CN111740816A - BWGCF block cipher algorithm realizing method - Google Patents
BWGCF block cipher algorithm realizing method Download PDFInfo
- Publication number
- CN111740816A CN111740816A CN201910225576.0A CN201910225576A CN111740816A CN 111740816 A CN111740816 A CN 111740816A CN 201910225576 A CN201910225576 A CN 201910225576A CN 111740816 A CN111740816 A CN 111740816A
- Authority
- CN
- China
- Prior art keywords
- value
- key
- equal
- algorithm
- length
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0625—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation with splitting of the data block into left and right halves, e.g. Feistel based algorithms, DES, FEAL, IDEA or KASUMI
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Facsimile Transmission Control (AREA)
Abstract
The invention discloses a BWGCF block cipher algorithm implementation method, belongs to the technical field of information security, and relates to cipher algorithm design. The BWGCF block cipher algorithm realizing method of the invention is composed of 4 algorithms of BWGCF algorithm control and selection algorithm, BWGCF algorithm T function construction algorithm, BWGCF algorithm encryption algorithm and BWGCF algorithm key expansion algorithm, and the specific implementation mode of the 4 algorithms is provided. The packet length/key length support for BWGCF packet cipher algorithms 128/128, 128/256, and 256/256.
Description
Technical Field
The invention belongs to the technical field of information security, and relates to a cryptographic algorithm design.
Background
Since the cryptographic technology is the foundation of information security, all countries have paid great attention to the research of cryptographic algorithms. In such an age, passwords have entered open competition and international cooperation by secret antagonism.
The BWGCF cryptographic algorithm is an iterative block cipher algorithm. The packet length/key length support of the algorithm 128/128, 128/256 and 256/256, the basic topology of the BWGCF cryptographic algorithm consists of sixteen eight-level feedback polynomials, which are all primitive polynomials, and they are:
(1)f(x)=x8+x4+x3+x2+1
(2)f(x)=x8+x5+x3+x1+1
(3)f(x)=x8+x5+x3+x2+1
(4)f(x)=x8+x6+x3+x2+1
(5)f(x)=x8+x6+x4+x3+x2+x1+1
(6)f(x)=x8+x6+x5+x1+1
(7)f(x)=x8+x6+x5+x2+1
(8)f(x)=x8+x6+x5+x3+1
(9)f(x)=x8+x6+x5+x4+1
(10)f(x)=x8+x7+x2+x1+1
(11)f(x)=x8+x7+x3+x2+1
(12)f(x)=x8+x7+x5+x3+1
(13)f(x)=x8+x7+x6+x1+1
(14)f(x)=x8+x7+x6+x3+x2+x1+1
(15)f(x)=x8+x7+x6+x5+x2+x1+1
(16)f(x)=x8+x7+x6+x5+x4+x2+1
the BWGCF cryptographic algorithm follows the design idea of DP logic, D is Drive, namely the driving part of the block cipher, where D is the above 16 eight-level primitive polynomials, P is Permutation, each beat is Permutation, and the composition of beats is still Permutation; following the design idea of orthomorphism; according to the algorithm reconstruction design idea, the feedback polynomial selected by each beat is randomly selected by key control, and the total reconfigurable space size is 24×l(l is the number of beats), the 128bit key can actually reach 264The above is not heavy. The block cipher algorithm conforms to a generalized Feistel structure, DES, GHOST, SM4 and CAST belong to the Feistel or the generalized Feistel structure, and is the inheritance and development of the generalized Feistel structure, particularly the further development of SM 4; the P logic design idea is followed, namely the design logic of the key control random permutation operator. The algorithm fully embodies the high unification of the design idea of the sequence password and the design idea of the block password.
Disclosure of Invention
The BWGCF block cipher realization method of the invention is composed of the following four algorithms:
algorithm 1: BWGCF algorithm control selection algorithm;
and 2, algorithm: BWGCF algorithm T function construction algorithm;
algorithm 3: BWGCF algorithm encryption algorithm;
and algorithm 4: BWGCF algorithm key expansion algorithm.
Drawings
The attached drawing isBasic topological structure diagram of BWGCF block cipher algorithm
Detailed Description
The BWGCF block cipher algorithm implementation method of the invention is composed of the following 4 algorithms, and the specific implementation mode of each algorithm is as follows:
algorithm 1: BWGCF algorithm control and selection algorithm
Let the subkey be k0,k1,k2,k3,...,kL-1Then the BWGCF control selection algorithm is:
W=ki0+2×ki1+4×ki2+8×ki3,
wherein k isi3,ki2,ki1,ki0Is a subkey kiThe last four bits.
And 2, algorithm: t function construction algorithm of BWGCF algorithm
(1) Packet length/key length 128/128
T is
The transformation of (2) is a fixed composite permutation independent of the key, and is composed of a nonlinear transformation layer and a linear transformation layer.
1) Non-linear transformation tau
The non-linear transform τ is made up of 2 parallel 8 x 8S-boxes, actually byte-instead transforms.
Let the input be
Output is as
Then
(b0,b1)=τ(A)=(sbox(a0),sbox(a1)).
2) Linear transformation A
The output of the nonlinear transformation τ is the input of the linear transformation a (satisfying that both the linear and differential branch numbers are 3). Let the input be
Output is as
Then
S-box production mode:
S-Box affine equivalent to finite field GF (2)8) The multiplicative inverse function of (1).
The reversible affine transformation pi over GF (2) is defined as follows:
let input 8-bit variable a ═ a0,a1,...,a7) And outputting 8-bit variable b ═ pi (a) ═ b0,b1,...,b7) Then, then
Defining a finite field GF (2)8) The inverse of the multiplication in (1) is as follows:
under GF (2)8) In the middle of using primitive polynomial
g(x)=x8+x7+x6+x5+x4+x2+1,
Mapping x to x-1And "00" maps to itself.
The production mode of the S-box is as follows:
input device
Output of
Then
y=sbox(x)=π(f(π(x))).
The S-box is as follows:
| 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | a | b | c | d | e | f | |
| 0 | d6 | 90 | e9 | fe | cc | e1 | 3d | b7 | 16 | b6 | 14 | c2 | 28 | fb | 2c | 05 |
| 1 | 2b | 67 | 9a | 76 | 2a | be | 04 | c3 | aa | 44 | 13 | 26 | 49 | 86 | 06 | 99 |
| 2 | 9c | 42 | 50 | f4 | 91 | ef | 98 | 7a | 33 | 54 | 0b | 43 | ed | cf | ac | 62 |
| 3 | e4 | b3 | 1c | a9 | c9 | 08 | e8 | 95 | 80 | df | 94 | fa | 75 | 8f | 3f | a6 |
| 4 | 47 | 07 | a7 | fc | f3 | 73 | 17 | ba | 83 | 59 | 3c | 19 | e6 | 85 | 4f | a8 |
| 5 | 68 | 6b | 81 | b2 | 71 | 64 | da | 8b | f8 | eb | 0f | 4b | 70 | 56 | 9d | 35 |
| 6 | 1e | 24 | 0e | 5e | 63 | 58 | d1 | a2 | 25 | 22 | 7c | 3b | 01 | 21 | 78 | 87 |
| 7 | d4 | 00 | 46 | 57 | 9f | d3 | 27 | 52 | 4c | 36 | 02 | e7 | a0 | c4 | c8 | 9e |
| 8 | ea | bf | 8a | d2 | 40 | c7 | 38 | b5 | a3 | f7 | f2 | ce | f9 | 61 | 15 | a1 |
| 9 | e0 | ae | 5d | a4 | 9b | 34 | 1a | 55 | ad | 93 | 32 | 30 | f5 | 8c | b1 | e3 |
| a | 1d | f6 | e2 | 2e | 82 | 66 | ca | 60 | c0 | 29 | 23 | ab | 0d | 53 | 4e | 6f |
| b | d5 | db | 37 | 45 | de | fd | 8e | 2f | 03 | ff | 6a | 72 | 6d | 6c | 5b | 51 |
| c | 8d | 1b | af | 92 | bb | dd | bc | 7f | 11 | d9 | 5c | 41 | 1f | 10 | 5a | d8 |
| d | 0a | c1 | 31 | 88 | a5 | cd | 7b | bd | 2d | 74 | d0 | 12 | b8 | e5 | b4 | b0 |
| e | 89 | 69 | 97 | 4a | 0c | 96 | 77 | 7e | 65 | b9 | f1 | 09 | c5 | 6e | c6 | 84 |
| f | 18 | f0 | 7d | ec | 3a | dc | 4d | 20 | 79 | ee | 5f | 3e | d7 | cb | 39 | 48 |
(2) packet length/key length 128/256
The T function of the packet length/key length of 128/256 is the same as the T function of the packet length/key length of 128/128.
(3) Packet length/key length 256/256
T is
The transformation of (2) is a fixed composite permutation independent of the key, and is composed of a nonlinear transformation layer and a linear transformation layer.
1) Non-linear transformation tau
The non-linear transform τ is made up of 2 parallel 16 x 16S-boxes, actually a two-byte substitution transform.
Let the input be
Output is as
Then
(b0,b1)=τ(A)=(sbox(a0),sbox(a1)).
2) Linear transformation A
The output of the nonlinear transformation τ is the input of the linear transformation a (satisfying that both the linear and differential branch numbers are 3). Let the input be
Output is as
Then
S-box production mode:
defining a finite field GF (2)16) The inverse of the multiplication in (1) is as follows:
under GF (2)16) In the middle of using primitive polynomial
g(x)=x16+x5+x3+x+1,
Mapping x to x-1And "00" maps to itself.
Algorithm 3: BWGCF algorithm encryption algorithm
(1) Packet length/key length 128/128
The encryption algorithm for packet length/key length 128/128 is as follows:
1) round key expansion is carried out on the 128-bit basic key to generate a sub-key k0,k1,...,k47。
2) Let 128 bits plaintext input as
The ciphertext is output as
Calculating W ═ ki0+2×ki1+4×ki2+8×ki3Wherein k isi3,ki2,ki1,ki0Is a subkey kiThe last four bits of (i ═ 0, 1.., 47).
If WiWhen the value is equal to 0, then
If Wi1, then
If WiWhen 2, then
If WiWhen being equal to 3, then
If WiWhen the value is 4, then
If WiWhen the value is 5, then
If WiWhen the value is 6, then
If WiWhen being equal to 7, then
If WiWhen it is equal to 8, then
If WiWhen the result is 9, then
If WiWhen the value is 10, then
If WiWhen it is equal to 11, then
If WiWhen the value is 12, then
If WiWhen it is 13, then
If WiWhen the value is 14, then
If Wi15, then
3) The state of the register is the ciphertext when the BWGCF algorithm moves 48 beats, namely
(Y0,Y1,Y2,Y3,Y4,Y5,Y6,Y7)=(X48,X49,X50,X51,X52,X53,X54,X55).
(2) Packet length/key length 128/256
The encryption algorithm for packet length/key length 128/256 is the same as the encryption algorithm for packet length/key length 128/128.
(3) Packet length/key length 128/256
The encryption algorithm for packet length/key length 256/256 is as follows:
1) round key expansion is carried out on the 256-bit basic key to generate a sub-key k0,k1,...,k31。
2) Let 256 bits plaintext input be
The ciphertext is output as
Calculating W ═ ki0+2×ki1+4×ki2+8×ki3Wherein k isi3,ki2,ki1,ki0Is a subkey kiThe last four bits of (i ═ 0, 1.., 31).
If WiWhen the value is equal to 0, then
If Wi1, then
If WiWhen 2, then
If WiWhen being equal to 3, then
If WiWhen the value is 4, then
If WiWhen the value is 5, then
If WiWhen the value is 6, then
If WiWhen being equal to 7, then
If WiWhen it is equal to 8, then
If WiWhen the result is 9, then
If WiWhen the value is 10, then
If WiWhen it is equal to 11, then
If WiWhen the value is 12, then
If WiWhen it is 13, then
If WiWhen the value is 14, then
If Wi15, then
3) The state of the register is the ciphertext when the BWGCF algorithm moves 32 beats, namely
(Y0,Y1,Y2,Y3,Y4,Y5,Y6,Y7)=(X32,X33,X34,X35,X36,X37,X38,X39).
(4) Decryption algorithm
And (5) inverting the ciphertext to obtain the plaintext.
And algorithm 4: BWGCF algorithm key expansion algorithm
(1) Packet length/key length 128/128
The encryption key is denoted as (MK)0,MK1,MK2,MK3,MK4,MK5,MK6,MK7)(
(i= 0,1,2,3,4,5,6,7))。
If the encryption key is represented by bytes as (d)0,d1,...,d15) Then, then
MK0=(d0,d1),
MK1=(d2,d3),
MK2=(d4,d5),
MK3=(d6,d7),
MK4=(d8,d9),
MK5=(d10,d11),
MK6=(d12,d13),
MK7=(d14,d15).
Order to
The subkey is
The subkey generation is as follows:
firstly, the method
Then, let W be 0, 1, 2i(i ═ 0, 1.., 47) is Ki+7The last 4 bits of (b) correspond to integers:
if WiWhen the value is equal to 0, then
If Wi1, then
If WiWhen 2, then
If WiWhen being equal to 3, then
If WiWhen the value is 4, then
If WiWhen the value is 5, then
If WiWhen the value is 6, then
If WiWhen being equal to 7, then
If WiWhen it is equal to 8, then
If WiWhen the result is 9, then
If WiWhen the value is 10, then
If WiWhen it is equal to 11, then
If WiWhen the value is 12, then
If WiWhen it is 13, then
If WiWhen the value is 14, then
If Wi15, then
Description of the drawings:
1) the T' transformation is the same as T in the round function of the encryption algorithm;
2)CKifor the fixed key, the value method is as follows:
let cki,jIs a fixed key CKiI.e., the j-th byte (i 0, 1.., 47; j 0, 1), i.e., the data of the first byte (i)
Ck is theni,j=(4i+j)×7(mod 256)。
(2) Packet length/key length 128/256
The first 128 bits of the encryption key are denoted as (MK)0,MK1,MK2,MK3,MK4,MK5,MK6,MK7)(
(i= 0,1,2,3,4,5,6,7))。
If the encryption key is represented by bytes as (d)0,d1,...,d15) Then, then
MK0=(d0,d1),
MK1=(d2,d3),
MK2=(d4,d5),
MK3=(d6,d7),
MK4=(d8,d9),
MK5=(d10,d11),
MK6=(d12,d13),
MK7=(d14,d15).
Order to
The subkey is
The subkey generation is as follows:
firstly, the method
Then, let W be 0, 1, 2i(i ═ 0, 1.., 23) is Ki+7The last 4 bits of (b) correspond to integers:
if WiWhen the value is equal to 0, then
If Wi1, then
If WiWhen 2, then
If WiWhen being equal to 3, then
If WiWhen the value is 4, then
If WiWhen the value is 5, then
If WiWhen the value is 6, then
If WiWhen being equal to 7, then
If WiWhen it is equal to 8, then
If WiWhen the result is 9, then
If WiWhen the value is 10, then
If WiWhen it is equal to 11, then
If WiWhen the value is 12, then
If WiWhen it is 13, then
If WiWhen the value is 14, then
If Wi15, then
Description of the drawings:
1) the T' transformation is the same as T in the round function of the encryption algorithm;
2)CKifor the fixed key, the value method is as follows:
let cki,jIs a fixed key CKiI.e., the j-th byte (i: 0, 1.., 23; j: 0, 1), i.e., the data of the first byte (i: 0, 1)
Ck is theni,j=(4i+j)×7(mod 256)。
The key expansion method of the rear 128 bits of the encryption key is the same as that of the front 128 bits, and the round key expanded by the front 128 bits is used as the round key in the 1, 2,. multidrug-seen rounds 24, and the round key expanded by the rear 128 bits is used as the round key in the 25, 26,. multidrug-seen rounds 48.
(3) Packet length/key length 256/256
The encryption key is denoted as (MK)0,MK1,MK2,MK3,MK4,MK5,MK6,MK7)(
(i= 0,1,2,3,4,5,6,7))。
If the encryption key is represented by bytes as (d)0,d1,...,d31) Then, then
MK0=(d0,d1,d2,d3),
MK1=(d4,d5,d6,d7),
MK2=(d8,d9,d10,d11),
MK3=(d12,d13,d14,d15),
MK4=(d16,d17,d18,d19),
MK5=(d20,d21,d22,d23),
MK6=(d24,d25,d26,d27),
MK7=(d28,d29,d30,d31).
Order to
The subkey is
The subkey generation is as follows: firstly, the method
Then, let W be 0, 1, 2i(i ═ 0, 1,. times.31) is Ki+7The last 4 bits of (b) correspond to integers:
if WiWhen the value is equal to 0, then
If Wi1, then
If WiWhen 2, then
If WiWhen being equal to 3, then
If WiWhen the value is 4, then
If WiWhen the value is 5, then
If WiWhen the value is 6, then
If WiWhen being equal to 7, then
If WiWhen it is equal to 8, then
If WiWhen the result is 9, then
If WiWhen the value is 10, then
If WiWhen it is equal to 11, then
If WiWhen the value is 12, then
If WiWhen it is 13, then
If WiWhen the value is 14, then
If Wi15, then
Description of the drawings:
1) the T' transformation is the same as T in the round function of the encryption algorithm;
2)CKifor the fixed key, the value method is as follows:
let cki,jAs a fixed key XKiI.e., the j-th byte (i 0, 1.., 31; j 0, 1), i.e., the data of the first byte (i)
Ck is theni,j=(4i+j)×7(mod 256)。
Claims (1)
- A BWGCF block cipher algorithm implementation method is characterized by comprising the following steps: the BWGCF block cipher algorithm implementation method is composed of the following four algorithms:BWGCF algorithm control and selection algorithmLet the subkey be k0,k1,k2,k3,…,kL-1Then the BWGCF control selection algorithm is:W=ki0+2×ki1+4×ki2+8×ki3,wherein k isi3,ki2,ki1,ki0Is a subkey kiThe last four bits.Tword function construction algorithm of BWGCF algorithm(1) Packet length/key length 128/128T isThe transformation of (2) is a fixed composite permutation independent of the key, and is composed of a nonlinear transformation layer and a linear transformation layer.
1) Non-linear transformation tauThe non-linear transform τ is made up of 2 parallel 8 x 8S-boxes, actually byte-instead transforms.Let the input beOutput is as
Then
(b0,b1)=τ(A)=(sbox(a0),sbox(a1)).2) Linear transformation AThe output of the nonlinear transformation τ is the input of the linear transformation a (satisfying that both the linear and differential branch numbers are 3). Let the input beOutput is as
Then
S-box production mode:S-Box affine equivalent to finite field GF (2)8) The multiplicative inverse function of (1).The reversible affine transformation pi over GF (2) is defined as follows:let input 8-bit variable a ═ a0,a1,…,a7) And outputting 8-bit variable b ═ pi (a) ═ b0,b1,…,b7) Then, then
Defining a finite field GF (2)8) The inverse of the multiplication in (1) is as follows:under GF (2)8) In the middle of using primitive polynomialg(x)=x8+x7+x6+x5+x4+x2+1,Mapping x to x-1And "00" maps to itself.The production mode of the S-box is as follows:input deviceOutput of
Then
y=sbox(x)=π(f(π(x))).The S-box is as follows:0 1 2 3 4 5 6 7 8 9 a b c d e f 0 d6 90 e9 fe cc e1 3d b7 16 b6 14 c2 28 fb 2c 05 1 2b 67 9a 76 2a be 04 c3 aa 44 13 26 49 86 06 99 2 9c 42 50 f4 91 ef 98 7a 33 54 0b 43 ed cf ac 62 3 e4 b3 1c a9 c9 08 e8 95 80 df 94 fa 75 8f 3f a6 4 47 07 a7 fc f3 73 17 ba 83 59 3c 19 e6 85 4f a8 5 68 6b 81 b2 71 64 da 8b f8 eb 0f 4b 70 56 9d 35 6 1e 24 0e 5e 63 58 d1 a2 25 22 7c 3b 01 21 78 87 7 d4 00 46 57 9f d3 27 52 4c 36 02 e7 a0 c4 c8 9e 8 ea bf 8a d2 40 c7 38 b5 a3 f7 f2 ce f9 61 15 a1 9 e0 ae 5d a4 9b 34 1a 55 ad 93 32 30 f5 8c b1 e3 a 1d f6 e2 2e 82 66 ca 60 c0 29 23 ab 0d 53 4e 6f b d5 db 37 45 de fd 8e 2f 03 ff 6a 72 6d 6c 5b 51 c 8d 1b af 92 bb dd bc 7f 11 d9 5c 41 1f 10 5a d8 d 0a c1 31 88 a5 cd 7b bd 2d 74 d0 12 b8 e5 b4 b0 e 89 69 97 4a 0c 96 77 7e 65 b9 f1 09 c5 6e c6 84 f 18 f0 7d ec 3a dc 4d 20 79 ee 5f 3e d7 cb 39 48 (2) packet length/key length 128/256The T function of the packet length/key length of 128/256 is the same as the T function of the packet length/key length of 128/128.(3) Packet length/key length 256/256T isThe transformation of (2) is a fixed composite permutation independent of the key, and is composed of a nonlinear transformation layer and a linear transformation layer.
1) Non-linear transformation tauThe non-linear transform τ is made up of 2 parallel 16 x 16S-boxes, actually a two-byte substitution transform.Let the input beOutput is as
Then
(b0,b1)=τ(A)=(sbox(a0),sbox(a1)).2) Linear transformation AThe output of the nonlinear transformation τ is the input of the linear transformation a (satisfying that both the linear and differential branch numbers are 3). Let the input beOutput is as
Then
S-box production mode:defining a finite field GF (2)16) The inverse of the multiplication in (1) is as follows:under GF (2)16) In the middle of using primitive polynomialg(x)=x16+x5+x3+x+1,Mapping x to x-1And "00" maps to itself.BWGCF algorithm encryption algorithm(1) Packet length/key length 128/128The encryption algorithm for packet length/key length 128/128 is as follows:1) round key expansion is carried out on the 128-bit basic key to generate a sub-key k0,k1,…,k47。2) Let 128 bits plaintext input asThe ciphertext is output as
Calculating W ═ ki0+2×ki1+4×ki2+8×ki3Wherein k isi3,ki2,ki1,ki0Is a subkey kiThe last four bits of (i ═ 0, 1, …, 47).
If WiWhen the value is equal to 0, then
If Wi1, then
If WiWhen 2, then
If WiWhen being equal to 3, then
If WiWhen the value is 4, then
If WiWhen the value is 5, then
If WiWhen the value is 6, then
If WiWhen being equal to 7, then
If WiWhen it is equal to 8, then
If WiWhen the result is 9, then
If WiWhen the value is 10, then
If WiWhen it is equal to 11, then
If WiWhen the value is 12, then
If WiWhen it is 13, then
If WiWhen the value is 14, then
If Wi15, then
3) The state of the register is the ciphertext when the BWGCF algorithm moves 48 beats, namely(Y0,Y1,Y2,Y3,Y4,Y5,Y6,Y7)=(X48,X49,X50,X51,X52,X53,X54,X55).(2) Packet length/key length 128/256The encryption algorithm for packet length/key length 128/256 is the same as the encryption algorithm for packet length/key length 128/128.(3) Packet length/key length 128/256The encryption algorithm for packet length/key length 256/256 is as follows:1) round key expansion is carried out on the 256-bit basic key to generate a sub-key k0,k1,…,k31。2) Let 256 bits plaintext input beThe ciphertext is output as
Calculating W ═ ki0+2×ki1+4×ki2+8×ki3Wherein k isi3,ki2,ki1,ki0Is a subkey kiThe last four bits of (i ═ 0, 1, …, 31).
If WiWhen the value is equal to 0, then
If Wi1, then
If WiWhen 2, then
If WiWhen being equal to 3, then
If WiWhen the value is 4, then
If WiWhen the value is 5, then
If WiWhen the value is 6, then
If WiWhen being equal to 7, then
If WiWhen it is equal to 8, then
If WiWhen the result is 9, then
If WiWhen the value is 10, then
If WiWhen it is equal to 11, then
If WiWhen the value is 12, then
If WiWhen it is 13, then
If WiWhen the value is 14, then
If Wi15, then
3) The state of the register is the ciphertext when the BWGCF algorithm moves 32 beats, namely(Y0,Y1,Y2,Y3,Y4,Y5,Y6,Y7)=(X32,X33,X34,X35,X36,X37,X38,X39).(4) Decryption algorithmAnd (5) inverting the ciphertext to obtain the plaintext.BWGCF algorithm key expansion algorithm(1) Packet length/key length 128/128The encryption key is recorded as
If the encryption key is represented by bytes as (d)0,d1,…,d15) Then, thenMK0=(d0,d1),MK1=(d2,d3),MK2=(d4,d5),MK3=(d6,d7),MK4=(d8,d9),MK5=(d10,d11),MK6=(d12,d13),MK7=(d14,d15).Order toThe subkey is
The subkey generation is as follows: firstly, the method
Then, for i equal to 0, 1, 2, …, 47, let Wi(i-0, 1, …, 47) is Ki+7The last 4 bits of (b) correspond to integers:if WiWhen the value is equal to 0, then
If Wi1, then
If WiWhen 2, then
If WiWhen being equal to 3, then
If WiWhen the value is 4, then
If WiWhen the value is 5, then
If WiWhen the value is 6, then
If WiWhen being equal to 7, then
If WiWhen it is equal to 8, then
If WiWhen the result is 9, then
If WiWhen the value is 10, then
If WiWhen it is equal to 11, then
If WiWhen the value is 12, then
If WiWhen it is 13, then
If WiWhen the value is 14, then
If Wi15, then
Description of the drawings:1) the T' transformation is the same as T in the round function of the encryption algorithm;2)CKifor the fixed key, the value method is as follows:let cki,jIs a fixed key CKiI.e., the jth byte (i-0, 1, …, 47; j-0, 1), i.e., the byte (i-0, 1, …, 47) of (1)Ck is theni,j=(4i+j)×7(mod 256)。
(2) Packet length/key length 128/256Encryption and decryption128 bits before the key are recorded as
If the encryption key is represented by bytes as (d)0,d1,…,d15) Then, thenMK0=(d0,d1),MK1=(d2,d3),MK2=(d4,d5),MK3=(d6,d7),MK4=(d8,d9),MK5=(d10,d11),MK6=(d12,d13),MK7=(d14,d15).Order toThe subkey is
The subkey generation is as follows:
firstly, the method
Then, let W be 0, 1, 2, …, 23 for ii(i-0, 1, …, 23) is Ki+7The last 4 bits of (b) correspond to integers:if WiWhen the value is equal to 0, then
If Wi1, then
If WiWhen 2, then
If WiWhen being equal to 3, then
If WiWhen the value is 4, then
If WiWhen the value is 5, then
If WiWhen the value is 6, then
If WiWhen being equal to 7, then
If WiWhen it is equal to 8, then
If WiWhen the result is 9, then
If WiWhen the value is 10, then
If WiWhen it is equal to 11, then
If WiWhen the value is 12, then
If WiWhen it is 13, then
If WiWhen the value is 14, then
If Wi15, then
Description of the drawings:1) the T' transformation is the same as T in the round function of the encryption algorithm;2)CKifor the fixed key, the value method is as follows:let cki,jIs a fixed key CKiI.e., the jth byte (i-0, 1, …, 23; j-0, 1), i.e., the byte (i-0, 1) of (1, …, 23)Ck is theni,j=(4i+j)×7(mod 256)。
The key expansion method of the rear 128 bits of the encryption key is the same as that of the front 128 bits, and the round key expanded by the front 128 bits is used as the round key in the 1, 2, … and 24 rounds, and the round key expanded by the rear 128 bits is used as the round key in the 25, 26, … and 48 rounds.(3) Packet length/key length 256/256The encryption key is recorded as
If the encryption key is represented by bytes as (d)0,d1,…,d31) Then, thenMK0=(d0,d1,d2,d3),MK1=(d4,d5,d6,d7),MK2=(d8,d9,d10,d11),MK3=(d12,d13,d14,d15),MK4=(d16,d17,d18,d19),MK5=(d20,d21,d22,d23),MK6=(d24,d25,d26,d27),MK7=(d28,d29,d30,d31).Order toThe subkey is
The subkey generation is as follows: firstly, the method
Then, for i equal to 0, 1, 2, …, 31, let Wi(i-0, 1, …, 31) is Ki+7The last 4 bits of (b) correspond to integers:if WiWhen the value is equal to 0, then
If Wi1, then
If WiWhen 2, then
If WiWhen being equal to 3, then
If WiWhen the value is 4, then
If WiWhen the value is 5, then
If WiWhen the value is 6, then
If WiWhen being equal to 7, then
If WiWhen it is equal to 8, then
If WiWhen the result is 9, then
If WiWhen the value is 10, then
If WiWhen it is equal to 11, then
If WiWhen the value is 12, then
If WiWhen it is 13, then
If WiWhen the value is 14, then
If Wi15, then
Description of the drawings:1) the T' transformation is the same as T in the round function of the encryption algorithm;2)CKifor the fixed key, the value method is as follows:let cki,jIs a fixed key CKiThe jth byte of (i ═ 0, 1, …, 31; j ═ 0, 1)I.e. byCk is theni,j=(4i+j)×7(mod 256)。
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910225576.0A CN111740816B (en) | 2019-03-25 | 2019-03-25 | BWGCF block cipher algorithm realizing method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910225576.0A CN111740816B (en) | 2019-03-25 | 2019-03-25 | BWGCF block cipher algorithm realizing method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111740816A true CN111740816A (en) | 2020-10-02 |
| CN111740816B CN111740816B (en) | 2023-03-31 |
Family
ID=72645837
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910225576.0A Active CN111740816B (en) | 2019-03-25 | 2019-03-25 | BWGCF block cipher algorithm realizing method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111740816B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1993922A (en) * | 2004-07-30 | 2007-07-04 | 英特尔公司 | Stream cipher combining system and method |
| CN101826959A (en) * | 2010-05-14 | 2010-09-08 | 中国科学院软件研究所 | Byte-oriented key stream generation method and encryption method |
| CN101938351A (en) * | 2010-09-16 | 2011-01-05 | 北京航空航天大学 | Key expanding method for encrypting block cipher |
| US20110116627A1 (en) * | 2009-11-15 | 2011-05-19 | Ante Deng | Fast Key-changing Hardware Apparatus for AES Block Cipher |
| CN107623568A (en) * | 2016-07-15 | 2018-01-23 | 青岛博文广成信息安全技术有限公司 | SM4 whitepack algorithms based on the S boxes for relying on key |
-
2019
- 2019-03-25 CN CN201910225576.0A patent/CN111740816B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1993922A (en) * | 2004-07-30 | 2007-07-04 | 英特尔公司 | Stream cipher combining system and method |
| US20110116627A1 (en) * | 2009-11-15 | 2011-05-19 | Ante Deng | Fast Key-changing Hardware Apparatus for AES Block Cipher |
| CN101826959A (en) * | 2010-05-14 | 2010-09-08 | 中国科学院软件研究所 | Byte-oriented key stream generation method and encryption method |
| CN101938351A (en) * | 2010-09-16 | 2011-01-05 | 北京航空航天大学 | Key expanding method for encrypting block cipher |
| CN107623568A (en) * | 2016-07-15 | 2018-01-23 | 青岛博文广成信息安全技术有限公司 | SM4 whitepack algorithms based on the S boxes for relying on key |
Non-Patent Citations (1)
| Title |
|---|
| 杨笑等: "BOMM算法的密码学性质", 《软件学报》 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111740816B (en) | 2023-03-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US5745577A (en) | Symmetric cryptographic system for data encryption | |
| Kwon et al. | New block cipher: ARIA | |
| Liu et al. | Analysis of the SMS4 block cipher | |
| Lim | CRYPTON: A new 128-bit block cipher | |
| Diffie et al. | SMS4 encryption algorithm for wireless networks | |
| US6804355B1 (en) | Block cipher for small selectable block sizes | |
| Verma et al. | Performance analysis of RC6, Twofish and Rijndael block cipher algorithms | |
| Mendel et al. | Improved cryptanalysis of the reduced Grøstl compression function, ECHO permutation and AES block cipher | |
| Stallings | The advanced encryption standard | |
| Nakahara Jr et al. | A New Involutory MDS Matrix for the AES. | |
| JP2004502965A (en) | Replacement box for symmetric key cryptography | |
| Youssef et al. | A new class of substitution-permutation networks | |
| Gnatyuk et al. | High-Performance Reliable Block Encryption Algorithms Secured against Linear and Differential Cryptanalytic Attacks. | |
| Shivkumar et al. | Performance Comparison of Advanced Encryption Standard (AES) and AES key dependent S-box-Simulation using MATLAB | |
| Niemiec et al. | A new symmetric block cipher based on key-dependent S-boxes | |
| CN101938351A (en) | Key expanding method for encrypting block cipher | |
| CN111245598A (en) | Method for realizing lightweight AEROGEL block cipher | |
| Gehlot et al. | Implementation of Modified Twofish Algorithm using 128 and 192-bit keys on VHDL | |
| Abd-ElGhafar et al. | Generation of AES key dependent S-boxes using RC4 algorithm | |
| Stoianov | One approach of using key-dependent S-BOXes in AES | |
| Jingmei et al. | One AES S-box to increase complexity and its cryptanalysis | |
| CN111740816B (en) | BWGCF block cipher algorithm realizing method | |
| CN116707877A (en) | Data encryption method and system based on improved AES algorithm | |
| CN110532763B (en) | Password construction method and system based on high-order orthomorphism replacement | |
| Biyashev et al. | Development and analysis of the encryption algorithm in nonpositional polynomial notations |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |