Cryptography Reference
In-Depth Information
64
)=
P
1
P
2
.
4. Replace
P
1
and
P
2
with the output of step 3, namely,
E
P,S
(
{
0
}
5. Encrypt the output of step 3 with the modified subkeys, namely, the current
P and S arrays.
6. Replace
P
3
and
P
4
with the output of step 5, namely,
E
P,S
(
P
1
P
2
)=
P
3
P
4
.
7. Continue the above process until all entries of the P-array have been re-
placed, namely,
E
P,S
(
P
j
−
1
S
j
)=
P
j
+1
P
j
+2
for
j
=4
,
5
,...
16. Then re-
place all four S-boxes in order, starting with
E
P,S
(
P
17
P
18
)=
S
1
,
0
S
1
,
1
,
E
P,S
(
S
1
,
0
S
1
,
1
)=
S
1
,
2
S
1
,
3
, and continue until
E
P,S
(
S
4
,
252
S
4
,
253
)=
S
4
,
254
S
4
,
255
.
In total, there are 521 iterations required to generate all the subkeys. Hence,
to test for a single key there would be a total of 522 executions of the encryp-
tion algorithm to test for a single key, making a brute-force attack much more
di0cult. In fact, with the use of a 448-bit keylength, the cipher is virtually
unbreakable in the face of brute-force attacks.
Next, as with DES, there is a complicated function to iterate over sixteen
rounds.
Round Function
The round function
F
takes a 32-bit input
m
that is divided into 4 bytes,
which we will label
a,b,c,d
. Then
F
acts on them as follows:
F
(
m
)=((
S
1
,a
+
S
2
,b
(mod 2
32
))
S
3
,c
)+
S
4
,d
(mod 2
32
)
.
⊕
Encryption and Decryption
To encipher, we first separate the 64-bit plaintext into 32-bit left and right
blocks
L
(
e
)
0
and
R
(
e
0
, respectively. Let
R
(
e
)
and
L
(
e
)
j
be the right and left halves
j
after round
j
and execute, for
j
=1
,
2
,...,
16,
1.
R
(
e
j
=
L
(
e
)
⊕
P
j
.
j
−
1
2.
L
(
e
)
j
=
F
(
R
(
e
)
j
R
(
e
)
)
⊕
j
−
1
.
3.
SW
(
R
(
e
j
,L
(
e
j
).
After the sixteenth round is completed, perform a switch on
R
(
e
)
16
and
L
(
e
)
16
to undo the last swap. Then execute,
L
(
e
)
17
=
R
(
e
)
P
18
and
R
(
e
)
17
=
L
(
e
)
P
17
.
To decipher, we do the same as we did for enciphering, with the exception
that the
P
j
are used in reverse order. In other words, to decipher, execute the
following (where
R
(
d
)
j
⊕
⊕
16
16
and
L
(
d
)
j
are the right and left halves after round
j
), for
j
=1
,
2
,...,
16,
1.
R
(
d
j
=
L
(
d
)
⊕
P
19
−
j
.
j
−
1
Search WWH ::
Custom Search