Debug component_function in S-box Module and Add the S-box of WARP Block Cipher

[hadipourh]

📚 Description

1- Debugging component_function in sbox module:

• The from_bits(self, x, n=None) function is invoked within the component_function of the Sbox class. When the input_size and output_size of the S-box differ, the from_bits function operates correctly if the n argument is specified. However, the current implementation of the component_function calls from_bits without setting the n argument. Consequently, calling the component_function of the Sbox class with differing input_size and output_size results in an error.
• To resolve this issue, we only need to pass the argument n into the from_bits functions inside the component_function.

2- Adding the s-box of WARP to s-box suite of SageMath

• I have added the S-box of the WARP block cipher to SageMath. WARP is a block cipher that follows the Generalized Feistel Structure (GFS) and was proposed as a lightweight alternative to AES-128 in SAC 2022. You can find more information about WARP in [1].
• This addition is necessary to keep the S-box suite of SageMath up to date and allows cryptographers to analyze the S-box of WARP using SageMath.
• Fortunately, this update doesn't require any changes to the documentation. I only needed to make a minor update in the comment section, which I have already done.

[1] - https://link.springer.com/chapter/10.1007/978-3-030-81652-0_21

📝 Checklist

• The title is concise, informative, and self-explanatory.
• The description explains in detail what this PR is about.
• I have linked a relevant issue or discussion.
• I have created tests covering the changes.
• I have updated the documentation accordingly.

⌛ Dependencies

This change does not rely on any dependencies.

[grhkm21]

Can you add a test for this?

[grhkm21]

One small change, then it should be fine.

[grhkm21]

@hadipourh Have you read what I wrote?

[grhkm21]

See above

[github-actions]

Documentation preview for this PR (built with commit f43f1f9; changes) is ready! 🎉
This preview will update shortly after each push to this PR.

[hadipourh]

I think this pull request is ready to merge.
@mkoeppe and @grhkm21 do you agree?

[grhkm21]

Sorry for the late reply. Your added TESTS session doesn't test for the issue fixed by this PR. As you said, this PR addresses when the SBox's input_size and output_size differs, yet the example you gave have the same:

sage: from sage.crypto.sboxes import SBox
sage: sb = SBox(7, 6, 0, 4, 2, 5, 1, 3)
sage: sb.component_function([1, 0, 0])
Boolean function with 3 variables
sage: sb.input_size()
3
sage: sb.output_size()
3

(And hence this actually runs for the latest Sage version already.) Please replace it with an example that has differing input and output size

[hadipourh]

Thank you @grhkm21 for your review!
I replaced the TEST block with an appropriate one:

sage: from sage.crypto.sboxes import SBox
sage: sb = SBox([0, 1, 2, 3, 0, 1, 2, 3])
sage: sb.component_function([1, 0])
Boolean function with 3 variabl

[grhkm21]

Fix this :)

[grhkm21]

After fixing the test output this should be ready :)

[hadipourh]

The test output was fixed.

[grhkm21]

Looks good to me! Thanks :)

[hadipourh]

Thank you too for your review!
By the way, I have designed an extension for the Sbox module: https://github.com/hadipourh/sboxanalyzer

As seen in the road map, I would like to integrate this tool into the SageMath.
However, the tool heavily relies on a logic minimizer program written in C: https://ptolemy.berkeley.edu/projects/embedded/pubs/downloads/espresso/index.htm
Do you have any advice for integrating this tool into the SageMath? Or would you like to contribute to this project from this aspect?

[grhkm21]

I took a look at your sboxanalyzer project, it looks interesting and would be great to have in Sage. Is the entire espresso folder also part of the project? I don't know what the process of including external C code is, so maybe I will ping @tscrim in. But I have seen C code in Sage (hyperelliptic Frobenius point counting and discrete gaussian sampling are two examples), so it should be possible. I can help if needed

[hadipourh]

I took a look at your sboxanalyzer project, it looks interesting and would be great to have in Sage. Is the entire espresso folder also part of the project? I don't know what the process of including external C code is, so maybe I will ping @tscrim in. But I have seen C code in Sage (hyperelliptic Frobenius point counting and discrete gaussian sampling are two examples), so it should be possible. I can help if needed

The entire Espresso package is, of course, not needed, but I believe Espresso, once integrated into the SageMath project, will be incredibly useful for people working on Boolean functions and binary fields. To the best of my knowledge, Espresso is one of the most efficient (in terms of speed) open-source logic minimizers available. Hence, it makes sense to integrate the entire Espresso package together with SboxAnalyzer into SageMath. This way, Espresso can be reused for many other applications in the context of Boolean functions and binary fields. If you, @tscrim, or anyone else is interested and can help, you are very welcome to contribute to this project by integrating it into SageMath.

[grhkm21]

Please do not rebase PRs after they are positively reviewed... It retriggers CI and requires a re-review (automated by bot, as you can see) etc.

[tscrim]

@grhkm21 So including C code in Sage is basically the same as any other bit of code (we do have some in Sage already as I recall) except with a bit of Cython bindings. It might be best to keep Espresso as a separate (upstream?) optional package with specific hooks/classes within Sage to use that.