Information Technology Reference
In-Depth Information
On Cipher Design
Based on Switchable Controlled Operations
Nikolay A. Moldovyan
Specialized Center of Program System “SPECTR”
Kantemirovskaya str. 10, St. Petersburg 197342, Russia
nmold@cobra.ru
Abstract.
This paper introduces a new type of primitives called switchable con-
trolled operations (SCO). The SCO are proposed to be used in the design of the
fast ciphers suitable to cheap-hardware implementation. Use of the SCO pro-
motes to solve the problem of the weak keys and homogeneity of the encryption
transformation while the simple key scheduling is used. The SCO-based iterative
ciphers that are free of reversing the key scheduling are proposed to minimize
implementation cost. Different variants of SCO and SCO-based iterative cryp-
toschemes are considered.
Keywords.
Fast Encryption, Data-Dependent Operations, Hardware-Oriented
Ciphers, Switchable Operations, Controlled Operations.
1
Introduction
Large scale application of the data encryption while solving different practical prob-
lems of the information security defines interest to designing fast block ciphers oriented
to to cheap hardware implementation. Many network applications of the encryption re-
quire development of the ciphers that conserve high performance in the case of frequent
change of keys. Such ciphers should use no time consuming key preprocessing, i.e. they
should use very simple key scheduling. An interesting approach to construction of such
cryptosystems is based on the use of the data-dependent (DD) operations (DDOs) as a
cryptographic primitive [6, 3].
Definition 1.
Let
{
F
1
,
F
2
,...,
F
2
m
}
be some set of the single-type operations defined by
2
m
formula Y
X
q
are input
n-dimensional binary vectors (operands) and Y is the output n-dimensional binary vec-
tor. Then the V -dependent operation
F
(
V
)
defined by formula Y
=
F
i
=
F
i
(
X
1
,
X
2
,...,
X
q
)
,wherei
=
1
,
2
,...,
and X
1
,
X
2
,...,
F
(
V
)
(
=
X
1
,
X
2
,...,
X
q
)=
F
V
, where V is the m-dimensional controlling vector, we call the con-
trolled q-place operation. The operations
F
1
(
X
1
,
X
2
,...,
X
q
)
,
F
2
,...,
F
2
m
are called modifications of the
controlled operation
F
(
V
)
.
Practically important variants of the controlled operations correspond to controlled
permutations (CP) [6, 4] and controlled operational substitutions (COSes) [2]. When
designing ciphers the controlled operations are preferable to be used as DDOs. For this
purpose dependence of the controlling vector on the transformed data is assigned. The
DD permutations (DDP) have been extensively used in the iterative ciphers CIKS-1 [6],
