Skip to content

rucpbase_issue #424

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
MGwynne wants to merge 2 commits into
base: master
Choose a base branch
from
Open

rucpbase_issue #424

MGwynne wants to merge 2 commits into from

Conversation

@MGwynne
Copy link
Contributor

@MGwynne MGwynne commented Jun 15, 2012

Branch: rucpbase_issue.

Adding todos on checking that all computed AES 1-bases are actually 1-bases.

Matthew

@OKullmann
Copy link
Owner

OKullmann commented Nov 4, 2012

In Sbox_8.hpp you wrote:

  • The current "best 1-base" with 4398 clauses is not a 1-base!

But for this assertion you do not give any justification.
Some actions are done then, with only one output:

+maxima> hardness_wpi_cs(setify(Sbox_1base[2]),setify(Sbox_PI[2]));
+2

So we have hardness 2, but nothing about whether the boolean function is the SBox or not!

It is continued with a comment

  • However, far more prime implicates follow by UCP for the "current 1-base"
  • than for the current best minimum representation, which may help to
  • explain any differences in the performance of SAT solvers:

which is completely unclear to me: To what does the "However" refer to?
What is to be explained??

@MGwynne
Copy link
Contributor Author

MGwynne commented Nov 6, 2012

Hi,

Sorry for the late reply, I don't check this e-mail address (360678@swan.ac.uk) much any more as there is a lot of university spam.

On 4 Nov 2012, at 12:45, Oliver Kullmann wrote:

In Sbox_8.hpp you wrote:

The current "best 1-base" with 4398 clauses is not a 1-base!
But for this assertion you do not give any justification.
Some actions are done then, with only one output:

+maxima> hardness_wpi_cs(setify(Sbox_1base[2]),setify(Sbox_PI[2]));
+2

So we have hardness 2, but nothing about whether the boolean function is the SBox or not!

I will rerun the various necessary tests to also check that it is an S-box and send over the instructions and data.

It is continued with a comment

However, far more prime implicates follow by UCP for the "current 1-base"
than for the current best minimum representation, which may help to
explain any differences in the performance of SAT solvers:
which is completely unclear to me: To what does the "However" refer to?
What is to be explained??

Call the minimum translation Sbox_min and the "1-base" (not a 1-base) Sbox_1base.

The intention was to convey that the number of prime implicates C for the Sbox for which phi_C * Sbox_1base has hardness 1 is more than the number for which phi_C * Sbox_min has hardness 1. Of course this requires evidence, and is also insufficient, we want data on whether the set of prime implicates which have hardness 1 for Sbox_1base completely subsumes that for Sbox_min, or whether Sbox_min is till 1-soft for some prime implicates that Sbox_1base isn't.

As with the hardness check, I will rerun the appropriate tests in Maxima and send you the commands, information and data.

Should I update a branch of the OKlibrary with the information I produce and make a pull request?

Matthew

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@MGwynne @OKullmann