Cryptography Reference
In-Depth Information
key k is input and subkeys k j for j =1 , 2 ,...,r are generated from it via a
specified key schedule. Generally, k j
= k j for any j .A
function F , called a round function (iterated over r rounds, all of which have
the same construction, described below), acts on plaintext pairs ( R j 1 ,k j ) for
j =1 , 2 ,...,r in a prescribed fashion, in concert with a switching function. The
ciphertext output is ( L j ,R j ), where L j = R j 1 and
= k i for j
= i , and k
R j = L j 1
f ( R j 1 ,k j ) .
(3.3)
In other words, if
( L 0 ,R 0 )=( R 1 ,R 0 )
is the initial input plaintext, then for rounds j =1 , 2 ,...,r +1,( L j 1 ,R j 1 )=
( R j 2 ,R j 1 ) is input and
( L j ,R j )=( R j 1 ,L j 1
f ( R j 1 ,k j ))
(3.4)
is output.
The methodology prescribed for each round is that a substitution is executed
on the left-hand data, from the previous round, via the action in the right-hand
side of (3.3), to yield
( L j 1
f ( R j 1 ,k j ) ,R j 1 ) .
(3.5)
This is followed by a permutation yielding (3.4), which essentially results from
a swap of the two halves of the data in (3.5). This process turns out to be
a configuration of a methodology called the substitution-permutation network
(SPN) put forth by Shannon, [250], about whom we will say more below.
The above Feistel encryption is essentially the same algorithm as the de-
ciphering scheme. To decipher, one inputs the ciphertext, with the use of the
subkeys in the reverse order. Hence, we have a nice feature for implementation in
that essentially the same algorithm is used for both encryption and decryption.
We now look at some design features of Feistel ciphers. We outline only the
barest of statements about each principle, which we will expand in the section
immediately following this list.
Feistel Design Principles
1. Block Size : A large blocklength is chosen for increased security, with
a 64-bit blocklength having been common, but blocklengths of 128 bits
or more, becoming standard due to modern demands stemming from in-
creased cryptanalytic developments.
2. Keylength : When first developed, a 64-bit keylength was used, but, as
we have seen, this has not survived the cryptanalytic onslaught. Now
typically 128-bit keylengths are becoming standard.
3. Rounds and Round Functions : More rounds mean more security, with
typically sixteen rounds being most common. A round function with in-
creased complexity adds to the security.
Search WWH ::




Custom Search