Add SPECK-64 and SPECK-128 lightweight block ciphers (GH #538)

2017-11-20 06:30:21 -05:00 · 2017-11-20 06:30:21 -05:00 · b9fc470bc7
parent 32154a150f
commit b9fc470bc7
12 changed files with 671 additions and 3 deletions
--- a/Filelist.txt
+++ b/Filelist.txt
@ -280,6 +280,8 @@ socketft.cpp
 socketft.h
 sosemanuk.cpp
 sosemanuk.h
 speck.cpp
 speck.h
 square.cpp
 square.h
 squaretb.cpp
--- a/TestVectors/all.txt
+++ b/TestVectors/all.txt
@ -2,7 +2,6 @@ AlgorithmType: FileList
 Name: all.txt collection
 Test: TestVectors/tea.txt
 Test: TestVectors/wake.txt
 Test: TestVectors/aria.txt
 Test: TestVectors/camellia.txt
 Test: TestVectors/shacal2.txt
 Test: TestVectors/ttmac.txt
@ -26,8 +25,10 @@ Test: TestVectors/sha2_fips_180.txt
 Test: TestVectors/sha3_fips_202.txt
 Test: TestVectors/panama.txt
 Test: TestVectors/aes.txt
 Test: TestVectors/aria.txt
 Test: TestVectors/kalyna.txt
 Test: TestVectors/threefish.txt
 Test: TestVectors/speck.txt
 Test: TestVectors/salsa.txt
 Test: TestVectors/chacha.txt
 #Test: TestVectors/tls_chacha.txt
--- a/TestVectors/ocb.txt
+++ b/TestVectors/ocb.txt
@ -0,0 +1,177 @@
 AlgorithmType: AuthenticatedSymmetricCipher
 Name: AES/OCB
 Source: https://tools.ietf.org/html/rfc7253
 Comment: Test 0
 Key: 000102030405060708090A0B0C0D0E0F
 IV: BBAA9988776655443322110F
 Header:
 Plaintext:  000102030405060708090A0B0C0D0E0F 101112131415161718191A1B1C1D1E1F \
            2021222324252627
 Ciphertext: 4412923493C57D5DE0D700F753CCE0D1 D2D95060122E9F15A5DDBFC5787E50B5 \
            CC55EE507BCB084E \
            479AD363AC366B95A98CA5F3000B1479 # MAC
 Test: Encrypt
 AlgorithmType: AuthenticatedSymmetricCipher
 Name: AES/OCB
 Source: https://tools.ietf.org/html/rfc7253
 Comment: Test 1
 Key: 000102030405060708090A0B0C0D0E0F
 IV: BBAA99887766554433221100
 Header:
 Plaintext:
 Ciphertext: \
            785407BFFFC8AD9EDCC5520AC9111EE6 # MAC
 Test: Encrypt
 Comment: Test 2
 Key: 000102030405060708090A0B0C0D0E0F
 IV: BBAA99887766554433221101
 Header: 0001020304050607
 Plaintext:  0001020304050607
 Ciphertext: 6820B3657B6F615A \
            5725BDA0D3B4EB3A257C9AF1F8F03009 # MAC
 Test: Encrypt
 Comment: Test 3
 Key: 000102030405060708090A0B0C0D0E0F
 IV: BBAA99887766554433221102
 Header: 0001020304050607
 Plaintext:
 Ciphertext: \
            81017F8203F081277152FADE694A0A00 # MAC
 Test: Encrypt
 Comment: Test 4
 Key: 000102030405060708090A0B0C0D0E0F
 IV: BBAA99887766554433221103
 Header:
 Plaintext:  0001020304050607
 Ciphertext: 45DD69F8F5AAE724 \
            14054CD1F35D82760B2CD00D2F99BFA9 # MAC
 Test: Encrypt
 Comment: Test 5
 Key: 000102030405060708090A0B0C0D0E0F
 IV: BBAA99887766554433221104
 Header: 000102030405060708090A0B0C0D0E0F
 Plaintext:  000102030405060708090A0B0C0D0E0F
 Ciphertext: 571D535B60B277188BE5147170A9A22C \
            3AD7A4FF3835B8C5701C1CCEC8FC3358 # MAC
 Test: Encrypt
 Comment: Test 6
 Key: 000102030405060708090A0B0C0D0E0F
 IV: BBAA99887766554433221105
 Header: 000102030405060708090A0B0C0D0E0F
 Plaintext:
 Ciphertext: \
            8CF761B6902EF764462AD86498CA6B97 # MAC
 Test: Encrypt
 Comment: Test 7
 Key: 000102030405060708090A0B0C0D0E0F
 IV: BBAA99887766554433221106
 Header:
 Plaintext:  000102030405060708090A0B0C0D0E0F
 Ciphertext: 5CE88EC2E0692706A915C00AEB8B2396 \
            F40E1C743F52436BDF06D8FA1ECA343D # MAC
 Test: Encrypt
 Comment: Test 8
 Key: 000102030405060708090A0B0C0D0E0F
 IV: BBAA99887766554433221107
 Header: 000102030405060708090A0B0C0D0E0F 1011121314151617
 Plaintext:  000102030405060708090A0B0C0D0E0F 1011121314151617
 Ciphertext: 1CA2207308C87C010756104D8840CE19 52F09673A448A122 \
            C92C62241051F57356D7F3C90BB0E07F # MAC
 Test: Encrypt
 Comment: Test 9
 Key: 000102030405060708090A0B0C0D0E0F
 IV: BBAA99887766554433221108
 Header: 000102030405060708090A0B0C0D0E0F 1011121314151617
 Plaintext:
 Ciphertext: \
            6DC225A071FC1B9F7C69F93B0F1E10DE # MAC
 Test: Encrypt
 Comment: Test 10
 Key: 000102030405060708090A0B0C0D0E0F
 IV: BBAA99887766554433221109
 Header:
 Plaintext:  000102030405060708090A0B0C0D0E0F 1011121314151617
 Ciphertext: 221BD0DE7FA6FE993ECCD769460A0AF2 D6CDED0C395B1C3C \
            E725F32494B9F914D85C0B1EB38357FF # MAC
 Test: Encrypt
 Comment: Test 11
 Key: 000102030405060708090A0B0C0D0E0F
 IV: BBAA9988776655443322110A
 Header: 000102030405060708090A0B0C0D0E0F 101112131415161718191A1B1C1D1E1F
 Plaintext:  000102030405060708090A0B0C0D0E0F 101112131415161718191A1B1C1D1E1F
 Ciphertext: BD6F6C496201C69296C11EFD138A467A BD3C707924B964DEAFFC40319AF5A485 \
            40FBBA186C5553C68AD9F592A79A4240 # MAC
 Test: Encrypt
 Comment: Test 12
 Key: 000102030405060708090A0B0C0D0E0F
 IV: BBAA9988776655443322110B
 Header: 000102030405060708090A0B0C0D0E0F 101112131415161718191A1B1C1D1E1F
 Plaintext:
 Ciphertext: \
            FE80690BEE8A485D11F32965BC9D2A32 # MAC
 Test: Encrypt
 Comment: Test 13
 Key: 000102030405060708090A0B0C0D0E0F
 IV: BBAA9988776655443322110C
 Header:
 Plaintext:  000102030405060708090A0B0C0D0E0F 101112131415161718191A1B1C1D1E1F
 Ciphertext: 2942BFC773BDA23CABC6ACFD9BFD5835 BD300F0973792EF46040C53F1432BCDF \
            B5E1DDE3BC18A5F840B52E653444D5DF # MAC
 Test: Encrypt
 Comment: Test 14
 Key: 000102030405060708090A0B0C0D0E0F
 IV: BBAA9988776655443322110D
 Header: 000102030405060708090A0B0C0D0E0F 101112131415161718191A1B1C1D1E1F \
        2021222324252627
 Plaintext:  000102030405060708090A0B0C0D0E0F 101112131415161718191A1B1C1D1E1F \
            2021222324252627
 Ciphertext: D5CA91748410C1751FF8A2F618255B68 A0A12E093FF454606E59F9C1D0DDC54B \
            65E8628E568BAD7A \
            ED07BA06A4A69483A7035490C5769E60 # MAC
 Test: Encrypt
 Comment: Test 15
 Key: 000102030405060708090A0B0C0D0E0F
 IV: BBAA9988776655443322110E
 Header: 000102030405060708090A0B0C0D0E0F 101112131415161718191A1B1C1D1E1F \
        2021222324252627
 Plaintext:
 Ciphertext: \
            C5CD9D1850C141E358649994EE701B68 # MAC
 Test: Encrypt
 Comment: Test 16
 Key: 000102030405060708090A0B0C0D0E0F
 IV: BBAA9988776655443322110F
 Header:
 Plaintext:  000102030405060708090A0B0C0D0E0F 101112131415161718191A1B1C1D1E1F \
            2021222324252627
 Ciphertext: 4412923493C57D5DE0D700F753CCE0D1 D2D95060122E9F15A5DDBFC5787E50B5 \
            CC55EE507BCB084E \
            479AD363AC366B95A98CA5F3000B1479 # MAC
 Test: Encrypt
 Comment: ocb_ref.c, 6x16 bytes
 Key: 000102030405060708090A0B0C0D0E0F
 IV: BBAA9988776655443322110F
 Header:
 Plaintext:  000102030405060708090A0B0C0D0E0F 101112131415161718191A1B1C1D1E1F \
            202122232425262728292A2B2C2D2E2F 303132333435363738393A3B3C3D3E3F \
            404142434445464748494A4B4C4D4E4F 505152535455565758595A5B5C5D5E5F
 Ciphertext: 4412923493C57D5DE0D700F753CCE0D1 D2D95060122E9F15A5DDBFC5787E50B5 \
            11DFB888DA244711F051DBCE82B0B9A7 CB14869B164E55EB578E41FA435FF220 \
            25ED114F6EC18CD67B743AB299E596F6 6100FBA539DB164D765EAFF0BF489ACE \
            1CE76A77FDC72610CFBD24209EF931E6 # MAC
 Test: Encrypt
 Comment: ocb_ref.c, 6x16+8 bytes
 Key: 000102030405060708090A0B0C0D0E0F
 IV: BBAA9988776655443322110F
 Header:
 Plaintext:  000102030405060708090A0B0C0D0E0F 101112131415161718191A1B1C1D1E1F \
            202122232425262728292A2B2C2D2E2F 303132333435363738393A3B3C3D3E3F \
            404142434445464748494A4B4C4D4E4F 505152535455565758595A5B5C5D5E5F \
            6061626364656667
 Ciphertext: 4412923493C57D5DE0D700F753CCE0D1 D2D95060122E9F15A5DDBFC5787E50B5 \
            11DFB888DA244711F051DBCE82B0B9A7 CB14869B164E55EB578E41FA435FF220 \
            25ED114F6EC18CD67B743AB299E596F6 6100FBA539DB164D765EAFF0BF489ACE \
            F94995B3E25C16AF \
            A2EBA4BE7057D9A7 B1BA6E9611822FEF # MAC
 Test: Encrypt
--- a/TestVectors/speck.txt
+++ b/TestVectors/speck.txt
@ -0,0 +1,37 @@
 AlgorithmType: SymmetricCipher
 Name: SPECK-64/ECB
 Source: Simon and Speck paper, Appendix C
 #
 Key: 13121110 0b0a0908 03020100
 Comment: Speck64/96
 Plaintext: 74614620 736e6165
 Ciphertext: 9f7952ec 4175946c
 Test: Encrypt
 #
 Key: 1b1a1918 13121110 0b0a0908 03020100
 Comment: Speck64/128
 Plaintext: 3b726574 7475432d
 Ciphertext: 8c6fa548 454e028b
 Test: Encrypt
 AlgorithmType: SymmetricCipher
 Name: SPECK-128/ECB
 Source: Simon and Speck paper, Appendix C
 #
 Key: 0f0e0d0c0b0a0908 0706050403020100
 Comment: Speck128/128
 Plaintext: 6c61766975716520 7469206564616d20
 Ciphertext: a65d985179783265 7860fedf5c570d18
 Test: Encrypt
 #
 Key: 1716151413121110 0f0e0d0c0b0a0908 0706050403020100
 Comment: Speck128/192
 Plaintext: 7261482066656968 43206f7420746e65
 Ciphertext: 1be4cf3a13135566 f9bc185de03c1886
 Test: Encrypt
 #
 Key: 1f1e1d1c1b1a1918 1716151413121110 0f0e0d0c0b0a0908 0706050403020100
 Comment: Speck128/256
 Plaintext: 65736f6874206e49 202e72656e6f6f70
 Ciphertext: 4109010405c0f53e 4eeeb48d9c188f43
 Test: Encrypt
--- a/bench1.cpp
+++ b/bench1.cpp
@ -597,11 +597,18 @@ void Benchmark2(double t, double hertz)
 		BenchMarkByName<SymmetricCipher>("CAST-128/CTR");
 		BenchMarkByName<SymmetricCipher>("SKIPJACK/CTR");
 		BenchMarkByName<SymmetricCipher>("SEED/CTR", 0, "SEED/CTR (1/2 K table)");
 		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 16, "Kalyna-128(128) (128-bit key)", MakeParameters(Name::BlockSize(), 16));
 		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 32, "Kalyna-128(256) (256-bit key)", MakeParameters(Name::BlockSize(), 16));
 		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 32, "Kalyna-256(256) (256-bit key)", MakeParameters(Name::BlockSize(), 32));
 		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 64, "Kalyna-256(512) (512-bit key)", MakeParameters(Name::BlockSize(), 32));
 		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 64, "Kalyna-512(512) (512-bit key)", MakeParameters(Name::BlockSize(), 64));
 		BenchMarkByName<SymmetricCipher>("SPECK-64/CTR", 12, "SPECK-64(96) (96-bit key)");
 		BenchMarkByName<SymmetricCipher>("SPECK-64/CTR", 16, "SPECK-64(128) (128-bit key)");
 		BenchMarkByName<SymmetricCipher>("SPECK-128/CTR", 16, "SPECK-128(128) (128-bit key)");
 		BenchMarkByName<SymmetricCipher>("SPECK-128/CTR", 24, "SPECK-128(192) (192-bit key)");
 		BenchMarkByName<SymmetricCipher>("SPECK-128/CTR", 32, "SPECK-128(256) (256-bit key)");
 	}
 	std::cout << "\n<TBODY style=\"background: yellow;\">";
--- a/cryptest.nmake
+++ b/cryptest.nmake
@ -47,9 +47,9 @@
 # If you use 'make sources' from Linux makefile, then add 'winpipes.cpp' to the list below.
-LIB_SRCS = cryptlib.cpp cpu.cpp integer.cpp 3way.cpp adler32.cpp algebra.cpp algparam.cpp arc4.cpp aria-simd.cpp aria.cpp ariatab.cpp asn.cpp authenc.cpp base32.cpp base64.cpp basecode.cpp bfinit.cpp blake2-simd.cpp blake2.cpp blowfish.cpp blumshub.cpp camellia.cpp cast.cpp casts.cpp cbcmac.cpp ccm.cpp chacha.cpp channels.cpp cmac.cpp crc-simd.cpp crc.cpp default.cpp des.cpp dessp.cpp dh.cpp dh2.cpp dll.cpp dsa.cpp eax.cpp ec2n.cpp eccrypto.cpp ecp.cpp elgamal.cpp emsa2.cpp eprecomp.cpp esign.cpp files.cpp filters.cpp fips140.cpp fipstest.cpp gcm-simd.cpp gcm.cpp gf256.cpp gf2_32.cpp gf2n.cpp gfpcrypt.cpp gost.cpp gzip.cpp hex.cpp hmac.cpp hrtimer.cpp ida.cpp idea.cpp iterhash.cpp kalyna.cpp kalynatab.cpp keccak.cpp luc.cpp mars.cpp marss.cpp md2.cpp md4.cpp md5.cpp misc.cpp modes.cpp mqueue.cpp mqv.cpp nbtheory.cpp neon-simd.cpp network.cpp oaep.cpp osrng.cpp padlkrng.cpp panama.cpp pkcspad.cpp poly1305.cpp polynomi.cpp pssr.cpp pubkey.cpp queue.cpp rabin.cpp randpool.cpp rc2.cpp rc5.cpp rc6.cpp rdrand.cpp rdtables.cpp rijndael-simd.cpp rijndael.cpp ripemd.cpp rng.cpp rsa.cpp rw.cpp safer.cpp salsa.cpp seal.cpp seed.cpp serpent.cpp sha-simd.cpp sha.cpp sha3.cpp shacal2-simd.cpp shacal2.cpp shark.cpp sharkbox.cpp skipjack.cpp socketft.cpp sosemanuk.cpp square.cpp squaretb.cpp sse-simd.cpp strciphr.cpp tea.cpp tftables.cpp threefish.cpp tiger.cpp tigertab.cpp trdlocal.cpp ttmac.cpp twofish.cpp vmac.cpp wait.cpp wake.cpp whrlpool.cpp winpipes.cpp xtr.cpp xtrcrypt.cpp zdeflate.cpp zinflate.cpp zlib.cpp
+LIB_SRCS = cryptlib.cpp cpu.cpp integer.cpp 3way.cpp adler32.cpp algebra.cpp algparam.cpp arc4.cpp aria-simd.cpp aria.cpp ariatab.cpp asn.cpp authenc.cpp base32.cpp base64.cpp basecode.cpp bfinit.cpp blake2-simd.cpp blake2.cpp blowfish.cpp blumshub.cpp camellia.cpp cast.cpp casts.cpp cbcmac.cpp ccm.cpp chacha.cpp channels.cpp cmac.cpp crc-simd.cpp crc.cpp default.cpp des.cpp dessp.cpp dh.cpp dh2.cpp dll.cpp dsa.cpp eax.cpp ec2n.cpp eccrypto.cpp ecp.cpp elgamal.cpp emsa2.cpp eprecomp.cpp esign.cpp files.cpp filters.cpp fips140.cpp fipstest.cpp gcm-simd.cpp gcm.cpp gf256.cpp gf2_32.cpp gf2n.cpp gfpcrypt.cpp gost.cpp gzip.cpp hex.cpp hmac.cpp hrtimer.cpp ida.cpp idea.cpp iterhash.cpp kalyna.cpp kalynatab.cpp keccak.cpp luc.cpp mars.cpp marss.cpp md2.cpp md4.cpp md5.cpp misc.cpp modes.cpp mqueue.cpp mqv.cpp nbtheory.cpp neon-simd.cpp network.cpp oaep.cpp osrng.cpp padlkrng.cpp panama.cpp pkcspad.cpp poly1305.cpp polynomi.cpp pssr.cpp pubkey.cpp queue.cpp rabin.cpp randpool.cpp rc2.cpp rc5.cpp rc6.cpp rdrand.cpp rdtables.cpp rijndael-simd.cpp rijndael.cpp ripemd.cpp rng.cpp rsa.cpp rw.cpp safer.cpp salsa.cpp seal.cpp seed.cpp serpent.cpp sha-simd.cpp sha.cpp sha3.cpp shacal2-simd.cpp shacal2.cpp shark.cpp sharkbox.cpp skipjack.cpp socketft.cpp sosemanuk.cpp speck.cpp square.cpp squaretb.cpp sse-simd.cpp strciphr.cpp tea.cpp tftables.cpp threefish.cpp tiger.cpp tigertab.cpp trdlocal.cpp ttmac.cpp twofish.cpp vmac.cpp wait.cpp wake.cpp whrlpool.cpp winpipes.cpp xtr.cpp xtrcrypt.cpp zdeflate.cpp zinflate.cpp zlib.cpp
-LIB_OBJS = cryptlib.obj cpu.obj integer.obj 3way.obj adler32.obj algebra.obj algparam.obj arc4.obj aria-simd.obj aria.obj ariatab.obj asn.obj authenc.obj base32.obj base64.obj basecode.obj bfinit.obj blake2-simd.obj blake2.obj blowfish.obj blumshub.obj camellia.obj cast.obj casts.obj cbcmac.obj ccm.obj chacha.obj channels.obj cmac.obj crc-simd.obj crc.obj default.obj des.obj dessp.obj dh.obj dh2.obj dll.obj dsa.obj eax.obj ec2n.obj eccrypto.obj ecp.obj elgamal.obj emsa2.obj eprecomp.obj esign.obj files.obj filters.obj fips140.obj fipstest.obj gcm-simd.obj gcm.obj gf256.obj gf2_32.obj gf2n.obj gfpcrypt.obj gost.obj gzip.obj hex.obj hmac.obj hrtimer.obj ida.obj idea.obj iterhash.obj kalyna.obj kalynatab.obj keccak.obj luc.obj mars.obj marss.obj md2.obj md4.obj md5.obj misc.obj modes.obj mqueue.obj mqv.obj nbtheory.obj neon-simd.obj network.obj oaep.obj osrng.obj padlkrng.obj panama.obj pkcspad.obj poly1305.obj polynomi.obj pssr.obj pubkey.obj queue.obj rabin.obj randpool.obj rc2.obj rc5.obj rc6.obj rdrand.obj rdtables.obj rijndael-simd.obj rijndael.obj ripemd.obj rng.obj rsa.obj rw.obj safer.obj salsa.obj seal.obj seed.obj serpent.obj sha-simd.obj sha.obj sha3.obj shacal2-simd.obj shacal2.obj shark.obj sharkbox.obj skipjack.obj socketft.obj sosemanuk.obj square.obj squaretb.obj sse-simd.obj strciphr.obj tea.obj tftables.obj threefish.obj tiger.obj tigertab.obj trdlocal.obj ttmac.obj twofish.obj vmac.obj wait.obj wake.obj whrlpool.obj winpipes.obj xtr.obj xtrcrypt.obj zdeflate.obj zinflate.obj zlib.obj
+LIB_OBJS = cryptlib.obj cpu.obj integer.obj 3way.obj adler32.obj algebra.obj algparam.obj arc4.obj aria-simd.obj aria.obj ariatab.obj asn.obj authenc.obj base32.obj base64.obj basecode.obj bfinit.obj blake2-simd.obj blake2.obj blowfish.obj blumshub.obj camellia.obj cast.obj casts.obj cbcmac.obj ccm.obj chacha.obj channels.obj cmac.obj crc-simd.obj crc.obj default.obj des.obj dessp.obj dh.obj dh2.obj dll.obj dsa.obj eax.obj ec2n.obj eccrypto.obj ecp.obj elgamal.obj emsa2.obj eprecomp.obj esign.obj files.obj filters.obj fips140.obj fipstest.obj gcm-simd.obj gcm.obj gf256.obj gf2_32.obj gf2n.obj gfpcrypt.obj gost.obj gzip.obj hex.obj hmac.obj hrtimer.obj ida.obj idea.obj iterhash.obj kalyna.obj kalynatab.obj keccak.obj luc.obj mars.obj marss.obj md2.obj md4.obj md5.obj misc.obj modes.obj mqueue.obj mqv.obj nbtheory.obj neon-simd.obj network.obj oaep.obj osrng.obj padlkrng.obj panama.obj pkcspad.obj poly1305.obj polynomi.obj pssr.obj pubkey.obj queue.obj rabin.obj randpool.obj rc2.obj rc5.obj rc6.obj rdrand.obj rdtables.obj rijndael-simd.obj rijndael.obj ripemd.obj rng.obj rsa.obj rw.obj safer.obj salsa.obj seal.obj seed.obj serpent.obj sha-simd.obj sha.obj sha3.obj shacal2-simd.obj shacal2.obj shark.obj sharkbox.obj skipjack.obj socketft.obj sosemanuk.obj speck.obj square.obj squaretb.obj sse-simd.obj strciphr.obj tea.obj tftables.obj threefish.obj tiger.obj tigertab.obj trdlocal.obj ttmac.obj twofish.obj vmac.obj wait.obj wake.obj whrlpool.obj winpipes.obj xtr.obj xtrcrypt.obj zdeflate.obj zinflate.obj zlib.obj
 TEST_SRCS = bench1.cpp bench2.cpp test.cpp validat0.cpp validat1.cpp validat2.cpp validat3.cpp datatest.cpp regtest1.cpp regtest2.cpp regtest3.cpp fipsalgt.cpp dlltest.cpp fipstest.cpp
--- a/cryptlib.vcxproj
+++ b/cryptlib.vcxproj
@ -292,6 +292,7 @@
    <ClCompile Include="skipjack.cpp" />
    <ClCompile Include="socketft.cpp" />
    <ClCompile Include="sosemanuk.cpp" />
    <ClCompile Include="speck.cpp" />
    <ClCompile Include="square.cpp" />
    <ClCompile Include="squaretb.cpp" />
    <ClCompile Include="sse-simd.cpp" />
@ -474,6 +475,7 @@
    <ClInclude Include="smartptr.h" />
    <ClInclude Include="socketft.h" />
    <ClInclude Include="sosemanuk.h" />
    <ClInclude Include="speck.h" />
    <ClInclude Include="square.h" />
    <ClInclude Include="stdcpp.h" />
    <ClInclude Include="strciphr.h" />
--- a/cryptlib.vcxproj.filters
+++ b/cryptlib.vcxproj.filters
@ -371,6 +371,9 @@
    <ClCompile Include="sosemanuk.cpp">
      <Filter>Source Files</Filter>
    </ClCompile>
    <ClCompile Include="speck.cpp">
      <Filter>Source Files</Filter>
    </ClCompile>
    <ClCompile Include="square.cpp">
      <Filter>Source Files</Filter>
    </ClCompile>
@ -819,6 +822,9 @@
    <ClInclude Include="sosemanuk.h">
      <Filter>Header Files</Filter>
    </ClInclude>
    <ClInclude Include="speck.h">
      <Filter>Header Files</Filter>
    </ClInclude>
    <ClInclude Include="square.h">
      <Filter>Header Files</Filter>
    </ClInclude>
--- a/regtest2.cpp
+++ b/regtest2.cpp
@ -32,6 +32,7 @@
 #include "mars.h"
 #include "kalyna.h"
 #include "threefish.h"
 #include "speck.h"
 #include "des.h"
 #include "idea.h"
 #include "rc5.h"
@ -154,6 +155,14 @@ void RegisterFactories2()
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<Threefish512> >();  // Benchmarks
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<Threefish1024> >();  // Benchmarks
 	RegisterSymmetricCipherDefaultFactories<ECB_Mode<SPECK64> >();  // Test Vectors
 	RegisterSymmetricCipherDefaultFactories<CBC_Mode<SPECK64> >();  // Test Vectors
 	RegisterSymmetricCipherDefaultFactories<ECB_Mode<SPECK128> >();  // Test Vectors
 	RegisterSymmetricCipherDefaultFactories<CBC_Mode<SPECK128> >();  // Test Vectors
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<SPECK64> >();  // Benchmarks
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<SPECK128> >();  // Benchmarks
 	RegisterDefaultFactoryFor<KeyDerivationFunction, HKDF<SHA1> >();
 	RegisterDefaultFactoryFor<KeyDerivationFunction, HKDF<SHA256> >();
 	RegisterDefaultFactoryFor<KeyDerivationFunction, HKDF<SHA512> >();
--- a/speck.cpp
+++ b/speck.cpp
@ -0,0 +1,296 @@
 // speck.h - written and placed in the public domain by Jeffrey Walton
 #include "pch.h"
 #include "config.h"
 #include "speck.h"
 #include "misc.h"
 // TODO
 #include <iostream>
 ANONYMOUS_NAMESPACE_BEGIN
 using CryptoPP::word32;
 using CryptoPP::word64;
 using CryptoPP::rotlFixed;
 using CryptoPP::rotrFixed;
 using CryptoPP::rotlVariable;
 using CryptoPP::rotrVariable;
 template <class W>
 inline void TF83(W& x, W& y, const W& k)
 {
 	x = rotrFixed(x, 8);
 	x += y;	x ^= k;
 	y = rotlFixed(y, 3);
 	y ^= x;
 }
 template <class W>
 inline void TR83(W& x, W& y, const W& k)
 {
 	y^=x;
 	y=rotrFixed(y,3);
 	x^=k;
 	x-=y;
 	x=rotlFixed(x,8);
 }
 // W is word type
 // R is number of rounds
 // p = plain text, k = key, c = cipher text
 template <class W, unsigned int R>
 inline void SPECK_Encrypt(W c[2], const W p[2], const W k[R])
 {
 	c[0]=p[0]; c[1]=p[1];
 	// Don't unroll this loop. Things slow down.
 	for(W i=0; static_cast<int>(i)<R; ++i)
 		TF83(c[0], c[1], k[i]);
 }
 template <class W, unsigned int R>
 inline void SPECK_Decrypt(W p[2], const W c[2], const W k[R])
 {
 	p[0]=c[0]; p[1]=c[1];
 	// Don't unroll this loop. Things slow down.
 	for(W i=R-1; static_cast<int>(i)>=0; --i)
 		TR83(p[0], p[1], k[i]);
 }
 template <class W, unsigned int R>
 inline void SPECK_RoundKeys_2W(W key[R], const W k[2])
 {
 	CRYPTOPP_ASSERT(R==32);
 	W i=0, B=k[1], A=k[0];
 	while(i<R-1)
 	{
 		key[i]=A; TF83(B, A, i);
 		i++;
 	}
 	key[R-1]=A;
 }
 template <class W, unsigned int R>
 inline void SPECK_RoundKeys_3W(W key[R], const W k[3])
 {
 	CRYPTOPP_ASSERT(R==33 || R==26);
 	W i=0, C=k[2], B=k[1], A=k[0];
 	unsigned int blocks = R/2;
 	while(blocks--)
 	{
 		key[i+0]=A; TF83(B, A, i+0);
 		key[i+1]=A; TF83(C, A, i+1);
 		i+=2;
 	}
 	// The constexpr residue should allow the optimizer to remove unneeded statements
 	if(R%2 == 1)
 	{
 		key[R-1]=A;
 	}
 }
 template <class W, unsigned int R>
 inline void SPECK_RoundKeys_4W(W key[R], const W k[4])
 {
 	CRYPTOPP_ASSERT(R==34 || R==27);
 	W i=0, D=k[3], C=k[2], B=k[1], A=k[0];
 	unsigned int blocks = R/3;
 	while(blocks--)
 	{
 		key[i+0]=A; TF83(B, A, i+0);
 		key[i+1]=A; TF83(C, A, i+1);
 		key[i+2]=A; TF83(D, A, i+2);
 		i+=3;
 	}
 	// The constexpr residue should allow the optimizer to remove unneeded statements
 	if(R%3 == 1)
 	{
 		key[R-1]=A;
 	}
 	else if(R%3 == 2)
 	{
 		key[R-2]=A; TF83(B, A, W(R-2));
 		key[R-1]=A;
 	}
 }
 ANONYMOUS_NAMESPACE_END
 NAMESPACE_BEGIN(CryptoPP)
 void SPECK64::Base::UncheckedSetKey(const byte *userKey, unsigned int keyLength, const NameValuePairs &params)
 {
 	CRYPTOPP_ASSERT(keyLength == 12 || keyLength == 16);
 	// Building the key schedule table requires {3,4} words workspace.
 	// Encrypting and decrypting requires 4 words workspace.
 	m_kwords = keyLength/sizeof(word32);
 	m_wspace.New(STDMAX(m_kwords,4U));
 	// Avoid GetUserKey. SPECK does unusual things with key string and word ordering
 	// {A,B} -> {B,A}, {A,B,C} -> {C,B,A}, etc.
 	typedef GetBlock<word32, BigEndian, false> InBlock;
 	InBlock iblk(userKey);
 	switch (m_kwords)
 	{
 	case 3:
 		m_rkey.New(26);
 		iblk(m_wspace[2])(m_wspace[1])(m_wspace[0]);
 		SPECK_RoundKeys_3W<word32, 26>(m_rkey, m_wspace);
 		break;
 	case 4:
 		m_rkey.New(27);
 		iblk(m_wspace[3])(m_wspace[2])(m_wspace[1])(m_wspace[0]);
 		SPECK_RoundKeys_4W<word32, 27>(m_rkey, m_wspace);
 		break;
 	default:
 		CRYPTOPP_ASSERT(0);;
 	}
 }
 void SPECK64::Enc::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
 {
    // Reverse bytes on LittleEndian; align pointer on BigEndian
 	typedef GetBlock<word32, BigEndian, false> InBlock;
 	InBlock iblk(inBlock); iblk(m_wspace[0])(m_wspace[1]);
 	switch (m_kwords)
 	{
 	case 3:
 		SPECK_Encrypt<word32, 26>(m_wspace+2, m_wspace+0, m_rkey);
 		break;
 	case 4:
 		SPECK_Encrypt<word32, 27>(m_wspace+2, m_wspace+0, m_rkey);
 		break;
 	default:
 		CRYPTOPP_ASSERT(0);;
 	}
 	// Reverse bytes on LittleEndian; align pointer on BigEndian
    typedef PutBlock<word32, BigEndian, false> OutBlock;
 	OutBlock oblk(xorBlock, outBlock); oblk(m_wspace[2])(m_wspace[3]);
 }
 void SPECK64::Dec::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
 {
    // Reverse bytes on LittleEndian; align pointer on BigEndian
 	typedef GetBlock<word32, BigEndian, false> InBlock;
 	InBlock iblk(inBlock); iblk(m_wspace[0])(m_wspace[1]);
 	switch (m_kwords)
 	{
 	case 3:
 		SPECK_Decrypt<word32, 26>(m_wspace+2, m_wspace+0, m_rkey);
 		break;
 	case 4:
 		SPECK_Decrypt<word32, 27>(m_wspace+2, m_wspace+0, m_rkey);
 		break;
 	default:
 		CRYPTOPP_ASSERT(0);;
 	}
 	// Reverse bytes on LittleEndian; align pointer on BigEndian
    typedef PutBlock<word32, BigEndian, false> OutBlock;
 	OutBlock oblk(xorBlock, outBlock); oblk(m_wspace[2])(m_wspace[3]);
 }
 ///////////////////////////////////////////////////////////
 void SPECK128::Base::UncheckedSetKey(const byte *userKey, unsigned int keyLength, const NameValuePairs &params)
 {
 	CRYPTOPP_ASSERT(keyLength == 16 || keyLength == 24 || keyLength == 32);
 	// Building the key schedule table requires {2,3,4} words workspace.
 	// Encrypting and decrypting requires 4 words workspace.
 	m_kwords = keyLength/sizeof(word64);
 	m_wspace.New(STDMAX(m_kwords,4U));
 	// Avoid GetUserKey. SPECK does unusual things with key string and word ordering
 	// {A,B} -> {B,A}, {A,B,C} -> {C,B,A}, etc.
 	typedef GetBlock<word64, BigEndian, false> InBlock;
 	InBlock iblk(userKey);
 	switch (m_kwords)
 	{
 	case 2:
 		m_rkey.New(32);
 		iblk(m_wspace[1])(m_wspace[0]);
 		SPECK_RoundKeys_2W<word64, 32>(m_rkey, m_wspace);
 		break;
 	case 3:
 		m_rkey.New(33);
 		iblk(m_wspace[2])(m_wspace[1])(m_wspace[0]);
 		SPECK_RoundKeys_3W<word64, 33>(m_rkey, m_wspace);
 		break;
 	case 4:
 		m_rkey.New(34);
 		iblk(m_wspace[3])(m_wspace[2])(m_wspace[1])(m_wspace[0]);
 		SPECK_RoundKeys_4W<word64, 34>(m_rkey, m_wspace);
 		break;
 	default:
 		CRYPTOPP_ASSERT(0);;
 	}
 }
 void SPECK128::Enc::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
 {
    // Reverse bytes on LittleEndian; align pointer on BigEndian
 	typedef GetBlock<word64, BigEndian, false> InBlock;
 	InBlock iblk(inBlock); iblk(m_wspace[0])(m_wspace[1]);
 	switch (m_kwords)
 	{
 	case 2:
 		SPECK_Encrypt<word64, 32>(m_wspace+2, m_wspace+0, m_rkey);
 		break;
 	case 3:
 		SPECK_Encrypt<word64, 33>(m_wspace+2, m_wspace+0, m_rkey);
 		break;
 	case 4:
 		SPECK_Encrypt<word64, 34>(m_wspace+2, m_wspace+0, m_rkey);
 		break;
 	default:
 		CRYPTOPP_ASSERT(0);;
 	}
 	// Reverse bytes on LittleEndian; align pointer on BigEndian
    typedef PutBlock<word64, BigEndian, false> OutBlock;
 	OutBlock oblk(xorBlock, outBlock); oblk(m_wspace[2])(m_wspace[3]);
 }
 void SPECK128::Dec::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
 {
    // Reverse bytes on LittleEndian; align pointer on BigEndian
 	typedef GetBlock<word64, BigEndian, false> InBlock;
 	InBlock iblk(inBlock); iblk(m_wspace[0])(m_wspace[1]);
 	switch (m_kwords)
 	{
 	case 2:
 		SPECK_Decrypt<word64, 32>(m_wspace+2, m_wspace+0, m_rkey);
 		break;
 	case 3:
 		SPECK_Decrypt<word64, 33>(m_wspace+2, m_wspace+0, m_rkey);
 		break;
 	case 4:
 		SPECK_Decrypt<word64, 34>(m_wspace+2, m_wspace+0, m_rkey);
 		break;
 	default:
 		CRYPTOPP_ASSERT(0);;
 	}
 	// Reverse bytes on LittleEndian; align pointer on BigEndian
    typedef PutBlock<word64, BigEndian, false> OutBlock;
 	OutBlock oblk(xorBlock, outBlock); oblk(m_wspace[2])(m_wspace[3]);
 }
 NAMESPACE_END
--- a/speck.h
+++ b/speck.h
@ -0,0 +1,130 @@
 // speck.h - written and placed in the public domain by Jeffrey Walton
 //! \file speck.h
 //! \brief Classes for the Speck block cipher
 //! \details Speck is a block cipher designed by Ray Beaulieu, Douglas Shors, Jason Smith,
 //!   Stefan Treatman-Clark, Bryan Weeks and Louis Wingers.
 //! \sa <A HREF="http://eprint.iacr.org/2013/404">The SIMON and SPECK Families of
 //!   Lightweight Block Ciphers</A> and <A HREF="http://iadgov.github.io/simon-speck/">
 //!   The Simon and Speck GitHub</A>
 //! \since Crypto++ 6.0
 #ifndef CRYPTOPP_SPECK_H
 #define CRYPTOPP_SPECK_H
 #include "config.h"
 #include "seckey.h"
 #include "secblock.h"
 NAMESPACE_BEGIN(CryptoPP)
 //! \class SPECK_Info
 //! \brief SPECK block cipher information
 //! \tparam BS block size of the cipher, in bytes
 //! \since Crypto++ 6.0
 template <unsigned int BS, unsigned int D, unsigned int N, unsigned int M>
 struct SPECK_Info : public FixedBlockSize<BS>, VariableKeyLength<D, N, M>
 {
    static const std::string StaticAlgorithmName()
    {
        // Format is Cipher-Blocksize(Keylength)
        return "SPECK-" + IntToString(BS*8);
    }
 };
 //! \class SPECK_Base
 //! \brief SPECK block cipher base class
 //! \tparam BS block size of the cipher, in bytes
 //! \details User code should use SPECK128, SPECK512, SPECK1024
 //! \sa SPECK32, SPECK48, SPECK64, SPECK96, SPECK128, <a href="http://www.cryptopp.com/wiki/SPECK">SPECK</a>
 //! \since Crypto++ 6.0
 template <class W>
 struct SPECK_Base
 {
    typedef SecBlock<W, AllocatorWithCleanup<W, true> > AlignedSecBlock;
    mutable AlignedSecBlock m_wspace;  // workspace
    AlignedSecBlock         m_rkey;    // round keys
 	unsigned int            m_kwords;  // number of key words
 };
 //! \class SPECK64
 //! \brief SPECK 64-bit block cipher
 //! \details SPECK64 provides 64-bit block size. The valid key sizes are 98-bit and 128-bit.
 //! \note Crypto++ provides a byte oriented implementation
 //! \sa SPECK32, SPECK64, and SPECK128, <a href="http://www.cryptopp.com/wiki/SPECK">SPECK</a>
 //! \since Crypto++ 6.0
 class CRYPTOPP_NO_VTABLE SPECK64 : public SPECK_Info<8, 12, 12, 16>, public BlockCipherDocumentation
 {
 public:
    //! \brief SPECK block cipher transformation functions
    //! \details Provides implementation common to encryption and decryption
    //! \since Crypto++ 6.0
    class CRYPTOPP_NO_VTABLE Base : protected SPECK_Base<word32>, public BlockCipherImpl<SPECK_Info<8, 12, 12, 16> >
    {
 	public:
 		std::string AlgorithmName() const {
 			return StaticAlgorithmName() + "(" + IntToString(m_kwords*sizeof(word32)*8) + ")";
 		}
    protected:
        void UncheckedSetKey(const byte *userKey, unsigned int keyLength, const NameValuePairs &params);
    };
 	class CRYPTOPP_NO_VTABLE Enc : public Base
 	{
 	protected:
 		void ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
 	};
 	class CRYPTOPP_NO_VTABLE Dec : public Base
 	{
 	protected:
 		void ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
 	};
    typedef BlockCipherFinal<ENCRYPTION, Enc> Encryption;
    typedef BlockCipherFinal<DECRYPTION, Dec> Decryption;
 };
 //! \class SPECK128
 //! \brief SPECK 128-bit block cipher
 //! \details SPECK128 provides 128-bit block size. The valid key sizes are 128-bit, 192-bit and 256-bit.
 //! \note Crypto++ provides a byte oriented implementation
 //! \sa SPECK32, SPECK64, and SPECK128, <a href="http://www.cryptopp.com/wiki/SPECK">SPECK</a>
 //! \since Crypto++ 6.0
 class CRYPTOPP_NO_VTABLE SPECK128 : public SPECK_Info<16, 16, 16, 32>, public BlockCipherDocumentation
 {
 public:
    //! \brief SPECK block cipher transformation functions
    //! \details Provides implementation common to encryption and decryption
    //! \since Crypto++ 6.0
    class CRYPTOPP_NO_VTABLE Base : protected SPECK_Base<word64>, public BlockCipherImpl<SPECK_Info<16, 16, 16, 32> >
    {
 	public:
 		std::string AlgorithmName() const {
 			return StaticAlgorithmName() + "(" + IntToString(sizeof(word64)*8) + ")";
 		}
    protected:
        void UncheckedSetKey(const byte *userKey, unsigned int keyLength, const NameValuePairs &params);
    };
 	class CRYPTOPP_NO_VTABLE Enc : public Base
 	{
 	protected:
 		void ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
 	};
 	class CRYPTOPP_NO_VTABLE Dec : public Base
 	{
 	protected:
 		void ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
 	};
    typedef BlockCipherFinal<ENCRYPTION, Enc> Encryption;
    typedef BlockCipherFinal<DECRYPTION, Dec> Decryption;
 };
 NAMESPACE_END
 #endif  // CRYPTOPP_SPECK_H
--- a/validat1.cpp
+++ b/validat1.cpp
@ -171,6 +171,7 @@ bool ValidateAll(bool thorough)
 	pass=RunTestDataFile(CRYPTOPP_DATA_DIR "TestVectors/seed.txt") && pass;
 	pass=RunTestDataFile(CRYPTOPP_DATA_DIR "TestVectors/threefish.txt") && pass;
 	pass=RunTestDataFile(CRYPTOPP_DATA_DIR "TestVectors/kalyna.txt") && pass;
 	pass=RunTestDataFile(CRYPTOPP_DATA_DIR "TestVectors/speck.txt") && pass;
 	pass=ValidateVMAC() && pass;
 	pass=ValidateCCM() && pass;
 	pass=ValidateGCM() && pass;