Cryptography Reference
In-Depth Information
Moreover, no 'generalized associativity law' holds for any two of the three
operations. As we know, the usual associativity law of addition for three normal
numbers says
a+(b+c)=(a+b)+c
The 'generalized associativity law' for the '
+
' and '
⊕
' operations would read
like this:
a+(b
⊕
c)=(a+b)
⊕
c
Again,
a
=
b
=
c
=
1 supplies a counterexample: the left-hand side is equal
to 1, the right-hand side is equal to 3.
We can also prove the following: the algebraic structures defined by the three
operations (formulated mathematically: they are monoids) cannot be trans-
formed one into the other by some clever transformation or other in two cases
(formulated mathematically: they are not isotopic). This holds for the two pairs
of monoids that belong to the operations '
⊕
' and '
', and '
⊕
' and '
+
', respec-
tively. Though there is isotopy between the monoids belonging to '
' and '
+
',
it is as complex as a discrete logarithm, and we know from Section 4.5.4 that
discrete logarithm is a 'hard' function.
These comments were aimed not only at furthering your mathematical knowl-
edge, but also at emphasizing why Lai and Massey chose these operations:
they are really a poor match. And now you know where the decomposition
into 16-bit blocks stems from: the fact that 2
16
1 is a prime number (and not
because they felt sympathy for owners of vintage 16-bit computers
...)
.
+
5.3.4 The IDEA Algorithm in Detail
IDEA links these three operations within a network that looks desperately
complicated at first. Figure 5.9 shows the description of a round.
As usual, each operation processes the operands that correspond to the incoming
arrows. The result 'walks' alongside the outgoing arrow to the next operation,
or forms a subblock. In six cases, however, a result is used in two additional
operations.
Figure 5.10 shows the output transformation.
