CN103051442A - Cipher device adopting Feistel-PG structure and encryption method - Google Patents
Cipher device adopting Feistel-PG structure and encryption method Download PDFInfo
- Publication number
- CN103051442A CN103051442A CN2012105014143A CN201210501414A CN103051442A CN 103051442 A CN103051442 A CN 103051442A CN 2012105014143 A CN2012105014143 A CN 2012105014143A CN 201210501414 A CN201210501414 A CN 201210501414A CN 103051442 A CN103051442 A CN 103051442A
- Authority
- CN
- China
- Prior art keywords
- input
- bit
- transformation
- nonlinear transformation
- output
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a cipher device adopting a Feistel-PG structure and an encryption method. The Feistel-PG structure consists of a round function F, the round function F maps a t*k*m bit string into a t*k*m bit string, the input X is mapped into U through linear conversion P and nonlinear conversion G, the linear conversion P is displacement based on the t*k*m bit string and is the position conversion of t*m k bit characters, the nonlinear conversion G is concatenation of t nonlinear conversions based on t*k bit string, the nonlinear conversion T is nonlinear conversion based on k*m bit string, and T converts (um-1 to u1, u0) into A (S(um-1 to u1, u0)) through S box layer and linear conversion A, wherein the S box layer is formed by m k*k s boxes through concatenation, and the linear conversion A is linear conversion based on k*m bit string. The encryption method adopting the Feistel-PG encryption structure comprises round key addition, linear conversion P and nonlinear conversion G, the output of plaintext W after the r-round iteration is used as ciphertext. Through the device and the method provided by the invention, the cipher algorithm design is more flexible, and in addition, lower realization cost can be realized at the same security intensity.
Description
Technical field
The present invention proposes a kind of encryption apparatus and encryption method of the Feistel-PG of employing cryptographic structure, can be applicable to design the cryptographic algorithm under the various parameters, can be so that the design of cryptographic algorithm be more flexible, and can under equal security intensity, have lower realization cost, belong to communication technical field.
Background technology
The design of cryptographic algorithm is the focus of cryptography research always, and its design all is based on obscuring of Shannon proposition and spreads principle.Obscure principle: make the statistical relationship between ciphertext and the key complicated, so that utilize ciphertext can't obtain the statistical nature of key.Diffusion principle: incite somebody to action statistical spread expressly in ciphertext, so that the ciphertext of each bit is relevant with some bits expressly.The core of cryptographic algorithm design is the structure of algorithm, the structures shape of algorithm algorithm integral body Cryptographic Properties and realize performance.The structure of at present common block cipher has SP structure, Feistel structure and broad sense Feistel structure etc.
The SP structure adds, obscures layer by key and diffusion layer three parts form.Usually, obscure layer and be made of some S box juxtapositions, the S box must be dijection, and key adds and refers to take turns sub-key and xor operation is done in wheel input.The encryption and decryption character of cryptographic algorithm require the SP structure obscure layer and diffusion layer is necessary reversible, this algorithm to design SP structure has proposed a basic requirement, simultaneously, the input length of SP structure round function is identical with the input length of algorithm integral body, the round function relative complex.The Advanced Encryption Standard aes algorithm is exactly the Typical Representative that adopts the SP structure.
The Feistel structure is block cipher another one structure commonly used, as shown in Figure 1, its use remain InvAddRoundKey, S box layer and displacement layer, two equal parts about only the Feistel structure is divided into the input of algorithm, the input length of round function only has half of the whole input of algorithm length, simultaneously because the invertibity of Feistel structure causes round function not need reversible deciphering that also can implementation algorithm.So the advantage of Feistel structure is to utilize the whole reversible function of irreversible construction of function.The structure of Feistel round function is
The DES Cipher algorithm is exactly the Typical Representative that adopts the Feistel structure.
Broad sense Feistel structure (GFS) is that some are out of shape resulting structure in that carry out on the basis of Feistel structure, common are GFS Type-1 (such as Fig. 2) and GFS Type-2 (such as Fig. 3), these two kinds of broad sense Feistel structures all are divided into 4 parts with the input of algorithm, the every wheel of GFS Type-1 only has a round function, and GFS Type-2 is every to have taken turns two round functions.
Except fail safe, the primary goal of cryptographic algorithm design is that hardware realizes that the area that takies is little and implementation efficiency is high.At present algorithm is realized not being only required on 8,32,64 bit processors good realization performance, also requires to have simultaneously good hardware implementation efficiency.Present existing algorithm structure can not satisfy these requirements simultaneously, and this has brought very large challenge to algorithm designer.The present invention is referred to as " existing structure " with these existing algorithm structures, the present invention has namely provided a kind of Feistel-PG cryptographic structure and encryption method, the cryptographic structure flexibility that the present invention proposes is large, with respect to " existing structure ", its software and hardware implementation efficiency all improves a lot under the condition of equal safety.The present invention provides a good design alternative for algorithm designer.
Summary of the invention
Can't satisfy the present situation of all requirements of present algorithm design for " existing structure ", according to the cryptographic algorithm fail safe with realize the demand of cost, the object of the present invention is to provide a kind of encryption apparatus and encryption method of the Feistel-PG of employing cryptographic structure.The present invention has used a byte replacement operator P without any cost on the basis of Feistel structure, reduced the realization cost of algorithm in the safety limit of greatly improving algorithm.Flexible design of the present invention selects to have corresponding round function corresponding with it for different parameters simultaneously, and the Feistel-PG cryptographic structure that the present invention proposes can be constructed the multiple safe and low cryptographic algorithm of realization cost.
Technical scheme of the present invention is:
A kind of encryption apparatus comprises that one adopts the processor of Feistel-PG cryptographic structure,
Described Feistel-PG cryptographic structure is made of round function F, and described round function F will input X and be mapped as U through linear transformation P and nonlinear transformation G, i.e. X → U, wherein U=G (P (X)) and input X and output U are the string of t * k * m bit, t wherein, k, m is positive integer;
Described linear transformation P is based on the displacement of t * k * m Bit String, is the evolution of t * m k Bit String;
Described nonlinear transformation G is based on the juxtaposition of t nonlinear transformation T of k * m Bit String;
Described nonlinear transformation T is based on the nonlinear transformation of k * m Bit String, and nonlinear transformation T is with (u
M-1..., u
1, u
0) become A (S (u through S box layer and linear transformation A
M-1..., u
1, u
0)), i.e. (u
M-1..., u
1, u
0) → A (S (u
M-1..., u
1, u
0)), wherein S box layer is that s box juxtaposition by m k * k forms, linear transformation A is based on the linear transformation of k * m Bit String.
A kind of r wheel encryption method that adopts above-mentioned encryption apparatus comprises InvAddRoundKey, linear transformation P and nonlinear transformation G, and the specific implementation step is as follows:
1) the input M that each is taken turns is divided into two parts, is designated as respectively left half L and right half R, and wherein M is the string of 2 * t * k * m bit, and L and R are the string of t * k * m bit;
2) half L in a left side and the round key RK of input
i, (1≤i≤r) carry out XOR, the output after the XOR is as the input of linear transformation P;
3) output of linear transformation P is as the input of nonlinear transformation G;
4) nonlinear transformation G is divided into t part with input, and each part all has k * m bit, and each part enters respectively among t the identical nonlinear transformation T;
5) each nonlinear transformation T is divided into m part with the k * m bit of input, and each part enters respectively the individual identical s box of m, and wherein the s box is that k enters the displacement that k goes out;
6) k of m s box output * m bit is as the input of linear transformation A;
7) output of each linear transformation A is as the output of each nonlinear transformation T;
8) juxtaposition of the output of t nonlinear transformation T is as the output of nonlinear transformation G;
9) XOR of half R in the right side of the output of nonlinear transformation G and input is as half on the left side of next round input, and half L in the left side of input is as half on the right side of next round input;
10) such as step 1) to 9) as described in be rounds of functions, will input expressly W and be output as ciphertext after through round function iteration r wheel.
Particularly, Feistel-PG structure proposed by the invention is chosen according to the difference of t, m, k can consist of different round functions, and for different linear transformation P, also can consist of different round functions.Therefore Feistel-PG cryptographic structure proposed by the invention is chosen for different parameters and can be consisted of different round functions.This provides multiple choices to algorithm designer.Simultaneously, Feistel-PG cryptographic structure proposed by the invention not only has good realization performance, and has good hardware implementation efficiency 8,32,64 bit processors.
Compared with prior art, good effect of the present invention is:
(1) the cryptographic structure flexibility of the present invention's proposition is large, all improves a lot with respect to its software and hardware implementation efficiency of existing structure under the condition of equal safety.The present invention has used a byte replacement operator without any cost on the basis of Feistel structure
In the safety limit of greatly improving algorithm, reduced the realization cost of algorithm.Flexible design of the present invention selects to have corresponding round function corresponding with it for different parameters simultaneously, and the Feistel-PG cryptographic structure that the present invention proposes can be constructed the multiple safe and low cryptographic algorithm of realization cost.
(2) Feistel-PG structure proposed by the invention is chosen according to the difference of t and can be consisted of different round functions, and for different linear transformation P, also can consist of different round functions.Therefore Feistel-PG structure proposed by the invention is chosen for different parameters and can be consisted of different round functions, and this provides multiple choices to the designer.
(3) the present invention proposes a kind of Feistel-PG cryptographic structure and implementation method, this structure has enough Safety Redundancies, and it not only has good realization performance, and have good hardware implementation efficiency 8,32,64 bit processors.
(4) Feistel-PG structure of the present invention has the advantage of Feistel structure and GFS Type-2 structure simultaneously, encryption and decryption is similar, t T function can parallel processing, being suitable for high performance hardware realizes, and the scale of T to compare the round function of Feistel structure little, be conducive to that software is realized and the resource constrained environment realization.And compare with GFS Type-2 structure, this structure preferably on 64 bit processors software realize.In addition, because Feistel structure and GFS Type-2 structure have the slow defective of diffusivity, usually need more iteration wheel number to reach demand for security.When software was realized GFS Type-2 structure encryption and decryption on 64 bit processors simultaneously, except the operation of round function, the every wheel needed 1 cyclic shift.In order to remedy the shortcoming of GFS Type-2 structure, the Feistel-PG structure has increased operation P conversion, and P is defined as the word transposition, and the size of word is consistent with the scale of S box, and therefore, the P conversion does not increase extra software and hardware and realizes cost.The fail safe that affect structure is understood in choosing of P, and the designer can choose suitable P conversion through simple test.Compare with GFS Type-2 structure with the Feistel structure, the diffusion of Feistel-PG structure is faster, fail safe is higher.
Difference/linearity that table 1 has provided Feistel structure, GFS Type-2 and Feistel-PG structure is enlivened S box number, and (it is more to enliven S box number with the variation of wheel number, algorithm more can be resisted difference/linear analysis), as shown in Table 1, the diffusivity of Feistel-PG is the fastest, so its ability that opposing difference/linearity is attacked can significantly strengthen.
Table 1:Feistel structure, GFS Type-2 and Feistel-PG structure difference/linearity are enlivened S box number
| The wheel number | Feistel | GFS?Type-2 | Feistel-PG(t=2) |
| 1 | 0 | 0 | 0 |
| 2 | 1 | 1 | 1 |
| 3 | 2 | 2 | 2 |
| 4 | 5 | 6 | 6 |
| 5 | 6 | 8 | 10 |
| 6 | 7 | 12 | 12 |
| 7 | 8 | 12 | 14 |
| 8 | 11 | 13 | 16 |
| 9 | 12 | 14 | 17 |
| 10 | 13 | 18 | 21 |
| 11 | 14 | 20 | 23 |
| 12 | 17 | 24 | 26 |
| 13 | 18 | 24 | 28 |
| 14 | 19 | 25 | 30 |
| 15 | 20 | 26 | 32 |
| 16 | 23 | 30 | 35 |
| 17 | 24 | 32 | 38 |
| 18 | 25 | 36 | 41 |
| 19 | 26 | 36 | 43 |
| 20 | 29 | 37 | 44 |
(5) emphasis in the Feistel-PG structure proposed by the invention is to have introduced the P conversion, this conversion is based on the word transposition, not only do not increase software and hardware and realize cost, and for difference and the linear lower bound that enlivens S box number obvious improvement is arranged, this is so that this structure can obtain higher safety limit under identical realization cost, that is to say, the Feistel-PG structure can only take less realization cost with respect to prior art under identical safety limit, for the designer provides a good design alternative.
Description of drawings
Fig. 1 is the Feistel structure chart.
Fig. 2 is GFS Type-1 structure chart.
Fig. 3 is GFS Type-2 structure chart.
Fig. 4 is the schematic diagram of 64 processor adopting Feistel-PG cryptographic structure among the embodiment.
Fig. 5 is according to the cryptographic algorithm schematic diagram of Feistel-PG structural design among the embodiment.
Fig. 6 is the structural representation of encryption apparatus among the embodiment.
Embodiment
Below by specific embodiment, and cooperate accompanying drawing, the present invention is described in detail.
Present embodiment encryption apparatus adopt 64 bit processors, the formation of the Feistel-PG cryptographic structure of this processor adopting as shown in Figure 4, wherein (a) schemes Feistel-PG cryptographic structure schematic diagram, and (b) figure is the processor process chart, is described as follows:
Round function F is mapped as the string of a t * k * m bit the string (t wherein of a t * k * m bit, k, m is positive integer, such as t=4, and k=4, m=4 or t=6, k=8, m=4), the input X of round function is mapped as U through linear transformation P and nonlinear transformation G, namely X → U, wherein U=G (P (X));
Linear transformation P is based on the displacement of t * k * m Bit String, is the evolution of t * m k Bit String;
Nonlinear transformation G is based on the juxtaposition of t nonlinear transformation T of k * m Bit String;
Nonlinear transformation T is based on the nonlinear transformation of k * m Bit String, and nonlinear transformation T is with (u
M-1..., u
1, u
0) through becoming A (S (u behind S box layer and the linear transformation A
M-1..., u
1, u
0)), (u namely
M-1..., u
1, u
0) → A (S (u
M-1..., u
1, u
0)), wherein S box layer is that s box juxtaposition by m k * k forms, linear transformation A is based on the linear transformation of k * m Bit String.
Linear transformation P is chosen for: P is the word Transposition Transform, and different P consists of the different round functions (total (t * m) of conversion P! Individual).
Choose the different round function of formation according to the difference of t, m, k.
Choose the different cryptographic algorithm of formation for different t, m, k and linear transformation P.
The encryption method of present embodiment is as follows:
Step 1: select a k as the scale (as choosing then k=4 of 4 bit s boxes) of algorithm s box.
Step 2: obtain the scale of linear transformation P according to block length n, because the input length of algorithm round function only has the whole input of algorithm length half, so
Obtain accordingly the scale of linear transformation P, P is the evolution of t * m k bit words.Select a linear transformation P (total (t * m) of conversion P! Individual).
Step 3: select a t, so that t nonlinear transformation T (as choosing t=2 or 3 or 4) arranged among the nonlinear transformation G.
Step 4: nonlinear transformation T is based on the nonlinear transformation of k * m Bit String, is comprised of S box layer and linear transformation A, and S box layer is that the s box juxtaposition by m k * k forms, and linear transformation A is based on the linear transformation of k * m Bit String.
Step 5: select a linear transformation based on k * m Bit String as linear transformation A.
Step 6: each input M that takes turns is divided into two parts, is designated as respectively left half L and right half R, namely X is propped up on the left side shown in Fig. 4 (b)
1Prop up X with the right side
0, wherein M is the string of 2 * t * k * m bit, and L and R are the string of t * k * m bit;
Step 7: half L in the left side that will input and wheel sub-key RK
i, (1≤i≤r) carry out XOR, output is as the input of linear transformation P after the XOR, and the output of linear transformation P is as the input of nonlinear transformation G;
Step 8: nonlinear transformation G is divided into t part with input, and each part has k * m bit, and each part enters respectively among t the identical nonlinear transformation T.
Step 9: each nonlinear transformation T is divided into m part with the k * m bit of input, and each part enters respectively identical m s box, and wherein the s box is that k enters the displacement that k goes out.
The k of Step 10:m s box output * m bit is as the input of linear transformation A, and the output of each linear transformation A is as the output of each nonlinear transformation T, and the output of t nonlinear transformation T is as the output of nonlinear transformation G;
Step 11: half XOR in the output of nonlinear transformation G and the right side of input be as half on the left side of next round input, and the Zuo Banzhi of input is as half on the right side of next round input.
Step 12: be rounds of functions as described in Step 6 to Step 11, will inputting expressly, W is output as ciphertext after taking turns through round function iteration r.
Have the input of three places in the above-mentioned steps, wherein X is the input of round function, and length is t * k * m; M is each input of taking turns, and length is 2 * t * k * m, and each is taken turns input and all changes; W is expressly input, and length is 2 * t * k * m.
The below provides a concrete cryptographic algorithm according to Feistel-PG cryptographic structure of the present invention and encryption method design.
Fig. 5 is the schematic diagram of this specific algorithm, and wherein (a) figure is the schematic diagram of round function, and (b) figure is the schematic diagram of cryptographic algorithm, "/n " expression n bit.It should be noted that Fig. 4 a is the general block diagram of Feistel-PG structure shown in the present, the number of round function T can be t arbitrarily; Fig. 5 is a concrete scheme that provides according to this structure, and the number of wherein having determined round function T is 2.Fig. 6 is the structural representation of the encryption apparatus of this cryptographic algorithm of employing, wherein "<<<a " expression ring shift left a bit, " [i:j] " expression i bit is to the j bit.Do specific description below in conjunction with Fig. 5 and Fig. 6:
Step 1: select a s box that the input and output scale is 8 bits, shown in Fig. 5 (a).
Step 2: choosing block length is 128 bits, and then the input X of round function is 64 bits (as shown in Figure 6 left registers), so t * m=64/8=8, namely the scale of linear transformation P is the evolution of 88 bit words.P is shown in Fig. 5 (a):
P:{0,1}
64→{0,1}
64
Y=(y
7,y
6,y
5,y
4,y
3,y
2,y
1,y
0)→Z=(z
7,z
6,z
5,z
4,z
3,z
2,z
1,z
0)
z
7=y
6,z
6=y
5,z
5=y
3,z
4=y
1,
z
3=y
4,z
2=y
7,z
1=y
0,z
0=y
2.
P among its specific implementation device such as Fig. 6
1Shown in.
Step 3: shown in Fig. 5 (b), select t=2, so that 2 nonlinear transformation T are arranged among the nonlinear transformation G.
Step 4: shown in Fig. 5 (a), nonlinear transformation T is based on the nonlinear transformation of 32 Bit Strings, is comprised of S box layer and linear transformation A, and S box layer is to be formed by 48 * 8 s box juxtaposition, and linear transformation A is based on the linear transformation of 32 Bit Strings.
Step 5: shown in Fig. 5 (a), select the linear transformation based on 32 Bit Strings as follows as linear transformation A:
Its equipment specific implementation device is shown in Fig. 6 left-half.
Step 6: each input M that takes turns is divided into two parts, be designated as respectively left half L (shown in the left register of Fig. 6) and right half R (shown in the right register of Fig. 6), wherein M is the string of 128 bits, and L and R are the string of 64 bits, shown in Fig. 5 (b), X wherein
0~ X
33For propping up or right K in the left side of each input of taking turns
1~ K
32Be each sub-key of taking turns;
Step 7: shown in Fig. 5 (b), with half L in a left side and the wheel sub-key RK of input
iWherein (1≤i≤r) carry out XOR, output is as the input of linear transformation P after the XOR, and the output of linear transformation P is as the input of nonlinear transformation G;
Step 7: shown in Fig. 5 (a), nonlinear transformation G is divided into 2 parts with input, and each part has 32 bits, and each part enters respectively among 2 identical nonlinear transformation T.
Step 8: shown in Fig. 5 (a), 32 bits that each nonlinear transformation T will input are divided into 4 parts, and each part enters respectively 4 identical s boxes, and wherein the s box is 8 to enter 8 displacements that go out.
Step 9: shown in Fig. 5 (a), 32 bits of 4 s box outputs are as the input of linear transformation A, and the output of each linear transformation A is as the output of each nonlinear transformation T, and the output of 2 nonlinear transformation T is as the output of nonlinear transformation G;
Step 10: shown in Fig. 5 (b), half XOR in the output of nonlinear transformation G and the right side of input be as half on the left side of next round input, and the Zuo Banzhi of input is as half on the right side of next round input.
Step 11: be rounds of functions as described in Step 6 to Step 10, will inputting expressly, X is output as ciphertext after taking turns (control each and take turns the input and output of iteration shown in d type flip flop among Fig. 6) through round function iteration 32.
Find according to above step, the parameter of Feistel-PG structure proposed by the invention is selected very flexible, provide a lot of selections to the designer, so that the present invention is more flexible than existing structure, and the Feistel-PG structure has lower realization cost when satisfying the security intensity of cryptographic algorithm.
Above embodiment is only in order to technical scheme of the present invention to be described but not limit it; those of ordinary skill in the art can make amendment or is equal to replacement technical scheme of the present invention; and not breaking away from the spirit and scope of the present invention, protection scope of the present invention should be as the criterion so that claim is described.
Claims (10)
1. encryption apparatus is characterized in that: comprise that one adopts the processor of Feistel-PG cryptographic structure,
Described Feistel-PG cryptographic structure is made of round function F, and described round function F will input X and be mapped as U through linear transformation P and nonlinear transformation G, i.e. X → U, wherein U=G (P (X)) and input X and output U are the string of t * k * m bit, t wherein, k, m is positive integer;
Described linear transformation P is based on the displacement of t * k * m Bit String, is the evolution of t * m k Bit String;
Described nonlinear transformation G is based on the juxtaposition of t nonlinear transformation T of k * m Bit String;
Described nonlinear transformation T is based on the nonlinear transformation of k * m Bit String, and nonlinear transformation T is with (u
M-1..., u
1, u
0) become A (S (u through S box layer and linear transformation A
M-1..., u
1, u
0)), i.e. (u
M-1..., u
1, u
0) → A (S (u
M-1..., u
1, u
0)), wherein S box layer is that s box juxtaposition by m k * k forms, linear transformation A is based on the linear transformation of k * m Bit String.
2. encryption apparatus as claimed in claim 1 is characterized in that: described processor is a kind of among 8,32,64 bit processors.
3. encryption apparatus as claimed in claim 1, it is characterized in that: described displacement P is the Transposition Transform of t * m k Bit String, and different P consists of different round functions.
4. encryption apparatus as claimed in claim 1 is characterized in that: choose the different round function of formation according to the difference of t, m, k.
5. encryption apparatus as claimed in claim 1 is characterized in that: choose different t, m, k and linear transformation P and consist of different round functions.
6. encryption method of taking the described encryption apparatus of claim 1, it is characterized in that: comprise InvAddRoundKey, linear transformation P and nonlinear transformation G, the step of the method comprises:
1) the input M that each is taken turns is divided into two parts, is designated as respectively left half L and right half R, and wherein M is the string of 2 * t * k * m bit, and L and R are the string of t * k * m bit;
2) half L in a left side and the round key RK of input
i, (1≤i≤r) carry out XOR, the output after the XOR is as the input of linear transformation P;
3) output of linear transformation P is as the input of nonlinear transformation G;
4) nonlinear transformation G is divided into t part with input, and each part all has k * m bit, and each part enters respectively among t the identical nonlinear transformation T;
5) each nonlinear transformation T is divided into m part with the k * m bit of input, and each part enters respectively the individual identical s box of m, and wherein the s box is that k enters the displacement that k goes out;
6) k of m s box output * m bit is as the input of linear transformation A;
7) output of each linear transformation A is as the output of each nonlinear transformation T;
8) juxtaposition of the output of t nonlinear transformation T is as the output of nonlinear transformation G;
9) XOR of half R in the right side of the output of nonlinear transformation G and input is as half on the left side of next round input, and half L in the left side of input is as half on the right side of next round input;
10) such as step 1) to 9) as described in be rounds of functions, will input expressly W and be output as ciphertext after through round function iteration r wheel.
7. encryption method as claimed in claim 6 is characterized in that: described processor is a kind of among 8,32,64 bit processors.
8. encryption method as claimed in claim 6, it is characterized in that: described displacement P is the Transposition Transform of t * m k Bit String, and different P consists of different round functions.
9. encryption method as claimed in claim 6 is characterized in that: choose the different round function of formation according to the difference of t, m, k.
10. encryption method as claimed in claim 6 is characterized in that: choose different t, m, k and linear transformation P and consist of different round functions.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210501414.3A CN103051442B (en) | 2012-10-16 | 2012-11-29 | Cipher device adopting Feistel-PG structure and encryption method |
Applications Claiming Priority (4)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012103936673 | 2012-10-16 | ||
| CN201210393667 | 2012-10-16 | ||
| CN201210393667.3 | 2012-10-16 | ||
| CN201210501414.3A CN103051442B (en) | 2012-10-16 | 2012-11-29 | Cipher device adopting Feistel-PG structure and encryption method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103051442A true CN103051442A (en) | 2013-04-17 |
| CN103051442B CN103051442B (en) | 2015-06-10 |
Family
ID=48063951
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210501414.3A Expired - Fee Related CN103051442B (en) | 2012-10-16 | 2012-11-29 | Cipher device adopting Feistel-PG structure and encryption method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103051442B (en) |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103427986A (en) * | 2013-08-22 | 2013-12-04 | 中国科学院信息工程研究所 | Method for acquiring lower bound of number of active S boxes in block ciphers |
| CN103905186A (en) * | 2014-02-26 | 2014-07-02 | 苏州朗格智能配用电系统有限公司 | Encrypting method |
| CN104410490A (en) * | 2014-12-16 | 2015-03-11 | 桂林电子科技大学 | Method for protecting cryptographic S-box (substitution-box) through nonlinear extrusion |
| CN104917610A (en) * | 2015-06-15 | 2015-09-16 | 上海交通大学 | Communication relay server safety system and method based on quantum true random number |
| CN105324956A (en) * | 2013-06-27 | 2016-02-10 | 高通股份有限公司 | Method and apparatus to encrypt plaintext data |
| CN106888080A (en) * | 2015-11-25 | 2017-06-23 | 恩智浦有限公司 | Protection whitepack feistel network implementations are in case fault analysis |
| CN107070630A (en) * | 2017-01-17 | 2017-08-18 | 中国科学院信息工程研究所 | A kind of fast and safely hardware configuration of aes algorithm |
| CN108449171A (en) * | 2018-02-09 | 2018-08-24 | 中国科学院软件研究所 | A kind of lightweight hash cryptographic summary generation method |
| CN111756521A (en) * | 2020-06-25 | 2020-10-09 | 桂林电子科技大学 | Cipher S box design method based on Feistel-SP structure |
| US20210194695A1 (en) * | 2019-12-20 | 2021-06-24 | Micro Focus Llc | Table-Based Hash Function |
| CN113783684A (en) * | 2021-09-15 | 2021-12-10 | 桂林电子科技大学 | 16-bit S box construction method based on NFSR and Feistel structures |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR19990048318A (en) * | 1997-12-09 | 1999-07-05 | 윤종용 | Fast block cipher algorithm |
| US6185304B1 (en) * | 1998-02-23 | 2001-02-06 | International Business Machines Corporation | Method and apparatus for a symmetric block cipher using multiple stages |
| US20020021801A1 (en) * | 2000-07-13 | 2002-02-21 | Takeshi Shimoyama | Computing apparatus using an SPN structure in an F function and a computation method thereof |
| CN101764686A (en) * | 2010-01-11 | 2010-06-30 | 石家庄开发区冀科双实科技有限公司 | Encryption method for network and information security |
| CN101923802A (en) * | 2009-06-12 | 2010-12-22 | 中国科学院数据与通信保护研究教育中心 | Sequential cipher realization method and device |
| CN102355348A (en) * | 2011-06-28 | 2012-02-15 | 中国人民解放军国防科学技术大学 | Fault-tolerant data encryption standard (DES) algorithm accelerator |
-
2012
- 2012-11-29 CN CN201210501414.3A patent/CN103051442B/en not_active Expired - Fee Related
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR19990048318A (en) * | 1997-12-09 | 1999-07-05 | 윤종용 | Fast block cipher algorithm |
| US6185304B1 (en) * | 1998-02-23 | 2001-02-06 | International Business Machines Corporation | Method and apparatus for a symmetric block cipher using multiple stages |
| US20020021801A1 (en) * | 2000-07-13 | 2002-02-21 | Takeshi Shimoyama | Computing apparatus using an SPN structure in an F function and a computation method thereof |
| CN101923802A (en) * | 2009-06-12 | 2010-12-22 | 中国科学院数据与通信保护研究教育中心 | Sequential cipher realization method and device |
| CN101764686A (en) * | 2010-01-11 | 2010-06-30 | 石家庄开发区冀科双实科技有限公司 | Encryption method for network and information security |
| CN102355348A (en) * | 2011-06-28 | 2012-02-15 | 中国人民解放军国防科学技术大学 | Fault-tolerant data encryption standard (DES) algorithm accelerator |
Non-Patent Citations (3)
| Title |
|---|
| 印晶: "《DES的分析和改进》", 《信息与电脑》, 31 July 2012 (2012-07-31) * |
| 吴文玲,张蕾: "《不可能差分密码分析研究进展》", 《系统科学与数学》, 30 August 2008 (2008-08-30) * |
| 樊同科: "《浅析分组密码_DES》", 《电脑知识与技术》, 30 November 2008 (2008-11-30) * |
Cited By (20)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105324956A (en) * | 2013-06-27 | 2016-02-10 | 高通股份有限公司 | Method and apparatus to encrypt plaintext data |
| CN105324956B (en) * | 2013-06-27 | 2019-02-01 | 高通股份有限公司 | The method and apparatus of encrypting plaintext data |
| CN103427986B (en) * | 2013-08-22 | 2016-08-24 | 中国科学院信息工程研究所 | Obtain the method that block cipher enlivens S box number lower bound |
| CN103427986A (en) * | 2013-08-22 | 2013-12-04 | 中国科学院信息工程研究所 | Method for acquiring lower bound of number of active S boxes in block ciphers |
| CN103905186A (en) * | 2014-02-26 | 2014-07-02 | 苏州朗格智能配用电系统有限公司 | Encrypting method |
| CN103905186B (en) * | 2014-02-26 | 2017-12-05 | 苏州朗格智能配用电系统有限公司 | A kind of encryption method |
| CN104410490A (en) * | 2014-12-16 | 2015-03-11 | 桂林电子科技大学 | Method for protecting cryptographic S-box (substitution-box) through nonlinear extrusion |
| CN104917610B (en) * | 2015-06-15 | 2018-03-06 | 上海交通大学 | Communication relay server security system and method based on quantum true random number |
| CN104917610A (en) * | 2015-06-15 | 2015-09-16 | 上海交通大学 | Communication relay server safety system and method based on quantum true random number |
| CN106888080B (en) * | 2015-11-25 | 2021-06-25 | 恩智浦有限公司 | Protecting white-box feistel network implementations from false attacks |
| CN106888080A (en) * | 2015-11-25 | 2017-06-23 | 恩智浦有限公司 | Protection whitepack feistel network implementations are in case fault analysis |
| CN107070630A (en) * | 2017-01-17 | 2017-08-18 | 中国科学院信息工程研究所 | A kind of fast and safely hardware configuration of aes algorithm |
| CN107070630B (en) * | 2017-01-17 | 2019-10-11 | 中国科学院信息工程研究所 | A kind of fast and safely hardware configuration of aes algorithm |
| CN108449171A (en) * | 2018-02-09 | 2018-08-24 | 中国科学院软件研究所 | A kind of lightweight hash cryptographic summary generation method |
| US20210194695A1 (en) * | 2019-12-20 | 2021-06-24 | Micro Focus Llc | Table-Based Hash Function |
| US11811938B2 (en) * | 2019-12-20 | 2023-11-07 | Micro Focus Llc | Tokenization of arbitrary data types |
| CN111756521A (en) * | 2020-06-25 | 2020-10-09 | 桂林电子科技大学 | Cipher S box design method based on Feistel-SP structure |
| CN111756521B (en) * | 2020-06-25 | 2022-05-27 | 桂林电子科技大学 | Cipher S box design method based on Feistel-SP structure |
| CN113783684A (en) * | 2021-09-15 | 2021-12-10 | 桂林电子科技大学 | 16-bit S box construction method based on NFSR and Feistel structures |
| CN113783684B (en) * | 2021-09-15 | 2023-07-18 | 桂林电子科技大学 | Construction method of 16-bit S box based on NFSR and Feistel structures |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103051442B (en) | 2015-06-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103051442A (en) | Cipher device adopting Feistel-PG structure and encryption method | |
| CN102025484B (en) | Block cipher encryption and decryption method | |
| CN1322697C (en) | Encryption apparatus based on block encryption type, its method and decoding device and method thereof | |
| CN107070630B (en) | A kind of fast and safely hardware configuration of aes algorithm | |
| CN104333446B (en) | A kind of novel ultra-light magnitude QTL block cipher implementation method | |
| CN104065474B (en) | Novel low-resource efficient lightweight Surge block cipher implementation method | |
| CN104639314A (en) | Device based on AES (advanced encryption standard) encryption/decryption algorithm and pipelining control method | |
| CN103503362B (en) | Data processing equipment, data processing method and program | |
| CN111431697B (en) | Novel method for realizing lightweight block cipher CORL | |
| CN101951314B (en) | Design method of S-box in symmetric password encryption | |
| CN106656459A (en) | Side channel energy analysis method and device for SM3-HMAC | |
| CN105959107A (en) | Novel and highly secure lightweight SFN block cipher implementation method | |
| CN107147487A (en) | The random block cipher of symmetric key | |
| CN104184579A (en) | Lightweight block cipher VH algorithm based on dual pseudo-random transformation | |
| CN105846814A (en) | Construction method of quantum logic circuit for aiming at multiplication operation in encryption technology field | |
| CN105916141B (en) | A kind of realization system and method for self synchronous Zu Chongzhi's enciphering and deciphering algorithm | |
| CN111245598B (en) | Method for realizing lightweight AEROGEL block cipher | |
| CN102404108B (en) | Novel fault attack method aiming at Advanced Encryption Standard (AES-128) algorithm | |
| CN105939190A (en) | AES data encryption method for offline key generation based on FPGA | |
| CN101826959B (en) | Byte-oriented key stream generation method and encryption method | |
| CN106982116A (en) | A kind of local file encryption method of the AES based on reversible logic circuits | |
| CN107171782B (en) | AES private log encryption method based on reversible logic circuit | |
| CN105959100A (en) | Field programmable gate array (FPGA)-based online generated key advanced encryption standard (AES) data encryption method | |
| CN108650072A (en) | It is a kind of to support a variety of symmetric cryptographic algorithm chips and its anti-attack circuit implementation method | |
| CN104320420A (en) | SCADA file encryption method based on AES algorithm |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20150610 Termination date: 20211129 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |