000000000000000000000000000000000000000000
 63 | 0001000000000000000000001000000000000000000000000000000000000000
 64 | 0000000000000000000000000000000010001000000000000000000000000000
 65 | 0000000000000000000000000000000000000000000000000000000000000000
 66 | 0000000000000000000000000000000000000000000000000000000000000000
 67 | ----
 68 | 1000000000000000000000010000000000000000000000000000000000000000
 69 | 0000000000000000000000000000000000000000000000000000000000000000
 70 | 0000000000000000000000000000010000000000000000000100000000000000
 71 | 0000000000000000000000000000000000000000000000000000000000000000
 72 | 0000000000000000000000000000000000000000001000000000000000000001
 73 | 1000000000000000000000010000000000000000000000000000000000000000
 74 | 0000000000000000000000000000000000000000000000000000000000000000
 75 | 0000000000000001000000000000000000000000000000000000000000010000
 76 | 0000000000000000000000000000000000000000000000000000000000000000
 77 | 0000100000000000000000000100000000000000000000000000000000000000
 78 | ----
 79 | 1000000000000000000000000000000001000000000000000000000000000000
 80 | 0100000000000000000000000000001000000000000000000000000000000000
 81 | 0000000000000000000000000000000000000000000000000000000000000000
 82 | 0000000000000100010000000000000000000000000000000000000000000000
 83 | 0000000000000000000000000000000000000000000000000000000000000000
 84 | 1000000000000000000000000000000001000000000000000000000000000000
 85 | 0000000100000000000000000000000000001000000000000000000000000000
 86 | 0000000000000000000000000000000000000000000000000000000000000000
 87 | 0000000000000000000000000000000000000000000000000001000100000000
 88 | 0000000000000000000000000000000000000000000000000000000000000000
 89 | ----
 90 | 1000000000000000000000000000000000000000100000000000000000000000
 91 | 0000000000000000000000000000000000000000010000000000000000000100
 92 | 0000000000000000000000000000000000000000000000000000000000000000
 93 | 0000000000000000000000000000000000000000000000000000000000000000
 94 | 0000000000000000000000000000000000000000000000000000000000010001
 95 | 1000000000000000000000000000000000000000100000000000000000000000
 96 | 0001000000000000000000000000000000000000000000010000000000000000
 97 | 0000000000000000000000000000000000000000000000000000000000000000
 98 | 0000000000000000000000000000000000000000000000000000000000000000
 99 | 0000000000000000000001000100000000000000000000000000000000000000
100 | ----
101 | 1000000000000000000000000000000000000000000010000000000000000000
102 | 0000000000000000000001000000000000000000000000000000000000000000
103 | 0000000000000000000000000000000000000000000000000000000000000000
104 | 0000000000000000000000000000000000000000000000000000000000000000
105 | 0000000000000000000100000000000000000000000100000000000000000001
106 | 1000000000000000000000000000000000000000000010000000000000000000
107 | 0000000000000000000000000001000000000000000000000000000000000000
108 | 0000000000000000000000000000000000000000000000000000000000000000
109 | 0000000000000000000000000000000000000000000000000000000000000000
110 | 0000010000000000000000000100000000000000000001000000000000000000
111 | ----
112 | 1000000000000000000000000000000000000000000000000000000100000000
113 | 0000000000000000000000000000000000000000000000000000000000000000
114 | 0000000000000000000000000000000000000000000000000000000000000000
115 | 0000100000000000000000000000000000000000000000001000000000000000
116 | 0000000000000000000100000000000000000000000000000000001000000000
117 | 1000000000000000000000000000000000000000000000000000000100000000
118 | 0000000000000000000000000000000000000000000000000000000000000000
119 | 0000000000000000000000000000000000000000000000000000000000000000
120 | 0000000000000000000000100000000000000000001000000000000000000000
121 | 0000000000000000100000000000000000000000000001000000000000000000
122 | ----
123 | 0000000000000000000000000000000000000000000000000000000000000000
124 | 0000000000000000000000000000000000000000000000000000000000000000
125 | 0000000000000000000000000000000000000000000000000100000000100000
126 | 0000000000000000000000100000000000000000000000000000000000000001
127 | 0000010000000000000100000000000000000000000000000000000000000000
128 | 0000000000000000000000000000000000000000000000000000000000000000
129 | 0000000000000000000000000000000000000000000000000000000000000000
130 | 0000000000000001000000001000000000000000000000000000000000000000
131 | 0000000000000000000000000000000000000100000000000000000000001000
132 | 0000000000000000000000000000000100000000000001000000000000000000
133 | 


--------------------------------------------------------------------------------
/implementation/test_vector.cpp:
--------------------------------------------------------------------------------
  1 | //
  2 | // Created by Rusydi Makarim on 25/05/23.
  3 | //
  4 | #ifdef __unix
  5 | #define fopen_s(pFile, filename, mode) ((*(pFile)) = fopen((filename), (mode))) == NULL
  6 | #endif
  7 | 
  8 | #include <iomanip>
  9 | #include <math.h>
 10 | #include <stdint.h>
 11 | #include <stdio.h>
 12 | #include <vector>
 13 | #include <iostream>
 14 | 
 15 | // parameters for theta
 16 | #define Cipher_a0 6
 17 | #define Cipher_a1 10
 18 | #define Cipher_a2 27
 19 | #define Cipher_a3 41
 20 | #define Cipher_a4 50
 21 | 
 22 | #define Cipher_r 1
 23 | #define Cipher_s 36
 24 | #define Cipher_u 26
 25 | 
 26 | // rho-east rotation offsets
 27 | #define Cipher_e0 0
 28 | #define Cipher_e1 61
 29 | #define Cipher_e2 49
 30 | #define Cipher_e3 13
 31 | #define Cipher_e4 19
 32 | 
 33 | 
 34 | 
 35 | #define ASCON_0 19
 36 | #define ASCON_1 61
 37 | #define ASCON_2 1
 38 | #define ASCON_3 10
 39 | #define ASCON_4 7
 40 | 
 41 | #define ASCONB_0 28
 42 | #define ASCONB_1 39
 43 | #define ASCONB_2 6
 44 | #define ASCONB_3 17
 45 | #define ASCONB_4 41
 46 | 
 47 | #define GASTON_t0 25
 48 | #define GASTON_t1 32
 49 | #define GASTON_t2 52
 50 | #define GASTON_t3 60
 51 | #define GASTON_t4 63
 52 | #define GASTON_r 1
 53 | #define GASTON_s 18
 54 | #define GASTON_u 23
 55 | 
 56 | // rho-east rotation offsets
 57 | #define GASTON_e0 0
 58 | #define GASTON_e1 60
 59 | #define GASTON_e2 22
 60 | #define GASTON_e3 27
 61 | #define GASTON_e4 4
 62 | 
 63 | // rho-west rotation offsets
 64 | #define GASTON_w0 0
 65 | #define GASTON_w1 56
 66 | #define GASTON_w2 31
 67 | #define GASTON_w3 46
 68 | #define GASTON_w4 43
 69 | 
 70 | using namespace std;
 71 | #include <iostream>
 72 | #include <random>
 73 | 
 74 | 
 75 | 
 76 | int SBD(uint64_t x[]) {
 77 | 
 78 | 	uint64_t i = 0;
 79 | 	uint64_t m, n = 0;
 80 | 	const uint64_t rc[] = {
 81 | 		0x00000000000000F0, 0x00000000000000E1, 0x00000000000000D2,
 82 | 		0x00000000000000C3, 0x00000000000000B4, 0x00000000000000A5,
 83 | 		0x0000000000000096, 0x0000000000000087
 84 | 	};
 85 | 	uint64_t tmp;
 86 | 	uint64_t P = 0, Q = 0;
 87 | 	uint64_t sboxin[5] = { 0, 0, 0, 0, 0 };
 88 | 
 89 | 
 90 | 
 91 | 	for (i = 0; i < 8; i++) {
 92 | 
 93 | 		/*x[0] = ((x[0]) << Cipher_e0) | ((x[0]) >> (Cipher_e0));*/
 94 | 		x[1] = ((x[1]) << Cipher_e1) | ((x[1]) >> (64 - Cipher_e1));
 95 | 		x[2] = ((x[2]) << Cipher_e2) | ((x[2]) >> (64 - Cipher_e2));
 96 | 		x[3] = ((x[3]) << Cipher_e3) | ((x[3]) >> (64 - Cipher_e3));
 97 | 		x[4] = ((x[4]) << Cipher_e4) | ((x[4]) >> (64 - Cipher_e4));
 98 | 
 99 | 		// theta
100 | 		P = x[0] ^ x[1] ^ x[2] ^ x[3] ^ x[4];
101 | 
102 | 
103 | 		P = P ^ (((P) << Cipher_r) | ((P) >> (64 - Cipher_r)));
104 | 
105 | 		Q = (((x[0]) << Cipher_a0) | ((x[0]) >> (64 - Cipher_a0))) ^ (((x[1]) << Cipher_a1) | ((x[1]) >> (64 - Cipher_a1))) ^ (((x[2]) << Cipher_a2) | ((x[2]) >> (64 - Cipher_a2))) ^ (((x[3]) << Cipher_a3) | ((x[3]) >> (64 - Cipher_a3))) ^ (((x[4]) << Cipher_a4) | ((x[4]) >> (64 - Cipher_a4)));
106 | 
107 | 
108 | 
109 | 		Q = Q ^ (((Q) << Cipher_s) | ((Q) >> (64 - Cipher_s)));
110 | 
111 | 
112 | 
113 | 
114 | 
115 | 		//
116 | 		P = ((P) << Cipher_u) | ((P) >> (64 - Cipher_u));
117 | 
118 | 
119 | 		Q = ((Q) << Cipher_u) | ((Q) >> (64 - Cipher_u));
120 | 		x[0] = x[0] ^ P ^ (((Q) << Cipher_a0) | ((Q) >> (64 - Cipher_a0)));
121 | 		x[1] = x[1] ^ P ^ (((Q) << Cipher_a1) | ((Q) >> (64 - Cipher_a1)));
122 | 		x[2] = x[2] ^ P ^ (((Q) << Cipher_a2) | ((Q) >> (64 - Cipher_a2)));
123 | 		x[3] = x[3] ^ P ^ (((Q) << Cipher_a3) | ((Q) >> (64 - Cipher_a3)));
124 | 		x[4] = x[4] ^ P ^ (((Q) << Cipher_a4) | ((Q) >> (64 - Cipher_a4)));
125 | 		// rho-west
126 | 		sboxin[0] = x[0];
127 | 		sboxin[1] = ((x[1]) << Cipher_e1) | ((x[1]) >> (64 - Cipher_e1));
128 | 		sboxin[2] = ((x[2]) << Cipher_e2) | ((x[2]) >> (64 - Cipher_e2));
129 | 		sboxin[3] = ((x[3]) << Cipher_e3) | ((x[3]) >> (64 - Cipher_e3));
130 | 		sboxin[4] = ((x[4]) << Cipher_e4) | ((x[4]) >> (64 - Cipher_e4));
131 | 
132 | 
133 | 		sboxin[0] = sboxin[0] ^ rc[i];
134 | 
135 | 		// degree4 sbox
136 | 
137 | 		x[0] = ~((~(sboxin[0] & (~sboxin[2]) & (sboxin[4]))) & (~(sboxin[0] & sboxin[1])) & (~(sboxin[2] & sboxin[3])));
138 | 		x[1] = ~((~(sboxin[4] & (~sboxin[0]))) & (~(sboxin[1] & (~sboxin[2]))) & (~(sboxin[4] & (~sboxin[1]) & sboxin[3])));
139 | 		x[2] = ~((~(sboxin[3] & (~sboxin[4]))) & (~((~sboxin[1]) & (~sboxin[0]))) & (~(sboxin[3] & (~sboxin[2]) & sboxin[0])));
140 | 		x[3] = ~((~((~sboxin[2]) & (~sboxin[3]))) & (~((~sboxin[4]) & sboxin[0])) & (~(sboxin[4] & (~sboxin[2]) & (~sboxin[1]))));
141 | 		x[4] = ~((~(sboxin[2] & (~sboxin[1]))) & (~(sboxin[4] & (~sboxin[3]))) & (~(sboxin[3] & (~sboxin[1]) & sboxin[0])));
142 | 	}
143 | 
144 | 
145 | 	cout << "0x"
146 | 		 << uppercase << hex << setw(16) << setfill('0') << x[0]
147 | 		 << endl;
148 | 	cout << "0x"
149 | 		 << uppercase << hex << setw(16) << setfill('0') << x[1]
150 | 		 << endl;
151 | 	cout << "0x"
152 | 		 << uppercase << hex << setw(16) << setfill('0') << x[2]
153 | 		 << endl;
154 | 	cout << "0x"
155 | 		 << uppercase << hex << setw(16) << setfill('0') << x[3]
156 | 		 << endl;
157 | 	cout << "0x"
158 | 		 << uppercase << hex << setw(16) << setfill('0') << x[4]
159 | 		 << endl;
160 | 
161 | 	return 0;
162 | }
163 | 
164 | 
165 | int Gaston_S(uint64_t x[]) {
166 | 
167 | 	uint64_t i = 0;
168 | 	uint64_t m, n = 0;
169 | 	const uint64_t rc[] = {
170 | 		0x00000000000000F0, 0x00000000000000E1, 0x00000000000000D2,
171 | 		0x00000000000000C3, 0x00000000000000B4, 0x00000000000000A5,
172 | 		0x0000000000000096, 0x0000000000000087, 0x0000000000000078,
173 | 		0x0000000000000069, 0x000000000000005A, 0x000000000000004B
174 | 	};
175 | 	uint64_t tmp;
176 | 	uint64_t P = 0, Q = 0;
177 | 
178 | 
179 | 
180 | 	for (i = 0; i < 12; i++) {
181 | 
182 | 
183 | 		/*x[0] = ((x[0]) << Cipher_e0) | ((x[0]) >> (Cipher_e0));*/
184 | 		x[1] = ((x[1]) << Cipher_e1) | ((x[1]) >> (64 - Cipher_e1));
185 | 		x[2] = ((x[2]) << Cipher_e2) | ((x[2]) >> (64 - Cipher_e2));
186 | 		x[3] = ((x[3]) << Cipher_e3) | ((x[3]) >> (64 - Cipher_e3));
187 | 		x[4] = ((x[4]) << Cipher_e4) | ((x[4]) >> (64 - Cipher_e4));
188 | 
189 | 		// theta
190 | 		P = x[0] ^ x[1] ^ x[2] ^ x[3] ^ x[4];
191 | 
192 | 		P = P ^ (((P) << Cipher_r) | ((P) >> (64 - Cipher_r)));
193 | 
194 | 		Q = (((x[0]) << Cipher_a0) | ((x[0]) >> (64 - Cipher_a0))) ^ (((x[1]) << Cipher_a1) | ((x[1]) >> (64 - Cipher_a1))) ^ (((x[2]) << Cipher_a2) | ((x[2]) >> (64 - Cipher_a2))) ^ (((x[3]) << Cipher_a3) | ((x[3]) >> (64 - Cipher_a3))) ^ (((x[4]) << Cipher_a4) | ((x[4]) >> (64 - Cipher_a4)));
195 | 
196 | 		Q = Q ^ (((Q) << Cipher_s) | ((Q) >> (64 - Cipher_s)));
197 | 
198 | 
199 | 		//
200 | 		P = ((P) << Cipher_u) | ((P) >> (64 - Cipher_u));
201 | 		Q = ((Q) << Cipher_u) | ((Q) >> (64 - Cipher_u));
202 | 		x[0] = x[0] ^ P ^ (((Q) << Cipher_a0) | ((Q) >> (64 - Cipher_a0)));
203 | 		x[1] = x[1] ^ P ^ (((Q) << Cipher_a1) | ((Q) >> (64 - Cipher_a1)));
204 | 		x[2] = x[2] ^ P ^ (((Q) << Cipher_a2) | ((Q) >> (64 - Cipher_a2)));
205 | 		x[3] = x[3] ^ P ^ (((Q) << Cipher_a3) | ((Q) >> (64 - Cipher_a3)));
206 | 		x[4] = x[4] ^ P ^ (((Q) << Cipher_a4) | ((Q) >> (64 - Cipher_a4)));
207 | 
208 | 
209 | 		// rho-west
210 | 		x[1] = ((x[1]) << Cipher_e1) | ((x[1]) >> (64 - Cipher_e1));
211 | 		x[2] = ((x[2]) << Cipher_e2) | ((x[2]) >> (64 - Cipher_e2));
212 | 		x[3] = ((x[3]) << Cipher_e3) | ((x[3]) >> (64 - Cipher_e3));
213 | 		x[4] = ((x[4]) << Cipher_e4) | ((x[4]) >> (64 - Cipher_e4));
214 | 
215 | 		x[0] = x[0] ^ rc[i];
216 | 
217 | 		// degree4 sbox
218 | 		P = x[0];
219 | 		Q = x[1];
220 | 		x[0] ^= (x[2] & ~x[1]);
221 | 		x[1] ^= (x[3] & ~x[2]);
222 | 		x[2] ^= (x[4] & ~x[3]);
223 | 		x[3] ^= (P & ~x[4]);
224 | 		x[4] ^= (Q & ~P);
225 | 	}
226 | 	cout << "0x"
227 | 		 << uppercase << hex << setw(16) << setfill('0') << x[0]
228 | 		 << endl;
229 | 	cout << "0x"
230 | 		 << uppercase << hex << setw(16) << setfill('0') << x[1]
231 | 		 << endl;
232 | 	cout << "0x"
233 | 		 << uppercase << hex << setw(16) << setfill('0') << x[2]
234 | 		 << endl;
235 | 	cout << "0x"
236 | 		 << uppercase << hex << setw(16) << setfill('0') << x[3]
237 | 		 << endl;
238 | 	cout << "0x"
239 | 		 << uppercase << hex << setw(16) << setfill('0') << x[4]
240 | 		 << endl;
241 | 
242 | 	return 0;
243 | }
244 | 
245 | 
246 | 
247 | int main() {
248 | 	/*uint64_t x[5] = { 0xFFFFFFFFFFFFFFFF, 0x0123456789ABCDEF, 0xFEDCBA9876543210, 0xAAAAAAAAAAAAAAAA, 0x0101010101010101 };*/
249 | 	uint64_t x[5] = { 0x0, 0x0, 0x0, 0x0, 0x0 };
250 | 
251 | 	Gaston_S(x);
252 | 	
253 | 	//SBD(x);
254 | 	
255 | 	return 0;
256 | }
257 | 


--------------------------------------------------------------------------------
/implementation/testspeed_x86.cpp:
--------------------------------------------------------------------------------
  1 | // Created by Rusydi Makarim on 25/05/23.
  2 | //
  3 | 
  4 | #ifdef __unix
  5 | #define fopen_s(pFile, filename, mode) ((*(pFile)) = fopen((filename), (mode))) == NULL
  6 | #endif
  7 | 
  8 | 
  9 | #include <math.h>
 10 | #include <stdint.h>
 11 | #include <stdio.h>
 12 | #include <vector>
 13 | 
 14 | 
 15 | 
 16 | // parameters for SBD and Gaston-SYM
 17 | #define Para_a0 6
 18 | #define Para_a1 10
 19 | #define Para_a2 27
 20 | #define Para_a3 41
 21 | #define Para_a4 50
 22 | #define Para_r 1
 23 | #define Para_s 36
 24 | #define Para_u 26
 25 | 
 26 | #define Para_e0 0
 27 | #define Para_e1 61
 28 | #define Para_e2 49
 29 | #define Para_e3 13
 30 | #define Para_e4 19
 31 | 
 32 | #define Para_ua0 32
 33 | #define Para_ua1 36
 34 | #define Para_ua2 53
 35 | #define Para_ua3 3
 36 | #define Para_ua4 12
 37 | 
 38 | 
 39 | 
 40 | 
 41 | 
 42 | 
 43 | // parameters for ASCON
 44 | #define ASCON_0 19
 45 | #define ASCON_1 61
 46 | #define ASCON_2 1
 47 | #define ASCON_3 10
 48 | #define ASCON_4 7
 49 | 
 50 | 
 51 | #define ASCONB_0 28
 52 | #define ASCONB_1 39
 53 | #define ASCONB_2 6
 54 | #define ASCONB_3 17
 55 | #define ASCONB_4 41
 56 | 
 57 | // parameters for GASTON
 58 | #define GASTON_t0 25
 59 | #define GASTON_t1 32
 60 | #define GASTON_t2 52
 61 | #define GASTON_t3 60
 62 | #define GASTON_t4 63
 63 | #define GASTON_r 1
 64 | #define GASTON_s 18
 65 | #define GASTON_u 23
 66 | 
 67 | 
 68 | #define GASTON_e0 0
 69 | #define GASTON_e1 60
 70 | #define GASTON_e2 22
 71 | #define GASTON_e3 27
 72 | #define GASTON_e4 4
 73 | 
 74 | 
 75 | #define GASTON_w0 0
 76 | #define GASTON_w1 56
 77 | #define GASTON_w2 31
 78 | #define GASTON_w3 46
 79 | #define GASTON_w4 43
 80 | 
 81 | 
 82 | 
 83 | using namespace std;
 84 | #include <iostream>
 85 | 
 86 | #include <iostream>
 87 | #include <random>
 88 | #include <vector>
 89 | 
 90 | void rdtscl(unsigned long long *ll)
 91 | {
 92 |     uint32_t lo, hi;
 93 |     __asm__ __volatile__ ("rdtsc" : "=a"(lo), "=d"(hi));                        
 94 |     *ll = ( (uint64_t)lo)|( ((uint64_t)hi)<<32 );  
 95 | } 
 96 | 
 97 | vector<uint64_t> creat_random() {
 98 | 	random_device rd;
 99 | 	linear_congruential_engine<std::uint_fast64_t, 48271, 0, 2147483647> lce(rd());
100 | 	uniform_int_distribution<uint64_t> dis(0, UINT64_MAX);
101 | 	vector<uint64_t> random_numbers;
102 | 	for (int i = 0; i < 5; i++) {
103 | 		uint64_t random_number = dis(lce);
104 | 		random_numbers.push_back(random_number);
105 | 		// cout << "Random 64-bit number " << i + 1 << ": " << random_number << std::endl;
106 | 	}
107 | 
108 | 	return random_numbers;
109 | }
110 | 
111 | 
112 | 
113 | 
114 | int SBD(int loop1, int loop2, vector<uint64_t> radom) {
115 | 
116 | 	uint64_t i = 0;
117 | 	uint64_t m, n = 0;
118 | 	const uint64_t rc[] = {
119 | 		0x00000000000000F0, 0x00000000000000E1, 0x00000000000000D2,
120 | 		0x00000000000000C3, 0x00000000000000B4, 0x00000000000000A5,
121 | 		0x0000000000000096, 0x0000000000000087
122 | 	};
123 | 	
124 | 	uint64_t tmp0,tmp1,tmp2,tmp3,tmp4;
125 | 	uint64_t P = 0, Q = 0;
126 | 	uint64_t x[5] = { 0, 0, 0, 0, 0 };
127 | 	uint64_t sboxin[5] = { 0, 0, 0, 0, 0 };
128 | 	for (i = 0; i < 5; i++) {
129 | 		x[i] = radom[i];
130 | 	}
131 | 
132 | 
133 | 	// 100000000000
134 | 	for (m = 0; m < loop1; m++) {
135 | 		for (n = 0; n < loop2; n++) {
136 | 		
137 | 			
138 | 			for (i = 0; i <8; i++) {
139 | 				x[0] = ((x[0]) << Para_e0) | ((x[0]) >> (64-Para_e0));
140 | 				x[1] = ((x[1]) << Para_e1) | ((x[1]) >> (64-Para_e1));
141 | 				x[2] = ((x[2]) << Para_e2) | ((x[2]) >> (64-Para_e2));
142 | 				x[3] = ((x[3]) << Para_e3) | ((x[3]) >> (64-Para_e3));
143 | 				x[4] = ((x[4]) << Para_e4) | ((x[4]) >> (64-Para_e4));
144 | 
145 | 				// theta
146 | 				P = x[0] ^ x[1] ^ x[2] ^ x[3] ^ x[4];
147 | 				
148 | 				P = P ^ (((P) << Para_r) | ((P) >> (64-Para_r)));
149 | 				
150 | 
151 | 				Q = (((x[0]) << Para_a0) | ((x[0]) >> (64-Para_a0))) ^ (((x[1]) << Para_a1) | ((x[1]) >> (64-Para_a1))) ^ (((x[2]) << Para_a2) | ((x[2]) >> (64-Para_a2))) ^ (((x[3]) << Para_a3) | ((x[3]) >> (64-Para_a3))) ^ (((x[4]) << Para_a4) | ((x[4]) >> (64-Para_a4)));
152 | 
153 | 				Q ^= ((Q) << Para_s) | ((Q) >> (64-Para_s));
154 | 				P= ((P) << Para_u) | ((P) >> (64-Para_u));
155 | 				
156 | 				x[0] ^= P ^ (((Q) << Para_ua0) | ((Q) >> (64-Para_ua0)));
157 | 				x[1] ^= P ^ (((Q) << Para_ua1) | ((Q) >> (64-Para_ua1)));
158 | 				x[2] ^= P ^ (((Q) << Para_ua2) | ((Q) >> (64-Para_ua2)));
159 | 				x[3] ^= P ^ (((Q) << Para_ua3) | ((Q) >> (64-Para_ua3)));
160 | 				x[4] ^= P ^ (((Q) << Para_ua4) | ((Q) >> (64-Para_ua4)));
161 | 
162 | 				// rho-west
163 | 				
164 | 				sboxin[0] = ((x[0]) << Para_e0) | ((x[0]) >> (64-Para_e0));
165 | 				sboxin[1] = ((x[1]) << Para_e1) | ((x[1]) >> (64-Para_e1));
166 | 				sboxin[2] = ((x[2]) << Para_e2) | ((x[2]) >> (64-Para_e2));
167 | 				sboxin[3] = ((x[3]) << Para_e3) | ((x[3]) >> (64-Para_e3));
168 | 				sboxin[4] = ((x[4]) << Para_e4) | ((x[4]) >> (64-Para_e4));
169 | 				
170 | 				sboxin[0] = x[0]^rc[i];
171 | 				
172 | 				x[0] = ~((~(sboxin[0] & (~sboxin[2]) & (sboxin[4]))) & (~(sboxin[0] & sboxin[1])) & (~(sboxin[2] & sboxin[3])));
173 | 				x[1] = ~((~(sboxin[4] & (~sboxin[0]))) & (~(sboxin[1] & (~sboxin[2]))) & (~(sboxin[4] & (~sboxin[1]) & sboxin[3])));
174 | 				x[2] = ~((~(sboxin[3] & (~sboxin[4]))) & (~((~sboxin[1]) & (~sboxin[0]))) & (~(sboxin[3] & (~sboxin[2]) & sboxin[0])));
175 | 				x[3] = ~((~((~sboxin[2]) & (~sboxin[3]))) & (~((~sboxin[4]) & sboxin[0])) & (~(sboxin[4] & (~sboxin[2]) & (~sboxin[1]))));
176 | 				x[4] = ~((~(sboxin[2] & (~sboxin[1]))) & (~(sboxin[4] & (~sboxin[3]))) & (~(sboxin[3] & (~sboxin[1]) & sboxin[0])));
177 | 				
178 | 			}
179 | 		}
180 | 	}
181 | 	printf("\n %lu, %lu, %lu, %lu, %lu \n", x[0], x[1], x[2], x[3], x[4]);
182 | 
183 | 	return 0;
184 | }
185 | 
186 | 
187 | int Gaston_S(int loop1, int loop2, vector<uint64_t> radom) {
188 | 
189 | 	uint64_t i = 0;
190 | 	uint64_t m, n = 0;
191 | 	const uint64_t rc[] = {
192 | 		0x00000000000000F0, 0x00000000000000E1, 0x00000000000000D2,
193 | 		0x00000000000000C3, 0x00000000000000B4, 0x00000000000000A5,
194 | 		0x0000000000000096, 0x0000000000000087, 0x0000000000000078,
195 | 		0x0000000000000069, 0x000000000000005A, 0x000000000000004B
196 | 	};
197 | 	
198 | 	uint64_t tmp0,tmp1,tmp2,tmp3,tmp4;
199 | 	uint64_t P = 0, Q = 0;
200 | 	uint64_t x[5] = { 0, 0, 0, 0, 0 };
201 | 	for (i = 0; i < 5; i++) {
202 | 		x[i] = radom[i];
203 | 	}
204 | 
205 | 
206 | 	// 100000000000
207 | 	for (m = 0; m < loop1; m++) {
208 | 		for (n = 0; n < loop2; n++) {
209 | 			
210 | 			
211 | 
212 | 		
213 | 			for (i = 0; i < 12; i++) {
214 | 				x[0] = ((x[0]) << Para_e0) | ((x[0]) >> (64-Para_e0));
215 | 				x[1] = ((x[1]) << Para_e1) | ((x[1]) >> (64-Para_e1));
216 | 				x[2] = ((x[2]) << Para_e2) | ((x[2]) >> (64-Para_e2));
217 | 				x[3] = ((x[3]) << Para_e3) | ((x[3]) >> (64-Para_e3));
218 | 				x[4] = ((x[4]) << Para_e4) | ((x[4]) >> (64-Para_e4));
219 | 
220 | 				// theta
221 | 				P = x[0] ^ x[1] ^ x[2] ^ x[3] ^ x[4];
222 | 				
223 | 				P = P ^ (((P) << Para_r) | ((P) >> (64-Para_r)));
224 | 				
225 | 
226 | 				Q = (((x[0]) << Para_a0) | ((x[0]) >> (64-Para_a0))) ^ (((x[1]) << Para_a1) | ((x[1]) >> (64-Para_a1))) ^ (((x[2]) << Para_a2) | ((x[2]) >> (64-Para_a2))) ^ (((x[3]) << Para_a3) | ((x[3]) >> (64-Para_a3))) ^ (((x[4]) << Para_a4) | ((x[4]) >> (64-Para_a4)));
227 | 
228 | 				Q ^= ((Q) << Para_s) | ((Q) >> (64-Para_s));
229 | 				P= ((P) << Para_u) | ((P) >> (64-Para_u));
230 | 				
231 | 				x[0] ^= P ^ (((Q) << Para_ua0) | ((Q) >> (64-Para_ua0)));
232 | 				x[1] ^= P ^ (((Q) << Para_ua1) | ((Q) >> (64-Para_ua1)));
233 | 				x[2] ^= P ^ (((Q) << Para_ua2) | ((Q) >> (64-Para_ua2)));
234 | 				x[3] ^= P ^ (((Q) << Para_ua3) | ((Q) >> (64-Para_ua3)));
235 | 				x[4] ^= P ^ (((Q) << Para_ua4) | ((Q) >> (64-Para_ua4)));
236 | 
237 | 				// rho-west
238 | 				
239 | 				x[0] = ((x[0]) << Para_e0) | ((x[0]) >> (64-Para_e0));
240 | 				x[1] = ((x[1]) << Para_e1) | ((x[1]) >> (64-Para_e1));
241 | 				x[2] = ((x[2]) << Para_e2) | ((x[2]) >> (64-Para_e2));
242 | 				x[3] = ((x[3]) << Para_e3) | ((x[3]) >> (64-Para_e3));
243 | 				x[4] = ((x[4]) << Para_e4) | ((x[4]) >> (64-Para_e4));
244 | 				
245 | 				x[0] = x[0] ^ rc[i];
246 | 				
247 | 				P = x[0];
248 | 				Q = x[1];
249 | 				x[0] ^= (x[2] & ~x[1]);
250 | 				x[1] ^= (x[3] & ~x[2]);
251 | 				x[2] ^= (x[4] & ~x[3]);
252 | 				x[3] ^= (P & ~x[4]);
253 | 				x[4] ^= (Q & ~P);
254 | 
255 | 
256 | 
257 | 			}
258 | 		}
259 | 	}
260 | 	printf("\n %lu, %lu, %lu, %lu, %lu \n", x[0], x[1], x[2], x[3], x[4]);
261 | 
262 | 	return 0;
263 | }
264 | 
265 | 
266 | int Gaston(int loop1, int loop2, vector<uint64_t> radom) {
267 | 
268 | 	uint64_t i = 0;
269 | 	uint64_t m, n = 0;
270 | 	const uint64_t rc[] = {
271 | 		0x00000000000000F0, 0x00000000000000E1, 0x00000000000000D2,
272 | 		0x00000000000000C3, 0x00000000000000B4, 0x00000000000000A5,
273 | 		0x0000000000000096, 0x0000000000000087, 0x0000000000000078,
274 | 		0x0000000000000069, 0x000000000000005A, 0x000000000000004B
275 | 	};
276 | 	
277 | 	uint64_t P = 0, Q = 0;
278 | 	uint64_t x[5] = { 0, 0, 0, 0, 0 };
279 | 	for (i = 0; i < 5; i++) {
280 | 		x[i] = radom[i];
281 | 	}
282 | 	for (m = 0; m <loop1; m++) {
283 | 		for (n = 0; n < loop2; n++) {
284 | 			
285 | 
286 | 			for (i = 0; i <12; i++) {
287 | 		
288 | 		
289 | 				// rho-east
290 | 				x[0] = ((x[0]) << GASTON_e0) | ((x[0]) >> (64-GASTON_e0));
291 | 				x[1] = ((x[1]) << GASTON_e1) | ((x[1]) >> (64-GASTON_e1));
292 | 				x[2] = ((x[2]) << GASTON_e2) | ((x[2]) >> (64 - GASTON_e2));
293 | 				x[3] = ((x[3]) << GASTON_e3) | ((x[3]) >> (64 - GASTON_e3));
294 | 				x[4] = ((x[4]) << GASTON_e4) | ((x[4]) >> (64 - GASTON_e4));
295 | 		
296 | 		
297 | 		
298 | 		
299 | 				// theta
300 | 				P = x[0] ^ x[1] ^ x[2] ^ x[3] ^ x[4];
301 | 		
302 | 		
303 | 				P ^= ((P) << GASTON_r) | ((P) >> (64 - GASTON_r));
304 | 		
305 | 				Q = (((x[0]) << GASTON_t0) | ((x[0]) >> (64 - GASTON_t0))) ^ (((x[1]) << GASTON_t1) | ((x[1]) >> (64 - GASTON_t1))) ^ (((x[2]) << GASTON_t2) | ((x[2]) >> (64 - GASTON_t2))) ^ (((x[3]) << GASTON_t3) | ((x[3]) >> (64 - GASTON_t3))) ^ (((x[4]) << GASTON_t4) | ((x[4]) >> (64 - GASTON_t4)));
306 | 		
307 | 		
308 | 				Q ^= ((Q) << GASTON_s) | ((Q) >> (64 - GASTON_s));
309 | 
310 | 				Q = ((Q) << GASTON_u) | ((Q) >> (64 - GASTON_u));
311 | 				P = ((P) << GASTON_u) | ((P) >> (64 - GASTON_u));
312 | 				
313 | 				P ^= Q;
314 | 		
315 | 				x[0] ^= P;
316 | 				x[1] ^= P;
317 | 				x[2] ^= P;
318 | 				x[3] ^= P;
319 | 				x[4] ^= P;
320 | 		
321 | 				// rho-west
322 | 				x[0] = ((x[0]) << GASTON_w0) | ((x[0]) >> (64 - GASTON_w0));
323 | 				x[1] = ((x[1]) << GASTON_w1) | ((x[1]) >> (64 - GASTON_w1));
324 | 				x[2] = ((x[2]) << GASTON_w2) | ((x[2]) >> (64 - GASTON_w2));
325 | 				x[3] = ((x[3]) << GASTON_w3) | ((x[3]) >> (64 - GASTON_w3));
326 | 				x[4] = ((x[4]) << GASTON_w4) | ((x[4]) >> (64 - GASTON_w4));
327 | 		
328 | 				x[0] ^= rc[i];
329 | 		
330 | 				// chi
331 | 				P = x[0];
332 | 				Q = x[1];
333 | 				x[0] ^= (x[2] & ~x[1]);
334 | 				x[1] ^= (x[3] & ~x[2]);
335 | 				x[2] ^= (x[4] & ~x[3]);
336 | 				x[3] ^= (P & ~x[4]);
337 | 				x[4] ^= (Q & ~P);
338 | 				
339 | 			}
340 | 		}
341 | 	}
342 | 	
343 | 	printf("\n %lu, %lu, %lu, %lu, %lu \n", x[0], x[1], x[2], x[3], x[4]);
344 | 	return 0;
345 | }
346 | 
347 | 
348 | 
349 | 
350 | int main() {
351 | 
352 | 	FILE* pFile;
353 | 	int nRt = fopen_s(&pFile, "clock.txt", "a");
354 | 	int pownum1 = 5;
355 | 	int pownum2 = 5;
356 | 	int m;
357 | 	
358 | 	uint64_t loop1 = pow(10, pownum1);
359 | 	uint64_t loop2 = pow(10, pownum2);
360 | 	
361 | 
362 | 	fprintf(pFile, "10^{%d} * 12\n", pownum1 + pownum2);
363 | 	
364 | 
365 | 	unsigned long long t1,t2,c1; 
366 | 
367 | 	vector<uint64_t> radom_n ={0,0,0,0,0};
368 | 	
369 | 	
370 | 	for (m = 0; m < 1; m++) {
371 | 	
372 | 
373 | 		rdtscl(&t1);
374 | 		Gaston(loop1, loop2, radom_n);
375 | 		rdtscl(&t2); 
376 | 		c1 = t2-t1; 
377 | 		printf("Gaston: all_CLOCK %lld, clock/per round: %f\n", c1, (float)c1 / (float)loop1/(float)loop2/12);
378 | 		fprintf(pFile,"Gaston: all_CLOCK %lld, clock/per round: %f\n", c1, (float)c1 / (float)loop1/(float)loop2/12);
379 | 
380 | 		
381 | 		rdtscl(&t1);
382 | 		Gaston_S(loop1, loop2, radom_n);
383 | 		rdtscl(&t2); 
384 | 		c1 = t2-t1; 
385 | 		printf("Gaston_S: all_CLOCK %lld, clock/per round: %f\n", c1, (float)c1 / (float)loop1/(float)loop2/12);
386 | 		fprintf(pFile,"Gaston_S: all_CLOCK %lld, clock/per round: %f\n", c1, (float)c1 / (float)loop1/(float)loop2/12);
387 | 		
388 | 		rdtscl(&t1);
389 | 		SBD(loop1, loop2, radom_n);
390 | 		rdtscl(&t2); 
391 | 		c1 = t2-t1; 
392 | 		printf("SBD: all_CLOCK %lld, clock/per round: %f\n", c1, (float)c1 / (float)loop1/(float)loop2/8);
393 | 		fprintf(pFile,"SBD: all_CLOCK %lld, clock/per round: %f\n", c1, (float)c1 / (float)loop1/(float)loop2/8);
394 | 	}
395 | 		
396 | 	fclose(pFile);
397 | 	return 0;
398 | }
399 | 


--------------------------------------------------------------------------------
/implementation/testspeed_x86_ARM.cpp:
--------------------------------------------------------------------------------
  1 |  Created by Rusydi Makarim on 25/05/23.
  2 | //
  3 | 
  4 | #ifdef __unix
  5 | #define fopen_s(pFile, filename, mode) ((*(pFile)) = fopen((filename), (mode))) == NULL
  6 | #endif
  7 | 
  8 | 
  9 | #include <time.h>
 10 | #define _GNU_SOURCE
 11 | #include <stdlib.h>
 12 | #include <sys/syscall.h>
 13 | #include <sys/types.h>
 14 | #include <unistd.h>
 15 | #include <linux/perf_event.h>
 16 | 
 17 | 
 18 | 
 19 | #include <math.h>
 20 | #include <stdint.h>
 21 | #include <stdio.h>
 22 | #include <vector>
 23 | 
 24 | 
 25 | 
 26 | // parameters for SBD and Gaston-SYM
 27 | #define Para_a0 6
 28 | #define Para_a1 10
 29 | #define Para_a2 27
 30 | #define Para_a3 41
 31 | #define Para_a4 50
 32 | #define Para_r 1
 33 | #define Para_s 36
 34 | #define Para_u 26
 35 | 
 36 | #define Para_e0 0
 37 | #define Para_e1 61
 38 | #define Para_e2 49
 39 | #define Para_e3 13
 40 | #define Para_e4 19
 41 | 
 42 | #define Para_ua0 32
 43 | #define Para_ua1 36
 44 | #define Para_ua2 53
 45 | #define Para_ua3 3
 46 | #define Para_ua4 12
 47 | 
 48 | 
 49 | 
 50 | 
 51 | 
 52 | 
 53 | // parameters for ASCON
 54 | #define ASCON_0 19
 55 | #define ASCON_1 61
 56 | #define ASCON_2 1
 57 | #define ASCON_3 10
 58 | #define ASCON_4 7
 59 | 
 60 | 
 61 | #define ASCONB_0 28
 62 | #define ASCONB_1 39
 63 | #define ASCONB_2 6
 64 | #define ASCONB_3 17
 65 | #define ASCONB_4 41
 66 | 
 67 | // parameters for GASTON
 68 | #define GASTON_t0 25
 69 | #define GASTON_t1 32
 70 | #define GASTON_t2 52
 71 | #define GASTON_t3 60
 72 | #define GASTON_t4 63
 73 | #define GASTON_r 1
 74 | #define GASTON_s 18
 75 | #define GASTON_u 23
 76 | 
 77 | 
 78 | #define GASTON_e0 0
 79 | #define GASTON_e1 60
 80 | #define GASTON_e2 22
 81 | #define GASTON_e3 27
 82 | #define GASTON_e4 4
 83 | 
 84 | 
 85 | #define GASTON_w0 0
 86 | #define GASTON_w1 56
 87 | #define GASTON_w2 31
 88 | #define GASTON_w3 46
 89 | #define GASTON_w4 43
 90 | 
 91 | 
 92 | 
 93 | using namespace std;
 94 | #include <iostream>
 95 | 
 96 | #include <iostream>
 97 | #include <random>
 98 | #include <vector>
 99 | 
100 | static  int fddev = -1;
101 | __attribute__((constructor)) static inline void
102 | init(void)
103 | {
104 | 	static struct perf_event_attr attr;
105 | 	attr.type = PERF_TYPE_HARDWARE;
106 | 	attr.config = PERF_COUNT_HW_CPU_CYCLES;
107 | 	fddev = syscall(__NR_perf_event_open, &attr, 0, -1, -1, 0);
108 | }
109 | 
110 | __attribute__((destructor)) static void
111 | fini(void)
112 | {
113 | 	close(fddev);
114 | }
115 | 
116 | static inline long long
117 | cpucycles(void)
118 | {
119 | 	long long result = 0;
120 | 	if (read(fddev, &result, sizeof(result)) < sizeof(result)) return 0;
121 | 	return result;
122 | }
123 | 
124 | 
125 | void Init_timer(unsigned long long *ll, unsigned long long *begintime)
126 | {
127 |     unsigned int lo, hi;
128 |   	*begintime=clock(); 
129 |   	*ll=cpucycles(); 
130 | }
131 | vector<uint64_t> creat_random() {
132 | 	random_device rd;
133 | 	linear_congruential_engine<std::uint_fast64_t, 48271, 0, 2147483647> lce(rd());
134 | 	uniform_int_distribution<uint64_t> dis(0, UINT64_MAX);
135 | 	vector<uint64_t> random_numbers;
136 | 	for (int i = 0; i < 5; i++) {
137 | 		uint64_t random_number = dis(lce);
138 | 		random_numbers.push_back(random_number);
139 | 		// cout << "Random 64-bit number " << i + 1 << ": " << random_number << std::endl;
140 | 	}
141 | 
142 | 	return random_numbers;
143 | }
144 | 
145 | 
146 | 
147 | int Gaston_S(int loop1, int loop2, vector<uint64_t> radom) {
148 | 
149 | 	uint64_t i = 0;
150 | 	uint64_t m, n = 0;
151 | 	const uint64_t rc[] = {
152 | 		0x00000000000000F0, 0x00000000000000E1, 0x00000000000000D2,
153 | 		0x00000000000000C3, 0x00000000000000B4, 0x00000000000000A5,
154 | 		0x0000000000000096, 0x0000000000000087, 0x0000000000000078,
155 | 		0x0000000000000069, 0x000000000000005A, 0x000000000000004B
156 | 	};
157 | 	
158 | 	uint64_t tmp0,tmp1,tmp2,tmp3,tmp4;
159 | 	uint64_t P = 0, Q = 0;
160 | 	uint64_t x[5] = { 0, 0, 0, 0, 0 };
161 | 	for (i = 0; i < 5; i++) {
162 | 		x[i] = radom[i];
163 | 	}
164 | 
165 | 
166 | 	// 100000000000
167 | 	for (m = 0; m < loop1; m++) {
168 | 		for (n = 0; n < loop2; n++) {
169 | 			
170 | 			
171 | 
172 | 		
173 | 			for (i = 0; i < 12; i++) {
174 | 				x[0] = ((x[0]) << Para_e0) | ((x[0]) >> (64-Para_e0));
175 | 				x[1] = ((x[1]) << Para_e1) | ((x[1]) >> (64-Para_e1));
176 | 				x[2] = ((x[2]) << Para_e2) | ((x[2]) >> (64-Para_e2));
177 | 				x[3] = ((x[3]) << Para_e3) | ((x[3]) >> (64-Para_e3));
178 | 				x[4] = ((x[4]) << Para_e4) | ((x[4]) >> (64-Para_e4));
179 | 
180 | 				// theta
181 | 				P = x[0] ^ x[1] ^ x[2] ^ x[3] ^ x[4];
182 | 				
183 | 				P = P ^ (((P) << Para_r) | ((P) >> (64-Para_r)));
184 | 				
185 | 
186 | 				Q = (((x[0]) << Para_a0) | ((x[0]) >> (64-Para_a0))) ^ (((x[1]) << Para_a1) | ((x[1]) >> (64-Para_a1))) ^ (((x[2]) << Para_a2) | ((x[2]) >> (64-Para_a2))) ^ (((x[3]) << Para_a3) | ((x[3]) >> (64-Para_a3))) ^ (((x[4]) << Para_a4) | ((x[4]) >> (64-Para_a4)));
187 | 
188 | 				Q ^= ((Q) << Para_s) | ((Q) >> (64-Para_s));
189 | 				P= ((P) << Para_u) | ((P) >> (64-Para_u));
190 | 				
191 | 				x[0] ^= P ^ (((Q) << Para_ua0) | ((Q) >> (64-Para_ua0)));
192 | 				x[1] ^= P ^ (((Q) << Para_ua1) | ((Q) >> (64-Para_ua1)));
193 | 				x[2] ^= P ^ (((Q) << Para_ua2) | ((Q) >> (64-Para_ua2)));
194 | 				x[3] ^= P ^ (((Q) << Para_ua3) | ((Q) >> (64-Para_ua3)));
195 | 				x[4] ^= P ^ (((Q) << Para_ua4) | ((Q) >> (64-Para_ua4)));
196 | 
197 | 				// rho-west
198 | 				
199 | 				x[0] = ((x[0]) << Para_e0) | ((x[0]) >> (64-Para_e0));
200 | 				x[1] = ((x[1]) << Para_e1) | ((x[1]) >> (64-Para_e1));
201 | 				x[2] = ((x[2]) << Para_e2) | ((x[2]) >> (64-Para_e2));
202 | 				x[3] = ((x[3]) << Para_e3) | ((x[3]) >> (64-Para_e3));
203 | 				x[4] = ((x[4]) << Para_e4) | ((x[4]) >> (64-Para_e4));
204 | 				
205 | 				x[0] = x[0] ^ rc[i];
206 | 				
207 | 				P = x[0];
208 | 				Q = x[1];
209 | 				x[0] ^= (x[2] & ~x[1]);
210 | 				x[1] ^= (x[3] & ~x[2]);
211 | 				x[2] ^= (x[4] & ~x[3]);
212 | 				x[3] ^= (P & ~x[4]);
213 | 				x[4] ^= (Q & ~P);
214 | 
215 | 
216 | 
217 | 			}
218 | 		}
219 | 	}
220 | 	printf("\n %lu, %lu, %lu, %lu, %lu \n", x[0], x[1], x[2], x[3], x[4]);
221 | 
222 | 	return 0;
223 | }
224 | 
225 | 
226 | int Gaston(int loop1, int loop2, vector<uint64_t> radom) {
227 | 
228 | 	uint64_t i = 0;
229 | 	uint64_t m, n = 0;
230 | 	const uint64_t rc[] = {
231 | 		0x00000000000000F0, 0x00000000000000E1, 0x00000000000000D2,
232 | 		0x00000000000000C3, 0x00000000000000B4, 0x00000000000000A5,
233 | 		0x0000000000000096, 0x0000000000000087, 0x0000000000000078,
234 | 		0x0000000000000069, 0x000000000000005A, 0x000000000000004B
235 | 	};
236 | 	
237 | 	uint64_t P = 0, Q = 0;
238 | 	uint64_t x[5] = { 0, 0, 0, 0, 0 };
239 | 	for (i = 0; i < 5; i++) {
240 | 		x[i] = radom[i];
241 | 	}
242 | 	for (m = 0; m <loop1; m++) {
243 | 		for (n = 0; n < loop2; n++) {
244 | 			
245 | 
246 | 			for (i = 0; i <12; i++) {
247 | 		
248 | 		
249 | 				// rho-east
250 | 				x[0] = ((x[0]) << GASTON_e0) | ((x[0]) >> (64-GASTON_e0));
251 | 				x[1] = ((x[1]) << GASTON_e1) | ((x[1]) >> (64-GASTON_e1));
252 | 				x[2] = ((x[2]) << GASTON_e2) | ((x[2]) >> (64 - GASTON_e2));
253 | 				x[3] = ((x[3]) << GASTON_e3) | ((x[3]) >> (64 - GASTON_e3));
254 | 				x[4] = ((x[4]) << GASTON_e4) | ((x[4]) >> (64 - GASTON_e4));
255 | 		
256 | 		
257 | 		
258 | 		
259 | 				// theta
260 | 				P = x[0] ^ x[1] ^ x[2] ^ x[3] ^ x[4];
261 | 		
262 | 		
263 | 				P ^= ((P) << GASTON_r) | ((P) >> (64 - GASTON_r));
264 | 		
265 | 				Q = (((x[0]) << GASTON_t0) | ((x[0]) >> (64 - GASTON_t0))) ^ (((x[1]) << GASTON_t1) | ((x[1]) >> (64 - GASTON_t1))) ^ (((x[2]) << GASTON_t2) | ((x[2]) >> (64 - GASTON_t2))) ^ (((x[3]) << GASTON_t3) | ((x[3]) >> (64 - GASTON_t3))) ^ (((x[4]) << GASTON_t4) | ((x[4]) >> (64 - GASTON_t4)));
266 | 		
267 | 		
268 | 				Q ^= ((Q) << GASTON_s) | ((Q) >> (64 - GASTON_s));
269 | 
270 | 				Q = ((Q) << GASTON_u) | ((Q) >> (64 - GASTON_u));
271 | 				P = ((P) << GASTON_u) | ((P) >> (64 - GASTON_u));
272 | 				
273 | 				P ^= Q;
274 | 		
275 | 				x[0] ^= P;
276 | 				x[1] ^= P;
277 | 				x[2] ^= P;
278 | 				x[3] ^= P;
279 | 				x[4] ^= P;
280 | 		
281 | 				// rho-west
282 | 				x[0] = ((x[0]) << GASTON_w0) | ((x[0]) >> (64 - GASTON_w0));
283 | 				x[1] = ((x[1]) << GASTON_w1) | ((x[1]) >> (64 - GASTON_w1));
284 | 				x[2] = ((x[2]) << GASTON_w2) | ((x[2]) >> (64 - GASTON_w2));
285 | 				x[3] = ((x[3]) << GASTON_w3) | ((x[3]) >> (64 - GASTON_w3));
286 | 				x[4] = ((x[4]) << GASTON_w4) | ((x[4]) >> (64 - GASTON_w4));
287 | 		
288 | 				x[0] ^= rc[i];
289 | 		
290 | 				// chi
291 | 				P = x[0];
292 | 				Q = x[1];
293 | 				x[0] ^= (x[2] & ~x[1]);
294 | 				x[1] ^= (x[3] & ~x[2]);
295 | 				x[2] ^= (x[4] & ~x[3]);
296 | 				x[3] ^= (P & ~x[4]);
297 | 				x[4] ^= (Q & ~P);
298 | 				
299 | 			}
300 | 		}
301 | 	}
302 | 	
303 | 	printf("\n %lu, %lu, %lu, %lu, %lu \n", x[0], x[1], x[2], x[3], x[4]);
304 | 	return 0;
305 | }
306 | 
307 | 
308 | 
309 | 
310 | 
311 | int SBD(int loop1, int loop2, vector<uint64_t> radom) {
312 | 
313 | 
314 | 	uint64_t i = 0;
315 | 	uint64_t m, n = 0;
316 | 	const uint64_t rc[] = {
317 | 		0x00000000000000F0, 0x00000000000000E1, 0x00000000000000D2,
318 | 		0x00000000000000C3, 0x00000000000000B4, 0x00000000000000A5,
319 | 		0x0000000000000096, 0x0000000000000087
320 | 	};
321 | 	
322 | 	uint64_t P = 0, Q = 0;
323 | 	uint64_t x[5] = { 0, 0, 0, 0, 0 };
324 | 	uint64_t tmp0,tmp1,tmp2,tmp3,tmp4; 
325 | 	for (i = 0; i < 5; i++) {
326 | 		x[i] = radom[i];
327 | 	}
328 | 
329 | 
330 | 	// 100000000000
331 | 	for (m = 0; m < loop1; m++) {
332 | 		for (n = 0; n < loop2; n++) {
333 | 
334 | 			for (i =0; i < 8; i++) {
335 | 				
336 | 				x[0] = ((x[0]) << Para_e0) | ((x[0]) >> (64-Para_e0));
337 | 				x[1] = ((x[1]) << Para_e1) | ((x[1]) >> (64-Para_e1));
338 | 				x[2] = ((x[2]) << Para_e2) | ((x[2]) >> (64-Para_e2));
339 | 				x[3] = ((x[3]) << Para_e3) | ((x[3]) >> (64-Para_e3));
340 | 				x[4] = ((x[4]) << Para_e4) | ((x[4]) >> (64-Para_e4));
341 | 
342 | 				// theta
343 | 				P = x[0] ^ x[1] ^ x[2] ^ x[3] ^ x[4];
344 | 				
345 | 				P = P ^ (((P) << Para_r) | ((P) >> (64-Para_r)));
346 | 				
347 | 				Q = (((x[0]) << Para_a0) | ((x[0]) >> (64-Para_a0))) ^ (((x[1]) << Para_a1) | ((x[1]) >> (64-Para_a1))) ^ (((x[2]) << Para_a2) | ((x[2]) >> (64-Para_a2))) ^ (((x[3]) << Para_a3) | ((x[3]) >> (64-Para_a3))) ^ (((x[4]) << Para_a4) | ((x[4]) >> (64-Para_a4)));
348 | 
349 | 				Q ^= ((Q) << Para_s) | ((Q) >> (64-Para_s));
350 | 				P= ((P) << Para_u) | ((P) >> (64-Para_u));
351 | 				
352 | 				x[0] ^= P ^ (((Q) << Para_ua0) | ((Q) >> (64-Para_ua0)));
353 | 				x[1] ^= P ^ (((Q) << Para_ua1) | ((Q) >> (64-Para_ua1)));
354 | 				x[2] ^= P ^ (((Q) << Para_ua2) | ((Q) >> (64-Para_ua2)));
355 | 				x[3] ^= P ^ (((Q) << Para_ua3) | ((Q) >> (64-Para_ua3)));
356 | 				x[4] ^= P ^ (((Q) << Para_ua4) | ((Q) >> (64-Para_ua4)));
357 | 
358 | 
359 | 				// rho-west
360 | 				x[0] = x[0] ^ rc[i];
361 | 				x[0] = ((x[0]) << Para_e0) | ((x[0]) >> (64-Para_e0));
362 | 				x[1] = ((x[1]) << Para_e1) | ((x[1]) >> (64-Para_e1));
363 | 				x[2] = ((x[2]) << Para_e2) | ((x[2]) >> (64-Para_e2));
364 | 				x[3] = ((x[3]) << Para_e3) | ((x[3]) >> (64-Para_e3));
365 | 				x[4] = ((x[4]) << Para_e4) | ((x[4]) >> (64-Para_e4));
366 | 				
367 | 
368 | 				tmp0 = ~(x[0] & (~x[2]) & (x[4]));
369 | 				tmp1 = (~(x[4] & (~x[1]) & x[3]));
370 | 				tmp2 = (~(x[3] & (~x[2]) & x[0]));
371 | 				tmp3 = (~(x[4] & (~x[2]) & (~x[1])));
372 | 				tmp4 = (~(x[3] & (~x[1]) & x[0]));
373 | 				
374 | 				tmp0 = tmp0 & (~(x[0] & x[1]));
375 | 				tmp1 = tmp1 & (~(x[4] & (~x[0])));
376 | 				tmp2 = tmp2 & (~(x[3] & (~x[4])));
377 | 				tmp3 = tmp3 & (~((~x[2]) & (~x[3])));
378 | 				tmp4 = tmp4 & (~(x[2] & (~x[1])));
379 | 				
380 | 				tmp0 = tmp0 & (~(x[2] & x[3]));
381 | 				tmp1 = tmp1 & (~(x[1] & (~x[2])));
382 | 				tmp2 = tmp2 & (~((~x[1]) & (~x[0])));
383 | 				tmp3 = tmp3 & (~(~(x[4]) & (x[0])));
384 | 				tmp4 = tmp4 & (~(x[4] & (~x[3])));
385 | 				
386 | 				x[0] = ~tmp0;
387 | 				x[1] = ~tmp1;
388 | 				x[2] = ~tmp2;
389 | 				x[3] = ~tmp3;
390 | 				x[4] = ~tmp4;
391 | 
392 | 
393 | 			}
394 | 		}
395 | 	}
396 | 	printf("\n %lu, %lu, %lu, %lu, %lu \n", x[0], x[1], x[2], x[3], x[4]);
397 | 
398 | 	return 0;
399 | }
400 | 
401 | 
402 | int main() {
403 | 
404 | 	FILE* pFile;
405 | 	int nRt = fopen_s(&pFile, "clock.txt", "a");
406 | 	int pownum1 = 5;
407 | 	int pownum2 = 5;
408 | 	int m;
409 | 	
410 | 	uint64_t loop1 = pow(10, pownum1);
411 | 	uint64_t loop2 = pow(10, pownum2);
412 | 	
413 | 
414 | 	fprintf(pFile, "10^{%d} * 12\n", pownum1 + pownum2);
415 | 	
416 | 
417 | 
418 | 	unsigned long long t1, t2;
419 |     unsigned long long cp0,cp1;
420 | 	unsigned long long c1; 	
421 | 
422 | 	vector<uint64_t> radom_n ={0,0,0,0,0};
423 | 	
424 | 	
425 | 	for (m = 0; m < 1; m++) {
426 | 	
427 | 
428 | 		Init_timer(&cp0, &t1);
429 | 		Gaston(loop1, loop2, radom_n);
430 | 		Init_timer(&cp1, &t2);
431 | 		c1 = cp1-cp0;
432 | 		printf("Gaston: all_CLOCK %lld, clock/per round: %f\n", c1, (float)c1 / (float)loop1/(float)loop2/12);
433 | 		fprintf(pFile,"Gaston: all_CLOCK %lld, clock/per round: %f\n", c1, (float)c1 / (float)loop1/(float)loop2/12);
434 | 		
435 | 		
436 | 		Init_timer(&cp0, &t1);
437 | 		Gaston_SYM(loop1, loop2, radom_n);
438 | 		Init_timer(&cp1, &t2);
439 | 		c1 = cp1-cp0;
440 | 		printf("Gaston-S: all_CLOCK %lld, clock/per round: %f\n", c1, (float)c1 / (float)loop1/(float)loop2/12);
441 | 		fprintf(pFile,"Gaston-S: all_CLOCK %lld, clock/per round: %f\n", c1, (float)c1 / (float)loop1/(float)loop2/12);
442 | 		
443 | 		
444 | 		Init_timer(&cp0, &t1);
445 | 		SBD(loop1, loop2, radom_n);
446 | 		Init_timer(&cp1, &t2);
447 | 		c1 = cp1-cp0;
448 | 		printf("SBD: all_CLOCK %lld, clock/per round: %f\n", c1, (float)c1 / (float)loop1/(float)loop2/8);
449 | 		fprintf(pFile,"SBD: all_CLOCK %lld, clock/per round: %f\n", c1, (float)c1 / (float)loop1/(float)loop2/8);
450 | 	}
451 | 		
452 | 	fclose(pFile);
453 | 	return 0;
454 | }
455 | 


--------------------------------------------------------------------------------
/constraint_programming/search_for_states_in_kenerl/diff_sample:
--------------------------------------------------------------------------------
  1 | % Use this editor as a MiniZinc scratch book
  2 | include "globals.mzn";
  3 | include "chuffed.mzn";
  4 | 
  5 | int :nr; % Number of Rounds
  6 | int :wordsize=64; % word size
  7 | int :bit=320; % Number of bits
  8 | int: R = nr-1;% just because starting R from 1 doesnt work!
  9 | array [0..R,0..4, 0..wordsize-1] of var 0..1: statestart; % before permutation
 10 | 
 11 | array [0..R,0..4, 0..wordsize-1] of var 0..1: state_east;% after east
 12 | array [0..R,0..4, 0..wordsize-1] of var 0..1: state_F;
 13 | 
 14 | array [0..R,0..2, 0..wordsize-1] of var 0..1: state_E;% E0,E1,Eall 
 15 | 
 16 | array [0..R,0..4, 0..wordsize-1] of var 0..1: state_Aj;% before west (could be combined with west?)
 17 | 
 18 | 
 19 | array [0..R,0..4, 0..wordsize-1] of var 0..1: stateend; % after permutation
 20 | array [0..64*(R+1)-1] of var {0,100,200,241,300,400}: prb; % probabilities
 21 | var int: obj; % objective value
 22 | constraint obj <= 32000;
 23 | constraint obj >= 1;
 24 | constraint obj = sum(prb); % Objective Function
 25 | array [0..R,0..63] of var bool: sboxes;
 26 | 
 27 | % Forward Permutation
 28 | 
 29 | % Forward Substitution
 30 | constraint forall (r in 0..R, i in 0..wordsize-1) (
 31 |              table([statestart[r,0,i],statestart[r,1,i], statestart[r,2,i], statestart[r,3,i], statestart[r,4,i],
 32 |                     stateend[r,0,i],stateend[r,1,i], stateend[r,2,i], stateend[r,3,i], stateend[r,4,i],
 33 |               prb[64*(r)+i]], DDT));
 34 | 
 35 | % east   
 36 | constraint forall (r in 0..R-1) (
 37 | let {
 38 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[stateend[r,0,j] | j in 0..wordsize-1]),
 39 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,0,j] | j in 0..wordsize-1])
 40 | }
 41 | in Xor2(tmp,tmpb)
 42 | );
 43 | 
 44 | constraint forall (r in 0..R-1) (
 45 | let {
 46 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[stateend[r,1,j] | j in 0..wordsize-1]),61),
 47 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,1,j] | j in 0..wordsize-1])
 48 | }
 49 | in Xor2(tmp,tmpb)
 50 | );
 51 | 
 52 | constraint forall (r in 0..R-1) (
 53 | let {
 54 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[stateend[r,2,j] | j in 0..wordsize-1]),49),
 55 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,2,j] | j in 0..wordsize-1])
 56 | }
 57 | in Xor2(tmp,tmpb)
 58 | );
 59 | 
 60 | constraint forall (r in 0..R-1) (
 61 | let {
 62 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[stateend[r,3,j] | j in 0..wordsize-1]),13),
 63 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,3,j] | j in 0..wordsize-1])
 64 | }
 65 | in Xor2(tmp,tmpb)
 66 | );
 67 | 
 68 | constraint forall (r in 0..R-1) (
 69 | let {
 70 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[stateend[r,4,j] | j in 0..wordsize-1]),19),
 71 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,4,j] | j in 0..wordsize-1])
 72 | }
 73 | in Xor2(tmp,tmpb)
 74 | );
 75 | 
 76 | % E0 
 77 | constraint forall (r in 0..R-1) (
 78 | let {
 79 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,0,j] | j in 0..wordsize-1]),
 80 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,1,j] | j in 0..wordsize-1]),
 81 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_east[r,2,j] | j in 0..wordsize-1]),
 82 |     array [0..wordsize-1] of var 0..1:tmpd=array1d(0..wordsize-1,[state_east[r,3,j] | j in 0..wordsize-1]),
 83 |     array [0..wordsize-1] of var 0..1:tmpe=array1d(0..wordsize-1,[state_east[r,4,j] | j in 0..wordsize-1]),
 84 |     array [0..wordsize-1] of var 0..1:tmpf=array1d(0..wordsize-1,[state_E[r,0,j] | j in 0..wordsize-1])
 85 | }
 86 | in Xor6(tmp,tmpb,tmpc,tmpd,tmpe,tmpf)
 87 | );
 88 | 
 89 | 
 90 | % E1
 91 | constraint forall (r in 0..R-1) (
 92 | let {
 93 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_east[r,0,j] | j in 0..wordsize-1]),6),
 94 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_east[r,1,j] | j in 0..wordsize-1]),10),
 95 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_east[r,2,j] | j in 0..wordsize-1]),27),
 96 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[state_east[r,3,j] | j in 0..wordsize-1]),41),
 97 |     array [0..wordsize-1] of var 0..1:tmpe=RRot(array1d(0..wordsize-1,[state_east[r,4,j] | j in 0..wordsize-1]),50),
 98 |     array [0..wordsize-1] of var 0..1:tmpf=array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1])
 99 | }
100 | in Xor6(tmp,tmpb,tmpc,tmpd,tmpe,tmpf)
101 | );
102 | 
103 | 
104 | 
105 | 
106 | 
107 | % Eall
108 | constraint forall (r in 0..R-1) (
109 | let {
110 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_E[r,0,j] | j in 0..wordsize-1]),
111 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,0,j] | j in 0..wordsize-1]),1),
112 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),
113 | }
114 | in Xor3(tmp,tmpb,tmpc)
115 | );
116 | 
117 | 
118 | 
119 | 
120 | % F0
121 | constraint forall (r in 0..R-1) (
122 | let {
123 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),6),
124 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),42),
125 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,0,j] | j in 0..wordsize-1]),
126 | }
127 | in Xor3(tmp,tmpb,tmpc)
128 | );
129 | 
130 | % F1
131 | constraint forall (r in 0..R-1) (
132 | let {
133 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),10),
134 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),46),
135 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,1,j] | j in 0..wordsize-1]),
136 | }
137 | in Xor3(tmp,tmpb,tmpc)
138 | );
139 | 
140 | % F2
141 | constraint forall (r in 0..R-1) (
142 | let {
143 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),27),
144 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),63),
145 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,2,j] | j in 0..wordsize-1]),
146 | }
147 | in Xor3(tmp,tmpb,tmpc)
148 | );
149 | 
150 | % F3
151 | constraint forall (r in 0..R-1) (
152 | let {
153 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),41),
154 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),13),
155 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,3,j] | j in 0..wordsize-1]),
156 | }
157 | in Xor3(tmp,tmpb,tmpc)
158 | );
159 | 
160 | 
161 | % F4
162 | constraint forall (r in 0..R-1) (
163 | let {
164 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),50),
165 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),22),
166 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,4,j] | j in 0..wordsize-1]),
167 | }
168 | in Xor3(tmp,tmpb,tmpc)
169 | );
170 | 
171 | 
172 | %row0 Aj
173 | constraint forall (r in 0..R-1) (
174 | let {
175 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,0,j] | j in 0..wordsize-1]),
176 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
177 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,0,j] | j in 0..wordsize-1]),26),
178 |     array [0..wordsize-1] of var 0..1:tmpd=array1d(0..wordsize-1,[statestart[r+1,0,j] | j in 0..wordsize-1])
179 | }
180 | in Xor4(tmp,tmpb,tmpc,tmpd)
181 | );
182 | 
183 | 
184 | 
185 | %row1 Aj
186 | constraint forall (r in 0..R-1) (
187 | let {
188 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,1,j] | j in 0..wordsize-1]),
189 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
190 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,1,j] | j in 0..wordsize-1]),26),
191 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[statestart[r+1,1,j] | j in 0..wordsize-1]),3)
192 | }
193 | in Xor4(tmp,tmpb,tmpc,tmpd)
194 | );
195 | 
196 | 
197 | 
198 | %row2 Aj
199 | constraint forall (r in 0..R-1) (
200 | let {
201 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,2,j] | j in 0..wordsize-1]),
202 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
203 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,2,j] | j in 0..wordsize-1]),26),
204 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[statestart[r+1,2,j] | j in 0..wordsize-1]),15)
205 | }
206 | in Xor4(tmp,tmpb,tmpc,tmpd)
207 | );
208 | 
209 | 
210 | %row3 Aj
211 | constraint forall (r in 0..R-1) (
212 | let {
213 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,3,j] | j in 0..wordsize-1]),
214 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
215 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,3,j] | j in 0..wordsize-1]),26),
216 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[statestart[r+1,3,j] | j in 0..wordsize-1]),51)
217 | }
218 | in Xor4(tmp,tmpb,tmpc,tmpd)
219 | );
220 | 
221 | 
222 | %row4 Aj
223 | constraint forall (r in 0..R-1) (
224 | let {
225 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,4,j] | j in 0..wordsize-1]),
226 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
227 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,4,j] | j in 0..wordsize-1]),26),
228 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[statestart[r+1,4,j] | j in 0..wordsize-1]),45)
229 | }
230 | in Xor4(tmp,tmpb,tmpc,tmpd)
231 | );
232 | 
233 | 
234 | % eliminating symmetries
235 | % constraint checkActive([statestart[2,i,63] | i in 0..4]) = 1; 
236 | % search strategy
237 | ann: search_ann;
238 | search_ann = seq_search([
239 |     int_search(row(sboxes,2), random_order, indomain_min, complete),
240 |     int_search(row(sboxes,1), random_order, indomain_min, complete),
241 |     int_search(row(sboxes,0), random_order, indomain_min, complete),
242 |     int_search(array1d(prb), occurrence, indomain_min, complete)]);
243 | 
244 | 
245 | constraint forall(k in 0..R, j in 0..63) (sboxes[k,j] = checkActive([statestart[k,i,j] | i in 0..4]));
246 | solve :: restart_constant(10000)
247 | :: search_ann minimize obj;
248 | 
249 | 
250 | 
251 | %change to left
252 | % Right rotation of X by val positions
253 | function array[0..wordsize-1] of var 0..1: RRot(array[0..(wordsize-1)] of var 0..1: X, int: val)=
254 | array1d(0..wordsize-1, [X[(j+val) mod wordsize] | j in 0..wordsize-1]);
255 | 
256 | % XOR of 4 arrays equals zero
257 | predicate Xor4(
258 |   array[0..wordsize-1] of var 0..1: a, 
259 |   array[0..wordsize-1] of var 0..1: b,
260 |   array[0..wordsize-1] of var 0..1: c, 
261 |   array[0..wordsize-1] of var 0..1: d)=
262 |     forall(i in 0..wordsize-1)(a[i]+b[i]+c[i]+d[i] in {0,2,4});
263 | 
264 |     
265 | predicate Xor3(
266 |   array[0..wordsize-1] of var 0..1: a, 
267 |   array[0..wordsize-1] of var 0..1: b,
268 |   array[0..wordsize-1] of var 0..1: c)=
269 |     forall(i in 0..wordsize-1)(a[i]+b[i]+c[i] in {0,2});
270 |            
271 |              
272 |     
273 | % XOR of 2 arrays equals zero
274 | predicate Xor2(
275 |   array[0..wordsize-1] of var 0..1: a, 
276 |   array[0..wordsize-1] of var 0..1: b,)=
277 |     forall(i in 0..wordsize-1)(a[i]+b[i] in {0,2});
278 |     
279 | % XOR of 5 arrays equals zero
280 | predicate Xor5(
281 |   array[0..wordsize-1] of var 0..1: a, 
282 |   array[0..wordsize-1] of var 0..1: b,
283 |   array[0..wordsize-1] of var 0..1: c, 
284 |   array[0..wordsize-1] of var 0..1: d,
285 |   array[0..wordsize-1] of var 0..1: e)=
286 |     forall(i in 0..wordsize-1)(a[i]+b[i]+c[i]+d[i]+e[i] in {0,2,4});
287 |     
288 | 
289 |   % XOR of 6 arrays equals zero
290 | predicate Xor6(
291 |   array[0..wordsize-1] of var 0..1: a, 
292 |   array[0..wordsize-1] of var 0..1: b,
293 |   array[0..wordsize-1] of var 0..1: c, 
294 |   array[0..wordsize-1] of var 0..1: d,
295 |   array[0..wordsize-1] of var 0..1: e,
296 |   array[0..wordsize-1] of var 0..1: f)=
297 |     forall(i in 0..wordsize-1)(a[i]+b[i]+c[i]+d[i]+e[i]+f[i] in {0,2,4,6});  
298 | 
299 | % checking activeness of each Sbox
300 | predicate checkActive(array[int] of var 0..1: a) = 
301 |             let { int: len = length(a) }
302 |           in
303 |             sum(i in 1..len) (a[i]) > 0;
304 | 
305 | % for printing purposes only
306 | array[0..R] of var int: Sboxes;
307 | constraint forall (k in 0..R)(
308 |   Sboxes[k] = sum(j in 0..63)(bool2int(checkActive([statestart[k,i,j] | i in 0..4])))
309 | );
310 | 
311 | output [
312 |         if i==0 then "\n Round " ++show(r) ++"\n beforeSB : \n" else "" endif 
313 |         ++ if i<5 then show([statestart[r,i,j] | j in 0..wordsize-1]) ++ " \n" else "" endif ++
314 |         if i==4 then "after SB : \n" else "" endif 
315 |          ++ if i>=4 then show([stateend[r,i-4,j] | j in 0..wordsize-1]) ++ " \n" else "" endif   | r in 0..R, i in 0..8]  
316 |          ++ [show([Sboxes[i] | i in 0..R]) ++ " " ++ show(obj) ++ "\n"] ++ [show([prb[i] | i in 64*k..64*(k+1)-1]) ++ " " ++ show(sum([prb[i] | i in 64*k..64*(k+1)-1])) ++ "\n" | k in 0..R ];


--------------------------------------------------------------------------------
/constraint_programming/search_for_states_in_kenerl/linear_sample:
--------------------------------------------------------------------------------
  1 | 
  2 | % Use this editor as a MiniZinc scratch book
  3 | include "globals.mzn";
  4 | include "chuffed.mzn";
  5 | 
  6 | int :nr; % Number of Rounds
  7 | int :wordsize=64; % word size
  8 | int :bit=320; % Number of bits
  9 | int: R = nr-1;% just because starting R from 1 doesnt work!
 10 | array [0..R,0..4, 0..wordsize-1] of var 0..1: statestart; % before permutation
 11 | 
 12 | array [0..R,0..4, 0..wordsize-1] of var 0..1: state_east;% after east
 13 | 
 14 | array [0..R,0..4, 0..wordsize-1] of var 0..1: state_F;
 15 | 
 16 | array [0..R,0..2, 0..wordsize-1] of var 0..1: state_E;% E0,E1,Eall
 17 | 
 18 | array [0..R,0..4, 0..wordsize-1] of var 0..1: state_Aj;% before west (could be combined with west?)
 19 | 
 20 | 
 21 | array [0..R,0..4, 0..wordsize-1] of var 0..1: stateend; % after permutation
 22 | array [0..64*(R+1)-1] of var {0,100,200,241,300,400}: prb; % probabilities
 23 | var int: obj; % objective value
 24 | constraint obj <= 32000;
 25 | constraint obj >= 1;
 26 | constraint obj = sum(prb); % Objective Function
 27 | array [0..R,0..63] of var bool: sboxes;
 28 | 
 29 | 
 30 | % Forward Substitution
 31 | constraint forall (r in 0..R, i in 0..wordsize-1) (
 32 |              table([statestart[r,0,i],statestart[r,1,i], statestart[r,2,i], statestart[r,3,i], statestart[r,4,i],
 33 |                     stateend[r,0,i],stateend[r,1,i], stateend[r,2,i], stateend[r,3,i], stateend[r,4,i],
 34 |               prb[64*(r)+i]], DDT));
 35 | 
 36 | 
 37 | 
 38 | % east
 39 | constraint forall (r in 0..R-1) (
 40 | let {
 41 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[stateend[r,0,j] | j in 0..wordsize-1]),
 42 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,0,j] | j in 0..wordsize-1])
 43 | }
 44 | in Xor2(tmp,tmpb)
 45 | );
 46 | 
 47 | constraint forall (r in 0..R-1) (
 48 | let {
 49 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[stateend[r,1,j] | j in 0..wordsize-1]),61),
 50 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,1,j] | j in 0..wordsize-1])
 51 | }
 52 | in Xor2(tmp,tmpb)
 53 | );
 54 | 
 55 | constraint forall (r in 0..R-1) (
 56 | let {
 57 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[stateend[r,2,j] | j in 0..wordsize-1]),49),
 58 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,2,j] | j in 0..wordsize-1])
 59 | }
 60 | in Xor2(tmp,tmpb)
 61 | );
 62 | 
 63 | constraint forall (r in 0..R-1) (
 64 | let {
 65 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[stateend[r,3,j] | j in 0..wordsize-1]),13),
 66 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,3,j] | j in 0..wordsize-1])
 67 | }
 68 | in Xor2(tmp,tmpb)
 69 | );
 70 | 
 71 | constraint forall (r in 0..R-1) (
 72 | let {
 73 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[stateend[r,4,j] | j in 0..wordsize-1]),19),
 74 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,4,j] | j in 0..wordsize-1])
 75 | }
 76 | in Xor2(tmp,tmpb)
 77 | );
 78 | 
 79 | % E0
 80 | constraint forall (r in 0..R-1) (
 81 | let {
 82 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,0,j] | j in 0..wordsize-1]),
 83 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,1,j] | j in 0..wordsize-1]),
 84 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_east[r,2,j] | j in 0..wordsize-1]),
 85 |     array [0..wordsize-1] of var 0..1:tmpd=array1d(0..wordsize-1,[state_east[r,3,j] | j in 0..wordsize-1]),
 86 |     array [0..wordsize-1] of var 0..1:tmpe=array1d(0..wordsize-1,[state_east[r,4,j] | j in 0..wordsize-1]),
 87 |     array [0..wordsize-1] of var 0..1:tmpf=array1d(0..wordsize-1,[state_E[r,0,j] | j in 0..wordsize-1])
 88 | }
 89 | in Xor6(tmp,tmpb,tmpc,tmpd,tmpe,tmpf)
 90 | );
 91 | 
 92 | 
 93 | % E1
 94 | constraint forall (r in 0..R-1) (
 95 | let {
 96 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_east[r,0,j] | j in 0..wordsize-1]),6),
 97 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_east[r,1,j] | j in 0..wordsize-1]),10),
 98 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_east[r,2,j] | j in 0..wordsize-1]),27),
 99 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[state_east[r,3,j] | j in 0..wordsize-1]),41),
100 |     array [0..wordsize-1] of var 0..1:tmpe=RRot(array1d(0..wordsize-1,[state_east[r,4,j] | j in 0..wordsize-1]),50),
101 |     array [0..wordsize-1] of var 0..1:tmpf=array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1])
102 | }
103 | in Xor6(tmp,tmpb,tmpc,tmpd,tmpe,tmpf)
104 | );
105 | 
106 | 
107 | 
108 | 
109 | 
110 | % Eall
111 | constraint forall (r in 0..R-1) (
112 | let {
113 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_E[r,0,j] | j in 0..wordsize-1]),
114 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,0,j] | j in 0..wordsize-1]),1),
115 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),
116 | }
117 | in Xor3(tmp,tmpb,tmpc)
118 | );
119 | 
120 | 
121 | 
122 | 
123 | % F0
124 | constraint forall (r in 0..R-1) (
125 | let {
126 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),6),
127 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),42),
128 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,0,j] | j in 0..wordsize-1]),
129 | }
130 | in Xor3(tmp,tmpb,tmpc)
131 | );
132 | 
133 | % F1
134 | constraint forall (r in 0..R-1) (
135 | let {
136 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),10),
137 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),46),
138 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,1,j] | j in 0..wordsize-1]),
139 | }
140 | in Xor3(tmp,tmpb,tmpc)
141 | );
142 | 
143 | % F2
144 | constraint forall (r in 0..R-1) (
145 | let {
146 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),27),
147 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),63),
148 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,2,j] | j in 0..wordsize-1]),
149 | }
150 | in Xor3(tmp,tmpb,tmpc)
151 | );
152 | 
153 | % F3
154 | constraint forall (r in 0..R-1) (
155 | let {
156 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),41),
157 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),13),
158 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,3,j] | j in 0..wordsize-1]),
159 | }
160 | in Xor3(tmp,tmpb,tmpc)
161 | );
162 | 
163 | 
164 | % F4
165 | constraint forall (r in 0..R-1) (
166 | let {
167 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),50),
168 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),22),
169 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,4,j] | j in 0..wordsize-1]),
170 | }
171 | in Xor3(tmp,tmpb,tmpc)
172 | );
173 | 
174 | 
175 | %row0 Aj
176 | constraint forall (r in 0..R-1) (
177 | let {
178 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,0,j] | j in 0..wordsize-1]),
179 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
180 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,0,j] | j in 0..wordsize-1]),26),
181 |     array [0..wordsize-1] of var 0..1:tmpd=array1d(0..wordsize-1,[statestart[r+1,0,j] | j in 0..wordsize-1])
182 | }
183 | in Xor4(tmp,tmpb,tmpc,tmpd)
184 | );
185 | 
186 | 
187 | 
188 | %row1 Aj
189 | constraint forall (r in 0..R-1) (
190 | let {
191 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,1,j] | j in 0..wordsize-1]),
192 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
193 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,1,j] | j in 0..wordsize-1]),26),
194 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[statestart[r+1,1,j] | j in 0..wordsize-1]),3)
195 | }
196 | in Xor4(tmp,tmpb,tmpc,tmpd)
197 | );
198 | 
199 | 
200 | 
201 | %row2 Aj
202 | constraint forall (r in 0..R-1) (
203 | let {
204 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,2,j] | j in 0..wordsize-1]),
205 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
206 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,2,j] | j in 0..wordsize-1]),26),
207 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[statestart[r+1,2,j] | j in 0..wordsize-1]),15)
208 | }
209 | in Xor4(tmp,tmpb,tmpc,tmpd)
210 | );
211 | 
212 | 
213 | %row3 Aj
214 | constraint forall (r in 0..R-1) (
215 | let {
216 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,3,j] | j in 0..wordsize-1]),
217 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
218 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,3,j] | j in 0..wordsize-1]),26),
219 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[statestart[r+1,3,j] | j in 0..wordsize-1]),51)
220 | }
221 | in Xor4(tmp,tmpb,tmpc,tmpd)
222 | );
223 | 
224 | 
225 | %row4 Aj
226 | constraint forall (r in 0..R-1) (
227 | let {
228 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,4,j] | j in 0..wordsize-1]),
229 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
230 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,4,j] | j in 0..wordsize-1]),26),
231 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[statestart[r+1,4,j] | j in 0..wordsize-1]),45)
232 | }
233 | in Xor4(tmp,tmpb,tmpc,tmpd)
234 | );
235 | 
236 | 
237 | 
238 | 
239 | 
240 | 
241 | % search strategy
242 | ann: search_ann;
243 | search_ann = seq_search([
244 |     int_search(row(sboxes,0), random_order, indomain_min, complete),
245 |     int_search(row(sboxes,1), random_order, indomain_min, complete),
246 |     %int_search(row(sboxes,2), random_order, indomain_min, complete),
247 |     int_search(array1d(prb), occurrence, indomain_min, complete)]);
248 | 
249 | 
250 | constraint forall(k in 0..R, j in 0..63) (sboxes[k,j] = checkActive([statestart[k,i,j] | i in 0..4]));
251 | 
252 | 
253 | solve :: restart_constant(10000)
254 | :: search_ann minimize obj;
255 | 
256 | 
257 | 
258 | 
259 | 
260 | % %change to left
261 | % % Right rotation of X by val positions
262 | % function array[0..wordsize-1] of var 0..1: RRot(array[0..(wordsize-1)] of var 0..1: X, int: val)=
263 | % array1d(0..wordsize-1, [X[(j+val) mod wordsize] | j in 0..wordsize-1]);
264 | 
265 | %Right for linear
266 | % Right rotation of X by val positions
267 | function array[0..wordsize-1] of var 0..1: RRot(array[0..(wordsize-1)] of var 0..1: X, int: val)=
268 | array1d(0..wordsize-1, [X[(wordsize+j-val) mod wordsize] | j in 0..wordsize-1]);
269 | 
270 | 
271 | 
272 | % XOR of 4 arrays equals zero
273 | predicate Xor4(
274 |   array[0..wordsize-1] of var 0..1: a,
275 |   array[0..wordsize-1] of var 0..1: b,
276 |   array[0..wordsize-1] of var 0..1: c,
277 |   array[0..wordsize-1] of var 0..1: d)=
278 |     forall(i in 0..wordsize-1)(a[i]+b[i]+c[i]+d[i] in {0,2,4});
279 | 
280 | 
281 | predicate Xor3(
282 |   array[0..wordsize-1] of var 0..1: a,
283 |   array[0..wordsize-1] of var 0..1: b,
284 |   array[0..wordsize-1] of var 0..1: c)=
285 |     forall(i in 0..wordsize-1)(a[i]+b[i]+c[i] in {0,2});
286 | 
287 | 
288 | 
289 | % XOR of 2 arrays equals zero
290 | predicate Xor2(
291 |   array[0..wordsize-1] of var 0..1: a,
292 |   array[0..wordsize-1] of var 0..1: b,)=
293 |     forall(i in 0..wordsize-1)(a[i]+b[i] in {0,2});
294 | 
295 | % XOR of 5 arrays equals zero
296 | predicate Xor5(
297 |   array[0..wordsize-1] of var 0..1: a,
298 |   array[0..wordsize-1] of var 0..1: b,
299 |   array[0..wordsize-1] of var 0..1: c,
300 |   array[0..wordsize-1] of var 0..1: d,
301 |   array[0..wordsize-1] of var 0..1: e)=
302 |     forall(i in 0..wordsize-1)(a[i]+b[i]+c[i]+d[i]+e[i] in {0,2,4});
303 | 
304 | 
305 |   % XOR of 6 arrays equals zero
306 | predicate Xor6(
307 |   array[0..wordsize-1] of var 0..1: a,
308 |   array[0..wordsize-1] of var 0..1: b,
309 |   array[0..wordsize-1] of var 0..1: c,
310 |   array[0..wordsize-1] of var 0..1: d,
311 |   array[0..wordsize-1] of var 0..1: e,
312 |   array[0..wordsize-1] of var 0..1: f)=
313 |     forall(i in 0..wordsize-1)(a[i]+b[i]+c[i]+d[i]+e[i]+f[i] in {0,2,4,6});
314 | 
315 | % checking activeness of each Sbox
316 | predicate checkActive(array[int] of var 0..1: a) =
317 |             let { int: len = length(a) }
318 |           in
319 |             sum(i in 1..len) (a[i]) > 0;
320 | 
321 | 
322 | % checking activeness of each Sbox
323 | predicate checkzero(array[int] of var 0..1: a) =
324 |             let { int: len = length(a) }
325 |           in
326 |             sum(i in 1..len) (a[i]) = 0;
327 | 
328 | % for printing purposes only
329 | array[0..R] of var int: Sboxes;
330 | constraint forall (k in 0..R)(
331 |   Sboxes[k] = sum(j in 0..63)(bool2int(checkActive([statestart[k,i,j] | i in 0..4])))
332 | );
333 | 
334 | 
335 | output [
336 |         if i==0 then "\n Round " ++show(r) ++"\n beforeSB : \n" else "" endif
337 |         ++ if i<5 then show([statestart[r,i,j] | j in 0..wordsize-1]) ++ " \n" else "" endif ++
338 |         if i==4 then "after SB : \n" else "" endif
339 |          ++ if i>=4 then show([stateend[r,i-4,j] | j in 0..wordsize-1]) ++ " \n" else "" endif   | r in 0..R, i in 0..8]
340 |          ++ [show([Sboxes[i] | i in 0..R]) ++ " " ++ show(obj) ++ "\n"] ++ [show([prb[i] | i in 64*k..64*(k+1)-1]) ++ " " ++ show(sum([prb[i] | i in 64*k..64*(k+1)-1])) ++ "\n" | k in 0..R ];
341 | 
342 | 
343 | 


--------------------------------------------------------------------------------
/constraint_programming/search_for_all_states/GastonS_diff.mzn:
--------------------------------------------------------------------------------
  1 | % Use this editor as a MiniZinc scratch book
  2 | include "globals.mzn";
  3 | include "chuffed.mzn";
  4 | 
  5 | int :nr; % Number of Rounds
  6 | int :wordsize=64; % word size
  7 | int :bit=320; % Number of bits
  8 | int: R = nr-1;% just because starting R from 1 doesnt work!
  9 | array [0..R,0..4, 0..wordsize-1] of var 0..1: statestart; % before permutation
 10 | 
 11 | array [0..R,0..4, 0..wordsize-1] of var 0..1: state_east;% after east
 12 | array [0..R,0..4, 0..wordsize-1] of var 0..1: state_F;
 13 | 
 14 | array [0..R,0..2, 0..wordsize-1] of var 0..1: state_E;% E0,E1,Eall 
 15 | 
 16 | array [0..R,0..4, 0..wordsize-1] of var 0..1: state_Aj;% before west (could be combined with west?)
 17 | 
 18 | 
 19 | array [0..R,0..4, 0..wordsize-1] of var 0..1: stateend; % after permutation
 20 | array [0..64*(R+1)-1] of var {0,100,200,241,300,400}: prb; % probabilities
 21 | var int: obj; % objective value
 22 | constraint obj <= 32000;
 23 | constraint obj >= 1;
 24 | constraint obj = sum(prb); % Objective Function
 25 | array [0..R,0..63] of var bool: sboxes;
 26 | 
 27 | % Forward Permutation
 28 | 
 29 | % Forward Substitution
 30 | constraint forall (r in 0..R, i in 0..wordsize-1) (
 31 |              table([statestart[r,0,i],statestart[r,1,i], statestart[r,2,i], statestart[r,3,i], statestart[r,4,i],
 32 |                     stateend[r,0,i],stateend[r,1,i], stateend[r,2,i], stateend[r,3,i], stateend[r,4,i],
 33 |               prb[64*(r)+i]], DDT));
 34 | 
 35 | % east   
 36 | constraint forall (r in 0..R-1) (
 37 | let {
 38 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[stateend[r,0,j] | j in 0..wordsize-1]),
 39 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,0,j] | j in 0..wordsize-1])
 40 | }
 41 | in Xor2(tmp,tmpb)
 42 | );
 43 | 
 44 | constraint forall (r in 0..R-1) (
 45 | let {
 46 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[stateend[r,1,j] | j in 0..wordsize-1]),61),
 47 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,1,j] | j in 0..wordsize-1])
 48 | }
 49 | in Xor2(tmp,tmpb)
 50 | );
 51 | 
 52 | constraint forall (r in 0..R-1) (
 53 | let {
 54 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[stateend[r,2,j] | j in 0..wordsize-1]),49),
 55 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,2,j] | j in 0..wordsize-1])
 56 | }
 57 | in Xor2(tmp,tmpb)
 58 | );
 59 | 
 60 | constraint forall (r in 0..R-1) (
 61 | let {
 62 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[stateend[r,3,j] | j in 0..wordsize-1]),13),
 63 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,3,j] | j in 0..wordsize-1])
 64 | }
 65 | in Xor2(tmp,tmpb)
 66 | );
 67 | 
 68 | constraint forall (r in 0..R-1) (
 69 | let {
 70 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[stateend[r,4,j] | j in 0..wordsize-1]),19),
 71 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,4,j] | j in 0..wordsize-1])
 72 | }
 73 | in Xor2(tmp,tmpb)
 74 | );
 75 | 
 76 | % E0 
 77 | constraint forall (r in 0..R-1) (
 78 | let {
 79 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,0,j] | j in 0..wordsize-1]),
 80 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,1,j] | j in 0..wordsize-1]),
 81 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_east[r,2,j] | j in 0..wordsize-1]),
 82 |     array [0..wordsize-1] of var 0..1:tmpd=array1d(0..wordsize-1,[state_east[r,3,j] | j in 0..wordsize-1]),
 83 |     array [0..wordsize-1] of var 0..1:tmpe=array1d(0..wordsize-1,[state_east[r,4,j] | j in 0..wordsize-1]),
 84 |     array [0..wordsize-1] of var 0..1:tmpf=array1d(0..wordsize-1,[state_E[r,0,j] | j in 0..wordsize-1])
 85 | }
 86 | in Xor6(tmp,tmpb,tmpc,tmpd,tmpe,tmpf)
 87 | );
 88 | 
 89 | 
 90 | % E1
 91 | constraint forall (r in 0..R-1) (
 92 | let {
 93 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_east[r,0,j] | j in 0..wordsize-1]),6),
 94 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_east[r,1,j] | j in 0..wordsize-1]),10),
 95 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_east[r,2,j] | j in 0..wordsize-1]),27),
 96 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[state_east[r,3,j] | j in 0..wordsize-1]),41),
 97 |     array [0..wordsize-1] of var 0..1:tmpe=RRot(array1d(0..wordsize-1,[state_east[r,4,j] | j in 0..wordsize-1]),50),
 98 |     array [0..wordsize-1] of var 0..1:tmpf=array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1])
 99 | }
100 | in Xor6(tmp,tmpb,tmpc,tmpd,tmpe,tmpf)
101 | );
102 | 
103 | 
104 | 
105 | 
106 | 
107 | % Eall
108 | constraint forall (r in 0..R-1) (
109 | let {
110 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_E[r,0,j] | j in 0..wordsize-1]),
111 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,0,j] | j in 0..wordsize-1]),1),
112 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),
113 | }
114 | in Xor3(tmp,tmpb,tmpc)
115 | );
116 | 
117 | 
118 | 
119 | 
120 | % F0
121 | constraint forall (r in 0..R-1) (
122 | let {
123 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),6),
124 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),42),
125 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,0,j] | j in 0..wordsize-1]),
126 | }
127 | in Xor3(tmp,tmpb,tmpc)
128 | );
129 | 
130 | % F1
131 | constraint forall (r in 0..R-1) (
132 | let {
133 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),10),
134 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),46),
135 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,1,j] | j in 0..wordsize-1]),
136 | }
137 | in Xor3(tmp,tmpb,tmpc)
138 | );
139 | 
140 | % F2
141 | constraint forall (r in 0..R-1) (
142 | let {
143 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),27),
144 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),63),
145 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,2,j] | j in 0..wordsize-1]),
146 | }
147 | in Xor3(tmp,tmpb,tmpc)
148 | );
149 | 
150 | % F3
151 | constraint forall (r in 0..R-1) (
152 | let {
153 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),41),
154 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),13),
155 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,3,j] | j in 0..wordsize-1]),
156 | }
157 | in Xor3(tmp,tmpb,tmpc)
158 | );
159 | 
160 | 
161 | % F4
162 | constraint forall (r in 0..R-1) (
163 | let {
164 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),50),
165 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),22),
166 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,4,j] | j in 0..wordsize-1]),
167 | }
168 | in Xor3(tmp,tmpb,tmpc)
169 | );
170 | 
171 | 
172 | %row0 Aj
173 | constraint forall (r in 0..R-1) (
174 | let {
175 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,0,j] | j in 0..wordsize-1]),
176 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
177 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,0,j] | j in 0..wordsize-1]),26),
178 |     array [0..wordsize-1] of var 0..1:tmpd=array1d(0..wordsize-1,[statestart[r+1,0,j] | j in 0..wordsize-1])
179 | }
180 | in Xor4(tmp,tmpb,tmpc,tmpd)
181 | );
182 | 
183 | 
184 | 
185 | %row1 Aj
186 | constraint forall (r in 0..R-1) (
187 | let {
188 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,1,j] | j in 0..wordsize-1]),
189 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
190 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,1,j] | j in 0..wordsize-1]),26),
191 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[statestart[r+1,1,j] | j in 0..wordsize-1]),3)
192 | }
193 | in Xor4(tmp,tmpb,tmpc,tmpd)
194 | );
195 | 
196 | 
197 | 
198 | %row2 Aj
199 | constraint forall (r in 0..R-1) (
200 | let {
201 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,2,j] | j in 0..wordsize-1]),
202 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
203 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,2,j] | j in 0..wordsize-1]),26),
204 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[statestart[r+1,2,j] | j in 0..wordsize-1]),15)
205 | }
206 | in Xor4(tmp,tmpb,tmpc,tmpd)
207 | );
208 | 
209 | 
210 | %row3 Aj
211 | constraint forall (r in 0..R-1) (
212 | let {
213 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,3,j] | j in 0..wordsize-1]),
214 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
215 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,3,j] | j in 0..wordsize-1]),26),
216 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[statestart[r+1,3,j] | j in 0..wordsize-1]),51)
217 | }
218 | in Xor4(tmp,tmpb,tmpc,tmpd)
219 | );
220 | 
221 | 
222 | %row4 Aj
223 | constraint forall (r in 0..R-1) (
224 | let {
225 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,4,j] | j in 0..wordsize-1]),
226 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
227 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,4,j] | j in 0..wordsize-1]),26),
228 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[statestart[r+1,4,j] | j in 0..wordsize-1]),45)
229 | }
230 | in Xor4(tmp,tmpb,tmpc,tmpd)
231 | );
232 | 
233 | 
234 | % eliminating symmetries
235 | % constraint checkActive([statestart[2,i,63] | i in 0..4]) = 1; 
236 | % search strategy
237 | ann: search_ann;
238 | search_ann = seq_search([
239 |     int_search(row(sboxes,2), random_order, indomain_min, complete),
240 |     int_search(row(sboxes,1), random_order, indomain_min, complete),
241 |     int_search(row(sboxes,0), random_order, indomain_min, complete),
242 |     int_search(array1d(prb), occurrence, indomain_min, complete)]);
243 | 
244 | 
245 | constraint forall(k in 0..R, j in 0..63) (sboxes[k,j] = checkActive([statestart[k,i,j] | i in 0..4]));
246 | solve :: restart_constant(10000)
247 | :: search_ann minimize obj;
248 | 
249 | 
250 | 
251 | %change to left
252 | % Right rotation of X by val positions
253 | function array[0..wordsize-1] of var 0..1: RRot(array[0..(wordsize-1)] of var 0..1: X, int: val)=
254 | array1d(0..wordsize-1, [X[(j+val) mod wordsize] | j in 0..wordsize-1]);
255 | 
256 | % XOR of 4 arrays equals zero
257 | predicate Xor4(
258 |   array[0..wordsize-1] of var 0..1: a, 
259 |   array[0..wordsize-1] of var 0..1: b,
260 |   array[0..wordsize-1] of var 0..1: c, 
261 |   array[0..wordsize-1] of var 0..1: d)=
262 |     forall(i in 0..wordsize-1)(a[i]+b[i]+c[i]+d[i] in {0,2,4});
263 | 
264 |     
265 | predicate Xor3(
266 |   array[0..wordsize-1] of var 0..1: a, 
267 |   array[0..wordsize-1] of var 0..1: b,
268 |   array[0..wordsize-1] of var 0..1: c)=
269 |     forall(i in 0..wordsize-1)(a[i]+b[i]+c[i] in {0,2});
270 |            
271 |              
272 |     
273 | % XOR of 2 arrays equals zero
274 | predicate Xor2(
275 |   array[0..wordsize-1] of var 0..1: a, 
276 |   array[0..wordsize-1] of var 0..1: b,)=
277 |     forall(i in 0..wordsize-1)(a[i]+b[i] in {0,2});
278 |     
279 | % XOR of 5 arrays equals zero
280 | predicate Xor5(
281 |   array[0..wordsize-1] of var 0..1: a, 
282 |   array[0..wordsize-1] of var 0..1: b,
283 |   array[0..wordsize-1] of var 0..1: c, 
284 |   array[0..wordsize-1] of var 0..1: d,
285 |   array[0..wordsize-1] of var 0..1: e)=
286 |     forall(i in 0..wordsize-1)(a[i]+b[i]+c[i]+d[i]+e[i] in {0,2,4});
287 |     
288 | 
289 |   % XOR of 6 arrays equals zero
290 | predicate Xor6(
291 |   array[0..wordsize-1] of var 0..1: a, 
292 |   array[0..wordsize-1] of var 0..1: b,
293 |   array[0..wordsize-1] of var 0..1: c, 
294 |   array[0..wordsize-1] of var 0..1: d,
295 |   array[0..wordsize-1] of var 0..1: e,
296 |   array[0..wordsize-1] of var 0..1: f)=
297 |     forall(i in 0..wordsize-1)(a[i]+b[i]+c[i]+d[i]+e[i]+f[i] in {0,2,4,6});  
298 | 
299 | % checking activeness of each Sbox
300 | predicate checkActive(array[int] of var 0..1: a) = 
301 |             let { int: len = length(a) }
302 |           in
303 |             sum(i in 1..len) (a[i]) > 0;
304 | 
305 | % for printing purposes only
306 | array[0..R] of var int: Sboxes;
307 | constraint forall (k in 0..R)(
308 |   Sboxes[k] = sum(j in 0..63)(bool2int(checkActive([statestart[k,i,j] | i in 0..4])))
309 | );
310 | 
311 | output [
312 |         if i==0 then "\n Round " ++show(r) ++"\n beforeSB : \n" else "" endif 
313 |         ++ if i<5 then show([statestart[r,i,j] | j in 0..wordsize-1]) ++ " \n" else "" endif ++
314 |         if i==4 then "after SB : \n" else "" endif 
315 |          ++ if i>=4 then show([stateend[r,i-4,j] | j in 0..wordsize-1]) ++ " \n" else "" endif   | r in 0..R, i in 0..8]  
316 |          ++ [show([Sboxes[i] | i in 0..R]) ++ " " ++ show(obj) ++ "\n"] ++ [show([prb[i] | i in 64*k..64*(k+1)-1]) ++ " " ++ show(sum([prb[i] | i in 64*k..64*(k+1)-1])) ++ "\n" | k in 0..R ];
317 | array [1..317, 1..11] of int : DDT = array2d(1..317,1..11,[0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 200, 0, 0, 0, 0, 1, 0, 0, 0, 1, 1, 200, 0, 0, 0, 0, 1, 0, 0, 1, 0, 1, 200, 0, 0, 0, 0, 1, 0, 0, 1, 1, 1, 200, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 200, 0, 0, 0, 1, 0, 0, 0, 1, 1, 0, 200, 0, 0, 0, 1, 0, 0, 1, 0, 1, 0, 200, 0, 0, 0, 1, 0, 0, 1, 1, 1, 0, 200, 0, 0, 0, 1, 1, 0, 0, 0, 0, 1, 300, 0, 0, 0, 1, 1, 0, 0, 0, 1, 1, 300, 0, 0, 0, 1, 1, 0, 0, 1, 0, 1, 300, 0, 0, 0, 1, 1, 0, 0, 1, 1, 1, 300, 0, 0, 0, 1, 1, 0, 1, 0, 0, 1, 300, 0, 0, 0, 1, 1, 0, 1, 0, 1, 1, 300, 0, 0, 0, 1, 1, 0, 1, 1, 0, 1, 300, 0, 0, 0, 1, 1, 0, 1, 1, 1, 1, 300, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 200, 0, 0, 1, 0, 0, 0, 1, 1, 0, 0, 200, 0, 0, 1, 0, 0, 1, 0, 1, 0, 0, 200, 0, 0, 1, 0, 0, 1, 1, 1, 0, 0, 200, 0, 0, 1, 0, 1, 0, 0, 0, 0, 1, 300, 0, 0, 1, 0, 1, 0, 0, 0, 1, 1, 300, 0, 0, 1, 0, 1, 0, 1, 1, 0, 1, 300, 0, 0, 1, 0, 1, 0, 1, 1, 1, 1, 300, 0, 0, 1, 0, 1, 1, 0, 0, 0, 1, 300, 0, 0, 1, 0, 1, 1, 0, 0, 1, 1, 300, 0, 0, 1, 0, 1, 1, 1, 1, 0, 1, 300, 0, 0, 1, 0, 1, 1, 1, 1, 1, 1, 300, 0, 0, 1, 1, 0, 0, 0, 0, 1, 0, 300, 0, 0, 1, 1, 0, 0, 0, 1, 1, 0, 300, 0, 0, 1, 1, 0, 0, 1, 0, 1, 0, 300, 0, 0, 1, 1, 0, 0, 1, 1, 1, 0, 300, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 300, 0, 0, 1, 1, 0, 1, 0, 1, 1, 0, 300, 0, 0, 1, 1, 0, 1, 1, 0, 1, 0, 300, 0, 0, 1, 1, 0, 1, 1, 1, 1, 0, 300, 0, 0, 1, 1, 1, 0, 0, 0, 0, 1, 400, 0, 0, 1, 1, 1, 0, 0, 0, 1, 1, 400, 0, 0, 1, 1, 1, 0, 0, 1, 0, 1, 400, 0, 0, 1, 1, 1, 0, 0, 1, 1, 1, 400, 0, 0, 1, 1, 1, 0, 1, 0, 0, 1, 400, 0, 0, 1, 1, 1, 0, 1, 0, 1, 1, 400, 0, 0, 1, 1, 1, 0, 1, 1, 0, 1, 400, 0, 0, 1, 1, 1, 0, 1, 1, 1, 1, 400, 0, 0, 1, 1, 1, 1, 0, 0, 0, 1, 400, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 400, 0, 0, 1, 1, 1, 1, 0, 1, 0, 1, 400, 0, 0, 1, 1, 1, 1, 0, 1, 1, 1, 400, 0, 0, 1, 1, 1, 1, 1, 0, 0, 1, 400, 0, 0, 1, 1, 1, 1, 1, 0, 1, 1, 400, 0, 0, 1, 1, 1, 1, 1, 1, 0, 1, 400, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 400, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 200, 0, 1, 0, 0, 0, 0, 1, 0, 0, 1, 200, 0, 1, 0, 0, 0, 1, 1, 0, 0, 0, 200, 0, 1, 0, 0, 0, 1, 1, 0, 0, 1, 200, 0, 1, 0, 0, 1, 0, 1, 0, 0, 0, 300, 0, 1, 0, 0, 1, 0, 1, 0, 1, 1, 300, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 300, 0, 1, 0, 0, 1, 0, 1, 1, 1, 1, 300, 0, 1, 0, 0, 1, 1, 1, 0, 0, 0, 300, 0, 1, 0, 0, 1, 1, 1, 0, 1, 1, 300, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 300, 0, 1, 0, 0, 1, 1, 1, 1, 1, 1, 300, 0, 1, 0, 1, 0, 0, 0, 0, 1, 0, 300, 0, 1, 0, 1, 0, 0, 0, 0, 1, 1, 300, 0, 1, 0, 1, 0, 0, 0, 1, 1, 0, 300, 0, 1, 0, 1, 0, 0, 0, 1, 1, 1, 300, 0, 1, 0, 1, 0, 1, 1, 0, 1, 0, 300, 0, 1, 0, 1, 0, 1, 1, 0, 1, 1, 300, 0, 1, 0, 1, 0, 1, 1, 1, 1, 0, 300, 0, 1, 0, 1, 0, 1, 1, 1, 1, 1, 300, 0, 1, 0, 1, 1, 0, 0, 0, 0, 1, 300, 0, 1, 0, 1, 1, 0, 0, 0, 1, 0, 300, 0, 1, 0, 1, 1, 0, 0, 1, 0, 1, 300, 0, 1, 0, 1, 1, 0, 0, 1, 1, 0, 300, 0, 1, 0, 1, 1, 1, 1, 0, 0, 1, 300, 0, 1, 0, 1, 1, 1, 1, 0, 1, 0, 300, 0, 1, 0, 1, 1, 1, 1, 1, 0, 1, 300, 0, 1, 0, 1, 1, 1, 1, 1, 1, 0, 300, 0, 1, 1, 0, 0, 0, 0, 1, 0, 0, 300, 0, 1, 1, 0, 0, 0, 0, 1, 0, 1, 300, 0, 1, 1, 0, 0, 0, 1, 1, 0, 0, 300, 0, 1, 1, 0, 0, 0, 1, 1, 0, 1, 300, 0, 1, 1, 0, 0, 1, 0, 1, 0, 0, 300, 0, 1, 1, 0, 0, 1, 0, 1, 0, 1, 300, 0, 1, 1, 0, 0, 1, 1, 1, 0, 0, 300, 0, 1, 1, 0, 0, 1, 1, 1, 0, 1, 300, 0, 1, 1, 0, 1, 0, 0, 1, 0, 0, 300, 0, 1, 1, 0, 1, 0, 0, 1, 1, 1, 300, 0, 1, 1, 0, 1, 0, 1, 0, 0, 0, 300, 0, 1, 1, 0, 1, 0, 1, 0, 1, 1, 300, 0, 1, 1, 0, 1, 1, 0, 1, 0, 0, 300, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 300, 0, 1, 1, 0, 1, 1, 1, 0, 0, 0, 300, 0, 1, 1, 0, 1, 1, 1, 0, 1, 1, 300, 0, 1, 1, 1, 0, 0, 0, 0, 1, 0, 400, 0, 1, 1, 1, 0, 0, 0, 0, 1, 1, 400, 0, 1, 1, 1, 0, 0, 0, 1, 1, 0, 400, 0, 1, 1, 1, 0, 0, 0, 1, 1, 1, 400, 0, 1, 1, 1, 0, 0, 1, 0, 1, 0, 400, 0, 1, 1, 1, 0, 0, 1, 0, 1, 1, 400, 0, 1, 1, 1, 0, 0, 1, 1, 1, 0, 400, 0, 1, 1, 1, 0, 0, 1, 1, 1, 1, 400, 0, 1, 1, 1, 0, 1, 0, 0, 1, 0, 400, 0, 1, 1, 1, 0, 1, 0, 0, 1, 1, 400, 0, 1, 1, 1, 0, 1, 0, 1, 1, 0, 400, 0, 1, 1, 1, 0, 1, 0, 1, 1, 1, 400, 0, 1, 1, 1, 0, 1, 1, 0, 1, 0, 400, 0, 1, 1, 1, 0, 1, 1, 0, 1, 1, 400, 0, 1, 1, 1, 0, 1, 1, 1, 1, 0, 400, 0, 1, 1, 1, 0, 1, 1, 1, 1, 1, 400, 0, 1, 1, 1, 1, 0, 0, 0, 0, 1, 400, 0, 1, 1, 1, 1, 0, 0, 0, 1, 0, 400, 0, 1, 1, 1, 1, 0, 0, 1, 0, 1, 400, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 400, 0, 1, 1, 1, 1, 0, 1, 0, 0, 1, 400, 0, 1, 1, 1, 1, 0, 1, 0, 1, 0, 400, 0, 1, 1, 1, 1, 0, 1, 1, 0, 1, 400, 0, 1, 1, 1, 1, 0, 1, 1, 1, 0, 400, 0, 1, 1, 1, 1, 1, 0, 0, 0, 1, 400, 0, 1, 1, 1, 1, 1, 0, 0, 1, 0, 400, 0, 1, 1, 1, 1, 1, 0, 1, 0, 1, 400, 0, 1, 1, 1, 1, 1, 0, 1, 1, 0, 400, 0, 1, 1, 1, 1, 1, 1, 0, 0, 1, 400, 0, 1, 1, 1, 1, 1, 1, 0, 1, 0, 400, 0, 1, 1, 1, 1, 1, 1, 1, 0, 1, 400, 0, 1, 1, 1, 1, 1, 1, 1, 1, 0, 400, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 200, 1, 0, 0, 0, 0, 1, 0, 0, 0, 1, 200, 1, 0, 0, 0, 0, 1, 0, 0, 1, 0, 200, 1, 0, 0, 0, 0, 1, 0, 0, 1, 1, 200, 1, 0, 0, 0, 1, 1, 0, 0, 0, 0, 300, 1, 0, 0, 0, 1, 1, 0, 0, 0, 1, 300, 1, 0, 0, 0, 1, 1, 0, 0, 1, 0, 300, 1, 0, 0, 0, 1, 1, 0, 0, 1, 1, 300, 1, 0, 0, 0, 1, 1, 0, 1, 0, 0, 300, 1, 0, 0, 0, 1, 1, 0, 1, 0, 1, 300, 1, 0, 0, 0, 1, 1, 0, 1, 1, 0, 300, 1, 0, 0, 0, 1, 1, 0, 1, 1, 1, 300, 1, 0, 0, 1, 0, 1, 0, 0, 0, 0, 300, 1, 0, 0, 1, 0, 1, 0, 0, 0, 1, 300, 1, 0, 0, 1, 0, 1, 0, 1, 1, 0, 300, 1, 0, 0, 1, 0, 1, 0, 1, 1, 1, 300, 1, 0, 0, 1, 0, 1, 1, 0, 0, 0, 300, 1, 0, 0, 1, 0, 1, 1, 0, 0, 1, 300, 1, 0, 0, 1, 0, 1, 1, 1, 1, 0, 300, 1, 0, 0, 1, 0, 1, 1, 1, 1, 1, 300, 1, 0, 0, 1, 1, 1, 0, 0, 0, 0, 400, 1, 0, 0, 1, 1, 1, 0, 0, 0, 1, 400, 1, 0, 0, 1, 1, 1, 0, 0, 1, 0, 400, 1, 0, 0, 1, 1, 1, 0, 0, 1, 1, 400, 1, 0, 0, 1, 1, 1, 0, 1, 0, 0, 400, 1, 0, 0, 1, 1, 1, 0, 1, 0, 1, 400, 1, 0, 0, 1, 1, 1, 0, 1, 1, 0, 400, 1, 0, 0, 1, 1, 1, 0, 1, 1, 1, 400, 1, 0, 0, 1, 1, 1, 1, 0, 0, 0, 400, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 400, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 400, 1, 0, 0, 1, 1, 1, 1, 0, 1, 1, 400, 1, 0, 0, 1, 1, 1, 1, 1, 0, 0, 400, 1, 0, 0, 1, 1, 1, 1, 1, 0, 1, 400, 1, 0, 0, 1, 1, 1, 1, 1, 1, 0, 400, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1, 400, 1, 0, 1, 0, 0, 0, 0, 1, 0, 0, 300, 1, 0, 1, 0, 0, 0, 0, 1, 1, 0, 300, 1, 0, 1, 0, 0, 0, 1, 1, 0, 0, 300, 1, 0, 1, 0, 0, 0, 1, 1, 1, 0, 300, 1, 0, 1, 0, 0, 1, 0, 1, 0, 1, 300, 1, 0, 1, 0, 0, 1, 0, 1, 1, 1, 300, 1, 0, 1, 0, 0, 1, 1, 1, 0, 1, 300, 1, 0, 1, 0, 0, 1, 1, 1, 1, 1, 300, 1, 0, 1, 0, 1, 0, 0, 0, 0, 1, 300, 1, 0, 1, 0, 1, 0, 0, 0, 1, 1, 300, 1, 0, 1, 0, 1, 0, 1, 1, 0, 1, 300, 1, 0, 1, 0, 1, 0, 1, 1, 1, 1, 300, 1, 0, 1, 0, 1, 1, 0, 0, 0, 0, 300, 1, 0, 1, 0, 1, 1, 0, 0, 1, 0, 300, 1, 0, 1, 0, 1, 1, 1, 1, 0, 0, 300, 1, 0, 1, 0, 1, 1, 1, 1, 1, 0, 300, 1, 0, 1, 1, 0, 0, 0, 0, 1, 0, 300, 1, 0, 1, 1, 0, 0, 0, 1, 0, 0, 300, 1, 0, 1, 1, 0, 0, 1, 0, 1, 0, 300, 1, 0, 1, 1, 0, 0, 1, 1, 0, 0, 300, 1, 0, 1, 1, 0, 1, 0, 0, 1, 1, 300, 1, 0, 1, 1, 0, 1, 0, 1, 0, 1, 300, 1, 0, 1, 1, 0, 1, 1, 0, 1, 1, 300, 1, 0, 1, 1, 0, 1, 1, 1, 0, 1, 300, 1, 0, 1, 1, 1, 0, 0, 0, 0, 1, 400, 1, 0, 1, 1, 1, 0, 0, 0, 1, 1, 400, 1, 0, 1, 1, 1, 0, 0, 1, 0, 1, 400, 1, 0, 1, 1, 1, 0, 0, 1, 1, 1, 400, 1, 0, 1, 1, 1, 0, 1, 0, 0, 1, 400, 1, 0, 1, 1, 1, 0, 1, 0, 1, 1, 400, 1, 0, 1, 1, 1, 0, 1, 1, 0, 1, 400, 1, 0, 1, 1, 1, 0, 1, 1, 1, 1, 400, 1, 0, 1, 1, 1, 1, 0, 0, 0, 0, 400, 1, 0, 1, 1, 1, 1, 0, 0, 1, 0, 400, 1, 0, 1, 1, 1, 1, 0, 1, 0, 0, 400, 1, 0, 1, 1, 1, 1, 0, 1, 1, 0, 400, 1, 0, 1, 1, 1, 1, 1, 0, 0, 0, 400, 1, 0, 1, 1, 1, 1, 1, 0, 1, 0, 400, 1, 0, 1, 1, 1, 1, 1, 1, 0, 0, 400, 1, 0, 1, 1, 1, 1, 1, 1, 1, 0, 400, 1, 1, 0, 0, 0, 0, 1, 0, 0, 0, 300, 1, 1, 0, 0, 0, 0, 1, 0, 0, 1, 300, 1, 1, 0, 0, 0, 0, 1, 0, 1, 0, 300, 1, 1, 0, 0, 0, 0, 1, 0, 1, 1, 300, 1, 1, 0, 0, 0, 1, 1, 0, 0, 0, 300, 1, 1, 0, 0, 0, 1, 1, 0, 0, 1, 300, 1, 1, 0, 0, 0, 1, 1, 0, 1, 0, 300, 1, 1, 0, 0, 0, 1, 1, 0, 1, 1, 300, 1, 1, 0, 0, 1, 0, 1, 0, 0, 0, 400, 1, 1, 0, 0, 1, 0, 1, 0, 0, 1, 400, 1, 1, 0, 0, 1, 0, 1, 0, 1, 0, 400, 1, 1, 0, 0, 1, 0, 1, 0, 1, 1, 400, 1, 1, 0, 0, 1, 0, 1, 1, 0, 0, 400, 1, 1, 0, 0, 1, 0, 1, 1, 0, 1, 400, 1, 1, 0, 0, 1, 0, 1, 1, 1, 0, 400, 1, 1, 0, 0, 1, 0, 1, 1, 1, 1, 400, 1, 1, 0, 0, 1, 1, 1, 0, 0, 0, 400, 1, 1, 0, 0, 1, 1, 1, 0, 0, 1, 400, 1, 1, 0, 0, 1, 1, 1, 0, 1, 0, 400, 1, 1, 0, 0, 1, 1, 1, 0, 1, 1, 400, 1, 1, 0, 0, 1, 1, 1, 1, 0, 0, 400, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 400, 1, 1, 0, 0, 1, 1, 1, 1, 1, 0, 400, 1, 1, 0, 0, 1, 1, 1, 1, 1, 1, 400, 1, 1, 0, 1, 0, 0, 1, 0, 0, 0, 300, 1, 1, 0, 1, 0, 0, 1, 0, 0, 1, 300, 1, 1, 0, 1, 0, 0, 1, 1, 1, 0, 300, 1, 1, 0, 1, 0, 0, 1, 1, 1, 1, 300, 1, 1, 0, 1, 0, 1, 0, 0, 0, 0, 300, 1, 1, 0, 1, 0, 1, 0, 0, 0, 1, 300, 1, 1, 0, 1, 0, 1, 0, 1, 1, 0, 300, 1, 1, 0, 1, 0, 1, 0, 1, 1, 1, 300, 1, 1, 0, 1, 1, 0, 1, 0, 0, 0, 400, 1, 1, 0, 1, 1, 0, 1, 0, 0, 1, 400, 1, 1, 0, 1, 1, 0, 1, 0, 1, 0, 400, 1, 1, 0, 1, 1, 0, 1, 0, 1, 1, 400, 1, 1, 0, 1, 1, 0, 1, 1, 0, 0, 400, 1, 1, 0, 1, 1, 0, 1, 1, 0, 1, 400, 1, 1, 0, 1, 1, 0, 1, 1, 1, 0, 400, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 400, 1, 1, 0, 1, 1, 1, 0, 0, 0, 0, 400, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 400, 1, 1, 0, 1, 1, 1, 0, 0, 1, 0, 400, 1, 1, 0, 1, 1, 1, 0, 0, 1, 1, 400, 1, 1, 0, 1, 1, 1, 0, 1, 0, 0, 400, 1, 1, 0, 1, 1, 1, 0, 1, 0, 1, 400, 1, 1, 0, 1, 1, 1, 0, 1, 1, 0, 400, 1, 1, 0, 1, 1, 1, 0, 1, 1, 1, 400, 1, 1, 1, 0, 0, 0, 0, 1, 0, 0, 400, 1, 1, 1, 0, 0, 0, 0, 1, 0, 1, 400, 1, 1, 1, 0, 0, 0, 0, 1, 1, 0, 400, 1, 1, 1, 0, 0, 0, 0, 1, 1, 1, 400, 1, 1, 1, 0, 0, 0, 1, 1, 0, 0, 400, 1, 1, 1, 0, 0, 0, 1, 1, 0, 1, 400, 1, 1, 1, 0, 0, 0, 1, 1, 1, 0, 400, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 400, 1, 1, 1, 0, 0, 1, 0, 1, 0, 0, 400, 1, 1, 1, 0, 0, 1, 0, 1, 0, 1, 400, 1, 1, 1, 0, 0, 1, 0, 1, 1, 0, 400, 1, 1, 1, 0, 0, 1, 0, 1, 1, 1, 400, 1, 1, 1, 0, 0, 1, 1, 1, 0, 0, 400, 1, 1, 1, 0, 0, 1, 1, 1, 0, 1, 400, 1, 1, 1, 0, 0, 1, 1, 1, 1, 0, 400, 1, 1, 1, 0, 0, 1, 1, 1, 1, 1, 400, 1, 1, 1, 0, 1, 0, 0, 1, 0, 0, 400, 1, 1, 1, 0, 1, 0, 0, 1, 0, 1, 400, 1, 1, 1, 0, 1, 0, 0, 1, 1, 0, 400, 1, 1, 1, 0, 1, 0, 0, 1, 1, 1, 400, 1, 1, 1, 0, 1, 0, 1, 0, 0, 0, 400, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 400, 1, 1, 1, 0, 1, 0, 1, 0, 1, 0, 400, 1, 1, 1, 0, 1, 0, 1, 0, 1, 1, 400, 1, 1, 1, 0, 1, 1, 0, 1, 0, 0, 400, 1, 1, 1, 0, 1, 1, 0, 1, 0, 1, 400, 1, 1, 1, 0, 1, 1, 0, 1, 1, 0, 400, 1, 1, 1, 0, 1, 1, 0, 1, 1, 1, 400, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 400, 1, 1, 1, 0, 1, 1, 1, 0, 0, 1, 400, 1, 1, 1, 0, 1, 1, 1, 0, 1, 0, 400, 1, 1, 1, 0, 1, 1, 1, 0, 1, 1, 400, 1, 1, 1, 1, 0, 0, 0, 0, 1, 0, 400, 1, 1, 1, 1, 0, 0, 0, 0, 1, 1, 400, 1, 1, 1, 1, 0, 0, 0, 1, 0, 0, 400, 1, 1, 1, 1, 0, 0, 0, 1, 0, 1, 400, 1, 1, 1, 1, 0, 0, 1, 0, 1, 0, 400, 1, 1, 1, 1, 0, 0, 1, 0, 1, 1, 400, 1, 1, 1, 1, 0, 0, 1, 1, 0, 0, 400, 1, 1, 1, 1, 0, 0, 1, 1, 0, 1, 400, 1, 1, 1, 1, 0, 1, 0, 0, 1, 0, 400, 1, 1, 1, 1, 0, 1, 0, 0, 1, 1, 400, 1, 1, 1, 1, 0, 1, 0, 1, 0, 0, 400, 1, 1, 1, 1, 0, 1, 0, 1, 0, 1, 400, 1, 1, 1, 1, 0, 1, 1, 0, 1, 0, 400, 1, 1, 1, 1, 0, 1, 1, 0, 1, 1, 400, 1, 1, 1, 1, 0, 1, 1, 1, 0, 0, 400, 1, 1, 1, 1, 0, 1, 1, 1, 0, 1, 400, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1, 400, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 400, 1, 1, 1, 1, 1, 0, 0, 1, 0, 0, 400, 1, 1, 1, 1, 1, 0, 0, 1, 1, 1, 400, 1, 1, 1, 1, 1, 0, 1, 0, 0, 0, 400, 1, 1, 1, 1, 1, 0, 1, 0, 1, 1, 400, 1, 1, 1, 1, 1, 0, 1, 1, 0, 1, 400, 1, 1, 1, 1, 1, 0, 1, 1, 1, 0, 400, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 400, 1, 1, 1, 1, 1, 1, 0, 0, 1, 1, 400, 1, 1, 1, 1, 1, 1, 0, 1, 0, 1, 400, 1, 1, 1, 1, 1, 1, 0, 1, 1, 0, 400, 1, 1, 1, 1, 1, 1, 1, 0, 0, 1, 400, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 400, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 400, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 400]);
318 | 


--------------------------------------------------------------------------------
/constraint_programming/search_for_all_states/GastonS_linear.mzn:
--------------------------------------------------------------------------------
  1 | 
  2 | % Use this editor as a MiniZinc scratch book
  3 | include "globals.mzn";
  4 | include "chuffed.mzn";
  5 | 
  6 | int :nr; % Number of Rounds
  7 | int :wordsize=64; % word size
  8 | int :bit=320; % Number of bits
  9 | int: R = nr-1;% just because starting R from 1 doesnt work!
 10 | array [0..R,0..4, 0..wordsize-1] of var 0..1: statestart; % before permutation
 11 | 
 12 | array [0..R,0..4, 0..wordsize-1] of var 0..1: state_east;% after east
 13 | 
 14 | array [0..R,0..4, 0..wordsize-1] of var 0..1: state_F;
 15 | 
 16 | array [0..R,0..2, 0..wordsize-1] of var 0..1: state_E;% E0,E1,Eall
 17 | 
 18 | array [0..R,0..4, 0..wordsize-1] of var 0..1: state_Aj;% before west (could be combined with west?)
 19 | 
 20 | 
 21 | array [0..R,0..4, 0..wordsize-1] of var 0..1: stateend; % after permutation
 22 | array [0..64*(R+1)-1] of var {0,100,200,241,300,400}: prb; % probabilities
 23 | var int: obj; % objective value
 24 | constraint obj <= 32000;
 25 | constraint obj >= 1;
 26 | constraint obj = sum(prb); % Objective Function
 27 | array [0..R,0..63] of var bool: sboxes;
 28 | 
 29 | 
 30 | % Forward Substitution
 31 | constraint forall (r in 0..R, i in 0..wordsize-1) (
 32 |              table([statestart[r,0,i],statestart[r,1,i], statestart[r,2,i], statestart[r,3,i], statestart[r,4,i],
 33 |                     stateend[r,0,i],stateend[r,1,i], stateend[r,2,i], stateend[r,3,i], stateend[r,4,i],
 34 |               prb[64*(r)+i]], DDT));
 35 | 
 36 | 
 37 | 
 38 | % east
 39 | constraint forall (r in 0..R-1) (
 40 | let {
 41 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[stateend[r,0,j] | j in 0..wordsize-1]),
 42 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,0,j] | j in 0..wordsize-1])
 43 | }
 44 | in Xor2(tmp,tmpb)
 45 | );
 46 | 
 47 | constraint forall (r in 0..R-1) (
 48 | let {
 49 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[stateend[r,1,j] | j in 0..wordsize-1]),61),
 50 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,1,j] | j in 0..wordsize-1])
 51 | }
 52 | in Xor2(tmp,tmpb)
 53 | );
 54 | 
 55 | constraint forall (r in 0..R-1) (
 56 | let {
 57 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[stateend[r,2,j] | j in 0..wordsize-1]),49),
 58 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,2,j] | j in 0..wordsize-1])
 59 | }
 60 | in Xor2(tmp,tmpb)
 61 | );
 62 | 
 63 | constraint forall (r in 0..R-1) (
 64 | let {
 65 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[stateend[r,3,j] | j in 0..wordsize-1]),13),
 66 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,3,j] | j in 0..wordsize-1])
 67 | }
 68 | in Xor2(tmp,tmpb)
 69 | );
 70 | 
 71 | constraint forall (r in 0..R-1) (
 72 | let {
 73 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[stateend[r,4,j] | j in 0..wordsize-1]),19),
 74 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,4,j] | j in 0..wordsize-1])
 75 | }
 76 | in Xor2(tmp,tmpb)
 77 | );
 78 | 
 79 | % E0
 80 | constraint forall (r in 0..R-1) (
 81 | let {
 82 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,0,j] | j in 0..wordsize-1]),
 83 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,1,j] | j in 0..wordsize-1]),
 84 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_east[r,2,j] | j in 0..wordsize-1]),
 85 |     array [0..wordsize-1] of var 0..1:tmpd=array1d(0..wordsize-1,[state_east[r,3,j] | j in 0..wordsize-1]),
 86 |     array [0..wordsize-1] of var 0..1:tmpe=array1d(0..wordsize-1,[state_east[r,4,j] | j in 0..wordsize-1]),
 87 |     array [0..wordsize-1] of var 0..1:tmpf=array1d(0..wordsize-1,[state_E[r,0,j] | j in 0..wordsize-1])
 88 | }
 89 | in Xor6(tmp,tmpb,tmpc,tmpd,tmpe,tmpf)
 90 | );
 91 | 
 92 | 
 93 | % E1
 94 | constraint forall (r in 0..R-1) (
 95 | let {
 96 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_east[r,0,j] | j in 0..wordsize-1]),6),
 97 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_east[r,1,j] | j in 0..wordsize-1]),10),
 98 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_east[r,2,j] | j in 0..wordsize-1]),27),
 99 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[state_east[r,3,j] | j in 0..wordsize-1]),41),
100 |     array [0..wordsize-1] of var 0..1:tmpe=RRot(array1d(0..wordsize-1,[state_east[r,4,j] | j in 0..wordsize-1]),50),
101 |     array [0..wordsize-1] of var 0..1:tmpf=array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1])
102 | }
103 | in Xor6(tmp,tmpb,tmpc,tmpd,tmpe,tmpf)
104 | );
105 | 
106 | 
107 | 
108 | 
109 | 
110 | % Eall
111 | constraint forall (r in 0..R-1) (
112 | let {
113 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_E[r,0,j] | j in 0..wordsize-1]),
114 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,0,j] | j in 0..wordsize-1]),1),
115 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),
116 | }
117 | in Xor3(tmp,tmpb,tmpc)
118 | );
119 | 
120 | 
121 | 
122 | 
123 | % F0
124 | constraint forall (r in 0..R-1) (
125 | let {
126 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),6),
127 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),42),
128 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,0,j] | j in 0..wordsize-1]),
129 | }
130 | in Xor3(tmp,tmpb,tmpc)
131 | );
132 | 
133 | % F1
134 | constraint forall (r in 0..R-1) (
135 | let {
136 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),10),
137 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),46),
138 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,1,j] | j in 0..wordsize-1]),
139 | }
140 | in Xor3(tmp,tmpb,tmpc)
141 | );
142 | 
143 | % F2
144 | constraint forall (r in 0..R-1) (
145 | let {
146 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),27),
147 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),63),
148 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,2,j] | j in 0..wordsize-1]),
149 | }
150 | in Xor3(tmp,tmpb,tmpc)
151 | );
152 | 
153 | % F3
154 | constraint forall (r in 0..R-1) (
155 | let {
156 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),41),
157 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),13),
158 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,3,j] | j in 0..wordsize-1]),
159 | }
160 | in Xor3(tmp,tmpb,tmpc)
161 | );
162 | 
163 | 
164 | % F4
165 | constraint forall (r in 0..R-1) (
166 | let {
167 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),50),
168 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),22),
169 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,4,j] | j in 0..wordsize-1]),
170 | }
171 | in Xor3(tmp,tmpb,tmpc)
172 | );
173 | 
174 | 
175 | %row0 Aj
176 | constraint forall (r in 0..R-1) (
177 | let {
178 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,0,j] | j in 0..wordsize-1]),
179 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
180 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,0,j] | j in 0..wordsize-1]),26),
181 |     array [0..wordsize-1] of var 0..1:tmpd=array1d(0..wordsize-1,[statestart[r+1,0,j] | j in 0..wordsize-1])
182 | }
183 | in Xor4(tmp,tmpb,tmpc,tmpd)
184 | );
185 | 
186 | 
187 | 
188 | %row1 Aj
189 | constraint forall (r in 0..R-1) (
190 | let {
191 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,1,j] | j in 0..wordsize-1]),
192 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
193 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,1,j] | j in 0..wordsize-1]),26),
194 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[statestart[r+1,1,j] | j in 0..wordsize-1]),3)
195 | }
196 | in Xor4(tmp,tmpb,tmpc,tmpd)
197 | );
198 | 
199 | 
200 | 
201 | %row2 Aj
202 | constraint forall (r in 0..R-1) (
203 | let {
204 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,2,j] | j in 0..wordsize-1]),
205 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
206 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,2,j] | j in 0..wordsize-1]),26),
207 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[statestart[r+1,2,j] | j in 0..wordsize-1]),15)
208 | }
209 | in Xor4(tmp,tmpb,tmpc,tmpd)
210 | );
211 | 
212 | 
213 | %row3 Aj
214 | constraint forall (r in 0..R-1) (
215 | let {
216 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,3,j] | j in 0..wordsize-1]),
217 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
218 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,3,j] | j in 0..wordsize-1]),26),
219 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[statestart[r+1,3,j] | j in 0..wordsize-1]),51)
220 | }
221 | in Xor4(tmp,tmpb,tmpc,tmpd)
222 | );
223 | 
224 | 
225 | %row4 Aj
226 | constraint forall (r in 0..R-1) (
227 | let {
228 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,4,j] | j in 0..wordsize-1]),
229 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
230 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,4,j] | j in 0..wordsize-1]),26),
231 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[statestart[r+1,4,j] | j in 0..wordsize-1]),45)
232 | }
233 | in Xor4(tmp,tmpb,tmpc,tmpd)
234 | );
235 | 
236 | 
237 | 
238 | 
239 | 
240 | 
241 | % search strategy
242 | ann: search_ann;
243 | search_ann = seq_search([
244 |     int_search(row(sboxes,0), random_order, indomain_min, complete),
245 |     int_search(row(sboxes,1), random_order, indomain_min, complete),
246 |     %int_search(row(sboxes,2), random_order, indomain_min, complete),
247 |     int_search(array1d(prb), occurrence, indomain_min, complete)]);
248 | 
249 | 
250 | constraint forall(k in 0..R, j in 0..63) (sboxes[k,j] = checkActive([statestart[k,i,j] | i in 0..4]));
251 | 
252 | 
253 | solve :: restart_constant(10000)
254 | :: search_ann minimize obj;
255 | 
256 | 
257 | 
258 | 
259 | 
260 | % %change to left
261 | % % Right rotation of X by val positions
262 | % function array[0..wordsize-1] of var 0..1: RRot(array[0..(wordsize-1)] of var 0..1: X, int: val)=
263 | % array1d(0..wordsize-1, [X[(j+val) mod wordsize] | j in 0..wordsize-1]);
264 | 
265 | %Right for linear
266 | % Right rotation of X by val positions
267 | function array[0..wordsize-1] of var 0..1: RRot(array[0..(wordsize-1)] of var 0..1: X, int: val)=
268 | array1d(0..wordsize-1, [X[(wordsize+j-val) mod wordsize] | j in 0..wordsize-1]);
269 | 
270 | 
271 | 
272 | % XOR of 4 arrays equals zero
273 | predicate Xor4(
274 |   array[0..wordsize-1] of var 0..1: a,
275 |   array[0..wordsize-1] of var 0..1: b,
276 |   array[0..wordsize-1] of var 0..1: c,
277 |   array[0..wordsize-1] of var 0..1: d)=
278 |     forall(i in 0..wordsize-1)(a[i]+b[i]+c[i]+d[i] in {0,2,4});
279 | 
280 | 
281 | predicate Xor3(
282 |   array[0..wordsize-1] of var 0..1: a,
283 |   array[0..wordsize-1] of var 0..1: b,
284 |   array[0..wordsize-1] of var 0..1: c)=
285 |     forall(i in 0..wordsize-1)(a[i]+b[i]+c[i] in {0,2});
286 | 
287 | 
288 | 
289 | % XOR of 2 arrays equals zero
290 | predicate Xor2(
291 |   array[0..wordsize-1] of var 0..1: a,
292 |   array[0..wordsize-1] of var 0..1: b,)=
293 |     forall(i in 0..wordsize-1)(a[i]+b[i] in {0,2});
294 | 
295 | % XOR of 5 arrays equals zero
296 | predicate Xor5(
297 |   array[0..wordsize-1] of var 0..1: a,
298 |   array[0..wordsize-1] of var 0..1: b,
299 |   array[0..wordsize-1] of var 0..1: c,
300 |   array[0..wordsize-1] of var 0..1: d,
301 |   array[0..wordsize-1] of var 0..1: e)=
302 |     forall(i in 0..wordsize-1)(a[i]+b[i]+c[i]+d[i]+e[i] in {0,2,4});
303 | 
304 | 
305 |   % XOR of 6 arrays equals zero
306 | predicate Xor6(
307 |   array[0..wordsize-1] of var 0..1: a,
308 |   array[0..wordsize-1] of var 0..1: b,
309 |   array[0..wordsize-1] of var 0..1: c,
310 |   array[0..wordsize-1] of var 0..1: d,
311 |   array[0..wordsize-1] of var 0..1: e,
312 |   array[0..wordsize-1] of var 0..1: f)=
313 |     forall(i in 0..wordsize-1)(a[i]+b[i]+c[i]+d[i]+e[i]+f[i] in {0,2,4,6});
314 | 
315 | % checking activeness of each Sbox
316 | predicate checkActive(array[int] of var 0..1: a) =
317 |             let { int: len = length(a) }
318 |           in
319 |             sum(i in 1..len) (a[i]) > 0;
320 | 
321 | 
322 | % checking activeness of each Sbox
323 | predicate checkzero(array[int] of var 0..1: a) =
324 |             let { int: len = length(a) }
325 |           in
326 |             sum(i in 1..len) (a[i]) = 0;
327 | 
328 | % for printing purposes only
329 | array[0..R] of var int: Sboxes;
330 | constraint forall (k in 0..R)(
331 |   Sboxes[k] = sum(j in 0..63)(bool2int(checkActive([statestart[k,i,j] | i in 0..4])))
332 | );
333 | 
334 | 
335 | output [
336 |         if i==0 then "\n Round " ++show(r) ++"\n beforeSB : \n" else "" endif
337 |         ++ if i<5 then show([statestart[r,i,j] | j in 0..wordsize-1]) ++ " \n" else "" endif ++
338 |         if i==4 then "after SB : \n" else "" endif
339 |          ++ if i>=4 then show([stateend[r,i-4,j] | j in 0..wordsize-1]) ++ " \n" else "" endif   | r in 0..R, i in 0..8]
340 |          ++ [show([Sboxes[i] | i in 0..R]) ++ " " ++ show(obj) ++ "\n"] ++ [show([prb[i] | i in 64*k..64*(k+1)-1]) ++ " " ++ show(sum([prb[i] | i in 64*k..64*(k+1)-1])) ++ "\n" | k in 0..R ];
341 | 
342 | 
343 | 
344 | array [1..377, 1..11] of int : DDT = array2d(1..377,1..11,[0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 200, 0, 0, 0, 0, 1, 0, 1, 0, 0, 1, 200, 0, 0, 0, 0, 1, 1, 0, 0, 0, 1, 200, 0, 0, 0, 0, 1, 1, 1, 0, 0, 1, 200, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 200, 0, 0, 0, 1, 0, 0, 0, 0, 1, 1, 200, 0, 0, 0, 1, 0, 1, 0, 0, 1, 0, 200, 0, 0, 0, 1, 0, 1, 0, 0, 1, 1, 200, 0, 0, 0, 1, 1, 0, 0, 0, 1, 0, 200, 0, 0, 0, 1, 1, 0, 1, 0, 1, 1, 200, 0, 0, 0, 1, 1, 1, 0, 0, 1, 0, 200, 0, 0, 0, 1, 1, 1, 1, 0, 1, 1, 200, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 200, 0, 0, 1, 0, 0, 0, 0, 1, 0, 1, 200, 0, 0, 1, 0, 0, 0, 0, 1, 1, 0, 200, 0, 0, 1, 0, 0, 0, 0, 1, 1, 1, 200, 0, 0, 1, 0, 1, 0, 0, 1, 0, 0, 300, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 300, 0, 0, 1, 0, 1, 0, 0, 1, 1, 0, 300, 0, 0, 1, 0, 1, 0, 0, 1, 1, 1, 300, 0, 0, 1, 0, 1, 0, 1, 1, 0, 0, 300, 0, 0, 1, 0, 1, 0, 1, 1, 0, 1, 300, 0, 0, 1, 0, 1, 0, 1, 1, 1, 0, 300, 0, 0, 1, 0, 1, 0, 1, 1, 1, 1, 300, 0, 0, 1, 0, 1, 1, 0, 1, 0, 0, 300, 0, 0, 1, 0, 1, 1, 0, 1, 0, 1, 300, 0, 0, 1, 0, 1, 1, 0, 1, 1, 0, 300, 0, 0, 1, 0, 1, 1, 0, 1, 1, 1, 300, 0, 0, 1, 0, 1, 1, 1, 1, 0, 0, 300, 0, 0, 1, 0, 1, 1, 1, 1, 0, 1, 300, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 300, 0, 0, 1, 0, 1, 1, 1, 1, 1, 1, 300, 0, 0, 1, 1, 0, 0, 0, 1, 0, 0, 200, 0, 0, 1, 1, 0, 0, 0, 1, 0, 1, 200, 0, 0, 1, 1, 0, 1, 0, 1, 1, 0, 200, 0, 0, 1, 1, 0, 1, 0, 1, 1, 1, 200, 0, 0, 1, 1, 1, 0, 0, 1, 0, 0, 300, 0, 0, 1, 1, 1, 0, 0, 1, 0, 1, 300, 0, 0, 1, 1, 1, 0, 0, 1, 1, 0, 300, 0, 0, 1, 1, 1, 0, 0, 1, 1, 1, 300, 0, 0, 1, 1, 1, 0, 1, 1, 0, 0, 300, 0, 0, 1, 1, 1, 0, 1, 1, 0, 1, 300, 0, 0, 1, 1, 1, 0, 1, 1, 1, 0, 300, 0, 0, 1, 1, 1, 0, 1, 1, 1, 1, 300, 0, 0, 1, 1, 1, 1, 0, 1, 0, 0, 300, 0, 0, 1, 1, 1, 1, 0, 1, 0, 1, 300, 0, 0, 1, 1, 1, 1, 0, 1, 1, 0, 300, 0, 0, 1, 1, 1, 1, 0, 1, 1, 1, 300, 0, 0, 1, 1, 1, 1, 1, 1, 0, 0, 300, 0, 0, 1, 1, 1, 1, 1, 1, 0, 1, 300, 0, 0, 1, 1, 1, 1, 1, 1, 1, 0, 300, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 300, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 200, 0, 1, 0, 0, 0, 0, 1, 0, 1, 0, 200, 0, 1, 0, 0, 0, 0, 1, 1, 0, 0, 200, 0, 1, 0, 0, 0, 0, 1, 1, 1, 0, 200, 0, 1, 0, 0, 1, 0, 0, 0, 0, 1, 300, 0, 1, 0, 0, 1, 0, 0, 0, 1, 1, 300, 0, 1, 0, 0, 1, 0, 0, 1, 0, 1, 300, 0, 1, 0, 0, 1, 0, 0, 1, 1, 1, 300, 0, 1, 0, 0, 1, 0, 1, 0, 0, 1, 300, 0, 1, 0, 0, 1, 0, 1, 0, 1, 1, 300, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 300, 0, 1, 0, 0, 1, 0, 1, 1, 1, 1, 300, 0, 1, 0, 0, 1, 1, 0, 0, 0, 1, 300, 0, 1, 0, 0, 1, 1, 0, 0, 1, 1, 300, 0, 1, 0, 0, 1, 1, 0, 1, 0, 1, 300, 0, 1, 0, 0, 1, 1, 0, 1, 1, 1, 300, 0, 1, 0, 0, 1, 1, 1, 0, 0, 1, 300, 0, 1, 0, 0, 1, 1, 1, 0, 1, 1, 300, 0, 1, 0, 0, 1, 1, 1, 1, 0, 1, 300, 0, 1, 0, 0, 1, 1, 1, 1, 1, 1, 300, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 300, 0, 1, 0, 1, 0, 0, 1, 0, 0, 1, 300, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 300, 0, 1, 0, 1, 0, 0, 1, 0, 1, 1, 300, 0, 1, 0, 1, 0, 0, 1, 1, 0, 0, 300, 0, 1, 0, 1, 0, 0, 1, 1, 0, 1, 300, 0, 1, 0, 1, 0, 0, 1, 1, 1, 0, 300, 0, 1, 0, 1, 0, 0, 1, 1, 1, 1, 300, 0, 1, 0, 1, 0, 1, 1, 0, 0, 0, 300, 0, 1, 0, 1, 0, 1, 1, 0, 0, 1, 300, 0, 1, 0, 1, 0, 1, 1, 0, 1, 0, 300, 0, 1, 0, 1, 0, 1, 1, 0, 1, 1, 300, 0, 1, 0, 1, 0, 1, 1, 1, 0, 0, 300, 0, 1, 0, 1, 0, 1, 1, 1, 0, 1, 300, 0, 1, 0, 1, 0, 1, 1, 1, 1, 0, 300, 0, 1, 0, 1, 0, 1, 1, 1, 1, 1, 300, 0, 1, 0, 1, 1, 0, 0, 0, 0, 1, 300, 0, 1, 0, 1, 1, 0, 0, 0, 1, 1, 300, 0, 1, 0, 1, 1, 0, 0, 1, 0, 1, 300, 0, 1, 0, 1, 1, 0, 0, 1, 1, 1, 300, 0, 1, 0, 1, 1, 0, 1, 0, 0, 0, 300, 0, 1, 0, 1, 1, 0, 1, 0, 1, 0, 300, 0, 1, 0, 1, 1, 0, 1, 1, 0, 0, 300, 0, 1, 0, 1, 1, 0, 1, 1, 1, 0, 300, 0, 1, 0, 1, 1, 1, 0, 0, 0, 1, 300, 0, 1, 0, 1, 1, 1, 0, 0, 1, 1, 300, 0, 1, 0, 1, 1, 1, 0, 1, 0, 1, 300, 0, 1, 0, 1, 1, 1, 0, 1, 1, 1, 300, 0, 1, 0, 1, 1, 1, 1, 0, 0, 0, 300, 0, 1, 0, 1, 1, 1, 1, 0, 1, 0, 300, 0, 1, 0, 1, 1, 1, 1, 1, 0, 0, 300, 0, 1, 0, 1, 1, 1, 1, 1, 1, 0, 300, 0, 1, 1, 0, 0, 0, 1, 0, 0, 0, 200, 0, 1, 1, 0, 0, 0, 1, 0, 1, 0, 200, 0, 1, 1, 0, 0, 0, 1, 1, 0, 1, 200, 0, 1, 1, 0, 0, 0, 1, 1, 1, 1, 200, 0, 1, 1, 0, 1, 0, 0, 0, 0, 1, 300, 0, 1, 1, 0, 1, 0, 0, 0, 1, 1, 300, 0, 1, 1, 0, 1, 0, 0, 1, 0, 0, 300, 0, 1, 1, 0, 1, 0, 0, 1, 1, 0, 300, 0, 1, 1, 0, 1, 0, 1, 0, 0, 1, 300, 0, 1, 1, 0, 1, 0, 1, 0, 1, 1, 300, 0, 1, 1, 0, 1, 0, 1, 1, 0, 0, 300, 0, 1, 1, 0, 1, 0, 1, 1, 1, 0, 300, 0, 1, 1, 0, 1, 1, 0, 0, 0, 1, 300, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 300, 0, 1, 1, 0, 1, 1, 0, 1, 0, 0, 300, 0, 1, 1, 0, 1, 1, 0, 1, 1, 0, 300, 0, 1, 1, 0, 1, 1, 1, 0, 0, 1, 300, 0, 1, 1, 0, 1, 1, 1, 0, 1, 1, 300, 0, 1, 1, 0, 1, 1, 1, 1, 0, 0, 300, 0, 1, 1, 0, 1, 1, 1, 1, 1, 0, 300, 0, 1, 1, 1, 0, 0, 1, 0, 0, 0, 300, 0, 1, 1, 1, 0, 0, 1, 0, 0, 1, 300, 0, 1, 1, 1, 0, 0, 1, 0, 1, 0, 300, 0, 1, 1, 1, 0, 0, 1, 0, 1, 1, 300, 0, 1, 1, 1, 0, 0, 1, 1, 0, 0, 300, 0, 1, 1, 1, 0, 0, 1, 1, 0, 1, 300, 0, 1, 1, 1, 0, 0, 1, 1, 1, 0, 300, 0, 1, 1, 1, 0, 0, 1, 1, 1, 1, 300, 0, 1, 1, 1, 0, 1, 1, 0, 0, 0, 300, 0, 1, 1, 1, 0, 1, 1, 0, 0, 1, 300, 0, 1, 1, 1, 0, 1, 1, 0, 1, 0, 300, 0, 1, 1, 1, 0, 1, 1, 0, 1, 1, 300, 0, 1, 1, 1, 0, 1, 1, 1, 0, 0, 300, 0, 1, 1, 1, 0, 1, 1, 1, 0, 1, 300, 0, 1, 1, 1, 0, 1, 1, 1, 1, 0, 300, 0, 1, 1, 1, 0, 1, 1, 1, 1, 1, 300, 0, 1, 1, 1, 1, 0, 0, 0, 0, 1, 300, 0, 1, 1, 1, 1, 0, 0, 0, 1, 1, 300, 0, 1, 1, 1, 1, 0, 0, 1, 0, 0, 300, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 300, 0, 1, 1, 1, 1, 0, 1, 0, 0, 0, 300, 0, 1, 1, 1, 1, 0, 1, 0, 1, 0, 300, 0, 1, 1, 1, 1, 0, 1, 1, 0, 1, 300, 0, 1, 1, 1, 1, 0, 1, 1, 1, 1, 300, 0, 1, 1, 1, 1, 1, 0, 0, 0, 1, 300, 0, 1, 1, 1, 1, 1, 0, 0, 1, 1, 300, 0, 1, 1, 1, 1, 1, 0, 1, 0, 0, 300, 0, 1, 1, 1, 1, 1, 0, 1, 1, 0, 300, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 300, 0, 1, 1, 1, 1, 1, 1, 0, 1, 0, 300, 0, 1, 1, 1, 1, 1, 1, 1, 0, 1, 300, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 300, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 200, 1, 0, 0, 0, 0, 1, 0, 1, 0, 0, 200, 1, 0, 0, 0, 0, 1, 1, 0, 0, 0, 200, 1, 0, 0, 0, 0, 1, 1, 1, 0, 0, 200, 1, 0, 0, 0, 1, 0, 0, 0, 0, 1, 200, 1, 0, 0, 0, 1, 0, 1, 0, 0, 1, 200, 1, 0, 0, 0, 1, 1, 0, 1, 0, 1, 200, 1, 0, 0, 0, 1, 1, 1, 1, 0, 1, 200, 1, 0, 0, 1, 0, 0, 0, 0, 1, 0, 300, 1, 0, 0, 1, 0, 0, 0, 0, 1, 1, 300, 1, 0, 0, 1, 0, 0, 0, 1, 1, 0, 300, 1, 0, 0, 1, 0, 0, 0, 1, 1, 1, 300, 1, 0, 0, 1, 0, 0, 1, 0, 1, 0, 300, 1, 0, 0, 1, 0, 0, 1, 0, 1, 1, 300, 1, 0, 0, 1, 0, 0, 1, 1, 1, 0, 300, 1, 0, 0, 1, 0, 0, 1, 1, 1, 1, 300, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 300, 1, 0, 0, 1, 0, 1, 0, 0, 1, 1, 300, 1, 0, 0, 1, 0, 1, 0, 1, 1, 0, 300, 1, 0, 0, 1, 0, 1, 0, 1, 1, 1, 300, 1, 0, 0, 1, 0, 1, 1, 0, 1, 0, 300, 1, 0, 0, 1, 0, 1, 1, 0, 1, 1, 300, 1, 0, 0, 1, 0, 1, 1, 1, 1, 0, 300, 1, 0, 0, 1, 0, 1, 1, 1, 1, 1, 300, 1, 0, 0, 1, 1, 0, 0, 0, 1, 0, 300, 1, 0, 0, 1, 1, 0, 0, 0, 1, 1, 300, 1, 0, 0, 1, 1, 0, 0, 1, 1, 0, 300, 1, 0, 0, 1, 1, 0, 0, 1, 1, 1, 300, 1, 0, 0, 1, 1, 0, 1, 0, 1, 0, 300, 1, 0, 0, 1, 1, 0, 1, 0, 1, 1, 300, 1, 0, 0, 1, 1, 0, 1, 1, 1, 0, 300, 1, 0, 0, 1, 1, 0, 1, 1, 1, 1, 300, 1, 0, 0, 1, 1, 1, 0, 0, 1, 0, 300, 1, 0, 0, 1, 1, 1, 0, 0, 1, 1, 300, 1, 0, 0, 1, 1, 1, 0, 1, 1, 0, 300, 1, 0, 0, 1, 1, 1, 0, 1, 1, 1, 300, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 300, 1, 0, 0, 1, 1, 1, 1, 0, 1, 1, 300, 1, 0, 0, 1, 1, 1, 1, 1, 1, 0, 300, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1, 300, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 300, 1, 0, 1, 0, 0, 1, 0, 0, 0, 1, 300, 1, 0, 1, 0, 0, 1, 0, 0, 1, 0, 300, 1, 0, 1, 0, 0, 1, 0, 0, 1, 1, 300, 1, 0, 1, 0, 0, 1, 0, 1, 0, 0, 300, 1, 0, 1, 0, 0, 1, 0, 1, 0, 1, 300, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 300, 1, 0, 1, 0, 0, 1, 0, 1, 1, 1, 300, 1, 0, 1, 0, 0, 1, 1, 0, 0, 0, 300, 1, 0, 1, 0, 0, 1, 1, 0, 0, 1, 300, 1, 0, 1, 0, 0, 1, 1, 0, 1, 0, 300, 1, 0, 1, 0, 0, 1, 1, 0, 1, 1, 300, 1, 0, 1, 0, 0, 1, 1, 1, 0, 0, 300, 1, 0, 1, 0, 0, 1, 1, 1, 0, 1, 300, 1, 0, 1, 0, 0, 1, 1, 1, 1, 0, 300, 1, 0, 1, 0, 0, 1, 1, 1, 1, 1, 300, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 300, 1, 0, 1, 0, 1, 0, 0, 1, 0, 1, 300, 1, 0, 1, 0, 1, 0, 0, 1, 1, 0, 300, 1, 0, 1, 0, 1, 0, 0, 1, 1, 1, 300, 1, 0, 1, 0, 1, 0, 1, 1, 0, 0, 300, 1, 0, 1, 0, 1, 0, 1, 1, 0, 1, 300, 1, 0, 1, 0, 1, 0, 1, 1, 1, 0, 300, 1, 0, 1, 0, 1, 0, 1, 1, 1, 1, 300, 1, 0, 1, 0, 1, 1, 0, 0, 0, 0, 300, 1, 0, 1, 0, 1, 1, 0, 0, 0, 1, 300, 1, 0, 1, 0, 1, 1, 0, 0, 1, 0, 300, 1, 0, 1, 0, 1, 1, 0, 0, 1, 1, 300, 1, 0, 1, 0, 1, 1, 1, 0, 0, 0, 300, 1, 0, 1, 0, 1, 1, 1, 0, 0, 1, 300, 1, 0, 1, 0, 1, 1, 1, 0, 1, 0, 300, 1, 0, 1, 0, 1, 1, 1, 0, 1, 1, 300, 1, 0, 1, 1, 0, 0, 0, 0, 1, 0, 300, 1, 0, 1, 1, 0, 0, 0, 0, 1, 1, 300, 1, 0, 1, 1, 0, 0, 0, 1, 1, 0, 300, 1, 0, 1, 1, 0, 0, 0, 1, 1, 1, 300, 1, 0, 1, 1, 0, 0, 1, 0, 1, 0, 300, 1, 0, 1, 1, 0, 0, 1, 0, 1, 1, 300, 1, 0, 1, 1, 0, 0, 1, 1, 1, 0, 300, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 300, 1, 0, 1, 1, 0, 1, 0, 0, 0, 0, 300, 1, 0, 1, 1, 0, 1, 0, 0, 0, 1, 300, 1, 0, 1, 1, 0, 1, 0, 1, 0, 0, 300, 1, 0, 1, 1, 0, 1, 0, 1, 0, 1, 300, 1, 0, 1, 1, 0, 1, 1, 0, 0, 0, 300, 1, 0, 1, 1, 0, 1, 1, 0, 0, 1, 300, 1, 0, 1, 1, 0, 1, 1, 1, 0, 0, 300, 1, 0, 1, 1, 0, 1, 1, 1, 0, 1, 300, 1, 0, 1, 1, 1, 0, 0, 0, 1, 0, 300, 1, 0, 1, 1, 1, 0, 0, 0, 1, 1, 300, 1, 0, 1, 1, 1, 0, 0, 1, 0, 0, 300, 1, 0, 1, 1, 1, 0, 0, 1, 0, 1, 300, 1, 0, 1, 1, 1, 0, 1, 0, 1, 0, 300, 1, 0, 1, 1, 1, 0, 1, 0, 1, 1, 300, 1, 0, 1, 1, 1, 0, 1, 1, 0, 0, 300, 1, 0, 1, 1, 1, 0, 1, 1, 0, 1, 300, 1, 0, 1, 1, 1, 1, 0, 0, 0, 0, 300, 1, 0, 1, 1, 1, 1, 0, 0, 0, 1, 300, 1, 0, 1, 1, 1, 1, 0, 1, 1, 0, 300, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 300, 1, 0, 1, 1, 1, 1, 1, 0, 0, 0, 300, 1, 0, 1, 1, 1, 1, 1, 0, 0, 1, 300, 1, 0, 1, 1, 1, 1, 1, 1, 1, 0, 300, 1, 0, 1, 1, 1, 1, 1, 1, 1, 1, 300, 1, 1, 0, 0, 0, 1, 0, 0, 0, 0, 200, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 200, 1, 1, 0, 0, 0, 1, 1, 0, 1, 0, 200, 1, 1, 0, 0, 0, 1, 1, 1, 1, 0, 200, 1, 1, 0, 0, 1, 0, 0, 0, 0, 1, 300, 1, 1, 0, 0, 1, 0, 0, 0, 1, 1, 300, 1, 1, 0, 0, 1, 0, 0, 1, 0, 1, 300, 1, 1, 0, 0, 1, 0, 0, 1, 1, 1, 300, 1, 1, 0, 0, 1, 0, 1, 0, 0, 1, 300, 1, 1, 0, 0, 1, 0, 1, 0, 1, 1, 300, 1, 1, 0, 0, 1, 0, 1, 1, 0, 1, 300, 1, 1, 0, 0, 1, 0, 1, 1, 1, 1, 300, 1, 1, 0, 0, 1, 1, 0, 0, 0, 1, 300, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 300, 1, 1, 0, 0, 1, 1, 0, 1, 0, 1, 300, 1, 1, 0, 0, 1, 1, 0, 1, 1, 1, 300, 1, 1, 0, 0, 1, 1, 1, 0, 0, 1, 300, 1, 1, 0, 0, 1, 1, 1, 0, 1, 1, 300, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 300, 1, 1, 0, 0, 1, 1, 1, 1, 1, 1, 300, 1, 1, 0, 1, 0, 0, 0, 0, 1, 0, 300, 1, 1, 0, 1, 0, 0, 0, 0, 1, 1, 300, 1, 1, 0, 1, 0, 0, 0, 1, 1, 0, 300, 1, 1, 0, 1, 0, 0, 0, 1, 1, 1, 300, 1, 1, 0, 1, 0, 0, 1, 0, 0, 0, 300, 1, 1, 0, 1, 0, 0, 1, 0, 0, 1, 300, 1, 1, 0, 1, 0, 0, 1, 1, 0, 0, 300, 1, 1, 0, 1, 0, 0, 1, 1, 0, 1, 300, 1, 1, 0, 1, 0, 1, 0, 0, 1, 0, 300, 1, 1, 0, 1, 0, 1, 0, 0, 1, 1, 300, 1, 1, 0, 1, 0, 1, 0, 1, 1, 0, 300, 1, 1, 0, 1, 0, 1, 0, 1, 1, 1, 300, 1, 1, 0, 1, 0, 1, 1, 0, 0, 0, 300, 1, 1, 0, 1, 0, 1, 1, 0, 0, 1, 300, 1, 1, 0, 1, 0, 1, 1, 1, 0, 0, 300, 1, 1, 0, 1, 0, 1, 1, 1, 0, 1, 300, 1, 1, 0, 1, 1, 0, 0, 0, 0, 1, 300, 1, 1, 0, 1, 1, 0, 0, 0, 1, 0, 300, 1, 1, 0, 1, 1, 0, 0, 1, 0, 1, 300, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 300, 1, 1, 0, 1, 1, 0, 1, 0, 0, 0, 300, 1, 1, 0, 1, 1, 0, 1, 0, 1, 1, 300, 1, 1, 0, 1, 1, 0, 1, 1, 0, 0, 300, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 300, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 300, 1, 1, 0, 1, 1, 1, 0, 0, 1, 0, 300, 1, 1, 0, 1, 1, 1, 0, 1, 0, 1, 300, 1, 1, 0, 1, 1, 1, 0, 1, 1, 0, 300, 1, 1, 0, 1, 1, 1, 1, 0, 0, 0, 300, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 300, 1, 1, 0, 1, 1, 1, 1, 1, 0, 0, 300, 1, 1, 0, 1, 1, 1, 1, 1, 1, 1, 300, 1, 1, 1, 0, 0, 1, 0, 0, 0, 0, 300, 1, 1, 1, 0, 0, 1, 0, 0, 0, 1, 300, 1, 1, 1, 0, 0, 1, 0, 0, 1, 0, 300, 1, 1, 1, 0, 0, 1, 0, 0, 1, 1, 300, 1, 1, 1, 0, 0, 1, 0, 1, 0, 0, 300, 1, 1, 1, 0, 0, 1, 0, 1, 0, 1, 300, 1, 1, 1, 0, 0, 1, 0, 1, 1, 0, 300, 1, 1, 1, 0, 0, 1, 0, 1, 1, 1, 300, 1, 1, 1, 0, 0, 1, 1, 0, 0, 0, 300, 1, 1, 1, 0, 0, 1, 1, 0, 0, 1, 300, 1, 1, 1, 0, 0, 1, 1, 0, 1, 0, 300, 1, 1, 1, 0, 0, 1, 1, 0, 1, 1, 300, 1, 1, 1, 0, 0, 1, 1, 1, 0, 0, 300, 1, 1, 1, 0, 0, 1, 1, 1, 0, 1, 300, 1, 1, 1, 0, 0, 1, 1, 1, 1, 0, 300, 1, 1, 1, 0, 0, 1, 1, 1, 1, 1, 300, 1, 1, 1, 0, 1, 0, 0, 0, 0, 1, 300, 1, 1, 1, 0, 1, 0, 0, 0, 1, 1, 300, 1, 1, 1, 0, 1, 0, 0, 1, 0, 0, 300, 1, 1, 1, 0, 1, 0, 0, 1, 1, 0, 300, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 300, 1, 1, 1, 0, 1, 0, 1, 0, 1, 1, 300, 1, 1, 1, 0, 1, 0, 1, 1, 0, 0, 300, 1, 1, 1, 0, 1, 0, 1, 1, 1, 0, 300, 1, 1, 1, 0, 1, 1, 0, 0, 0, 0, 300, 1, 1, 1, 0, 1, 1, 0, 0, 1, 0, 300, 1, 1, 1, 0, 1, 1, 0, 1, 0, 1, 300, 1, 1, 1, 0, 1, 1, 0, 1, 1, 1, 300, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 300, 1, 1, 1, 0, 1, 1, 1, 0, 1, 0, 300, 1, 1, 1, 0, 1, 1, 1, 1, 0, 1, 300, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, 300, 1, 1, 1, 1, 0, 0, 0, 0, 1, 0, 300, 1, 1, 1, 1, 0, 0, 0, 0, 1, 1, 300, 1, 1, 1, 1, 0, 0, 0, 1, 1, 0, 300, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 300, 1, 1, 1, 1, 0, 0, 1, 0, 0, 0, 300, 1, 1, 1, 1, 0, 0, 1, 0, 0, 1, 300, 1, 1, 1, 1, 0, 0, 1, 1, 0, 0, 300, 1, 1, 1, 1, 0, 0, 1, 1, 0, 1, 300, 1, 1, 1, 1, 0, 1, 0, 0, 0, 0, 300, 1, 1, 1, 1, 0, 1, 0, 0, 0, 1, 300, 1, 1, 1, 1, 0, 1, 0, 1, 0, 0, 300, 1, 1, 1, 1, 0, 1, 0, 1, 0, 1, 300, 1, 1, 1, 1, 0, 1, 1, 0, 1, 0, 300, 1, 1, 1, 1, 0, 1, 1, 0, 1, 1, 300, 1, 1, 1, 1, 0, 1, 1, 1, 1, 0, 300, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 300, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1, 300, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 300, 1, 1, 1, 1, 1, 0, 0, 1, 0, 0, 300, 1, 1, 1, 1, 1, 0, 0, 1, 1, 1, 300, 1, 1, 1, 1, 1, 0, 1, 0, 0, 0, 300, 1, 1, 1, 1, 1, 0, 1, 0, 1, 1, 300, 1, 1, 1, 1, 1, 0, 1, 1, 0, 1, 300, 1, 1, 1, 1, 1, 0, 1, 1, 1, 0, 300, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 300, 1, 1, 1, 1, 1, 1, 0, 0, 1, 1, 300, 1, 1, 1, 1, 1, 1, 0, 1, 0, 1, 300, 1, 1, 1, 1, 1, 1, 0, 1, 1, 0, 300, 1, 1, 1, 1, 1, 1, 1, 0, 0, 1, 300, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 300, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 300, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 300]);
345 | 
346 | 


--------------------------------------------------------------------------------
/constraint_programming/search_for_all_states/SBD_diff.mzn:
--------------------------------------------------------------------------------
  1 | % Use this editor as a MiniZinc scratch book
  2 | include "globals.mzn";
  3 | include "chuffed.mzn";
  4 | 
  5 | int :nr; % Number of Rounds
  6 | int :wordsize=64; % word size
  7 | int :bit=320; % Number of bits
  8 | int: R = nr-1;% just because starting R from 1 doesnt work!
  9 | array [0..R,0..4, 0..wordsize-1] of var 0..1: statestart; % before permutation
 10 | 
 11 | array [0..R,0..4, 0..wordsize-1] of var 0..1: state_east;% after east
 12 | array [0..R,0..4, 0..wordsize-1] of var 0..1: state_F;
 13 | 
 14 | array [0..R,0..2, 0..wordsize-1] of var 0..1: state_E;% E0,E1,Eall 
 15 | 
 16 | array [0..R,0..4, 0..wordsize-1] of var 0..1: state_Aj;% before west (could be combined with west?)
 17 | 
 18 | 
 19 | array [0..R,0..4, 0..wordsize-1] of var 0..1: stateend; % after permutation
 20 | array [0..64*(R+1)-1] of var {0,100,200,241,300,400}: prb; % probabilities
 21 | var int: obj; % objective value
 22 | constraint obj <= 32000;
 23 | constraint obj >= 1;
 24 | constraint obj = sum(prb); % Objective Function
 25 | array [0..R,0..63] of var bool: sboxes;
 26 | 
 27 | % Forward Permutation
 28 | 
 29 | % Forward Substitution
 30 | constraint forall (r in 0..R, i in 0..wordsize-1) (
 31 |              table([statestart[r,0,i],statestart[r,1,i], statestart[r,2,i], statestart[r,3,i], statestart[r,4,i],
 32 |                     stateend[r,0,i],stateend[r,1,i], stateend[r,2,i], stateend[r,3,i], stateend[r,4,i],
 33 |               prb[64*(r)+i]], DDT));
 34 | 
 35 | % east   
 36 | constraint forall (r in 0..R-1) (
 37 | let {
 38 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[stateend[r,0,j] | j in 0..wordsize-1]),
 39 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,0,j] | j in 0..wordsize-1])
 40 | }
 41 | in Xor2(tmp,tmpb)
 42 | );
 43 | 
 44 | constraint forall (r in 0..R-1) (
 45 | let {
 46 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[stateend[r,1,j] | j in 0..wordsize-1]),61),
 47 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,1,j] | j in 0..wordsize-1])
 48 | }
 49 | in Xor2(tmp,tmpb)
 50 | );
 51 | 
 52 | constraint forall (r in 0..R-1) (
 53 | let {
 54 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[stateend[r,2,j] | j in 0..wordsize-1]),49),
 55 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,2,j] | j in 0..wordsize-1])
 56 | }
 57 | in Xor2(tmp,tmpb)
 58 | );
 59 | 
 60 | constraint forall (r in 0..R-1) (
 61 | let {
 62 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[stateend[r,3,j] | j in 0..wordsize-1]),13),
 63 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,3,j] | j in 0..wordsize-1])
 64 | }
 65 | in Xor2(tmp,tmpb)
 66 | );
 67 | 
 68 | constraint forall (r in 0..R-1) (
 69 | let {
 70 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[stateend[r,4,j] | j in 0..wordsize-1]),19),
 71 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,4,j] | j in 0..wordsize-1])
 72 | }
 73 | in Xor2(tmp,tmpb)
 74 | );
 75 | 
 76 | % E0 
 77 | constraint forall (r in 0..R-1) (
 78 | let {
 79 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,0,j] | j in 0..wordsize-1]),
 80 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,1,j] | j in 0..wordsize-1]),
 81 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_east[r,2,j] | j in 0..wordsize-1]),
 82 |     array [0..wordsize-1] of var 0..1:tmpd=array1d(0..wordsize-1,[state_east[r,3,j] | j in 0..wordsize-1]),
 83 |     array [0..wordsize-1] of var 0..1:tmpe=array1d(0..wordsize-1,[state_east[r,4,j] | j in 0..wordsize-1]),
 84 |     array [0..wordsize-1] of var 0..1:tmpf=array1d(0..wordsize-1,[state_E[r,0,j] | j in 0..wordsize-1])
 85 | }
 86 | in Xor6(tmp,tmpb,tmpc,tmpd,tmpe,tmpf)
 87 | );
 88 | 
 89 | 
 90 | % E1
 91 | constraint forall (r in 0..R-1) (
 92 | let {
 93 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_east[r,0,j] | j in 0..wordsize-1]),6),
 94 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_east[r,1,j] | j in 0..wordsize-1]),10),
 95 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_east[r,2,j] | j in 0..wordsize-1]),27),
 96 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[state_east[r,3,j] | j in 0..wordsize-1]),41),
 97 |     array [0..wordsize-1] of var 0..1:tmpe=RRot(array1d(0..wordsize-1,[state_east[r,4,j] | j in 0..wordsize-1]),50),
 98 |     array [0..wordsize-1] of var 0..1:tmpf=array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1])
 99 | }
100 | in Xor6(tmp,tmpb,tmpc,tmpd,tmpe,tmpf)
101 | );
102 | 
103 | 
104 | 
105 | 
106 | 
107 | % Eall
108 | constraint forall (r in 0..R-1) (
109 | let {
110 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_E[r,0,j] | j in 0..wordsize-1]),
111 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,0,j] | j in 0..wordsize-1]),1),
112 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),
113 | }
114 | in Xor3(tmp,tmpb,tmpc)
115 | );
116 | 
117 | 
118 | 
119 | 
120 | % F0
121 | constraint forall (r in 0..R-1) (
122 | let {
123 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),6),
124 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),42),
125 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,0,j] | j in 0..wordsize-1]),
126 | }
127 | in Xor3(tmp,tmpb,tmpc)
128 | );
129 | 
130 | % F1
131 | constraint forall (r in 0..R-1) (
132 | let {
133 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),10),
134 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),46),
135 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,1,j] | j in 0..wordsize-1]),
136 | }
137 | in Xor3(tmp,tmpb,tmpc)
138 | );
139 | 
140 | % F2
141 | constraint forall (r in 0..R-1) (
142 | let {
143 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),27),
144 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),63),
145 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,2,j] | j in 0..wordsize-1]),
146 | }
147 | in Xor3(tmp,tmpb,tmpc)
148 | );
149 | 
150 | % F3
151 | constraint forall (r in 0..R-1) (
152 | let {
153 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),41),
154 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),13),
155 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,3,j] | j in 0..wordsize-1]),
156 | }
157 | in Xor3(tmp,tmpb,tmpc)
158 | );
159 | 
160 | 
161 | % F4
162 | constraint forall (r in 0..R-1) (
163 | let {
164 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),50),
165 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),22),
166 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,4,j] | j in 0..wordsize-1]),
167 | }
168 | in Xor3(tmp,tmpb,tmpc)
169 | );
170 | 
171 | 
172 | %row0 Aj
173 | constraint forall (r in 0..R-1) (
174 | let {
175 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,0,j] | j in 0..wordsize-1]),
176 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
177 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,0,j] | j in 0..wordsize-1]),26),
178 |     array [0..wordsize-1] of var 0..1:tmpd=array1d(0..wordsize-1,[statestart[r+1,0,j] | j in 0..wordsize-1])
179 | }
180 | in Xor4(tmp,tmpb,tmpc,tmpd)
181 | );
182 | 
183 | 
184 | 
185 | %row1 Aj
186 | constraint forall (r in 0..R-1) (
187 | let {
188 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,1,j] | j in 0..wordsize-1]),
189 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
190 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,1,j] | j in 0..wordsize-1]),26),
191 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[statestart[r+1,1,j] | j in 0..wordsize-1]),3)
192 | }
193 | in Xor4(tmp,tmpb,tmpc,tmpd)
194 | );
195 | 
196 | 
197 | 
198 | %row2 Aj
199 | constraint forall (r in 0..R-1) (
200 | let {
201 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,2,j] | j in 0..wordsize-1]),
202 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
203 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,2,j] | j in 0..wordsize-1]),26),
204 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[statestart[r+1,2,j] | j in 0..wordsize-1]),15)
205 | }
206 | in Xor4(tmp,tmpb,tmpc,tmpd)
207 | );
208 | 
209 | 
210 | %row3 Aj
211 | constraint forall (r in 0..R-1) (
212 | let {
213 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,3,j] | j in 0..wordsize-1]),
214 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
215 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,3,j] | j in 0..wordsize-1]),26),
216 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[statestart[r+1,3,j] | j in 0..wordsize-1]),51)
217 | }
218 | in Xor4(tmp,tmpb,tmpc,tmpd)
219 | );
220 | 
221 | 
222 | %row4 Aj
223 | constraint forall (r in 0..R-1) (
224 | let {
225 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,4,j] | j in 0..wordsize-1]),
226 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
227 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,4,j] | j in 0..wordsize-1]),26),
228 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[statestart[r+1,4,j] | j in 0..wordsize-1]),45)
229 | }
230 | in Xor4(tmp,tmpb,tmpc,tmpd)
231 | );
232 | 
233 | 
234 | % eliminating symmetries
235 | % constraint checkActive([statestart[2,i,63] | i in 0..4]) = 1; 
236 | % search strategy
237 | ann: search_ann;
238 | search_ann = seq_search([
239 |     int_search(row(sboxes,2), random_order, indomain_min, complete),
240 |     int_search(row(sboxes,1), random_order, indomain_min, complete),
241 |     int_search(row(sboxes,0), random_order, indomain_min, complete),
242 |     int_search(array1d(prb), occurrence, indomain_min, complete)]);
243 | 
244 | 
245 | constraint forall(k in 0..R, j in 0..63) (sboxes[k,j] = checkActive([statestart[k,i,j] | i in 0..4]));
246 | solve :: restart_constant(10000)
247 | :: search_ann minimize obj;
248 | 
249 | 
250 | 
251 | %change to left
252 | % Right rotation of X by val positions
253 | function array[0..wordsize-1] of var 0..1: RRot(array[0..(wordsize-1)] of var 0..1: X, int: val)=
254 | array1d(0..wordsize-1, [X[(j+val) mod wordsize] | j in 0..wordsize-1]);
255 | 
256 | % XOR of 4 arrays equals zero
257 | predicate Xor4(
258 |   array[0..wordsize-1] of var 0..1: a, 
259 |   array[0..wordsize-1] of var 0..1: b,
260 |   array[0..wordsize-1] of var 0..1: c, 
261 |   array[0..wordsize-1] of var 0..1: d)=
262 |     forall(i in 0..wordsize-1)(a[i]+b[i]+c[i]+d[i] in {0,2,4});
263 | 
264 |     
265 | predicate Xor3(
266 |   array[0..wordsize-1] of var 0..1: a, 
267 |   array[0..wordsize-1] of var 0..1: b,
268 |   array[0..wordsize-1] of var 0..1: c)=
269 |     forall(i in 0..wordsize-1)(a[i]+b[i]+c[i] in {0,2});
270 |            
271 |              
272 |     
273 | % XOR of 2 arrays equals zero
274 | predicate Xor2(
275 |   array[0..wordsize-1] of var 0..1: a, 
276 |   array[0..wordsize-1] of var 0..1: b,)=
277 |     forall(i in 0..wordsize-1)(a[i]+b[i] in {0,2});
278 |     
279 | % XOR of 5 arrays equals zero
280 | predicate Xor5(
281 |   array[0..wordsize-1] of var 0..1: a, 
282 |   array[0..wordsize-1] of var 0..1: b,
283 |   array[0..wordsize-1] of var 0..1: c, 
284 |   array[0..wordsize-1] of var 0..1: d,
285 |   array[0..wordsize-1] of var 0..1: e)=
286 |     forall(i in 0..wordsize-1)(a[i]+b[i]+c[i]+d[i]+e[i] in {0,2,4});
287 |     
288 | 
289 |   % XOR of 6 arrays equals zero
290 | predicate Xor6(
291 |   array[0..wordsize-1] of var 0..1: a, 
292 |   array[0..wordsize-1] of var 0..1: b,
293 |   array[0..wordsize-1] of var 0..1: c, 
294 |   array[0..wordsize-1] of var 0..1: d,
295 |   array[0..wordsize-1] of var 0..1: e,
296 |   array[0..wordsize-1] of var 0..1: f)=
297 |     forall(i in 0..wordsize-1)(a[i]+b[i]+c[i]+d[i]+e[i]+f[i] in {0,2,4,6});  
298 | 
299 | % checking activeness of each Sbox
300 | predicate checkActive(array[int] of var 0..1: a) = 
301 |             let { int: len = length(a) }
302 |           in
303 |             sum(i in 1..len) (a[i]) > 0;
304 | 
305 | % for printing purposes only
306 | array[0..R] of var int: Sboxes;
307 | constraint forall (k in 0..R)(
308 |   Sboxes[k] = sum(j in 0..63)(bool2int(checkActive([statestart[k,i,j] | i in 0..4])))
309 | );
310 | 
311 | output [
312 |         if i==0 then "\n Round " ++show(r) ++"\n beforeSB : \n" else "" endif 
313 |         ++ if i<5 then show([statestart[r,i,j] | j in 0..wordsize-1]) ++ " \n" else "" endif ++
314 |         if i==4 then "after SB : \n" else "" endif 
315 |          ++ if i>=4 then show([stateend[r,i-4,j] | j in 0..wordsize-1]) ++ " \n" else "" endif   | r in 0..R, i in 0..8]  
316 |          ++ [show([Sboxes[i] | i in 0..R]) ++ " " ++ show(obj) ++ "\n"] ++ [show([prb[i] | i in 64*k..64*(k+1)-1]) ++ " " ++ show(sum([prb[i] | i in 64*k..64*(k+1)-1])) ++ "\n" | k in 0..R ];
317 | array [1..392, 1..11] of int : DDT = array2d(1..392,1..11,[0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 300, 0, 0, 0, 0, 1, 0, 0, 0, 1, 0, 300, 0, 0, 0, 0, 1, 0, 0, 0, 1, 1, 400, 0, 0, 0, 0, 1, 0, 0, 1, 0, 0, 400, 0, 0, 0, 0, 1, 0, 0, 1, 1, 0, 400, 0, 0, 0, 0, 1, 0, 1, 0, 0, 0, 300, 0, 0, 0, 0, 1, 0, 1, 0, 0, 1, 300, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 400, 0, 0, 0, 0, 1, 0, 1, 1, 0, 0, 400, 0, 0, 0, 0, 1, 0, 1, 1, 1, 0, 400, 0, 0, 0, 0, 1, 1, 0, 0, 0, 1, 400, 0, 0, 0, 0, 1, 1, 1, 0, 0, 0, 400, 0, 0, 0, 1, 0, 0, 0, 0, 0, 1, 300, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 400, 0, 0, 0, 1, 0, 0, 0, 0, 1, 1, 400, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 300, 0, 0, 0, 1, 0, 0, 0, 1, 0, 1, 400, 0, 0, 0, 1, 0, 0, 0, 1, 1, 0, 400, 0, 0, 0, 1, 0, 0, 0, 1, 1, 1, 400, 0, 0, 0, 1, 0, 0, 1, 1, 0, 0, 400, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 300, 0, 0, 0, 1, 0, 1, 0, 0, 0, 1, 400, 0, 0, 0, 1, 0, 1, 0, 1, 0, 0, 300, 0, 0, 0, 1, 0, 1, 1, 0, 0, 0, 400, 0, 0, 0, 1, 1, 0, 0, 0, 1, 0, 300, 0, 0, 0, 1, 1, 0, 0, 1, 0, 1, 400, 0, 0, 0, 1, 1, 0, 0, 1, 1, 0, 400, 0, 0, 0, 1, 1, 0, 0, 1, 1, 1, 300, 0, 0, 0, 1, 1, 0, 1, 0, 0, 0, 400, 0, 0, 0, 1, 1, 0, 1, 0, 1, 1, 400, 0, 0, 0, 1, 1, 1, 0, 1, 0, 0, 400, 0, 0, 0, 1, 1, 1, 0, 1, 1, 0, 400, 0, 0, 0, 1, 1, 1, 1, 0, 0, 0, 241, 0, 0, 0, 1, 1, 1, 1, 0, 1, 0, 400, 0, 0, 0, 1, 1, 1, 1, 1, 0, 1, 300, 0, 0, 1, 0, 0, 0, 0, 0, 0, 1, 400, 0, 0, 1, 0, 0, 0, 0, 0, 1, 0, 300, 0, 0, 1, 0, 0, 0, 0, 0, 1, 1, 400, 0, 0, 1, 0, 0, 0, 0, 1, 1, 0, 400, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 300, 0, 0, 1, 0, 0, 0, 1, 0, 1, 0, 300, 0, 0, 1, 0, 0, 0, 1, 1, 0, 0, 400, 0, 0, 1, 0, 0, 1, 0, 0, 0, 0, 300, 0, 0, 1, 0, 0, 1, 0, 0, 0, 1, 400, 0, 0, 1, 0, 0, 1, 0, 0, 1, 0, 400, 0, 0, 1, 0, 0, 1, 0, 0, 1, 1, 400, 0, 0, 1, 0, 0, 1, 1, 0, 0, 0, 400, 0, 0, 1, 0, 1, 0, 0, 0, 1, 1, 300, 0, 0, 1, 0, 1, 0, 1, 0, 0, 0, 400, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 400, 0, 0, 1, 0, 1, 0, 1, 0, 1, 0, 300, 0, 0, 1, 0, 1, 0, 1, 0, 1, 1, 241, 0, 0, 1, 0, 1, 0, 1, 1, 1, 0, 400, 0, 0, 1, 0, 1, 1, 0, 0, 0, 0, 400, 0, 0, 1, 0, 1, 1, 0, 1, 0, 0, 400, 0, 0, 1, 0, 1, 1, 1, 0, 0, 1, 400, 0, 0, 1, 0, 1, 1, 1, 0, 1, 1, 400, 0, 0, 1, 0, 1, 1, 1, 1, 0, 0, 400, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 400, 0, 0, 1, 1, 0, 0, 0, 0, 0, 1, 300, 0, 0, 1, 1, 0, 0, 0, 0, 1, 1, 400, 0, 0, 1, 1, 0, 0, 0, 1, 0, 0, 400, 0, 0, 1, 1, 0, 0, 1, 0, 1, 0, 400, 0, 0, 1, 1, 0, 0, 1, 0, 1, 1, 400, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 241, 0, 0, 1, 1, 0, 0, 1, 1, 0, 1, 400, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 400, 0, 0, 1, 1, 0, 1, 0, 0, 1, 1, 300, 0, 0, 1, 1, 0, 1, 0, 1, 0, 1, 400, 0, 0, 1, 1, 0, 1, 1, 1, 1, 0, 300, 0, 0, 1, 1, 1, 0, 0, 1, 0, 0, 400, 0, 0, 1, 1, 1, 0, 0, 1, 0, 1, 400, 0, 0, 1, 1, 1, 0, 0, 1, 1, 0, 400, 0, 0, 1, 1, 1, 0, 1, 0, 0, 0, 400, 0, 0, 1, 1, 1, 0, 1, 0, 0, 1, 400, 0, 0, 1, 1, 1, 0, 1, 0, 1, 0, 400, 0, 0, 1, 1, 1, 0, 1, 0, 1, 1, 400, 0, 0, 1, 1, 1, 0, 1, 1, 0, 1, 400, 0, 0, 1, 1, 1, 0, 1, 1, 1, 0, 400, 0, 0, 1, 1, 1, 0, 1, 1, 1, 1, 400, 0, 0, 1, 1, 1, 1, 0, 0, 1, 0, 400, 0, 0, 1, 1, 1, 1, 1, 0, 1, 0, 400, 0, 0, 1, 1, 1, 1, 1, 0, 1, 1, 300, 0, 0, 1, 1, 1, 1, 1, 1, 0, 0, 400, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 400, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 300, 0, 1, 0, 0, 0, 0, 0, 0, 1, 1, 400, 0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 300, 0, 1, 0, 0, 0, 0, 0, 1, 0, 1, 300, 0, 1, 0, 0, 0, 0, 0, 1, 1, 0, 400, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 300, 0, 1, 0, 0, 0, 0, 1, 0, 0, 1, 400, 0, 1, 0, 0, 0, 0, 1, 1, 0, 0, 400, 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, 400, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1, 400, 0, 1, 0, 0, 0, 1, 1, 0, 0, 0, 400, 0, 1, 0, 0, 0, 1, 1, 0, 0, 1, 400, 0, 1, 0, 0, 1, 0, 0, 0, 0, 1, 400, 0, 1, 0, 0, 1, 0, 0, 0, 1, 0, 400, 0, 1, 0, 0, 1, 0, 0, 1, 0, 1, 400, 0, 1, 0, 0, 1, 0, 0, 1, 1, 1, 400, 0, 1, 0, 0, 1, 0, 1, 0, 0, 1, 300, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 300, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 241, 0, 1, 0, 0, 1, 0, 1, 1, 1, 1, 400, 0, 1, 0, 0, 1, 1, 0, 0, 1, 0, 400, 0, 1, 0, 0, 1, 1, 0, 0, 1, 1, 400, 0, 1, 0, 0, 1, 1, 1, 0, 0, 1, 400, 0, 1, 0, 0, 1, 1, 1, 0, 1, 1, 400, 0, 1, 0, 1, 0, 0, 0, 1, 0, 0, 400, 0, 1, 0, 1, 0, 0, 0, 1, 0, 1, 300, 0, 1, 0, 1, 0, 0, 0, 1, 1, 1, 400, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 400, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 400, 0, 1, 0, 1, 0, 0, 1, 1, 1, 0, 400, 0, 1, 0, 1, 0, 0, 1, 1, 1, 1, 400, 0, 1, 0, 1, 0, 1, 0, 0, 0, 1, 300, 0, 1, 0, 1, 0, 1, 0, 1, 0, 0, 400, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 241, 0, 1, 0, 1, 0, 1, 1, 1, 0, 0, 400, 0, 1, 0, 1, 0, 1, 1, 1, 0, 1, 400, 0, 1, 0, 1, 1, 0, 0, 0, 1, 1, 400, 0, 1, 0, 1, 1, 0, 0, 1, 0, 0, 400, 0, 1, 0, 1, 1, 0, 0, 1, 0, 1, 400, 0, 1, 0, 1, 1, 0, 0, 1, 1, 0, 400, 0, 1, 0, 1, 1, 0, 1, 0, 1, 1, 400, 0, 1, 0, 1, 1, 0, 1, 1, 0, 1, 400, 0, 1, 0, 1, 1, 0, 1, 1, 1, 0, 400, 0, 1, 0, 1, 1, 0, 1, 1, 1, 1, 400, 0, 1, 0, 1, 1, 1, 0, 0, 1, 1, 400, 0, 1, 0, 1, 1, 1, 0, 1, 1, 1, 400, 0, 1, 0, 1, 1, 1, 1, 0, 0, 1, 400, 0, 1, 0, 1, 1, 1, 1, 1, 0, 0, 300, 0, 1, 0, 1, 1, 1, 1, 1, 0, 1, 300, 0, 1, 0, 1, 1, 1, 1, 1, 1, 0, 400, 0, 1, 1, 0, 0, 0, 0, 0, 1, 0, 400, 0, 1, 1, 0, 0, 0, 0, 1, 0, 1, 400, 0, 1, 1, 0, 0, 0, 0, 1, 1, 0, 241, 0, 1, 1, 0, 0, 0, 1, 0, 0, 1, 400, 0, 1, 1, 0, 0, 0, 1, 1, 1, 1, 300, 0, 1, 1, 0, 0, 1, 0, 0, 0, 0, 300, 0, 1, 1, 0, 0, 1, 0, 0, 0, 1, 400, 0, 1, 1, 0, 0, 1, 0, 1, 0, 1, 400, 0, 1, 1, 0, 0, 1, 0, 1, 1, 0, 400, 0, 1, 1, 0, 0, 1, 1, 0, 0, 1, 300, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 400, 0, 1, 1, 0, 1, 0, 0, 0, 0, 1, 400, 0, 1, 1, 0, 1, 0, 0, 1, 1, 1, 300, 0, 1, 1, 0, 1, 0, 1, 0, 0, 1, 400, 0, 1, 1, 0, 1, 0, 1, 0, 1, 1, 400, 0, 1, 1, 0, 1, 0, 1, 1, 1, 0, 400, 0, 1, 1, 0, 1, 0, 1, 1, 1, 1, 300, 0, 1, 1, 0, 1, 1, 0, 0, 0, 1, 400, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 400, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 400, 0, 1, 1, 0, 1, 1, 1, 0, 0, 0, 400, 0, 1, 1, 0, 1, 1, 1, 0, 1, 0, 400, 0, 1, 1, 0, 1, 1, 1, 0, 1, 1, 400, 0, 1, 1, 0, 1, 1, 1, 1, 0, 0, 400, 0, 1, 1, 0, 1, 1, 1, 1, 0, 1, 400, 0, 1, 1, 1, 0, 0, 0, 0, 1, 0, 400, 0, 1, 1, 1, 0, 0, 0, 0, 1, 1, 400, 0, 1, 1, 1, 0, 0, 0, 1, 0, 0, 400, 0, 1, 1, 1, 0, 0, 0, 1, 0, 1, 400, 0, 1, 1, 1, 0, 0, 0, 1, 1, 1, 400, 0, 1, 1, 1, 0, 0, 1, 0, 0, 1, 400, 0, 1, 1, 1, 0, 0, 1, 1, 0, 1, 400, 0, 1, 1, 1, 0, 0, 1, 1, 1, 0, 400, 0, 1, 1, 1, 0, 1, 0, 0, 1, 0, 400, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 400, 0, 1, 1, 1, 0, 1, 0, 1, 0, 1, 400, 0, 1, 1, 1, 0, 1, 0, 1, 1, 0, 400, 0, 1, 1, 1, 0, 1, 0, 1, 1, 1, 400, 0, 1, 1, 1, 0, 1, 1, 1, 0, 1, 300, 0, 1, 1, 1, 0, 1, 1, 1, 1, 1, 400, 0, 1, 1, 1, 1, 0, 0, 0, 0, 1, 400, 0, 1, 1, 1, 1, 0, 0, 0, 1, 1, 400, 0, 1, 1, 1, 1, 0, 0, 1, 0, 1, 400, 0, 1, 1, 1, 1, 0, 1, 1, 0, 0, 400, 0, 1, 1, 1, 1, 0, 1, 1, 0, 1, 241, 0, 1, 1, 1, 1, 0, 1, 1, 1, 0, 400, 0, 1, 1, 1, 1, 1, 0, 0, 1, 0, 400, 0, 1, 1, 1, 1, 1, 0, 1, 1, 0, 400, 0, 1, 1, 1, 1, 1, 0, 1, 1, 1, 400, 0, 1, 1, 1, 1, 1, 1, 0, 1, 1, 400, 0, 1, 1, 1, 1, 1, 1, 1, 1, 0, 300, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 300, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 300, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1, 400, 1, 0, 0, 0, 0, 0, 0, 1, 0, 0, 300, 1, 0, 0, 0, 0, 0, 0, 1, 1, 0, 400, 1, 0, 0, 0, 0, 0, 1, 0, 0, 0, 400, 1, 0, 0, 0, 0, 0, 1, 1, 0, 0, 400, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 300, 1, 0, 0, 0, 0, 1, 0, 0, 0, 1, 400, 1, 0, 0, 0, 0, 1, 0, 0, 1, 0, 300, 1, 0, 0, 0, 0, 1, 0, 1, 0, 0, 400, 1, 0, 0, 0, 0, 1, 1, 0, 0, 0, 400, 1, 0, 0, 0, 0, 1, 1, 1, 0, 0, 400, 1, 0, 0, 0, 1, 0, 0, 1, 0, 0, 300, 1, 0, 0, 0, 1, 0, 1, 0, 0, 1, 400, 1, 0, 0, 0, 1, 0, 1, 0, 1, 0, 400, 1, 0, 0, 0, 1, 0, 1, 1, 0, 0, 400, 1, 0, 0, 0, 1, 0, 1, 1, 0, 1, 400, 1, 0, 0, 0, 1, 0, 1, 1, 1, 0, 300, 1, 0, 0, 0, 1, 1, 0, 0, 0, 0, 400, 1, 0, 0, 0, 1, 1, 0, 0, 0, 1, 241, 1, 0, 0, 0, 1, 1, 0, 1, 0, 1, 400, 1, 0, 0, 0, 1, 1, 0, 1, 1, 0, 400, 1, 0, 0, 0, 1, 1, 1, 0, 1, 1, 300, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 400, 1, 0, 0, 1, 0, 0, 0, 1, 1, 0, 300, 1, 0, 0, 1, 0, 0, 1, 0, 0, 1, 400, 1, 0, 0, 1, 0, 1, 0, 0, 0, 0, 400, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 400, 1, 0, 0, 1, 0, 1, 0, 0, 1, 1, 400, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 300, 1, 0, 0, 1, 0, 1, 0, 1, 1, 0, 241, 1, 0, 0, 1, 0, 1, 0, 1, 1, 1, 400, 1, 0, 0, 1, 0, 1, 1, 0, 0, 1, 400, 1, 0, 0, 1, 0, 1, 1, 1, 0, 0, 400, 1, 0, 0, 1, 0, 1, 1, 1, 0, 1, 400, 1, 0, 0, 1, 1, 0, 0, 1, 0, 1, 400, 1, 0, 0, 1, 1, 0, 1, 0, 0, 0, 400, 1, 0, 0, 1, 1, 0, 1, 0, 1, 0, 400, 1, 0, 0, 1, 1, 0, 1, 1, 0, 0, 400, 1, 0, 0, 1, 1, 1, 0, 0, 0, 0, 400, 1, 0, 0, 1, 1, 1, 0, 0, 1, 0, 400, 1, 0, 0, 1, 1, 1, 0, 1, 0, 0, 400, 1, 0, 0, 1, 1, 1, 0, 1, 0, 1, 400, 1, 0, 0, 1, 1, 1, 0, 1, 1, 0, 400, 1, 0, 0, 1, 1, 1, 0, 1, 1, 1, 300, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 400, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 400, 1, 0, 0, 1, 1, 1, 1, 1, 0, 0, 400, 1, 0, 0, 1, 1, 1, 1, 1, 1, 0, 400, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1, 400, 1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 400, 1, 0, 1, 0, 0, 0, 0, 1, 0, 0, 400, 1, 0, 1, 0, 0, 0, 0, 1, 0, 1, 400, 1, 0, 1, 0, 0, 0, 0, 1, 1, 1, 400, 1, 0, 1, 0, 0, 0, 1, 0, 1, 0, 400, 1, 0, 1, 0, 0, 0, 1, 1, 1, 0, 400, 1, 0, 1, 0, 0, 1, 0, 0, 1, 0, 300, 1, 0, 1, 0, 0, 1, 0, 0, 1, 1, 400, 1, 0, 1, 0, 0, 1, 0, 1, 1, 1, 400, 1, 0, 1, 0, 0, 1, 1, 0, 0, 0, 300, 1, 0, 1, 0, 0, 1, 1, 0, 1, 0, 241, 1, 0, 1, 0, 0, 1, 1, 1, 1, 0, 400, 1, 0, 1, 0, 1, 0, 0, 1, 1, 0, 400, 1, 0, 1, 0, 1, 0, 0, 1, 1, 1, 400, 1, 0, 1, 0, 1, 0, 1, 0, 0, 0, 400, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 400, 1, 0, 1, 0, 1, 0, 1, 1, 0, 0, 400, 1, 0, 1, 0, 1, 0, 1, 1, 1, 1, 400, 1, 0, 1, 0, 1, 1, 0, 0, 1, 1, 400, 1, 0, 1, 0, 1, 1, 0, 1, 1, 0, 400, 1, 0, 1, 0, 1, 1, 1, 0, 0, 1, 300, 1, 0, 1, 0, 1, 1, 1, 0, 1, 0, 400, 1, 0, 1, 0, 1, 1, 1, 0, 1, 1, 300, 1, 0, 1, 0, 1, 1, 1, 1, 0, 0, 400, 1, 0, 1, 0, 1, 1, 1, 1, 0, 1, 400, 1, 0, 1, 0, 1, 1, 1, 1, 1, 0, 400, 1, 0, 1, 1, 0, 0, 0, 0, 1, 0, 400, 1, 0, 1, 1, 0, 0, 0, 0, 1, 1, 400, 1, 0, 1, 1, 0, 0, 0, 1, 1, 1, 400, 1, 0, 1, 1, 0, 0, 1, 1, 1, 0, 300, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 400, 1, 0, 1, 1, 0, 1, 0, 0, 0, 1, 400, 1, 0, 1, 1, 0, 1, 0, 0, 1, 0, 400, 1, 0, 1, 1, 0, 1, 0, 1, 0, 1, 400, 1, 0, 1, 1, 0, 1, 0, 1, 1, 0, 400, 1, 0, 1, 1, 0, 1, 0, 1, 1, 1, 400, 1, 0, 1, 1, 0, 1, 1, 0, 0, 1, 400, 1, 0, 1, 1, 0, 1, 1, 0, 1, 1, 400, 1, 0, 1, 1, 0, 1, 1, 1, 0, 0, 400, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 300, 1, 0, 1, 1, 1, 0, 0, 0, 1, 0, 400, 1, 0, 1, 1, 1, 0, 0, 1, 0, 1, 400, 1, 0, 1, 1, 1, 0, 0, 1, 1, 0, 400, 1, 0, 1, 1, 1, 0, 1, 0, 1, 0, 400, 1, 0, 1, 1, 1, 0, 1, 1, 0, 1, 400, 1, 0, 1, 1, 1, 0, 1, 1, 1, 1, 400, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 400, 1, 0, 1, 1, 1, 1, 1, 0, 0, 0, 400, 1, 0, 1, 1, 1, 1, 1, 0, 1, 0, 241, 1, 0, 1, 1, 1, 1, 1, 1, 0, 0, 400, 1, 0, 1, 1, 1, 1, 1, 1, 0, 1, 300, 1, 0, 1, 1, 1, 1, 1, 1, 1, 1, 300, 1, 1, 0, 0, 0, 0, 0, 0, 0, 1, 400, 1, 1, 0, 0, 0, 0, 0, 0, 1, 1, 241, 1, 1, 0, 0, 0, 0, 1, 0, 0, 0, 300, 1, 1, 0, 0, 0, 0, 1, 0, 1, 1, 400, 1, 1, 0, 0, 0, 0, 1, 1, 0, 1, 400, 1, 1, 0, 0, 0, 1, 0, 0, 1, 0, 400, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 400, 1, 1, 0, 0, 0, 1, 0, 1, 1, 1, 300, 1, 1, 0, 0, 0, 1, 1, 0, 0, 0, 400, 1, 1, 0, 0, 0, 1, 1, 0, 1, 0, 400, 1, 1, 0, 0, 0, 1, 1, 1, 0, 0, 300, 1, 1, 0, 0, 1, 0, 0, 0, 0, 1, 400, 1, 1, 0, 0, 1, 0, 0, 1, 0, 1, 400, 1, 1, 0, 0, 1, 0, 1, 0, 0, 1, 400, 1, 1, 0, 0, 1, 0, 1, 0, 1, 0, 400, 1, 1, 0, 0, 1, 0, 1, 0, 1, 1, 400, 1, 1, 0, 0, 1, 0, 1, 1, 0, 1, 400, 1, 1, 0, 0, 1, 0, 1, 1, 1, 1, 300, 1, 1, 0, 0, 1, 1, 0, 0, 0, 0, 400, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 400, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 400, 1, 1, 0, 0, 1, 1, 0, 1, 0, 1, 400, 1, 1, 0, 0, 1, 1, 1, 0, 0, 0, 400, 1, 1, 0, 0, 1, 1, 1, 0, 0, 1, 400, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 400, 1, 1, 0, 0, 1, 1, 1, 1, 1, 1, 400, 1, 1, 0, 1, 0, 0, 0, 1, 1, 1, 400, 1, 1, 0, 1, 0, 0, 1, 1, 0, 0, 400, 1, 1, 0, 1, 0, 0, 1, 1, 0, 1, 400, 1, 1, 0, 1, 0, 0, 1, 1, 1, 0, 400, 1, 1, 0, 1, 0, 1, 0, 0, 0, 0, 400, 1, 1, 0, 1, 0, 1, 0, 0, 1, 1, 300, 1, 1, 0, 1, 0, 1, 0, 1, 0, 0, 400, 1, 1, 0, 1, 0, 1, 0, 1, 0, 1, 400, 1, 1, 0, 1, 0, 1, 0, 1, 1, 1, 300, 1, 1, 0, 1, 0, 1, 1, 0, 0, 0, 400, 1, 1, 0, 1, 0, 1, 1, 0, 0, 1, 400, 1, 1, 0, 1, 0, 1, 1, 0, 1, 1, 400, 1, 1, 0, 1, 0, 1, 1, 1, 0, 1, 400, 1, 1, 0, 1, 0, 1, 1, 1, 1, 0, 400, 1, 1, 0, 1, 1, 0, 0, 1, 0, 0, 400, 1, 1, 0, 1, 1, 0, 1, 0, 1, 0, 400, 1, 1, 0, 1, 1, 0, 1, 1, 0, 0, 400, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 400, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 400, 1, 1, 0, 1, 1, 1, 0, 1, 0, 0, 400, 1, 1, 0, 1, 1, 1, 0, 1, 0, 1, 241, 1, 1, 0, 1, 1, 1, 1, 0, 0, 1, 400, 1, 1, 0, 1, 1, 1, 1, 0, 1, 0, 400, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 300, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0, 400, 1, 1, 0, 1, 1, 1, 1, 1, 1, 1, 300, 1, 1, 1, 0, 0, 0, 0, 0, 0, 1, 400, 1, 1, 1, 0, 0, 0, 0, 0, 1, 0, 400, 1, 1, 1, 0, 0, 0, 0, 1, 1, 1, 400, 1, 1, 1, 0, 0, 0, 1, 0, 0, 1, 400, 1, 1, 1, 0, 0, 0, 1, 0, 1, 0, 400, 1, 1, 1, 0, 0, 0, 1, 0, 1, 1, 400, 1, 1, 1, 0, 0, 1, 0, 0, 0, 1, 400, 1, 1, 1, 0, 0, 1, 0, 0, 1, 0, 400, 1, 1, 1, 0, 0, 1, 0, 0, 1, 1, 400, 1, 1, 1, 0, 0, 1, 0, 1, 0, 0, 400, 1, 1, 1, 0, 0, 1, 0, 1, 1, 0, 400, 1, 1, 1, 0, 0, 1, 1, 0, 1, 0, 400, 1, 1, 1, 0, 0, 1, 1, 0, 1, 1, 400, 1, 1, 1, 0, 0, 1, 1, 1, 1, 0, 300, 1, 1, 1, 0, 0, 1, 1, 1, 1, 1, 400, 1, 1, 1, 0, 1, 0, 0, 0, 1, 1, 400, 1, 1, 1, 0, 1, 0, 1, 0, 0, 0, 400, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 400, 1, 1, 1, 0, 1, 0, 1, 0, 1, 1, 241, 1, 1, 1, 0, 1, 1, 0, 0, 1, 1, 400, 1, 1, 1, 0, 1, 1, 0, 1, 0, 0, 400, 1, 1, 1, 0, 1, 1, 0, 1, 0, 1, 400, 1, 1, 1, 0, 1, 1, 0, 1, 1, 1, 300, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 400, 1, 1, 1, 0, 1, 1, 1, 1, 0, 1, 400, 1, 1, 1, 0, 1, 1, 1, 1, 1, 0, 400, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, 300, 1, 1, 1, 1, 0, 0, 0, 1, 1, 0, 400, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 400, 1, 1, 1, 1, 0, 0, 1, 0, 0, 1, 400, 1, 1, 1, 1, 0, 0, 1, 0, 1, 1, 400, 1, 1, 1, 1, 0, 0, 1, 1, 1, 1, 300, 1, 1, 1, 1, 0, 1, 0, 0, 0, 0, 400, 1, 1, 1, 1, 0, 1, 0, 0, 0, 1, 400, 1, 1, 1, 1, 0, 1, 0, 0, 1, 0, 400, 1, 1, 1, 1, 0, 1, 0, 1, 1, 0, 241, 1, 1, 1, 1, 0, 1, 1, 0, 1, 1, 400, 1, 1, 1, 1, 0, 1, 1, 1, 0, 1, 400, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 300, 1, 1, 1, 1, 1, 0, 0, 1, 1, 1, 300, 1, 1, 1, 1, 1, 0, 1, 0, 1, 1, 400, 1, 1, 1, 1, 1, 0, 1, 1, 0, 1, 400, 1, 1, 1, 1, 1, 0, 1, 1, 1, 0, 300, 1, 1, 1, 1, 1, 1, 0, 0, 1, 1, 300, 1, 1, 1, 1, 1, 1, 0, 1, 0, 1, 400, 1, 1, 1, 1, 1, 1, 0, 1, 1, 0, 400, 1, 1, 1, 1, 1, 1, 1, 0, 0, 1, 300, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 400, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 300, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 400]);
318 | 


--------------------------------------------------------------------------------
/constraint_programming/search_for_all_states/SBD_linear.mzn:
--------------------------------------------------------------------------------
  1 | 
  2 | % Use this editor as a MiniZinc scratch book
  3 | include "globals.mzn";
  4 | include "chuffed.mzn";
  5 | 
  6 | int :nr; % Number of Rounds
  7 | int :wordsize=64; % word size
  8 | int :bit=320; % Number of bits
  9 | int: R = nr-1;% just because starting R from 1 doesnt work!
 10 | array [0..R,0..4, 0..wordsize-1] of var 0..1: statestart; % before permutation
 11 | 
 12 | array [0..R,0..4, 0..wordsize-1] of var 0..1: state_east;% after east
 13 | 
 14 | array [0..R,0..4, 0..wordsize-1] of var 0..1: state_F;
 15 | 
 16 | array [0..R,0..2, 0..wordsize-1] of var 0..1: state_E;% E0,E1,Eall
 17 | 
 18 | array [0..R,0..4, 0..wordsize-1] of var 0..1: state_Aj;% before west (could be combined with west?)
 19 | 
 20 | 
 21 | array [0..R,0..4, 0..wordsize-1] of var 0..1: stateend; % after permutation
 22 | array [0..64*(R+1)-1] of var {0,100,200,241,300,400}: prb; % probabilities
 23 | var int: obj; % objective value
 24 | constraint obj <= 32000;
 25 | constraint obj >= 1;
 26 | constraint obj = sum(prb); % Objective Function
 27 | array [0..R,0..63] of var bool: sboxes;
 28 | 
 29 | 
 30 | % Forward Substitution
 31 | constraint forall (r in 0..R, i in 0..wordsize-1) (
 32 |              table([statestart[r,0,i],statestart[r,1,i], statestart[r,2,i], statestart[r,3,i], statestart[r,4,i],
 33 |                     stateend[r,0,i],stateend[r,1,i], stateend[r,2,i], stateend[r,3,i], stateend[r,4,i],
 34 |               prb[64*(r)+i]], DDT));
 35 | 
 36 | 
 37 | 
 38 | % east
 39 | constraint forall (r in 0..R-1) (
 40 | let {
 41 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[stateend[r,0,j] | j in 0..wordsize-1]),
 42 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,0,j] | j in 0..wordsize-1])
 43 | }
 44 | in Xor2(tmp,tmpb)
 45 | );
 46 | 
 47 | constraint forall (r in 0..R-1) (
 48 | let {
 49 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[stateend[r,1,j] | j in 0..wordsize-1]),61),
 50 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,1,j] | j in 0..wordsize-1])
 51 | }
 52 | in Xor2(tmp,tmpb)
 53 | );
 54 | 
 55 | constraint forall (r in 0..R-1) (
 56 | let {
 57 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[stateend[r,2,j] | j in 0..wordsize-1]),49),
 58 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,2,j] | j in 0..wordsize-1])
 59 | }
 60 | in Xor2(tmp,tmpb)
 61 | );
 62 | 
 63 | constraint forall (r in 0..R-1) (
 64 | let {
 65 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[stateend[r,3,j] | j in 0..wordsize-1]),13),
 66 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,3,j] | j in 0..wordsize-1])
 67 | }
 68 | in Xor2(tmp,tmpb)
 69 | );
 70 | 
 71 | constraint forall (r in 0..R-1) (
 72 | let {
 73 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[stateend[r,4,j] | j in 0..wordsize-1]),19),
 74 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,4,j] | j in 0..wordsize-1])
 75 | }
 76 | in Xor2(tmp,tmpb)
 77 | );
 78 | 
 79 | % E0
 80 | constraint forall (r in 0..R-1) (
 81 | let {
 82 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,0,j] | j in 0..wordsize-1]),
 83 |     array [0..wordsize-1] of var 0..1:tmpb=array1d(0..wordsize-1,[state_east[r,1,j] | j in 0..wordsize-1]),
 84 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_east[r,2,j] | j in 0..wordsize-1]),
 85 |     array [0..wordsize-1] of var 0..1:tmpd=array1d(0..wordsize-1,[state_east[r,3,j] | j in 0..wordsize-1]),
 86 |     array [0..wordsize-1] of var 0..1:tmpe=array1d(0..wordsize-1,[state_east[r,4,j] | j in 0..wordsize-1]),
 87 |     array [0..wordsize-1] of var 0..1:tmpf=array1d(0..wordsize-1,[state_E[r,0,j] | j in 0..wordsize-1])
 88 | }
 89 | in Xor6(tmp,tmpb,tmpc,tmpd,tmpe,tmpf)
 90 | );
 91 | 
 92 | 
 93 | % E1
 94 | constraint forall (r in 0..R-1) (
 95 | let {
 96 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_east[r,0,j] | j in 0..wordsize-1]),6),
 97 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_east[r,1,j] | j in 0..wordsize-1]),10),
 98 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_east[r,2,j] | j in 0..wordsize-1]),27),
 99 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[state_east[r,3,j] | j in 0..wordsize-1]),41),
100 |     array [0..wordsize-1] of var 0..1:tmpe=RRot(array1d(0..wordsize-1,[state_east[r,4,j] | j in 0..wordsize-1]),50),
101 |     array [0..wordsize-1] of var 0..1:tmpf=array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1])
102 | }
103 | in Xor6(tmp,tmpb,tmpc,tmpd,tmpe,tmpf)
104 | );
105 | 
106 | 
107 | 
108 | 
109 | 
110 | % Eall
111 | constraint forall (r in 0..R-1) (
112 | let {
113 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_E[r,0,j] | j in 0..wordsize-1]),
114 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,0,j] | j in 0..wordsize-1]),1),
115 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),
116 | }
117 | in Xor3(tmp,tmpb,tmpc)
118 | );
119 | 
120 | 
121 | 
122 | 
123 | % F0
124 | constraint forall (r in 0..R-1) (
125 | let {
126 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),6),
127 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),42),
128 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,0,j] | j in 0..wordsize-1]),
129 | }
130 | in Xor3(tmp,tmpb,tmpc)
131 | );
132 | 
133 | % F1
134 | constraint forall (r in 0..R-1) (
135 | let {
136 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),10),
137 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),46),
138 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,1,j] | j in 0..wordsize-1]),
139 | }
140 | in Xor3(tmp,tmpb,tmpc)
141 | );
142 | 
143 | % F2
144 | constraint forall (r in 0..R-1) (
145 | let {
146 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),27),
147 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),63),
148 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,2,j] | j in 0..wordsize-1]),
149 | }
150 | in Xor3(tmp,tmpb,tmpc)
151 | );
152 | 
153 | % F3
154 | constraint forall (r in 0..R-1) (
155 | let {
156 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),41),
157 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),13),
158 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,3,j] | j in 0..wordsize-1]),
159 | }
160 | in Xor3(tmp,tmpb,tmpc)
161 | );
162 | 
163 | 
164 | % F4
165 | constraint forall (r in 0..R-1) (
166 | let {
167 |     array [0..wordsize-1] of var 0..1:tmp=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),50),
168 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,1,j] | j in 0..wordsize-1]),22),
169 |     array [0..wordsize-1] of var 0..1:tmpc=array1d(0..wordsize-1,[state_F[r,4,j] | j in 0..wordsize-1]),
170 | }
171 | in Xor3(tmp,tmpb,tmpc)
172 | );
173 | 
174 | 
175 | %row0 Aj
176 | constraint forall (r in 0..R-1) (
177 | let {
178 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,0,j] | j in 0..wordsize-1]),
179 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
180 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,0,j] | j in 0..wordsize-1]),26),
181 |     array [0..wordsize-1] of var 0..1:tmpd=array1d(0..wordsize-1,[statestart[r+1,0,j] | j in 0..wordsize-1])
182 | }
183 | in Xor4(tmp,tmpb,tmpc,tmpd)
184 | );
185 | 
186 | 
187 | 
188 | %row1 Aj
189 | constraint forall (r in 0..R-1) (
190 | let {
191 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,1,j] | j in 0..wordsize-1]),
192 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
193 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,1,j] | j in 0..wordsize-1]),26),
194 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[statestart[r+1,1,j] | j in 0..wordsize-1]),3)
195 | }
196 | in Xor4(tmp,tmpb,tmpc,tmpd)
197 | );
198 | 
199 | 
200 | 
201 | %row2 Aj
202 | constraint forall (r in 0..R-1) (
203 | let {
204 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,2,j] | j in 0..wordsize-1]),
205 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
206 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,2,j] | j in 0..wordsize-1]),26),
207 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[statestart[r+1,2,j] | j in 0..wordsize-1]),15)
208 | }
209 | in Xor4(tmp,tmpb,tmpc,tmpd)
210 | );
211 | 
212 | 
213 | %row3 Aj
214 | constraint forall (r in 0..R-1) (
215 | let {
216 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,3,j] | j in 0..wordsize-1]),
217 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
218 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,3,j] | j in 0..wordsize-1]),26),
219 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[statestart[r+1,3,j] | j in 0..wordsize-1]),51)
220 | }
221 | in Xor4(tmp,tmpb,tmpc,tmpd)
222 | );
223 | 
224 | 
225 | %row4 Aj
226 | constraint forall (r in 0..R-1) (
227 | let {
228 |     array [0..wordsize-1] of var 0..1:tmp=array1d(0..wordsize-1,[state_east[r,4,j] | j in 0..wordsize-1]),
229 |     array [0..wordsize-1] of var 0..1:tmpb=RRot(array1d(0..wordsize-1,[state_E[r,2,j] | j in 0..wordsize-1]),26),
230 |     array [0..wordsize-1] of var 0..1:tmpc=RRot(array1d(0..wordsize-1,[state_F[r,4,j] | j in 0..wordsize-1]),26),
231 |     array [0..wordsize-1] of var 0..1:tmpd=RRot(array1d(0..wordsize-1,[statestart[r+1,4,j] | j in 0..wordsize-1]),45)
232 | }
233 | in Xor4(tmp,tmpb,tmpc,tmpd)
234 | );
235 | 
236 | 
237 | 
238 | 
239 | 
240 | 
241 | % search strategy
242 | ann: search_ann;
243 | search_ann = seq_search([
244 |     int_search(row(sboxes,0), random_order, indomain_min, complete),
245 |     int_search(row(sboxes,1), random_order, indomain_min, complete),
246 |     %int_search(row(sboxes,2), random_order, indomain_min, complete),
247 |     int_search(array1d(prb), occurrence, indomain_min, complete)]);
248 | 
249 | 
250 | constraint forall(k in 0..R, j in 0..63) (sboxes[k,j] = checkActive([statestart[k,i,j] | i in 0..4]));
251 | 
252 | 
253 | solve :: restart_constant(10000)
254 | :: search_ann minimize obj;
255 | 
256 | 
257 | 
258 | 
259 | 
260 | % %change to left
261 | % % Right rotation of X by val positions
262 | % function array[0..wordsize-1] of var 0..1: RRot(array[0..(wordsize-1)] of var 0..1: X, int: val)=
263 | % array1d(0..wordsize-1, [X[(j+val) mod wordsize] | j in 0..wordsize-1]);
264 | 
265 | %Right for linear
266 | % Right rotation of X by val positions
267 | function array[0..wordsize-1] of var 0..1: RRot(array[0..(wordsize-1)] of var 0..1: X, int: val)=
268 | array1d(0..wordsize-1, [X[(wordsize+j-val) mod wordsize] | j in 0..wordsize-1]);
269 | 
270 | 
271 | 
272 | % XOR of 4 arrays equals zero
273 | predicate Xor4(
274 |   array[0..wordsize-1] of var 0..1: a,
275 |   array[0..wordsize-1] of var 0..1: b,
276 |   array[0..wordsize-1] of var 0..1: c,
277 |   array[0..wordsize-1] of var 0..1: d)=
278 |     forall(i in 0..wordsize-1)(a[i]+b[i]+c[i]+d[i] in {0,2,4});
279 | 
280 | 
281 | predicate Xor3(
282 |   array[0..wordsize-1] of var 0..1: a,
283 |   array[0..wordsize-1] of var 0..1: b,
284 |   array[0..wordsize-1] of var 0..1: c)=
285 |     forall(i in 0..wordsize-1)(a[i]+b[i]+c[i] in {0,2});
286 | 
287 | 
288 | 
289 | % XOR of 2 arrays equals zero
290 | predicate Xor2(
291 |   array[0..wordsize-1] of var 0..1: a,
292 |   array[0..wordsize-1] of var 0..1: b,)=
293 |     forall(i in 0..wordsize-1)(a[i]+b[i] in {0,2});
294 | 
295 | % XOR of 5 arrays equals zero
296 | predicate Xor5(
297 |   array[0..wordsize-1] of var 0..1: a,
298 |   array[0..wordsize-1] of var 0..1: b,
299 |   array[0..wordsize-1] of var 0..1: c,
300 |   array[0..wordsize-1] of var 0..1: d,
301 |   array[0..wordsize-1] of var 0..1: e)=
302 |     forall(i in 0..wordsize-1)(a[i]+b[i]+c[i]+d[i]+e[i] in {0,2,4});
303 | 
304 | 
305 |   % XOR of 6 arrays equals zero
306 | predicate Xor6(
307 |   array[0..wordsize-1] of var 0..1: a,
308 |   array[0..wordsize-1] of var 0..1: b,
309 |   array[0..wordsize-1] of var 0..1: c,
310 |   array[0..wordsize-1] of var 0..1: d,
311 |   array[0..wordsize-1] of var 0..1: e,
312 |   array[0..wordsize-1] of var 0..1: f)=
313 |     forall(i in 0..wordsize-1)(a[i]+b[i]+c[i]+d[i]+e[i]+f[i] in {0,2,4,6});
314 | 
315 | % checking activeness of each Sbox
316 | predicate checkActive(array[int] of var 0..1: a) =
317 |             let { int: len = length(a) }
318 |           in
319 |             sum(i in 1..len) (a[i]) > 0;
320 | 
321 | 
322 | % checking activeness of each Sbox
323 | predicate checkzero(array[int] of var 0..1: a) =
324 |             let { int: len = length(a) }
325 |           in
326 |             sum(i in 1..len) (a[i]) = 0;
327 | 
328 | % for printing purposes only
329 | array[0..R] of var int: Sboxes;
330 | constraint forall (k in 0..R)(
331 |   Sboxes[k] = sum(j in 0..63)(bool2int(checkActive([statestart[k,i,j] | i in 0..4])))
332 | );
333 | 
334 | 
335 | output [
336 |         if i==0 then "\n Round " ++show(r) ++"\n beforeSB : \n" else "" endif
337 |         ++ if i<5 then show([statestart[r,i,j] | j in 0..wordsize-1]) ++ " \n" else "" endif ++
338 |         if i==4 then "after SB : \n" else "" endif
339 |          ++ if i>=4 then show([stateend[r,i-4,j] | j in 0..wordsize-1]) ++ " \n" else "" endif   | r in 0..R, i in 0..8]
340 |          ++ [show([Sboxes[i] | i in 0..R]) ++ " " ++ show(obj) ++ "\n"] ++ [show([prb[i] | i in 64*k..64*(k+1)-1]) ++ " " ++ show(sum([prb[i] | i in 64*k..64*(k+1)-1])) ++ "\n" | k in 0..R ];
341 | 
342 | 
343 | 
344 | array [1..687, 1..11] of int : DDT = array2d(1..687,1..11,[0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 241, 0, 0, 0, 0, 1, 0, 0, 0, 1, 0, 300, 0, 0, 0, 0, 1, 0, 0, 0, 1, 1, 241, 0, 0, 0, 0, 1, 0, 0, 1, 0, 0, 300, 0, 0, 0, 0, 1, 0, 0, 1, 0, 1, 400, 0, 0, 0, 0, 1, 0, 0, 1, 1, 1, 400, 0, 0, 0, 0, 1, 0, 1, 0, 0, 0, 200, 0, 0, 0, 0, 1, 0, 1, 0, 0, 1, 400, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 300, 0, 0, 0, 0, 1, 0, 1, 0, 1, 1, 400, 0, 0, 0, 0, 1, 0, 1, 1, 0, 0, 300, 0, 0, 0, 0, 1, 0, 1, 1, 0, 1, 400, 0, 0, 0, 0, 1, 0, 1, 1, 1, 1, 400, 0, 0, 0, 0, 1, 1, 0, 0, 0, 0, 400, 0, 0, 0, 0, 1, 1, 0, 0, 1, 0, 400, 0, 0, 0, 0, 1, 1, 0, 1, 0, 0, 400, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 400, 0, 0, 0, 0, 1, 1, 1, 0, 0, 0, 400, 0, 0, 0, 0, 1, 1, 1, 0, 1, 0, 400, 0, 0, 0, 0, 1, 1, 1, 1, 0, 0, 400, 0, 0, 0, 0, 1, 1, 1, 1, 1, 0, 400, 0, 0, 0, 1, 0, 0, 0, 0, 0, 1, 300, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 300, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 200, 0, 0, 0, 1, 0, 0, 0, 1, 0, 1, 300, 0, 0, 0, 1, 0, 0, 0, 1, 1, 0, 300, 0, 0, 0, 1, 0, 0, 1, 0, 0, 0, 400, 0, 0, 0, 1, 0, 0, 1, 0, 0, 1, 400, 0, 0, 0, 1, 0, 0, 1, 0, 1, 0, 400, 0, 0, 0, 1, 0, 0, 1, 0, 1, 1, 400, 0, 0, 0, 1, 0, 0, 1, 1, 0, 0, 400, 0, 0, 0, 1, 0, 0, 1, 1, 0, 1, 400, 0, 0, 0, 1, 0, 0, 1, 1, 1, 0, 400, 0, 0, 0, 1, 0, 0, 1, 1, 1, 1, 400, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 241, 0, 0, 0, 1, 0, 1, 0, 0, 0, 1, 241, 0, 0, 0, 1, 0, 1, 0, 0, 1, 0, 400, 0, 0, 0, 1, 0, 1, 0, 0, 1, 1, 400, 0, 0, 0, 1, 0, 1, 0, 1, 0, 0, 400, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 400, 0, 0, 0, 1, 0, 1, 0, 1, 1, 0, 400, 0, 0, 0, 1, 0, 1, 0, 1, 1, 1, 400, 0, 0, 0, 1, 1, 0, 0, 0, 0, 1, 400, 0, 0, 0, 1, 1, 0, 0, 0, 1, 0, 300, 0, 0, 0, 1, 1, 0, 0, 0, 1, 1, 400, 0, 0, 0, 1, 1, 0, 0, 1, 0, 0, 300, 0, 0, 0, 1, 1, 0, 0, 1, 0, 1, 241, 0, 0, 0, 1, 1, 0, 0, 1, 1, 1, 241, 0, 0, 0, 1, 1, 0, 1, 0, 0, 0, 400, 0, 0, 0, 1, 1, 0, 1, 0, 0, 1, 300, 0, 0, 0, 1, 1, 0, 1, 0, 1, 0, 400, 0, 0, 0, 1, 1, 0, 1, 0, 1, 1, 300, 0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 400, 0, 0, 0, 1, 1, 0, 1, 1, 1, 0, 400, 0, 0, 0, 1, 1, 1, 0, 0, 0, 1, 400, 0, 0, 0, 1, 1, 1, 0, 0, 1, 1, 400, 0, 0, 0, 1, 1, 1, 0, 1, 0, 1, 400, 0, 0, 0, 1, 1, 1, 0, 1, 1, 1, 400, 0, 0, 0, 1, 1, 1, 1, 0, 0, 0, 241, 0, 0, 0, 1, 1, 1, 1, 0, 0, 1, 300, 0, 0, 0, 1, 1, 1, 1, 0, 1, 0, 400, 0, 0, 0, 1, 1, 1, 1, 1, 0, 0, 400, 0, 0, 0, 1, 1, 1, 1, 1, 0, 1, 300, 0, 0, 0, 1, 1, 1, 1, 1, 1, 0, 400, 0, 0, 1, 0, 0, 0, 0, 0, 0, 1, 300, 0, 0, 1, 0, 0, 0, 0, 0, 1, 0, 200, 0, 0, 1, 0, 0, 0, 0, 0, 1, 1, 300, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 400, 0, 0, 1, 0, 0, 0, 0, 1, 0, 1, 400, 0, 0, 1, 0, 0, 0, 0, 1, 1, 0, 400, 0, 0, 1, 0, 0, 0, 0, 1, 1, 1, 400, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 241, 0, 0, 1, 0, 0, 0, 1, 0, 0, 1, 400, 0, 0, 1, 0, 0, 0, 1, 0, 1, 0, 400, 0, 0, 1, 0, 0, 0, 1, 0, 1, 1, 400, 0, 0, 1, 0, 0, 1, 0, 0, 0, 0, 300, 0, 0, 1, 0, 0, 1, 0, 0, 1, 0, 300, 0, 0, 1, 0, 0, 1, 0, 1, 0, 0, 400, 0, 0, 1, 0, 0, 1, 0, 1, 0, 1, 400, 0, 0, 1, 0, 0, 1, 0, 1, 1, 0, 400, 0, 0, 1, 0, 0, 1, 0, 1, 1, 1, 400, 0, 0, 1, 0, 0, 1, 1, 0, 0, 0, 241, 0, 0, 1, 0, 0, 1, 1, 0, 0, 1, 400, 0, 0, 1, 0, 0, 1, 1, 0, 1, 0, 400, 0, 0, 1, 0, 0, 1, 1, 0, 1, 1, 400, 0, 0, 1, 0, 1, 0, 0, 0, 0, 1, 400, 0, 0, 1, 0, 1, 0, 0, 0, 1, 1, 241, 0, 0, 1, 0, 1, 0, 0, 1, 0, 0, 400, 0, 0, 1, 0, 1, 0, 0, 1, 1, 0, 400, 0, 0, 1, 0, 1, 0, 1, 0, 0, 0, 400, 0, 0, 1, 0, 1, 0, 1, 0, 1, 0, 400, 0, 0, 1, 0, 1, 0, 1, 0, 1, 1, 200, 0, 0, 1, 0, 1, 0, 1, 1, 0, 1, 400, 0, 0, 1, 0, 1, 0, 1, 1, 1, 1, 400, 0, 0, 1, 0, 1, 1, 0, 0, 0, 0, 400, 0, 0, 1, 0, 1, 1, 0, 0, 0, 1, 300, 0, 0, 1, 0, 1, 1, 0, 0, 1, 0, 400, 0, 0, 1, 0, 1, 1, 0, 1, 0, 0, 300, 0, 0, 1, 0, 1, 1, 0, 1, 0, 1, 400, 0, 0, 1, 0, 1, 1, 0, 1, 1, 1, 400, 0, 0, 1, 0, 1, 1, 1, 0, 0, 1, 400, 0, 0, 1, 0, 1, 1, 1, 0, 1, 0, 300, 0, 0, 1, 0, 1, 1, 1, 0, 1, 1, 400, 0, 0, 1, 0, 1, 1, 1, 1, 0, 0, 241, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 400, 0, 0, 1, 0, 1, 1, 1, 1, 1, 1, 300, 0, 0, 1, 1, 0, 0, 0, 0, 0, 1, 300, 0, 0, 1, 1, 0, 0, 0, 0, 1, 0, 300, 0, 0, 1, 1, 0, 0, 0, 1, 0, 0, 400, 0, 0, 1, 1, 0, 0, 0, 1, 0, 1, 400, 0, 0, 1, 1, 0, 0, 0, 1, 1, 0, 400, 0, 0, 1, 1, 0, 0, 0, 1, 1, 1, 400, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 241, 0, 0, 1, 1, 0, 0, 1, 1, 0, 1, 400, 0, 0, 1, 1, 0, 0, 1, 1, 1, 0, 400, 0, 0, 1, 1, 0, 0, 1, 1, 1, 1, 400, 0, 0, 1, 1, 0, 1, 0, 0, 0, 0, 400, 0, 0, 1, 1, 0, 1, 0, 0, 0, 1, 400, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 241, 0, 0, 1, 1, 0, 1, 0, 0, 1, 1, 241, 0, 0, 1, 1, 0, 1, 0, 1, 0, 0, 300, 0, 0, 1, 1, 0, 1, 0, 1, 0, 1, 300, 0, 0, 1, 1, 0, 1, 1, 0, 0, 0, 400, 0, 0, 1, 1, 0, 1, 1, 0, 0, 1, 400, 0, 0, 1, 1, 0, 1, 1, 0, 1, 0, 400, 0, 0, 1, 1, 0, 1, 1, 0, 1, 1, 400, 0, 0, 1, 1, 0, 1, 1, 1, 0, 0, 300, 0, 0, 1, 1, 0, 1, 1, 1, 1, 0, 300, 0, 0, 1, 1, 1, 0, 0, 0, 0, 1, 400, 0, 0, 1, 1, 1, 0, 0, 0, 1, 1, 400, 0, 0, 1, 1, 1, 0, 0, 1, 0, 0, 400, 0, 0, 1, 1, 1, 0, 0, 1, 0, 1, 300, 0, 0, 1, 1, 1, 0, 0, 1, 1, 0, 400, 0, 0, 1, 1, 1, 0, 0, 1, 1, 1, 300, 0, 0, 1, 1, 1, 0, 1, 0, 0, 1, 400, 0, 0, 1, 1, 1, 0, 1, 0, 1, 0, 300, 0, 0, 1, 1, 1, 0, 1, 0, 1, 1, 400, 0, 0, 1, 1, 1, 0, 1, 1, 0, 0, 400, 0, 0, 1, 1, 1, 0, 1, 1, 1, 0, 400, 0, 0, 1, 1, 1, 0, 1, 1, 1, 1, 300, 0, 0, 1, 1, 1, 1, 0, 0, 0, 0, 300, 0, 0, 1, 1, 1, 1, 0, 0, 0, 1, 400, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 241, 0, 0, 1, 1, 1, 1, 0, 1, 0, 0, 400, 0, 0, 1, 1, 1, 1, 0, 1, 1, 0, 400, 0, 0, 1, 1, 1, 1, 0, 1, 1, 1, 300, 0, 0, 1, 1, 1, 1, 1, 0, 0, 0, 300, 0, 0, 1, 1, 1, 1, 1, 0, 0, 1, 400, 0, 0, 1, 1, 1, 1, 1, 0, 1, 0, 300, 0, 0, 1, 1, 1, 1, 1, 0, 1, 1, 400, 0, 0, 1, 1, 1, 1, 1, 1, 0, 0, 400, 0, 0, 1, 1, 1, 1, 1, 1, 0, 1, 300, 0, 0, 1, 1, 1, 1, 1, 1, 1, 0, 400, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 300, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 200, 0, 1, 0, 0, 0, 0, 0, 0, 1, 0, 400, 0, 1, 0, 0, 0, 0, 0, 0, 1, 1, 400, 0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 241, 0, 1, 0, 0, 0, 0, 0, 1, 0, 1, 400, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 300, 0, 1, 0, 0, 0, 0, 1, 0, 0, 1, 300, 0, 1, 0, 0, 0, 0, 1, 0, 1, 0, 400, 0, 1, 0, 0, 0, 0, 1, 0, 1, 1, 400, 0, 1, 0, 0, 0, 0, 1, 1, 0, 0, 241, 0, 1, 0, 0, 0, 0, 1, 1, 0, 1, 400, 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, 300, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1, 300, 0, 1, 0, 0, 0, 1, 0, 0, 1, 0, 400, 0, 1, 0, 0, 0, 1, 0, 0, 1, 1, 400, 0, 1, 0, 0, 0, 1, 0, 1, 0, 0, 400, 0, 1, 0, 0, 0, 1, 0, 1, 0, 1, 400, 0, 1, 0, 0, 0, 1, 1, 0, 1, 0, 400, 0, 1, 0, 0, 0, 1, 1, 0, 1, 1, 400, 0, 1, 0, 0, 0, 1, 1, 1, 0, 0, 400, 0, 1, 0, 0, 0, 1, 1, 1, 0, 1, 400, 0, 1, 0, 0, 1, 0, 0, 0, 0, 1, 400, 0, 1, 0, 0, 1, 0, 0, 0, 1, 0, 400, 0, 1, 0, 0, 1, 0, 0, 1, 0, 0, 400, 0, 1, 0, 0, 1, 0, 0, 1, 1, 0, 300, 0, 1, 0, 0, 1, 0, 0, 1, 1, 1, 400, 0, 1, 0, 0, 1, 0, 1, 0, 0, 1, 400, 0, 1, 0, 0, 1, 0, 1, 0, 1, 0, 400, 0, 1, 0, 0, 1, 0, 1, 0, 1, 1, 300, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 241, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 200, 0, 1, 0, 0, 1, 0, 1, 1, 1, 1, 400, 0, 1, 0, 0, 1, 1, 0, 0, 0, 0, 400, 0, 1, 0, 0, 1, 1, 0, 0, 1, 0, 300, 0, 1, 0, 0, 1, 1, 0, 0, 1, 1, 241, 0, 1, 0, 0, 1, 1, 0, 1, 0, 1, 400, 0, 1, 0, 0, 1, 1, 0, 1, 1, 0, 400, 0, 1, 0, 0, 1, 1, 1, 0, 0, 0, 400, 0, 1, 0, 0, 1, 1, 1, 0, 1, 1, 400, 0, 1, 0, 0, 1, 1, 1, 1, 0, 1, 400, 0, 1, 0, 0, 1, 1, 1, 1, 1, 0, 400, 0, 1, 0, 0, 1, 1, 1, 1, 1, 1, 300, 0, 1, 0, 1, 0, 0, 0, 0, 1, 0, 400, 0, 1, 0, 1, 0, 0, 0, 0, 1, 1, 400, 0, 1, 0, 1, 0, 0, 0, 1, 0, 0, 400, 0, 1, 0, 1, 0, 0, 0, 1, 0, 1, 400, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 400, 0, 1, 0, 1, 0, 0, 1, 0, 0, 1, 400, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 300, 0, 1, 0, 1, 0, 0, 1, 1, 0, 1, 300, 0, 1, 0, 1, 0, 0, 1, 1, 1, 0, 241, 0, 1, 0, 1, 0, 0, 1, 1, 1, 1, 400, 0, 1, 0, 1, 0, 1, 0, 0, 0, 0, 400, 0, 1, 0, 1, 0, 1, 0, 0, 0, 1, 241, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 200, 0, 1, 0, 1, 0, 1, 0, 1, 1, 0, 400, 0, 1, 0, 1, 0, 1, 0, 1, 1, 1, 400, 0, 1, 0, 1, 0, 1, 1, 0, 0, 0, 300, 0, 1, 0, 1, 0, 1, 1, 0, 1, 0, 400, 0, 1, 0, 1, 0, 1, 1, 0, 1, 1, 400, 0, 1, 0, 1, 0, 1, 1, 1, 0, 0, 400, 0, 1, 0, 1, 0, 1, 1, 1, 0, 1, 400, 0, 1, 0, 1, 0, 1, 1, 1, 1, 1, 300, 0, 1, 0, 1, 1, 0, 0, 0, 0, 1, 400, 0, 1, 0, 1, 1, 0, 0, 0, 1, 0, 400, 0, 1, 0, 1, 1, 0, 0, 1, 0, 0, 400, 0, 1, 0, 1, 1, 0, 0, 1, 0, 1, 300, 0, 1, 0, 1, 1, 0, 0, 1, 1, 1, 400, 0, 1, 0, 1, 1, 0, 1, 0, 0, 0, 400, 0, 1, 0, 1, 1, 0, 1, 0, 0, 1, 300, 0, 1, 0, 1, 1, 0, 1, 0, 1, 0, 300, 0, 1, 0, 1, 1, 0, 1, 0, 1, 1, 400, 0, 1, 0, 1, 1, 0, 1, 1, 0, 1, 400, 0, 1, 0, 1, 1, 0, 1, 1, 1, 0, 400, 0, 1, 0, 1, 1, 0, 1, 1, 1, 1, 300, 0, 1, 0, 1, 1, 1, 0, 0, 0, 1, 400, 0, 1, 0, 1, 1, 1, 0, 0, 1, 0, 400, 0, 1, 0, 1, 1, 1, 0, 1, 0, 0, 400, 0, 1, 0, 1, 1, 1, 0, 1, 1, 0, 300, 0, 1, 0, 1, 1, 1, 0, 1, 1, 1, 241, 0, 1, 0, 1, 1, 1, 1, 0, 0, 0, 400, 0, 1, 0, 1, 1, 1, 1, 0, 0, 1, 300, 0, 1, 0, 1, 1, 1, 1, 0, 1, 0, 300, 0, 1, 0, 1, 1, 1, 1, 0, 1, 1, 400, 0, 1, 0, 1, 1, 1, 1, 1, 0, 0, 300, 0, 1, 0, 1, 1, 1, 1, 1, 0, 1, 241, 0, 1, 0, 1, 1, 1, 1, 1, 1, 0, 400, 0, 1, 1, 0, 0, 0, 0, 0, 0, 1, 300, 0, 1, 1, 0, 0, 0, 0, 0, 1, 0, 400, 0, 1, 1, 0, 0, 0, 0, 0, 1, 1, 400, 0, 1, 1, 0, 0, 0, 0, 1, 1, 0, 241, 0, 1, 1, 0, 0, 0, 0, 1, 1, 1, 400, 0, 1, 1, 0, 0, 0, 1, 0, 0, 0, 400, 0, 1, 1, 0, 0, 0, 1, 0, 0, 1, 241, 0, 1, 1, 0, 0, 0, 1, 0, 1, 0, 300, 0, 1, 1, 0, 0, 0, 1, 1, 0, 0, 400, 0, 1, 1, 0, 0, 0, 1, 1, 0, 1, 400, 0, 1, 1, 0, 0, 0, 1, 1, 1, 0, 300, 0, 1, 1, 0, 0, 0, 1, 1, 1, 1, 300, 0, 1, 1, 0, 0, 1, 0, 0, 0, 0, 300, 0, 1, 1, 0, 0, 1, 0, 0, 1, 0, 400, 0, 1, 1, 0, 0, 1, 0, 0, 1, 1, 400, 0, 1, 1, 0, 0, 1, 0, 1, 1, 0, 400, 0, 1, 1, 0, 0, 1, 0, 1, 1, 1, 400, 0, 1, 1, 0, 0, 1, 1, 0, 0, 0, 400, 0, 1, 1, 0, 0, 1, 1, 0, 0, 1, 241, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 300, 0, 1, 1, 0, 0, 1, 1, 1, 0, 0, 400, 0, 1, 1, 0, 0, 1, 1, 1, 0, 1, 400, 0, 1, 1, 0, 1, 0, 0, 0, 0, 1, 400, 0, 1, 1, 0, 1, 0, 0, 0, 1, 0, 400, 0, 1, 1, 0, 1, 0, 0, 1, 0, 1, 400, 0, 1, 1, 0, 1, 0, 0, 1, 1, 0, 400, 0, 1, 1, 0, 1, 0, 0, 1, 1, 1, 300, 0, 1, 1, 0, 1, 0, 1, 0, 0, 0, 400, 0, 1, 1, 0, 1, 0, 1, 0, 0, 1, 300, 0, 1, 1, 0, 1, 0, 1, 0, 1, 0, 300, 0, 1, 1, 0, 1, 0, 1, 0, 1, 1, 400, 0, 1, 1, 0, 1, 0, 1, 1, 0, 0, 400, 0, 1, 1, 0, 1, 0, 1, 1, 1, 0, 300, 0, 1, 1, 0, 1, 0, 1, 1, 1, 1, 241, 0, 1, 1, 0, 1, 1, 0, 0, 0, 0, 400, 0, 1, 1, 0, 1, 1, 0, 0, 1, 0, 300, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 400, 0, 1, 1, 0, 1, 1, 0, 1, 0, 0, 400, 0, 1, 1, 0, 1, 1, 0, 1, 0, 1, 300, 0, 1, 1, 0, 1, 1, 0, 1, 1, 0, 300, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 400, 0, 1, 1, 0, 1, 1, 1, 0, 0, 1, 400, 0, 1, 1, 0, 1, 1, 1, 0, 1, 0, 400, 0, 1, 1, 0, 1, 1, 1, 0, 1, 1, 300, 0, 1, 1, 0, 1, 1, 1, 1, 0, 1, 241, 0, 1, 1, 0, 1, 1, 1, 1, 1, 0, 400, 0, 1, 1, 1, 0, 0, 0, 0, 1, 0, 400, 0, 1, 1, 1, 0, 0, 0, 0, 1, 1, 400, 0, 1, 1, 1, 0, 0, 0, 1, 0, 1, 300, 0, 1, 1, 1, 0, 0, 0, 1, 1, 0, 400, 0, 1, 1, 1, 0, 0, 0, 1, 1, 1, 400, 0, 1, 1, 1, 0, 0, 1, 0, 0, 0, 300, 0, 1, 1, 1, 0, 0, 1, 0, 1, 0, 400, 0, 1, 1, 1, 0, 0, 1, 0, 1, 1, 400, 0, 1, 1, 1, 0, 0, 1, 1, 0, 0, 300, 0, 1, 1, 1, 0, 0, 1, 1, 0, 1, 300, 0, 1, 1, 1, 0, 0, 1, 1, 1, 0, 400, 0, 1, 1, 1, 0, 0, 1, 1, 1, 1, 400, 0, 1, 1, 1, 0, 1, 0, 0, 0, 0, 400, 0, 1, 1, 1, 0, 1, 0, 0, 0, 1, 400, 0, 1, 1, 1, 0, 1, 0, 0, 1, 0, 300, 0, 1, 1, 1, 0, 1, 0, 0, 1, 1, 300, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 400, 0, 1, 1, 1, 0, 1, 0, 1, 0, 1, 400, 0, 1, 1, 1, 0, 1, 0, 1, 1, 1, 300, 0, 1, 1, 1, 0, 1, 1, 0, 0, 0, 400, 0, 1, 1, 1, 0, 1, 1, 0, 0, 1, 241, 0, 1, 1, 1, 0, 1, 1, 0, 1, 1, 300, 0, 1, 1, 1, 0, 1, 1, 1, 0, 0, 400, 0, 1, 1, 1, 0, 1, 1, 1, 0, 1, 400, 0, 1, 1, 1, 0, 1, 1, 1, 1, 0, 300, 0, 1, 1, 1, 0, 1, 1, 1, 1, 1, 300, 0, 1, 1, 1, 1, 0, 0, 0, 0, 1, 400, 0, 1, 1, 1, 1, 0, 0, 0, 1, 0, 400, 0, 1, 1, 1, 1, 0, 0, 0, 1, 1, 300, 0, 1, 1, 1, 1, 0, 0, 1, 0, 1, 400, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 400, 0, 1, 1, 1, 1, 0, 1, 0, 0, 1, 400, 0, 1, 1, 1, 1, 0, 1, 0, 1, 0, 400, 0, 1, 1, 1, 1, 0, 1, 1, 0, 1, 241, 0, 1, 1, 1, 1, 0, 1, 1, 1, 0, 400, 0, 1, 1, 1, 1, 0, 1, 1, 1, 1, 300, 0, 1, 1, 1, 1, 1, 0, 0, 0, 1, 241, 0, 1, 1, 1, 1, 1, 0, 0, 1, 0, 241, 0, 1, 1, 1, 1, 1, 0, 0, 1, 1, 300, 0, 1, 1, 1, 1, 1, 0, 1, 0, 1, 400, 0, 1, 1, 1, 1, 1, 0, 1, 1, 0, 400, 0, 1, 1, 1, 1, 1, 1, 0, 0, 1, 400, 0, 1, 1, 1, 1, 1, 1, 0, 1, 0, 400, 0, 1, 1, 1, 1, 1, 1, 1, 0, 1, 400, 0, 1, 1, 1, 1, 1, 1, 1, 1, 0, 241, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 300, 1, 0, 0, 0, 0, 0, 0, 0, 0, 1, 400, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 241, 1, 0, 0, 0, 0, 0, 0, 1, 0, 0, 300, 1, 0, 0, 0, 0, 0, 0, 1, 0, 1, 400, 1, 0, 0, 0, 0, 0, 0, 1, 1, 0, 241, 1, 0, 0, 0, 0, 0, 1, 0, 0, 0, 300, 1, 0, 0, 0, 0, 0, 1, 0, 0, 1, 400, 1, 0, 0, 0, 0, 0, 1, 0, 1, 0, 400, 1, 0, 0, 0, 0, 0, 1, 1, 0, 1, 400, 1, 0, 0, 0, 0, 0, 1, 1, 1, 0, 400, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 200, 1, 0, 0, 0, 0, 1, 0, 0, 0, 1, 400, 1, 0, 0, 0, 0, 1, 0, 0, 1, 0, 400, 1, 0, 0, 0, 0, 1, 0, 1, 0, 0, 300, 1, 0, 0, 0, 0, 1, 0, 1, 0, 1, 400, 1, 0, 0, 0, 0, 1, 0, 1, 1, 0, 400, 1, 0, 0, 0, 0, 1, 1, 0, 0, 0, 300, 1, 0, 0, 0, 0, 1, 1, 0, 0, 1, 400, 1, 0, 0, 0, 0, 1, 1, 0, 1, 0, 400, 1, 0, 0, 0, 0, 1, 1, 1, 0, 1, 400, 1, 0, 0, 0, 0, 1, 1, 1, 1, 0, 400, 1, 0, 0, 0, 1, 0, 0, 0, 1, 0, 400, 1, 0, 0, 0, 1, 0, 0, 0, 1, 1, 400, 1, 0, 0, 0, 1, 0, 0, 1, 0, 0, 300, 1, 0, 0, 0, 1, 0, 0, 1, 1, 0, 400, 1, 0, 0, 0, 1, 0, 0, 1, 1, 1, 400, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 300, 1, 0, 0, 0, 1, 0, 1, 0, 1, 0, 241, 1, 0, 0, 0, 1, 0, 1, 0, 1, 1, 400, 1, 0, 0, 0, 1, 0, 1, 1, 1, 0, 241, 1, 0, 0, 0, 1, 0, 1, 1, 1, 1, 400, 1, 0, 0, 0, 1, 1, 0, 0, 0, 0, 400, 1, 0, 0, 0, 1, 1, 0, 0, 0, 1, 241, 1, 0, 0, 0, 1, 1, 0, 0, 1, 0, 300, 1, 0, 0, 0, 1, 1, 0, 0, 1, 1, 300, 1, 0, 0, 0, 1, 1, 0, 1, 0, 0, 400, 1, 0, 0, 0, 1, 1, 0, 1, 0, 1, 400, 1, 0, 0, 0, 1, 1, 0, 1, 1, 0, 300, 1, 0, 0, 0, 1, 1, 1, 0, 0, 0, 400, 1, 0, 0, 0, 1, 1, 1, 0, 0, 1, 400, 1, 0, 0, 0, 1, 1, 1, 0, 1, 1, 300, 1, 0, 0, 0, 1, 1, 1, 1, 0, 0, 400, 1, 0, 0, 0, 1, 1, 1, 1, 0, 1, 400, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 400, 1, 0, 0, 1, 0, 0, 0, 0, 1, 0, 400, 1, 0, 0, 1, 0, 0, 0, 0, 1, 1, 300, 1, 0, 0, 1, 0, 0, 0, 1, 0, 1, 400, 1, 0, 0, 1, 0, 0, 0, 1, 1, 0, 241, 1, 0, 0, 1, 0, 0, 1, 0, 0, 0, 400, 1, 0, 0, 1, 0, 0, 1, 0, 0, 1, 300, 1, 0, 0, 1, 0, 0, 1, 0, 1, 1, 400, 1, 0, 0, 1, 0, 0, 1, 1, 0, 0, 400, 1, 0, 0, 1, 0, 0, 1, 1, 1, 1, 400, 1, 0, 0, 1, 0, 1, 0, 0, 0, 0, 400, 1, 0, 0, 1, 0, 1, 0, 0, 1, 1, 400, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 400, 1, 0, 0, 1, 0, 1, 0, 1, 0, 1, 300, 1, 0, 0, 1, 0, 1, 0, 1, 1, 0, 200, 1, 0, 0, 1, 0, 1, 0, 1, 1, 1, 400, 1, 0, 0, 1, 0, 1, 1, 0, 0, 1, 241, 1, 0, 0, 1, 0, 1, 1, 0, 1, 0, 400, 1, 0, 0, 1, 0, 1, 1, 1, 0, 1, 400, 1, 0, 0, 1, 0, 1, 1, 1, 1, 0, 400, 1, 0, 0, 1, 0, 1, 1, 1, 1, 1, 300, 1, 0, 0, 1, 1, 0, 0, 0, 0, 1, 300, 1, 0, 0, 1, 1, 0, 0, 0, 1, 0, 400, 1, 0, 0, 1, 1, 0, 0, 0, 1, 1, 400, 1, 0, 0, 1, 1, 0, 0, 1, 1, 0, 400, 1, 0, 0, 1, 1, 0, 0, 1, 1, 1, 241, 1, 0, 0, 1, 1, 0, 1, 0, 0, 0, 400, 1, 0, 0, 1, 1, 0, 1, 0, 0, 1, 400, 1, 0, 0, 1, 1, 0, 1, 0, 1, 0, 300, 1, 0, 0, 1, 1, 0, 1, 1, 0, 0, 400, 1, 0, 0, 1, 1, 0, 1, 1, 0, 1, 400, 1, 0, 0, 1, 1, 0, 1, 1, 1, 0, 300, 1, 0, 0, 1, 1, 0, 1, 1, 1, 1, 300, 1, 0, 0, 1, 1, 1, 0, 0, 0, 1, 300, 1, 0, 0, 1, 1, 1, 0, 0, 1, 0, 400, 1, 0, 0, 1, 1, 1, 0, 0, 1, 1, 400, 1, 0, 0, 1, 1, 1, 0, 1, 0, 0, 300, 1, 0, 0, 1, 1, 1, 0, 1, 0, 1, 300, 1, 0, 0, 1, 1, 1, 0, 1, 1, 0, 400, 1, 0, 0, 1, 1, 1, 0, 1, 1, 1, 400, 1, 0, 0, 1, 1, 1, 1, 0, 0, 0, 400, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 400, 1, 0, 0, 1, 1, 1, 1, 0, 1, 1, 300, 1, 0, 0, 1, 1, 1, 1, 1, 0, 0, 400, 1, 0, 0, 1, 1, 1, 1, 1, 0, 1, 400, 1, 0, 0, 1, 1, 1, 1, 1, 1, 0, 300, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1, 300, 1, 0, 1, 0, 0, 0, 0, 0, 0, 1, 400, 1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 400, 1, 0, 1, 0, 0, 0, 0, 1, 0, 0, 400, 1, 0, 1, 0, 0, 0, 0, 1, 0, 1, 300, 1, 0, 1, 0, 0, 0, 0, 1, 1, 1, 241, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 400, 1, 0, 1, 0, 0, 0, 1, 0, 1, 1, 400, 1, 0, 1, 0, 0, 0, 1, 1, 0, 0, 300, 1, 0, 1, 0, 0, 0, 1, 1, 0, 1, 400, 1, 0, 1, 0, 0, 0, 1, 1, 1, 0, 400, 1, 0, 1, 0, 0, 1, 0, 0, 0, 1, 400, 1, 0, 1, 0, 0, 1, 0, 0, 1, 0, 400, 1, 0, 1, 0, 0, 1, 0, 1, 0, 0, 400, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 300, 1, 0, 1, 0, 0, 1, 0, 1, 1, 1, 400, 1, 0, 1, 0, 0, 1, 1, 0, 0, 0, 241, 1, 0, 1, 0, 0, 1, 1, 0, 1, 0, 200, 1, 0, 1, 0, 0, 1, 1, 0, 1, 1, 400, 1, 0, 1, 0, 0, 1, 1, 1, 0, 1, 400, 1, 0, 1, 0, 0, 1, 1, 1, 1, 0, 400, 1, 0, 1, 0, 0, 1, 1, 1, 1, 1, 300, 1, 0, 1, 0, 1, 0, 0, 0, 1, 0, 400, 1, 0, 1, 0, 1, 0, 0, 0, 1, 1, 400, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 400, 1, 0, 1, 0, 1, 0, 0, 1, 0, 1, 400, 1, 0, 1, 0, 1, 0, 1, 0, 0, 0, 400, 1, 0, 1, 0, 1, 0, 1, 0, 0, 1, 400, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 300, 1, 0, 1, 0, 1, 0, 1, 1, 0, 1, 300, 1, 0, 1, 0, 1, 0, 1, 1, 1, 0, 400, 1, 0, 1, 0, 1, 0, 1, 1, 1, 1, 241, 1, 0, 1, 0, 1, 1, 0, 0, 0, 0, 400, 1, 0, 1, 0, 1, 1, 0, 0, 0, 1, 400, 1, 0, 1, 0, 1, 1, 0, 0, 1, 0, 300, 1, 0, 1, 0, 1, 1, 0, 0, 1, 1, 300, 1, 0, 1, 0, 1, 1, 0, 1, 0, 0, 300, 1, 0, 1, 0, 1, 1, 0, 1, 0, 1, 300, 1, 0, 1, 0, 1, 1, 0, 1, 1, 0, 400, 1, 0, 1, 0, 1, 1, 0, 1, 1, 1, 400, 1, 0, 1, 0, 1, 1, 1, 0, 0, 1, 300, 1, 0, 1, 0, 1, 1, 1, 0, 1, 0, 400, 1, 0, 1, 0, 1, 1, 1, 0, 1, 1, 241, 1, 0, 1, 0, 1, 1, 1, 1, 0, 0, 400, 1, 0, 1, 0, 1, 1, 1, 1, 0, 1, 400, 1, 0, 1, 0, 1, 1, 1, 1, 1, 0, 300, 1, 0, 1, 1, 0, 0, 0, 0, 0, 1, 400, 1, 0, 1, 1, 0, 0, 0, 0, 1, 0, 400, 1, 0, 1, 1, 0, 0, 0, 1, 0, 0, 400, 1, 0, 1, 1, 0, 0, 0, 1, 0, 1, 300, 1, 0, 1, 1, 0, 0, 0, 1, 1, 1, 400, 1, 0, 1, 1, 0, 0, 1, 0, 0, 1, 400, 1, 0, 1, 1, 0, 0, 1, 0, 1, 0, 400, 1, 0, 1, 1, 0, 0, 1, 0, 1, 1, 300, 1, 0, 1, 1, 0, 0, 1, 1, 0, 0, 400, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 300, 1, 0, 1, 1, 0, 0, 1, 1, 1, 0, 300, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 400, 1, 0, 1, 1, 0, 1, 0, 0, 0, 0, 400, 1, 0, 1, 1, 0, 1, 0, 0, 1, 0, 300, 1, 0, 1, 1, 0, 1, 0, 0, 1, 1, 400, 1, 0, 1, 1, 0, 1, 0, 1, 0, 0, 300, 1, 0, 1, 1, 0, 1, 0, 1, 0, 1, 400, 1, 0, 1, 1, 0, 1, 0, 1, 1, 0, 400, 1, 0, 1, 1, 0, 1, 0, 1, 1, 1, 300, 1, 0, 1, 1, 0, 1, 1, 0, 0, 0, 400, 1, 0, 1, 1, 0, 1, 1, 0, 1, 1, 241, 1, 0, 1, 1, 0, 1, 1, 1, 0, 0, 300, 1, 0, 1, 1, 0, 1, 1, 1, 0, 1, 400, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 241, 1, 0, 1, 1, 1, 0, 0, 0, 1, 0, 400, 1, 0, 1, 1, 1, 0, 0, 0, 1, 1, 241, 1, 0, 1, 1, 1, 0, 0, 1, 0, 0, 400, 1, 0, 1, 1, 1, 0, 0, 1, 0, 1, 241, 1, 0, 1, 1, 1, 0, 0, 1, 1, 0, 300, 1, 0, 1, 1, 1, 0, 0, 1, 1, 1, 300, 1, 0, 1, 1, 1, 0, 1, 0, 1, 0, 400, 1, 0, 1, 1, 1, 0, 1, 0, 1, 1, 400, 1, 0, 1, 1, 1, 0, 1, 1, 0, 0, 400, 1, 0, 1, 1, 1, 0, 1, 1, 0, 1, 400, 1, 0, 1, 1, 1, 1, 0, 0, 1, 0, 400, 1, 0, 1, 1, 1, 1, 0, 0, 1, 1, 400, 1, 0, 1, 1, 1, 1, 0, 1, 0, 0, 400, 1, 0, 1, 1, 1, 1, 0, 1, 0, 1, 400, 1, 0, 1, 1, 1, 1, 1, 0, 1, 0, 241, 1, 0, 1, 1, 1, 1, 1, 0, 1, 1, 400, 1, 0, 1, 1, 1, 1, 1, 1, 0, 0, 400, 1, 0, 1, 1, 1, 1, 1, 1, 0, 1, 241, 1, 0, 1, 1, 1, 1, 1, 1, 1, 0, 300, 1, 0, 1, 1, 1, 1, 1, 1, 1, 1, 300, 1, 1, 0, 0, 0, 0, 0, 0, 0, 1, 400, 1, 1, 0, 0, 0, 0, 0, 0, 1, 1, 241, 1, 1, 0, 0, 0, 0, 0, 1, 0, 0, 400, 1, 1, 0, 0, 0, 0, 0, 1, 0, 1, 300, 1, 1, 0, 0, 0, 0, 0, 1, 1, 0, 400, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 300, 1, 1, 0, 0, 0, 0, 1, 0, 0, 0, 300, 1, 1, 0, 0, 0, 0, 1, 0, 0, 1, 400, 1, 1, 0, 0, 0, 0, 1, 0, 1, 1, 400, 1, 1, 0, 0, 0, 0, 1, 1, 0, 0, 400, 1, 1, 0, 0, 0, 0, 1, 1, 0, 1, 300, 1, 1, 0, 0, 0, 0, 1, 1, 1, 0, 400, 1, 1, 0, 0, 0, 1, 0, 0, 0, 0, 300, 1, 1, 0, 0, 0, 1, 0, 0, 0, 1, 400, 1, 1, 0, 0, 0, 1, 0, 0, 1, 1, 400, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 241, 1, 1, 0, 0, 0, 1, 0, 1, 1, 0, 400, 1, 1, 0, 0, 0, 1, 0, 1, 1, 1, 300, 1, 1, 0, 0, 0, 1, 1, 0, 0, 1, 400, 1, 1, 0, 0, 0, 1, 1, 0, 1, 1, 400, 1, 1, 0, 0, 0, 1, 1, 1, 0, 0, 241, 1, 1, 0, 0, 0, 1, 1, 1, 1, 0, 400, 1, 1, 0, 0, 1, 0, 0, 0, 1, 0, 300, 1, 1, 0, 0, 1, 0, 0, 0, 1, 1, 300, 1, 1, 0, 0, 1, 0, 0, 1, 0, 0, 400, 1, 1, 0, 0, 1, 0, 0, 1, 0, 1, 400, 1, 1, 0, 0, 1, 0, 0, 1, 1, 0, 400, 1, 1, 0, 0, 1, 0, 0, 1, 1, 1, 400, 1, 1, 0, 0, 1, 0, 1, 0, 0, 1, 300, 1, 1, 0, 0, 1, 0, 1, 0, 1, 1, 300, 1, 1, 0, 0, 1, 0, 1, 1, 0, 0, 400, 1, 1, 0, 0, 1, 0, 1, 1, 0, 1, 400, 1, 1, 0, 0, 1, 0, 1, 1, 1, 0, 241, 1, 1, 0, 0, 1, 0, 1, 1, 1, 1, 400, 1, 1, 0, 0, 1, 1, 0, 0, 0, 0, 400, 1, 1, 0, 0, 1, 1, 0, 0, 0, 1, 400, 1, 1, 0, 0, 1, 1, 0, 0, 1, 0, 400, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 400, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 300, 1, 1, 0, 0, 1, 1, 0, 1, 1, 1, 300, 1, 1, 0, 0, 1, 1, 1, 0, 0, 0, 400, 1, 1, 0, 0, 1, 1, 1, 0, 0, 1, 400, 1, 1, 0, 0, 1, 1, 1, 0, 1, 0, 400, 1, 1, 0, 0, 1, 1, 1, 0, 1, 1, 400, 1, 1, 0, 0, 1, 1, 1, 1, 0, 0, 300, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 300, 1, 1, 0, 0, 1, 1, 1, 1, 1, 0, 300, 1, 1, 0, 0, 1, 1, 1, 1, 1, 1, 300, 1, 1, 0, 1, 0, 0, 0, 0, 0, 1, 400, 1, 1, 0, 1, 0, 0, 0, 0, 1, 1, 400, 1, 1, 0, 1, 0, 0, 0, 1, 0, 0, 400, 1, 1, 0, 1, 0, 0, 0, 1, 0, 1, 300, 1, 1, 0, 1, 0, 0, 0, 1, 1, 0, 400, 1, 1, 0, 1, 0, 0, 0, 1, 1, 1, 300, 1, 1, 0, 1, 0, 0, 1, 0, 0, 0, 400, 1, 1, 0, 1, 0, 0, 1, 0, 0, 1, 300, 1, 1, 0, 1, 0, 0, 1, 0, 1, 0, 400, 1, 1, 0, 1, 0, 0, 1, 0, 1, 1, 300, 1, 1, 0, 1, 0, 0, 1, 1, 0, 1, 400, 1, 1, 0, 1, 0, 0, 1, 1, 1, 1, 400, 1, 1, 0, 1, 0, 1, 0, 0, 0, 0, 400, 1, 1, 0, 1, 0, 1, 0, 0, 1, 0, 400, 1, 1, 0, 1, 0, 1, 0, 0, 1, 1, 300, 1, 1, 0, 1, 0, 1, 0, 1, 0, 0, 300, 1, 1, 0, 1, 0, 1, 0, 1, 0, 1, 400, 1, 1, 0, 1, 0, 1, 0, 1, 1, 1, 241, 1, 1, 0, 1, 0, 1, 1, 0, 0, 1, 400, 1, 1, 0, 1, 0, 1, 1, 0, 1, 0, 300, 1, 1, 0, 1, 0, 1, 1, 0, 1, 1, 400, 1, 1, 0, 1, 0, 1, 1, 1, 0, 0, 400, 1, 1, 0, 1, 0, 1, 1, 1, 0, 1, 300, 1, 1, 0, 1, 0, 1, 1, 1, 1, 0, 241, 1, 1, 0, 1, 1, 0, 0, 1, 0, 0, 400, 1, 1, 0, 1, 1, 0, 0, 1, 0, 1, 400, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 241, 1, 1, 0, 1, 1, 0, 0, 1, 1, 1, 400, 1, 1, 0, 1, 1, 0, 1, 0, 0, 0, 400, 1, 1, 0, 1, 1, 0, 1, 0, 0, 1, 400, 1, 1, 0, 1, 1, 0, 1, 0, 1, 0, 241, 1, 1, 0, 1, 1, 0, 1, 0, 1, 1, 400, 1, 1, 0, 1, 1, 0, 1, 1, 0, 0, 300, 1, 1, 0, 1, 1, 0, 1, 1, 1, 0, 300, 1, 1, 0, 1, 1, 1, 0, 1, 0, 0, 400, 1, 1, 0, 1, 1, 1, 0, 1, 0, 1, 241, 1, 1, 0, 1, 1, 1, 0, 1, 1, 0, 400, 1, 1, 0, 1, 1, 1, 0, 1, 1, 1, 400, 1, 1, 0, 1, 1, 1, 1, 0, 0, 0, 400, 1, 1, 0, 1, 1, 1, 1, 0, 0, 1, 400, 1, 1, 0, 1, 1, 1, 1, 0, 1, 0, 400, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 241, 1, 1, 0, 1, 1, 1, 1, 1, 0, 1, 300, 1, 1, 0, 1, 1, 1, 1, 1, 1, 1, 300, 1, 1, 1, 0, 0, 0, 0, 0, 0, 1, 400, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 400, 1, 1, 1, 0, 0, 0, 0, 1, 0, 0, 300, 1, 1, 1, 0, 0, 0, 0, 1, 0, 1, 400, 1, 1, 1, 0, 0, 0, 0, 1, 1, 0, 300, 1, 1, 1, 0, 0, 0, 0, 1, 1, 1, 400, 1, 1, 1, 0, 0, 0, 1, 0, 0, 0, 400, 1, 1, 1, 0, 0, 0, 1, 0, 0, 1, 300, 1, 1, 1, 0, 0, 0, 1, 0, 1, 0, 400, 1, 1, 1, 0, 0, 0, 1, 1, 0, 0, 400, 1, 1, 1, 0, 0, 0, 1, 1, 1, 0, 400, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 300, 1, 1, 1, 0, 0, 1, 0, 0, 0, 1, 400, 1, 1, 1, 0, 0, 1, 0, 0, 1, 0, 300, 1, 1, 1, 0, 0, 1, 0, 0, 1, 1, 400, 1, 1, 1, 0, 0, 1, 0, 1, 0, 1, 400, 1, 1, 1, 0, 0, 1, 0, 1, 1, 0, 300, 1, 1, 1, 0, 0, 1, 0, 1, 1, 1, 400, 1, 1, 1, 0, 0, 1, 1, 0, 0, 0, 400, 1, 1, 1, 0, 0, 1, 1, 0, 0, 1, 300, 1, 1, 1, 0, 0, 1, 1, 0, 1, 0, 400, 1, 1, 1, 0, 0, 1, 1, 0, 1, 1, 300, 1, 1, 1, 0, 0, 1, 1, 1, 0, 0, 241, 1, 1, 1, 0, 0, 1, 1, 1, 0, 1, 300, 1, 1, 1, 0, 0, 1, 1, 1, 1, 0, 400, 1, 1, 1, 0, 0, 1, 1, 1, 1, 1, 300, 1, 1, 1, 0, 1, 0, 1, 0, 0, 0, 400, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 400, 1, 1, 1, 0, 1, 0, 1, 0, 1, 0, 400, 1, 1, 1, 0, 1, 0, 1, 0, 1, 1, 241, 1, 1, 1, 0, 1, 0, 1, 1, 0, 0, 241, 1, 1, 1, 0, 1, 0, 1, 1, 0, 1, 400, 1, 1, 1, 0, 1, 0, 1, 1, 1, 0, 400, 1, 1, 1, 0, 1, 0, 1, 1, 1, 1, 400, 1, 1, 1, 0, 1, 1, 0, 0, 0, 0, 400, 1, 1, 1, 0, 1, 1, 0, 0, 0, 1, 400, 1, 1, 1, 0, 1, 1, 0, 0, 1, 0, 400, 1, 1, 1, 0, 1, 1, 0, 0, 1, 1, 400, 1, 1, 1, 0, 1, 1, 0, 1, 0, 0, 241, 1, 1, 1, 0, 1, 1, 0, 1, 0, 1, 400, 1, 1, 1, 0, 1, 1, 0, 1, 1, 0, 400, 1, 1, 1, 0, 1, 1, 0, 1, 1, 1, 241, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 300, 1, 1, 1, 0, 1, 1, 1, 0, 1, 1, 300, 1, 1, 1, 0, 1, 1, 1, 1, 0, 0, 300, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, 300, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 400, 1, 1, 1, 1, 0, 0, 0, 0, 1, 1, 400, 1, 1, 1, 1, 0, 0, 0, 1, 0, 1, 400, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 400, 1, 1, 1, 1, 0, 0, 1, 0, 0, 1, 241, 1, 1, 1, 1, 0, 0, 1, 0, 1, 1, 400, 1, 1, 1, 1, 0, 0, 1, 1, 0, 1, 400, 1, 1, 1, 1, 0, 0, 1, 1, 1, 1, 241, 1, 1, 1, 1, 0, 1, 0, 0, 0, 0, 400, 1, 1, 1, 1, 0, 1, 0, 0, 0, 1, 300, 1, 1, 1, 1, 0, 1, 0, 0, 1, 0, 400, 1, 1, 1, 1, 0, 1, 0, 1, 0, 0, 400, 1, 1, 1, 1, 0, 1, 0, 1, 1, 0, 241, 1, 1, 1, 1, 0, 1, 0, 1, 1, 1, 300, 1, 1, 1, 1, 0, 1, 1, 0, 0, 0, 241, 1, 1, 1, 1, 0, 1, 1, 0, 0, 1, 300, 1, 1, 1, 1, 0, 1, 1, 0, 1, 0, 400, 1, 1, 1, 1, 0, 1, 1, 1, 0, 0, 400, 1, 1, 1, 1, 0, 1, 1, 1, 1, 0, 400, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 300, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1, 300, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 300, 1, 1, 1, 1, 1, 0, 0, 1, 0, 0, 300, 1, 1, 1, 1, 1, 0, 0, 1, 1, 1, 300, 1, 1, 1, 1, 1, 0, 1, 0, 0, 0, 300, 1, 1, 1, 1, 1, 0, 1, 0, 1, 1, 300, 1, 1, 1, 1, 1, 0, 1, 1, 0, 1, 300, 1, 1, 1, 1, 1, 0, 1, 1, 1, 0, 300, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 300, 1, 1, 1, 1, 1, 1, 0, 0, 1, 1, 300, 1, 1, 1, 1, 1, 1, 0, 1, 0, 1, 300, 1, 1, 1, 1, 1, 1, 0, 1, 1, 0, 300, 1, 1, 1, 1, 1, 1, 1, 0, 0, 1, 300, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 300, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 300, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 300]);
345 | 


--------------------------------------------------------------------------------