CN107707343A - The consistent SP network structure lightweight LBT block cipher implementation methods of encryption and decryption - Google Patents

The consistent SP network structure lightweight LBT block cipher implementation methods of encryption and decryption Download PDF

Info

Publication number
CN107707343A
CN107707343A CN201711093878.4A CN201711093878A CN107707343A CN 107707343 A CN107707343 A CN 107707343A CN 201711093878 A CN201711093878 A CN 201711093878A CN 107707343 A CN107707343 A CN 107707343A
Authority
CN
China
Prior art keywords
key
round
transformation
data
encryption
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201711093878.4A
Other languages
Chinese (zh)
Other versions
CN107707343B (en
Inventor
刘波涛
彭长根
吴睿雪
李雪松
丁红发
谢明明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guizhou University
Original Assignee
Guizhou University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guizhou University filed Critical Guizhou University
Priority to CN201711093878.4A priority Critical patent/CN107707343B/en
Publication of CN107707343A publication Critical patent/CN107707343A/en
Application granted granted Critical
Publication of CN107707343B publication Critical patent/CN107707343B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a kind of consistent SP network structure lightweight LBT block cipher implementation methods of encryption and decryption.The present invention devises a kind of consistent SP network cipher structures of encryption and decryption, the cryptography architecture is as Feistel network cipher structures, encryption and decryption are same algorithms, decipherment algorithm need not be specially designed, the clear data input direction that the structure is encrypted is identical with the ciphertext data input direction being decrypted.This cryptography architecture of design is embodied as a kind of lightweight LBT block ciphers, user selects different key length cryptographic algorithms according to application scenario demand.It is difficult the bottleneck of accomplishing that encryption and decryption is consistent to solve based on SP network structure passwords;So that the encryption of LBT passwords and decryption speed are fast, be advantageous to software and hardware realization, while reduce software and hardware resources, so as to be highly suitable as lightweight block cipher.

Description

SP network structure lightweight LBT block cipher realization method with consistent encryption and decryption
Technical Field
The invention relates to the technical field of data transmission safety, in particular to a method for realizing a lightweight LBT block cipher of an SP network structure with consistent encryption and decryption.
Background
The cryptosystem refers to a cryptoscheme for realizing encryption and decryption, and the encryption and the decryption usually occur in pairs, and the decryption is realized when the encryption is available. In a cryptosystem, a symmetric block cryptosystem algorithm has the advantages of high speed and high efficiency, is suitable for application scenes of large-batch data encryption, and is one of mainstream directions of modern cryptology. Among the block cipher algorithms, there are three cipher structures, the Feistel network structure, the SP network structure, and the Lai-Massey network structure. Of the three structures, the Feistel network structure and the SP network structure are the two most common cryptographic structures.
Feistel network architecture ciphers are well known for the issuance of DES cipher algorithms and are employed by many block cipher algorithms. For the Feistel network structure cipher, when an encryption algorithm is known, a decryption algorithm is also known. The decryption process of the Feistel network structure password is basically the same as the encryption process, the encryption process is to change a plaintext into a ciphertext, the decryption process is just opposite, the ciphertext is used as an input, and the sequence of using a password wheel key is just opposite to the encryption; this encryption and decryption implementation is called encryption and decryption consistency (or encryption and decryption similarity), which is also the most advantageous based on Feistel network structure cipher.
The SP (localization-dissemination) network architecture is designed directly according to the confusion and diffusion criteria proposed by Shanon. The substitution layer is a plurality of nonlinear transformations to realize the confusion criterion, and the displacement layer is a linear transformation to realize the diffusion criterion. The block cipher algorithms such as AES, safer and Shark adopt the structure, and are influenced by the AES cipher algorithm, and 13 of 17 block cipher candidate algorithms submitted in the European 21 st century cipher standard select the structure. In addition, an SP network structure is also often used in round function design of the Feistel structure. The block cipher of the SP network structure is favored by broad block cipher designers because the SP network structure can realize confusion and diffusion more quickly than the block cipher of the Feistel network structure. Because of the Feistel network structure password, only a part of the password is subjected to confusion and diffusion every time, so that each bit can be transformed through two rounds of transformation; the SP network structure password only needs one round, and all bits are changed. And it is relatively easy to analyze its security against differential analysis and linear analysis.
In recent years, the internet of things industry is getting bigger, and the information security problem of low-end embedded devices (also called resource-limited devices) of the internet of things is getting more and more, and the devices need a lightweight block cipher algorithm to protect the security of data. However, the research of lightweight block cipher algorithm becomes a research hotspot in the field of ciphers.
The current block and lightweight block cipher algorithm has the following problems: (1) The encryption and decryption implementation mode of the SP network structure-based password which is difficult to realize is consistent. This is particularly important in implementation; the encryption and decryption of the password can be consistent, so that a decryption algorithm does not need to be specially designed, the encryption and decryption speed is high, the software and hardware realization is facilitated, and the software and hardware resources are reduced, so that the password is suitable for being used as a lightweight block password. And (2) the security of the block cipher algorithm is not high. As computing power increases, many passwords are exposed to various security problems, particularly lightweight block passwords, mainly due to the somewhat slow obfuscation and diffusion speed of the cryptographic algorithms themselves.
Disclosure of Invention
The purpose of the invention is: the method for realizing the SP network structure lightweight LBT block cipher with consistent encryption and decryption can solve the bottleneck that the encryption and decryption are difficult to be consistent based on the SP network structure cipher; the problem of low security of the existing grouping and lightweight grouping cryptographic algorithm technology is solved.
The invention is realized by the following steps: the method for realizing the SP network structure lightweight LBT block cipher with consistent encryption and decryption comprises the following steps:
step 1: loading 64-bit plaintext or 64-bit ciphertext to a register to be used as data to be encrypted or decrypted, and performing encryption operation or decryption operation;
step 2: performing N rounds of iterative operation on the encryption operation or decryption operation data, and outputting a ciphertext or a plaintext; wherein, when the length of the key is 64 bits, the value of N is 25; when the key length is 80 bits, the value of N is 31; when the key length is 128 bits, N takes a value of 36;
the operation process of the encryption operation or the decryption iterative operation is specifically as follows:
if the data to be encrypted is input for encryption operation, sequentially performing round key addition transformation, S box replacement transformation, column mixing transformation, row mixing transformation and S box replacement transformation on the encrypted data in each round of operation from the first round to the Nth round, and taking the data obtained after the second S box replacement transformation in the round of operation as the data to be encrypted in the next round;
after N rounds of transformation, the data to be encrypted is subjected to round key addition transformation to complete encryption operation;
if the data to be decrypted is input for decryption operation, performing round key addition transformation, S box replacement transformation, column mixing transformation, row mixing transformation and S box replacement transformation on the decrypted data in each round of operation from the Nth round to the first round in sequence, and taking the data obtained after the second S box replacement transformation in the round of operation as the data to be decrypted in the next round;
after N rounds of transformation, the data to be decrypted is subjected to round key encryption transformation, and decryption operation is completed.
The generation of the subkey in the round key adding transformation is constructed and realized by the following key expansion operation method:
if the key length is 64 bits, the round key and the transformation sub-key of the first round of encryption are 64-bit original keys; if the key length is 80 bits, the round key plus transformation sub-key of the first round of encryption is the upper 64 bits of the 80-bit original key; if the key length is 128 bits, the round key plus transform subkey of the first round of encryption is the upper 64 bits of the 128-bit original key; in the key expansion operation, in the first round to the Nth round, the data to be subjected to key expansion is subjected to S-box replacement transformation, P replacement transformation, constant addition transformation and cyclic shift transformation in each round of operation in sequence, and the data obtained after cyclic shift transformation is used as the data to be subjected to key expansion and the key data of the next round; and in the encryption process, the sub-keys obtained by the first round of key expansion are used as the data of round key addition transformation in the second round of encryption and sequentially run, and the sub-keys obtained by the Nth round of key expansion are used as the data of round key addition transformation after N round of encryption transformation. In the decryption process, the round key data used for round key encryption transformation is in the reverse order in the encryption process.
The row mixing transformation is realized by constructing a fixed mixing involution matrix M, the fixed mixing involution matrix M is also used in the column mixing transformation, and the fixed mixing involution matrix M is shown as the following formula:
the line mixing transform is to convert 64-bit plain text or intermediate values in each roundIs also divided into 16 data unitsThe 16 data units are combined into a 4 × 4 matrix, and the 4 × 4 matrix and the fixed mixed involution matrix M are combined in a finite field GF (2) 4 ) The multiplication transformation is carried out, and the expression formula is as follows:
in the LBT cryptographic algorithm, a new linear diffusion component module is proposed: the row mixing transformation, the row mixing transformation and the column mixing transformation in the cryptographic algorithm use the same transformation fixed matrix, so that in the implementation process, a lot of software and hardware resources are not needed to be consumed; and the transformation data is fully diffused, and the safety of the cryptographic algorithm is improved.
The P permutation operation is to perform position exchange operation on bits in the operation data:
the input 64-bit data is expressed from high to low as: p is a radical of formula 0 ,p 1 ,p 2 ,p 3 ,p 4 ,p 5 ,p 6 ,p 7 ,p 8 ,p 9 ,p 10 ,p 11 ,p 12 ,p 13 ,p 14 ,p 15 ,p 16 ,p 17 ,p 18 ,p 19 ,p 20 ,p 21 ,p 22 ,p 23 ,p 24 ,p 25 ,p 26 ,p 27 ,p 28 ,p 29 ,p 30 ,p 31 ,p 32 ,p 33 ,p 34 ,p 35 ,p 36 ,p 37 ,p 38 ,p 39 ,p 40 ,p 41 ,p 42 ,p 43 ,p 44 ,p 45 ,p 46 ,p 47 ,p 48 ,p 49 ,p 50 ,p 51 ,p 52 ,p 53 ,p 54 ,p 55 ,p 56 ,p 57 ,p 58 ,p 59 ,p 60 ,p 61 ,p 62 ,p 63
Exchanging data bit positions through P permutation;
with p 0 ,p 5 ,p 13 ,p 9 ,p 16 ,p 27 ,p 21 ,p 31 ,p 32 ,p 47 ,p 36 ,p 38 ,p 48 ,p 58 ,p 57 ,p 61 ,p 1 ,p 4 ,p 8 ,p 6 ,p 17 ,p 29 ,p 30 ,p 26 ,p 33 ,p 46 ,p 45 ,p 44 ,p 49 ,p 52 ,p 62 ,p 60 ,p 2 ,p 15 ,p 7 ,p 12 ,p 18 ,p 28 ,p 20 ,p 23 ,p 34 ,p 40 ,p 41 ,p 42 ,p 50 ,p 59 ,p 54 ,p 53 ,p 3 ,p 10 ,p 14 ,p 11 ,p 19 ,p 24 ,p 22 ,p 25 ,p 35 ,p 39 ,p 43 ,p 37 ,p 51 ,p 56 ,p 63 ,p 55 Outputting data in sequence from high order to low order;
the input 80-bit data is expressed from high to low as: p is a radical of 0 ,p 1 ,p 2 ,p 3 ,p 4 ,p 5 ,p 6 ,p 7 ,p 8 ,p 9 ,p 10 ,p 11 ,p 12 ,p 13 ,p 14 ,p 15 ,p 16 ,p 17 ,p 18 ,p 19 ,p 20 ,p 21 ,p 22 ,p 23 ,p 24 ,p 25 ,p 26 ,p 27 ,p 28 ,p 29 ,p 30 ,p 31 ,p 32 ,p 33 ,p 34 ,p 35 ,p 36 ,p 37 ,p 38 ,p 39 ,p 40 ,p 41 ,p 42 ,p 43 ,p 44 ,p 45 ,p 46 ,p 47 ,p 48 ,p 49 ,p 50 ,p 51 ,p 52 ,p 53 ,p 54 ,p 55 ,p 56 ,p 57 ,p 58 ,p 59 ,p 60 ,p 61 ,p 62 ,p 63 ,p 64 ,p 65 ,p 66 ,p 67 ,p 68 ,p 69 ,p 70 ,p 71 ,p 72 ,p 73 ,p 74 ,p 75 ,p 76 ,p 77 ,p 78 ,p 79
Exchanging data bit positions via P permutation;
with p 0 ,p 5 ,p 13 ,p 9 ,p 16 ,p 27 ,p 21 ,p 31 ,p 32 ,p 47 ,p 36 ,p 38 ,p 48 ,p 58 ,p 57 ,p 61 ,p 64 ,p 74 ,p 77 ,p 70 ,p 1 ,p 4 ,p 8 ,p 6 ,p 17 ,p 29 ,p 30 ,p 26 ,p 33 ,p 46 ,p 45 ,p 44 ,p 49 ,p 52 ,p 62 ,p 60 ,p 65 ,p 78 ,p 73 ,p 79 ,p 2 ,p 15 ,p 7 ,p 12 ,p 18 ,p 28 ,p 20 ,p 23 ,p 34 ,p 40 ,p 41 ,p 42 ,p 50 ,p 59 ,p 54 ,p 53 ,p 66 ,p 75 ,p 76 ,p 68 ,p 3 ,p 10 ,p 14 ,p 11 ,p 19 ,p 24 ,p 22 ,p 25 ,p 35 ,p 39 ,p 43 ,p 37 ,p 51 ,p 56 ,p 63 ,p 55 ,p 67 ,p 72 ,p 71 ,p 69 Outputting data in sequence from high order to low order;
the input 128 bits of data are expressed from high to low as: p is a radical of formula 0 ,p 1 ,p 2 ,p 3 ,p 4 ,p 5 ,p 6 ,p 7 ,p 8 ,p 9 ,p 10 ,p 11 ,p 12 ,p 13 ,p 14 ,p 15 ,p 16 ,p 17 ,p 18 ,p 19 ,p 20 ,p 21 ,p 22 ,p 23 ,p 24 ,p 25 ,p 26 ,p 27 ,p 28 ,p 29 ,p 30 ,p 31 ,p 32 ,p 33 ,p 34 ,p 35 ,p 36 ,p 37 ,p 38 ,p 39 ,p 40 ,p 41 ,p 42 ,p 43 ,p 44 ,p 45 ,p 46 ,p 47 ,p 48 ,p 49 ,p 50 ,p 51 ,p 52 ,p 53 ,p 54 ,p 55 ,p 56 ,p 57 ,p 58 ,p 59 ,p 60 ,p 61 ,p 62 ,p 63 ,p 64 ,p 65 ,p 66 ,p 67 ,p 68 ,p 69 ,p 70 ,p 71 ,p 72 ,p 73 ,p 74 ,p 75 ,p 76 ,p 77 ,p 78 ,p 79 ,p 80 ,p 81 ,p 82 ,p 83 ,p 84 ,p 85 ,p 86 ,p 87 ,p 88 ,p 89 ,p 90 ,p 91 ,p 92 ,p 93 ,p 94 ,p 95 ,p 96 ,p 97 ,p 98 ,p 99 ,p 100 ,p 101 ,p 102 ,p 103 ,p 104 ,p 105 ,p 106 ,p 107 ,p 108 ,p 109 ,p 110 ,p 111 ,p 112 ,p 113 ,p 114 ,p 115 ,p 116 ,p 117 ,p 118 ,p 119 ,p 120 ,p 121 ,p 122 ,p 123 ,p 124 ,p 125 ,p 126 ,p 127
Exchanging data bit positions through P permutation;
to be provided with
p 0 ,p 5 ,p 13 ,p 9 ,p 16 ,p 27 ,p 21 ,p 31 ,p 32 ,p 47 ,p 36 ,p 38 ,p 48 ,p 58 ,p 57 ,p 61 ,p 64 ,p 74 ,p 77 ,p 70 ,p 80 ,p 94 ,p 93 ,p 86 ,p 96 ,p 102 ,p 110 ,p 100 ,p 112 ,p 116 ,p 124 ,p 126 ,p 1 ,p 4 ,p 8 ,p 6 ,p 17 ,p 29 ,p 30 ,p 26 ,p 33 ,p 46 ,p 45 ,p 44 ,p 49 ,p 52 ,p 62 ,p 60 ,p 65 ,p 78 ,p 73 ,p 79 ,p 62 ,p 60 ,p 65 ,p 78 ,p 73 ,p 79 ,p 81 ,p 84 ,p 90 ,p 85 ,p 97 ,p 111 ,p 106 ,p 105 ,p 113 ,p 122 ,p 118 ,p 127 ,p 2 ,p 15 ,p 7 ,p 12 ,p 18 ,p 28 ,p 20 ,p 23 ,p 34 ,p 40 ,p 41 ,p 42 ,p 50 ,p 59 ,p 54 ,p 53 ,p 66 ,p 75 ,p 76 ,p 68 ,p 82 ,p 92 ,p 89 ,p 95 ,p 98 ,p 101 ,p 108 ,p 103 ,p 114 ,p 120 ,p 119 ,p 121 ,p 3 ,p 10 ,p 14 ,p 11 ,p 19 ,p 24 ,p 22 ,p 25 ,p 35 ,p 39 ,p 43 ,p 37 ,p 51 ,p 56 ,p 63 ,p 55 ,p 67 ,p 72 ,p 71 ,p 69 ,p 83 ,p 88 ,p 91 ,p 87 ,p 99 ,p 104 ,p 107 ,p 109 ,p 115 ,p 117 ,p 123 ,p 125 And outputting the data in sequence from high order to low order.
The principle of the invention is that a round function with high diffusion speed is constructed in an LBT cryptographic algorithm, and the transformation process in the round function is round key addition transformation → S box replacement transformation → column mixed transformation → row mixed transformation → S box replacement transformation; the diffusion speed of the round function is twice that of the round function of the AES cipher algorithm. The cipher round function structure has twice the number of active S-boxes as the AES cipher round function structure in resisting both differential and linear attacks. In the key expansion algorithm of the LBT password, P replacement is a random and diffusible fast component module, and an efficient and safe key expansion wheel is constructed by reasonable collocation of a P replacement transformation component and other components. Compared with the key expansion algorithm of the PRESENT password, the LBlock password and the MIBS password, the key expansion algorithm is safer and more efficient.
The LBT lightweight block cipher is the first SP network structure algorithm capable of realizing the consistency of encryption and decryption, solves the bottleneck that the consistency of encryption and decryption is difficult to realize based on the SP network structure cipher, and is a very valuable research. The LBT lightweight block cipher algorithm has the advantages of high efficiency and small implementation area in the process of hardware testing.
Due to the adoption of the technical scheme, compared with the prior art, the SP network password structure with consistent encryption and decryption is designed, the password structure is the same as a Feistel network password structure, the encryption and the decryption are the same algorithm, a decryption algorithm does not need to be specially designed, and the input direction of plaintext data encrypted by the password structure is the same as the input direction of ciphertext data decrypted by the password structure. The designed cipher structure is realized as a lightweight LBT block cipher algorithm, the LBT block cipher length is 64 bits, the lengths of three keys are respectively 64 bits, 80 bits and 128 bits, the three cipher algorithms are corresponding to LBT-64, LBT-80 and LBT-128, and a user selects different cipher key length cipher algorithms according to the requirements of application occasions. The bottleneck that the encryption and decryption are consistent based on the SP network structure password is difficult to achieve is solved; the encryption and decryption speed of the LBT password is high, the realization of software and hardware is facilitated, and simultaneously, the software and hardware resources are reduced, so that the LBT password is very suitable for being used as a lightweight block password. The SP network password structure with consistent encryption and decryption becomes an important research point for designing the block password.
Drawings
FIG. 1 is a schematic diagram of an encryption process of the method of the present invention;
fig. 2 is a schematic diagram of the decryption process of the method of the present invention.
Detailed Description
Example 1 of the invention: the LBT lightweight block cipher adopts an SPN structure, the block length of an algorithm is 64 bits, the lengths of three keys are respectively 64 bits, 80 bits and 128 bits, and the corresponding iteration rounds are respectively 25 rounds, 31 rounds and 36 rounds. For the difference according to the three key lengths, the algorithms are respectively marked as LBT-64, LBT-80 and LBT-128. The encryption and decryption of the LBT cryptographic algorithm structure are identical except that the order of the round keys used for encryption and decryption is reversed. Among the algorithm encryption and decryption, round functions are included in round key encryption transformation (AddRoundKey), S-box replacement transformation (SubCells), column MixColumns transformation (MixColumns), row MixColumns transformation (MixRows), and four different modules. The LBT cipher algorithm encryption flow is shown in fig. 1.
Pseudo code description for BTL lightweight block cipher encryption:
algorithm 1: BTL cryptographic encryption process
Inputting: plaintext [0:63] ,rkey [0:63]
And (3) outputting: ciphertext [0:63]
In the algorithm 1, the rkey is a round key, and the round key is generated by expanding the key of the password; among the cryptographic algorithms of LBT-64, LBT-80 and LBT-128, N takes values of 25, 31 and 36 rounds.
Round key addition transformation: carrying out XOR operation on each bit of the plaintext or the intermediate value of each round and the round key of the ith (i is more than or equal to 0 and less than or equal to N); 64-bit plain text or intermediate value of each round in LBT passwordWith the ith round 64-bit round keyThe operational relationship of (c) is shown in the following formula:
s box replacement transformation: the LBT cryptographic wheel function contains two identical S-box replacement transformation modules, and the S-box is a nonlinear component. The LBT algorithm uses the KLEIN cipher algorithm S-box, which is a reversible S-box, whose elements are shown in table 1 (the data in the table are hexadecimal data). The 64-bit plaintext is divided into one roundIntermediate valueDivided into 16 data unitsThe 16 unit data are respectively subjected to S-box replacement transformation, and the operation relationship is as shown in formula (2).
TABLE 1LBT Algorithm S-Box element
X 0 1 2 3 4 5 6 7 8 9 A B C D E F
S[x] 7 4 A 9 1 F B 0 C 3 2 6 8 E D 5
Column mixing transformation: the column mixtransform fixed involution matrix M, which also serves as the involution matrix fixed in the LBT cipher row mixtransform module, is shown in equation (3) below.
The column mixing transform needs to convert 64 bits of plaintext or each round of intermediate valuesIs also divided into 16 data unitsThe 16 data units are combined into a 4 × 4 matrix, and then the fixed mixed involution matrix M and the 4 × 4 data matrix are in a finite field GF (2) 4 ) The above multiplication transformation is carried out, and the expression formula is shown as (4):
line mixing transformation: the transformation process of the row mixing transformation and the column mixing transformation is similar, and a 4 multiplied by 4 data matrix and a fixed mixing involution matrix M are arranged in a finite field GF (2) 4 ) The multiplication transformation is carried out, and the expression formula is shown as (5):
LBT cryptographic key expansion algorithm (keyexpansion): the LBT algorithm has three key lengths of 64, 80 and 128 bits, corresponding to 25, 31 and 36 rounds of iteration. However, the three LBT-64, LBT-80 and LBT-128 algorithms differ in their key expansion, which is described in detail below.
And 2, algorithm: LBT-64 cryptographic key expansion process
Inputting: key (R) [0:63]
And (3) outputting:
algorithm 3: LBT-80 cryptographic key expansion process
Inputting: key (R) [0:79]
And (3) outputting:
and algorithm 4: LBT-128 cryptographic key expansion process
Inputting: key (R) [0:127]
And (3) outputting:
LBT cryptographic key expansion algorithm when the S-box replaced by the S-box is the S-box of the encryption/decryption algorithm, the elements of the S-box are shown in table 1. Among LBT-64 Key expansion algorithms, a 64-bit Key is divided into 16 data units Key 0[0:3] 、Key 1[0:3] 、……、Key 15[0:3] Only this Key 0[0:3] 、Key 4[0:3] 、Key 8[0:3] And Key 12[0:3] And 4 data units are subjected to S-box replacement transformation, and the operation formula is shown as (6). In the LBT-80 Key expansion algorithm, 80-bit keys are divided into 20 data units Key 0[0:3] 、Key 1[0:3] 、……、Key 19[0:3] Only this Key 0[0:3] 、Key 4[0:3] 、Key 8[0:3] 、Key 12[0:3] And Key 16[0:3] And (5) carrying out S box replacement transformation on the data units, wherein the operation formula is shown as (7). In the LBT-128 Key expansion algorithm, a 128-bit Key is divided into 32 data units Key 0[0:3] 、Key 1[0:3] 、……、Key 31[0:3] Only this Key 0[0:3] 、Key 4[0:3] 、Key 8[0:3] 、Key 12[0:3] 、Key 16[0:3] 、Key 20[0:3] 、Key 24[0:3] And Key 28[0:3] The 8 data units are subjected to S-box replacement transformation, and the operation formula is shown as (8).
S-box substitution transformation of LBT-64 cryptographic key expansion algorithm:
Key 4×j[0:3] ←S(Key 4×j[0:3] ) (0≤j≤3) (6)
s-box substitution transformation of LBT-80 cryptographic key expansion algorithm:
Key 4×j[0:3] ←S(Key 4×j[0:3] ) (0≤j≤4) (7)
s-box substitution transformation of LBT-128 cryptographic key expansion algorithm:
Key 4×j[0:3] ←S(Key 4×j[0:3] ) (0≤j≤7) (8)
p substitution (Permutation): the P permutation construction of the LBT cipher is different from other lightweight block cipher algorithms. For different key lengths of LBT ciphers, the P permutation transformation is different, but the construction method is the same. The P permutation transformation of the LBT-64 cipher is described in detail below, while the LBT-80 and LBT-128 ciphers are similar. The P permutation is constructed in two steps: step 1, the input 64-bit data is expressed from high bit to low bit as:
p 0 ,p 1 ,p 2 ,p 3 ,p 4 ,p 5 ,p 6 ,p 7 ,p 8 ,p 9 ,p 10 ,p 11 ,p 12 ,p 13 ,p 14 ,p 15 ,p 16 ,p 17 ,p 18 ,p 19 ,p 20 ,p 21 ,p 22 ,p 23 ,p 24 ,p 25 ,p 26 ,p 27 ,p 28 ,p 29 ,p 30 ,p 31 ,p 32 ,p 33 ,p 34 ,p 35 ,p 36 ,p 37 ,p 38 ,p 39 ,p 40 ,p 41 ,p 42 ,p 43 ,p 44 ,p 45 ,p 46 ,p 47 ,p 48 ,p 49 ,p 50 ,p 51 ,p 52 ,p 53 ,p 54 ,p 55 ,p 56 ,p 57 ,p 58 ,p 59 ,p 60 ,p 61 ,p 62 ,p 63 (ii) a The 64-bit data is subjected to position conversion according to a conversion formula (9), and the 64-bit data is divided into 4 groups after conversion, wherein each group is 16 bits.
Group 1 data p 0 ,p 4 ,p 8 ,p 12 ,p 16 ,p 20 ,p 24 ,p 28 ,p 32 ,p 36 ,p 40 ,p 44 ,p 48 ,p 52 ,p 56 ,p 60 (ii) a Group 2 data p 1 ,p 5 ,p 9 ,p 13 ,p 17 ,p 21 ,p 25 ,p 29 ,p 33 ,p 37 ,p 41 ,p 45 ,p 49 ,p 53 ,p 57 ,p 61 (ii) a Number p of group 3 2 ,p 6 ,p 10 ,p 14 ,p 18 ,p 22 ,p 26 ,p 30 ,p 34 ,p 38 ,p 42 ,p 46 ,p 50 ,p 54 ,p 58 ,p 62 (ii) a Group 4 data p 3 ,p 7 ,p 11 ,p 15 ,p 19 ,p 23 ,p 27 ,p 31 ,p 35 ,p 39 ,p 43 ,p 47 ,p 51 ,p 55 ,p 59 ,p 63 . Step 2, in the 4 groups, each group sequentially takes 4 bits to rearrange according to the sequence to form 4 square queues of 4 multiplied by 4, in each square queue, the position of the first row is fixed, and the rest 3 rows of 12 bits draw lots, and the positions are randomly distributed; the positions were switched as shown in table 2 below.
TABLE 2 position conversion of P permutations
Last 64 bits with p 0 ,p 5 ,p 13 ,p 9 ,p 16 ,p 27 ,p 21 ,p 31 ,p 32 ,p 47 ,p 36 ,p 38 ,p 48 ,p 58 ,p 57 ,p 61 ,p 1 ,p 4 ,p 8 ,p 6 ,p 17 ,p 29 ,P 30 ,p 26 ,p 33 ,p 46 ,p 45 ,p 44 ,p 49 ,p 52 ,p 62 ,p 60 ,p 2 ,p 15 ,p 7 ,p 12 ,p 18 ,p 28 ,p 20 ,p 23 ,p 34 ,p 40 ,p 41 ,p 42 ,p 50 ,p 59 ,P 54 ,p 53 ,p 3 ,p 10 ,p 14 ,p 11 ,p 19 ,p 24 ,p 22 ,p 25 ,p 35 ,p 39 ,p 43 ,p 37 ,p 51 ,p 56 ,p 63 ,p 55 And outputting the data in sequence from high order to low order.
The LBT-80 input 80-bit data is expressed from high to low as: p is a radical of 0 ,p 1 ,p 2 ,p 3 ,p 4 ,p 5 ,p 6 ,p 7 ,p 8 ,p 9 ,p 10 ,p 11 ,p 12 ,p 13 ,p 14 ,p 15 ,p 16 ,p 17 ,p 18 ,p 19 ,p 20 ,p 21 ,p 22 ,p 23 ,p 24 ,p 25 ,p 26 ,p 27 ,p 28 ,p 29 ,p 30 ,p 31 ,p 32 ,p 33 ,p 34 ,p 35 ,p 36 ,p 37 ,p 38 ,p 39 ,p 40 ,p 41 ,p 42 ,p 43 ,p 44 ,p 45 ,p 46 ,p 47 ,p 48 ,p 49 ,p 50 ,p 51 ,p 52 ,p 53 ,p 54 ,p 55 ,p 56 ,p 57 ,p 58 ,p 59 ,p 60 ,p 61 ,p 62 ,p 63 ,p 64 ,p 65 ,p 66 ,p 67 ,p 68 ,p 69 ,p 70 ,p 71 ,p 72 ,p 73 ,p 74 ,p 75 ,p 76 ,p 77 ,p 78 ,p 79
Exchanging data bit positions through P permutation;
with p 0 ,p 5 ,p 13 ,p 9 ,p 16 ,p 27 ,p 21 ,p 31 ,p 32 ,p 47 ,p 36 ,p 38 ,p 48 ,p 58 ,p 57 ,p 61 ,p 64 ,p 74 ,p 77 ,p 70 ,p 1 ,p 4 ,p 8 ,p 6 ,p 17 ,p 29 ,p 30 ,p 26 ,p 33 ,p 46 ,p 45 ,p 44 ,p 49 ,p 52 ,p 62 ,p 60 ,p 65 ,p 78 ,p 73 ,p 79 ,p 2 ,p 15 ,p 7 ,p 12 ,p 18 ,p 28 ,p 20 ,p 23 ,p 34 ,p 40 ,p 41 ,p 42 ,p 50 ,p 59 ,p 54 ,p 53 ,p 66 ,p 75 ,p 76 ,p 68 ,p 3 ,p 10 ,p 14 ,p 11 ,p 19 ,p 24 ,p 22 ,p 25 ,p 35 ,p 39 ,p 43 ,p 37 ,p 51 ,p 56 ,p 63 ,p 55 ,p 67 ,p 72 ,p 71 ,p 69 Outputting data in sequence from high order to low order;
the LBT-128 input 128-bit data is expressed from high to low as: p is a radical of 0 ,p 1 ,p 2 ,p 3 ,p 4 ,p 5 ,p 6 ,p 7 ,p 8 ,p 9 ,p 10 ,p 11 ,p 12 ,p 13 ,p 14 ,p 15 ,p 16 ,p 17 ,p 18 ,p 19 ,p 20 ,p 21 ,p 22 ,p 23 ,p 24 ,p 25 ,p 26 ,p 27 ,p 28 ,p 29 ,p 30 ,p 31 ,p 32 ,p 33 ,p 34 ,p 35 ,p 36 ,p 37 ,p 38 ,p 39 ,p 40 ,p 41 ,p 42 ,p 43 ,p 44 ,p 45 ,p 46 ,p 47 ,p 48 ,p 49 ,p 50 ,p 51 ,p 52 ,p 53 ,p 54 ,p 55 ,p 56 ,p 57 ,p 58 ,p 59 ,p 60 ,p 61 ,p 62 ,p 63 ,p 64 ,p 65 ,p 66 ,p 67 ,p 68 ,p 69 ,p 70 ,p 71 ,p 72 ,p 73 ,p 74 ,p 75 ,p 76 ,p 77 ,p 78 ,p 79 ,p 80 ,p 81 ,p 82 ,p 83 ,p 84 ,p 85 ,p 86 ,p 87 ,p 88 ,p 89 ,p 90 ,p 91 ,p 92 ,p 93 ,p 94 ,p 95 ,p 96 ,p 97 ,p 98 ,p 99 ,p 100 ,p 101 ,p 102 ,p 103 ,p 104 ,p 105 ,p 106 ,p 107 ,p 108 ,p 109 ,p 110 ,p 111 ,p 112 ,p 113 ,p 114 ,p 115 ,p 116 ,p 117 ,p 118 ,p 119 ,p 120 ,p 121 ,p 122 ,p 123 ,p 124 ,p 125 ,p 126 ,p 127
Exchanging data bit positions through P permutation;
to be provided with
p 0 ,p 5 ,p 13 ,p 9 ,p 16 ,p 27 ,p 21 ,p 31 ,p 32 ,p 47 ,p 36 ,p 38 ,p 48 ,p 58 ,p 57 ,p 61 ,p 64 ,p 74 ,p 77 ,p 70 ,p 80 ,p 94 ,p 93 ,p 86 ,p 96 ,p 102 ,p 110 ,p 100 ,p 112 ,p 116 ,p 124 ,p 126 ,p 1 ,p 4 ,p 8 ,p 6 ,p 17 ,p 29 ,p 30 ,p 26 ,p 33 ,p 46 ,p 45 ,p 44 ,p 49 ,p 52 ,p 62 ,p 60 ,p 65 ,p 78 ,p 73 ,p 79 ,p 62 ,p 60 ,p 65 ,p 78 ,p 73 ,p 79 ,p 81 ,p 84 ,p 90 ,p 85 ,p 97 ,p 111 ,p 106 ,p 105 ,p 113 ,p 122 ,p 118 ,p 127 ,p 2 ,p 15 ,p 7 ,p 12 ,p 18 ,p 28 ,p 20 ,p 23 ,p 34 ,p 40 ,p 41 ,p 42 ,p 50 ,p 59 ,p 54 ,p 53 ,p 66 ,p 75 ,p 76 ,p 68 ,p 82 ,p 92 ,p 89 ,p 95 ,p 98 ,p 101 ,p 108 ,p 103 ,p 114 ,p 120 ,p 119 ,p 121 ,p 3 ,p 10 ,p 14 ,p 11 ,p 19 ,p 24 ,p 22 ,p 25 ,p 35 ,p 39 ,p 43 ,p 37 ,p 51 ,p 56 ,p 63 ,p 55 ,p 67 ,p 72 ,p 71 ,p 69 ,p 83 ,p 88 ,p 91 ,p 87 ,p 99 ,p 104 ,p 107 ,p 109 ,p 115 ,p 117 ,p 123 ,p 125 Outputting data in sequence from high order to low order;
constant plus transform (addonstants): the purpose of constant adding transformation is to improve the safety of the algorithm, mainly aiming at some attack methods such as sliding attack and the like, however, the constant adding transformation module cannot occupy too many soft and hard resources in the implementation process, so that the number of rounds is taken as the round constant of the algorithm like other cryptographic algorithms (QTL (quantitative trait locus) cipher, present cipher and the like). In the LBT cipher, the input data is xor-ed with the round constant at the upper 8 bits. The selection of directly taking the upper 8 bits of the data as the transformation data is convenient for constant addition operation, and the selection of directly taking the middle bit as the transformation data is not convenient.
The constant plus transform formula of the LBT-64 cryptographic algorithm is as follows (10):
the constant plus transform formula of the LBT-80 cryptographic algorithm is as follows (10):
the constant plus transform formula of the LBT-128 cryptographic algorithm is as follows (11):
cyclic shift transform (Rotation): the circular shift transformation is realized on hardware without consuming resources, and is also very easy to realize on software. The purpose of the circular shift transform is to move the constant plus transform bits into each round of keys, making the algorithm more resistant to such sliding attacks. The collocation of constant addition transformation and cyclic shift transformation is more reasonable than the operation of directly selecting intermediate bit data to carry out constant addition transformation.
The LBT-64 cipher algorithm is a round left shift of 21 bits, the formula is as follows (13):
Key [0:63] =Key [0:63] <<<21 (13)
the LBT-80 cipher algorithm is a round-robin left shift of 44 bits, as follows (14):
Key [0:79] =Key [0:79] <<<44 (14)
the LBT-128 cipher algorithm is a round left shift of 100 bits, the formula is as follows (15):
Key [0:127] =Key [0:127] <<<100 (15)
LBT cryptographic algorithm decryption: because the traditional block cipher algorithm based on the SP network structure is different in encryption and decryption, the cipher decryption algorithm cannot multiplex the encryption algorithm. The LBT cryptographic algorithm is also based on an SP network structure, a reversible module component is adopted in an algorithm round function, so that the LBT cryptographic algorithm can be used for encryption and decryption like a Feistel cryptographic structure, a decryption algorithm does not need to be specially designed, and the input direction of plaintext data encrypted by the algorithm is the same as the input direction of ciphertext data decrypted by the algorithm. The LBT cryptographic algorithm decryption is implemented using the round keys of the encryption process in reverse order. The LBT cryptographic algorithm decryption flow is shown in fig. 2.
LBT-64 cipher algorithm test vector: (the data in the table are hexadecimal data)
(1) Plaintext: 0000 \u0000
(1) And (3) secret key: 0000 \u0000
(1) Ciphertext: FF4F _ EAAC _ D592_ A620
(2) Plaintext: FFFF _ FFFF _ FFFF _ FFFF
(2) And (3) secret key: FFFF _ FFFF _ FFFF _ FFFF
(2) Ciphertext: DE37_87C0_9D08_C4DD
LBT-80 cryptographic algorithm test vector:
(1) Plaintext: 0000 \u0000
(1) And (3) secret key: 0000 \u0000
(1) Ciphertext: b7BA _ FD2A _ D02D _342A
(2) Plaintext: FFFF _ FFFF _ FFFF _ FFFF
(2) And (3) secret key: FFFF _ FFFF _ FFFF
(2) Ciphertext: B9A0_87BF _E5B4_C7E4
LBT-128 cipher algorithm test vector:
(1) Plaintext: 0000 \u0000
(1) And (3) secret key: 0000 \u0000
(1) Ciphertext: 6635 (u) F2B4 (u B870) (u 2441)
(2) Plaintext: FFFF _ FFFF _ FFFF _ FFFF
(2) And (3) secret key: FFFF _ FFFF _ FFFF _ FFFF _ FFFF _ FFFF
(2) Ciphertext: c113_6491 \ u 7DA0 \ u BF9A
The LBT lightweight block cipher algorithm is realized by using Verilog HDL language, and a simulation experiment of ModelSim SE 6.1f Evaluation is carried out. In order to test the hardware realization resources of the algorithm, the algorithm is synthesized by Synopsys Design Compiler Version B-2008.09, and the comprehensive process library is SMIC 0.18 μm CMOS.
LBT lightweight block cipher hardware resource report analysis, and the resource occupied by each component in the encryption module algorithm is specifically described as follows: the register is required to store 344GE (GE is the unit of hardware implementation area) of 64-bit plaintext; in the round key adding module, the exclusive or operation of the round key and the encrypted data unit needs 170.85GE; s box replacement operation needs 352GE; the column alias and row alias transform operations require 162GE. The resource occupied by each component in the key expansion module algorithm is specifically described as follows: in the LBT-64 cryptographic algorithm, 344GE is required for a register to store a 64-bit key; s box replacement operation needs 88GE; the constant plus shift operation implementation requires 24GE. In the LBT-80 cryptographic algorithm, 424GE is required for a register to hold an 80-bit key; s box replacement operation needs 110GE; constant plus transform operation implementation required 30GE. In the LBT-128 cryptographic algorithm, 688GE is needed for a register to store a 128-bit key; s box replacement operation requires 176GE; constant plus shift operation implementation requires 35GE. In addition, the cyclic shift operation in the key expansion module algorithm does not need to consume resources in the hardware implementation process. In the LBT password implementation process, 10GE is needed for controlling logic resources. The list of LBT-64 cryptographic hardware implementation resources is shown in table 3, the list of LBT-80 cryptographic hardware implementation resources is shown in table 4, and the list of LBT-128 cryptographic hardware implementation resources is shown in table 5.
TABLE 3 LBT-64 crypto area resource List
TABLE 4 LBT-80 crypto area resource List
Algorithm module GE Percentage of occupancy
Plaintext register 344 21%
S-Box replacement transformation 462 29%
Column mix and row mix transforms 162 10%
Round keyAdding transformation 170.85 11%
Key register 424 26%
Constant plus transform 30 2%
Control logic 10 1%
Sum of 1602.85 100%
TABLE 5 LBT-128 cipher area resources List
Algorithm module GE Percentage of occupancy
Plaintext register 344 18%
S-Box replacement transformation 528 27%
Column mix and row mix transforms 162 8%
Round key plus transform 170.85 9%
Key register 688 36%
Constant plus transform 35 2%
Control logic 10 1%
Sum of 1937.85 100%
The LBT cryptographic algorithm is compared and analyzed with the existing lightweight block cryptographic algorithm based on Feistel network structure, as shown in table 6. The selection of the LBT cryptographic algorithm is compared with some lightweight block cryptographic algorithms based on the Feistel network structure, because the cryptographic algorithms belong to the same encryption and decryption, the encryption and the decryption are the same algorithm, a decryption algorithm does not need to be specially designed, and the input direction of plaintext data encrypted by the algorithm is the same as the input direction of ciphertext data decrypted by the algorithm. Because the encryption and decryption based on the SP network structure are inconsistent, the existing lightweight block cipher algorithms based on the SP network structure only give hardware implementation data in the encryption process, and do not give hardware area implementation data realized by encryption and decryption together. Therefore, the LBT cryptographic algorithm cannot be compared and analyzed with the existing SP network structure-based lightweight block cryptographic algorithms, and the LBT cryptographic algorithm can be confirmed to save area resources of the decryption part of the algorithm. Compared with the cryptographic algorithms, the LBT cryptographic algorithm has the advantages of high efficiency and small implementation area through analysis.
TABLE 6 area comparison for lightweight block cipher algorithm
Algorithm Structure of the product Plaintext Secret key Area of Speed of rotation Logic
(bits) (bits) (GE) (kbps@100KHz)
Twine Feistel 64 80 1503 178 0.18μm
Piccolo Feistel 64 80 1136 237.04 0.18μm
LBlock Feistel 64 80 1320 200 0.18μm
MIBS Feistel 64 64 1396 200 0.18μm
LBT-64 SPN 64 64 1484.85 200 0.18μm
LBT-80 SPN 64 80 1592.85 200 0.18μm
LBT-128 SPN 64 128 1927.85 200 0.18μm
The encryption and decryption algorithm is the same based on the SP network structure cipher algorithm, so that the decryption algorithm does not need to be specially designed, and the input direction of plaintext data encrypted by the algorithm is the same as the input direction of ciphertext data decrypted by the algorithm. Therefore, the bottleneck that encryption and decryption cannot be realized by the same algorithm based on the traditional SP network structure cryptographic algorithm is solved. On a software and hardware implementation platform, resources can be saved like a Feistel network structure. In terms of algorithm safety, through an algorithm diffusion speed experimental test, the diffusion speed of an LBT (local binary transmission) cipher algorithm is 2 times faster than that of an AES (advanced encryption Standard) cipher), and as the traditional SP network structure-based cipher algorithm is 2 times faster than that of a Feistel network structure-based cipher algorithm like the AES cipher, the diffusion speed of the LBT cipher algorithm is 4 times faster than that of the general Feistel network structure-based cipher algorithm. In the aspect of resisting differential and linear attacks, the number of the LBT cipher wheel function structure active S boxes is 2 times that of the AES cipher wheel function structure, and is also 4 times that of the wheel function active S boxes based on the Feistel network structure cipher algorithm generally. The LBT cryptographic algorithm has very high security performance. LBT is the first cryptographic algorithm for realizing the encryption and decryption consistency based on the SP network structure, and the algorithm structure is a very valuable research; meanwhile, the algorithm has the advantages of high safety and low resource and has good application prospect.
The present invention has been described in detail with reference to the specific embodiments, which should not be construed as limiting the invention. Many variations and modifications can be made by one skilled in the art without departing from the principles of the invention, which shall be deemed to be within the scope of the invention.

Claims (4)

1. A method for realizing a lightweight LBT block cipher of an SP network structure with consistent encryption and decryption is characterized by comprising the following steps:
step 1: loading 64-bit plaintext or 64-bit ciphertext to a register to be used as data to be encrypted or decrypted, and performing encryption operation or decryption operation;
step 2: performing N rounds of iterative operation on the encryption operation or decryption operation data, and outputting a ciphertext or a plaintext; wherein, when the key length is 64 bits, the value of N is 25; when the key length is 80 bits, the value of N is 31; when the key length is 128 bits, the value of N is 36;
the operation process of the encryption operation or the decryption iterative operation is as follows:
if the data to be encrypted is input for encryption operation, performing round key addition transformation, S box replacement transformation, column mixing transformation, row mixing transformation and S box replacement transformation on the encrypted data in each round of operation from the first round to the Nth round in sequence, and taking the data obtained after the second S box replacement transformation in the round of operation as the data to be encrypted in the next round;
after N rounds of transformation, the data to be encrypted is subjected to round key addition transformation to complete encryption operation;
if the data to be decrypted is input for decryption operation, performing round key addition transformation, S box replacement transformation, column mixing transformation, row mixing transformation and S box replacement transformation on the decrypted data in each round of operation from the Nth round to the first round in sequence, and taking the data obtained after the second S box replacement transformation in the round of operation as the data to be decrypted in the next round;
after N rounds of transformation, the data to be decrypted is subjected to round key encryption transformation, and decryption operation is completed.
2. The method for implementing a lightweight LBT block cipher with consistent encryption and decryption according to claim 1, wherein: the generation of the sub-key in the round key adding transformation is constructed and realized by the following key expansion operation method:
if the key length is 64 bits, the round key and the transformation sub-key of the first round of encryption are 64-bit original keys; if the key length is 80 bits, the round key plus transformation sub-key of the first round of encryption is the upper 64 bits of the 80-bit original key; if the key length is 128 bits, the round key plus transform subkey of the first round of encryption is the upper 64 bits of the 128-bit original key; in the key expansion operation, in the first round to the Nth round, the data to be subjected to key expansion is subjected to S-box replacement transformation, P replacement transformation, constant addition transformation and cyclic shift transformation in each round of operation in sequence, and the data obtained after cyclic shift transformation is used as the data to be subjected to key expansion and the key data of the next round; and in the encryption process, a sub-key obtained by the first round of key expansion is used as data of round key addition transformation in the second round of encryption, the data is sequentially operated, and a sub-key obtained by the Nth round of key expansion is used as data of round key addition transformation after N round of encryption transformation. In the decryption process, the round key data used for round key encryption transformation is in the reverse order in the encryption process.
3. The method for implementing a lightweight LBT block cipher with consistent encryption and decryption according to claim 1, wherein: the row mixing transformation is realized by constructing a fixed mixing involution matrix M, the fixed mixing involution matrix M is also used in the column mixing transformation, and the fixed mixing involution matrix M is shown as the following formula:
the line mixing transform is to mix 64-bit plain text or intermediate values in each roundIs also divided into 16 data unitsThe 16 data units are combined into a 4 × 4 matrix, and the 4 × 4 matrix and the fixed mixed involution matrix M are combined in a finite field GF (2) 4 ) The expression formula is as follows:
4. the method for implementing a lightweight LBT block cipher with consistent encryption and decryption according to claim 2, wherein: the P permutation operation is to perform position exchange operation on bits in the operation data:
the input 64-bit data is expressed from high to low as: p is a radical of formula 0 ,p 1 ,p 2 ,p 3 ,p 4 ,p 5 ,p 6 ,p 7 ,p 8 ,p 9 ,p 10 ,p 11 ,p 12 ,p 13 ,p 14 ,p 15 ,p 16 ,p 17 ,p 18 ,p 19 ,p 20 ,p 21 ,p 22 ,p 23 ,p 24 ,p 25 ,p 26 ,p 27 ,p 28 ,p 29 ,p 30 ,p 31 ,p 32 ,p 33 ,p 34 ,p 35 ,p 36 ,p 37 ,p 38 ,p 39 ,p 40 ,p 41 ,p 42 ,p 43 ,p 44 ,p 45 ,p 46 ,p 47 ,p 48 ,p 49 ,p 50 ,p 51 ,p 52 ,p 53 ,p 54 ,p 55 ,p 56 ,p 57 ,p 58 ,p 59 ,p 60 ,p 61 ,p 62 ,p 63
Exchanging data bit positions via P permutation;
with p 0 ,p 5 ,p 13 ,p 9 ,p 16 ,p 27 ,p 21 ,p 31 ,p 32 ,p 47 ,p 36 ,p 38 ,p 48 ,p 58 ,p 57 ,p 61 ,p 1 ,p 4 ,p 8 ,p 6 ,p 17 ,p 29 ,p 30 ,p 26 ,p 33 ,p 46 ,p 45 ,p 44 ,p 49 ,p 52 ,p 62 ,p 60 ,p 2 ,p 15 ,p 7 ,p 12 ,p 18 ,p 28 ,p 20 ,p 23 ,p 34 ,p 40 ,p 41 ,p 42 ,p 50 ,p 59 ,p 54 ,p 53 ,p 3 ,p 10 ,p 14 ,p 11 ,p 19 ,p 24 ,p 22 ,p 25 ,p 35 ,p 39 ,p 43 ,p 37 ,p 51 ,p 56 ,p 63 ,p 55 Outputting data in sequence from high order to low order;
the input 80-bit data is expressed from high to low as: p is a radical of 0 ,p 1 ,p 2 ,p 3 ,p 4 ,p 5 ,p 6 ,p 7 ,p 8 ,p 9 ,p 10 ,p 11 ,p 12 ,p 13 ,p 14 ,p 15 ,p 16 ,p 17 ,p 18 ,p 19 ,p 20 ,p 21 ,p 22 ,p 23 ,p 24 ,p 25 ,p 26 ,p 27 ,p 28 ,p 29 ,p 30 ,p 31 ,p 32 ,p 33 ,p 34 ,p 35 ,p 36 ,p 37 ,p 38 ,p 39 ,p 40 ,p 41 ,p 42 ,p 43 ,p 44 ,p 45 ,p 46 ,p 47 ,p 48 ,p 49 ,p 50 ,p 51 ,p 52 ,p 53 ,p 54 ,p 55 ,p 56 ,p 57 ,p 58 ,p 59 ,p 60 ,p 61 ,p 62 ,p 63 ,p 64 ,p 65 ,p 66 ,p 67 ,p 68 ,p 69 ,p 70 ,p 71 ,p 72 ,p 73 ,p 74 ,p 75 ,p 76 ,p 77 ,p 78 ,p 79
Exchanging data bit positions via P permutation;
with p 0 ,p 5 ,p 13 ,p 9 ,p 16 ,p 27 ,p 21 ,p 31 ,p 32 ,p 47 ,p 36 ,p 38 ,p 48 ,p 58 ,p 57 ,p 61 ,p 64 ,p 74 ,p 77 ,p 70 ,p 1 ,p 4 ,p 8 ,p 6 ,p 17 ,p 29 ,p 30 ,p 26 ,p 33 ,p 46 ,p 45 ,p 44 ,p 49 ,p 52 ,p 62 ,p 60 ,p 65 ,p 78 ,p 73 ,p 79 ,p 2 ,p 15 ,p 7 ,p 12 ,p 18 ,p 28 ,p 20 ,p 23 ,p 34 ,p 40 ,p 41 ,p 42 ,p 50 ,p 59 ,p 54 ,p 53 ,p 66 ,p 75 ,p 76 ,p 68 ,p 3 ,p 10 ,p 14 ,p 11 ,p 19 ,p 24 ,p 22 ,p 25 ,p 35 ,p 39 ,p 43 ,p 37 ,p 51 ,p 56 ,p 63 ,p 55 ,p 67 ,p 72 ,p 71 ,p 69 Outputting data in sequence from high order to low order;
the input 128 bits of data are expressed from high to low as: p is a radical of 0 ,p 1 ,p 2 ,p 3 ,p 4 ,p 5 ,p 6 ,p 7 ,p 8 ,p 9 ,p 10 ,p 11 ,p 12 ,p 13 ,p 14 ,p 15 ,p 16 ,p 17 ,p 18 ,p 19 ,p 20 ,p 21 ,p 22 ,p 23 ,p 24 ,p 25 ,p 26 ,p 27 ,p 28 ,p 29 ,p 30 ,p 31 ,p 32 ,p 33 ,p 34 ,p 35 ,p 36 ,p 37 ,p 38 ,p 39 ,p 40 ,p 41 ,p 42 ,p 43 ,p 44 ,p 45 ,p 46 ,p 47 ,p 48 ,p 49 ,p 50 ,p 51 ,p 52 ,p 53 ,p 54 ,p 55 ,p 56 ,p 57 ,p 58 ,p 59 ,p 60 ,p 61 ,p 62 ,p 63 ,p 64 ,p 65 ,p 66 ,p 67 ,p 68 ,p 69 ,p 70 ,p 71 ,p 72 ,p 73 ,p 74 ,p 75 ,p 76 ,p 77 ,p 78 ,p 79 ,p 80 ,p 81 ,p 82 ,p 83 ,p 84 ,p 85 ,p 86 ,p 87 ,p 88 ,p 89 ,p 90 ,p 91 ,p 92 ,p 93 ,p 94 ,p 95 ,p 96 ,p 97 ,p 98 ,p 99 ,p 100 ,p 101 ,p 102 ,p 103 ,p 104 ,p 105 ,p 106 ,p 107 ,p 108 ,p 109 ,p 110 ,p 111 ,p 112 ,p 113 ,p 114 ,p 115 ,p 116 ,p 117 ,p 118 ,p 119 ,p 120 ,p 121 ,p 122 ,p 123 ,p 124 ,p 125 ,p 126 ,p 127
Exchanging data bit positions through P permutation;
with p 0 ,p 5 ,p 13 ,p 9 ,p 16 ,p 27 ,p 21 ,p 31 ,p 32 ,p 47 ,p 36 ,p 38 ,p 48 ,p 58 ,p 57 ,p 61 ,p 64 ,p 74 ,p 77 ,p 70 ,p 80 ,p 94 ,p 93 ,p 86 ,p 96 ,p 102 ,p 110 ,p 100 ,p 112 ,p 116 ,p 124 ,p 126 ,p 1 ,p 4 ,p 8 ,p 6 ,p 17 ,p 29 ,p 30 ,p 26 ,p 33 ,p 46 ,p 45 ,p 44 ,p 49 ,p 52 ,p 62 ,p 60 ,p 65 ,p 78 ,p 73 ,p 79 ,p 62 ,p 60 ,p 65 ,p 78 ,p 73 ,p 79 ,p 81 ,p 84 ,p 90 ,p 85 ,p 97 ,p 111 ,p 106 ,p 105 ,p 113 ,p 122 ,p 118 ,p 127 ,p 2 ,p 15 ,p 7 ,p 12 ,p 18 ,p 28 ,p 20 ,p 23 ,p 34 ,p 40 ,p 41 ,p 42 ,p 50 ,p 59 ,p 54 ,p 53 ,p 66 ,p 75 ,p 76 ,p 68 ,p 82 ,p 92 ,p 89 ,p 95 ,p 98 ,p 101 ,p 108 ,p 103 ,p 114 ,p 120 ,p 119 ,p 121 ,p 3 ,p 10 ,p 14 ,p 11 ,p 19 ,p 24 ,p 22 ,p 25 ,p 35 ,p 39 ,p 43 ,p 37 ,p 51 ,p 56 ,p 63 ,p 55 ,p 67 ,p 72 ,p 71 ,p 69 ,p 83 ,p 88 ,p 91 ,p 87 ,p 99 ,p 104 ,p 107 ,p 109 ,p 115 ,p 117 ,p 123 ,p 125 And outputting the data in sequence from high order to low order.
CN201711093878.4A 2017-11-08 2017-11-08 SP network structure lightweight block cipher realization method with consistent encryption and decryption Active CN107707343B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711093878.4A CN107707343B (en) 2017-11-08 2017-11-08 SP network structure lightweight block cipher realization method with consistent encryption and decryption

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711093878.4A CN107707343B (en) 2017-11-08 2017-11-08 SP network structure lightweight block cipher realization method with consistent encryption and decryption

Publications (2)

Publication Number Publication Date
CN107707343A true CN107707343A (en) 2018-02-16
CN107707343B CN107707343B (en) 2020-10-16

Family

ID=61180003

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711093878.4A Active CN107707343B (en) 2017-11-08 2017-11-08 SP network structure lightweight block cipher realization method with consistent encryption and decryption

Country Status (1)

Country Link
CN (1) CN107707343B (en)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108429613A (en) * 2018-03-09 2018-08-21 国网陕西省电力公司电力科学研究院 A kind of electric network information encryption method based on EN-PRESENT algorithms
CN108768617A (en) * 2018-06-06 2018-11-06 贵州大学 A kind of holding format encryption method based on legacy packets password
CN109768854A (en) * 2019-03-29 2019-05-17 衡阳师范学院 A kind of implementation method of lightweight block cipher Wheel
CN110266470A (en) * 2019-06-24 2019-09-20 清华大学 The make of novel block cipher round function
CN111245598A (en) * 2020-03-31 2020-06-05 衡阳师范学院 Method for realizing lightweight AEROGEL block cipher
CN111262685A (en) * 2020-01-17 2020-06-09 衡阳师范学院 Novel method and device for realizing Shield block cipher generated by secret key and readable storage medium
CN111478766A (en) * 2020-01-21 2020-07-31 衡阳师范学院 Method, device and storage medium for realizing block cipher MEG
CN111614457A (en) * 2020-05-21 2020-09-01 衡阳师范学院 P replacement improvement-based lightweight packet encryption and decryption method, device and storage medium
CN111756521A (en) * 2020-06-25 2020-10-09 桂林电子科技大学 Cipher S box design method based on Feistel-SP structure
CN113645615A (en) * 2021-08-12 2021-11-12 衡阳师范学院 Lightweight block cipher encryption and decryption method
CN114124529A (en) * 2021-11-23 2022-03-01 国网山东省电力公司电力科学研究院 Method and device for encrypting/decrypting grid-connected test data and data processing method and device

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070140478A1 (en) * 2005-12-15 2007-06-21 Yuichi Komano Encryption apparatus and encryption method
US20090161864A1 (en) * 2007-12-20 2009-06-25 Sang-Woo Lee Block cipher aria substitution apparatus and method
CN101512618A (en) * 2006-09-01 2009-08-19 索尼株式会社 Data conversion device, data conversion method, and computer program
CN104065474A (en) * 2014-07-14 2014-09-24 衡阳师范学院 Novel low-resource efficient lightweight Surge block cipher implementation method
CN104184579A (en) * 2014-09-12 2014-12-03 南京航空航天大学 Lightweight block cipher VH algorithm based on dual pseudo-random transformation
CN104333446A (en) * 2014-11-10 2015-02-04 衡阳师范学院 Novel ultra-lightweight QTL (Quasi-Transmission Line) block cipher implementation method
CN105959107A (en) * 2016-06-24 2016-09-21 衡阳师范学院 Novel and highly secure lightweight SFN block cipher implementation method

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070140478A1 (en) * 2005-12-15 2007-06-21 Yuichi Komano Encryption apparatus and encryption method
CN101512618A (en) * 2006-09-01 2009-08-19 索尼株式会社 Data conversion device, data conversion method, and computer program
CN102594546A (en) * 2006-09-01 2012-07-18 索尼株式会社 Message processing module
US20090161864A1 (en) * 2007-12-20 2009-06-25 Sang-Woo Lee Block cipher aria substitution apparatus and method
CN104065474A (en) * 2014-07-14 2014-09-24 衡阳师范学院 Novel low-resource efficient lightweight Surge block cipher implementation method
CN104184579A (en) * 2014-09-12 2014-12-03 南京航空航天大学 Lightweight block cipher VH algorithm based on dual pseudo-random transformation
CN104333446A (en) * 2014-11-10 2015-02-04 衡阳师范学院 Novel ultra-lightweight QTL (Quasi-Transmission Line) block cipher implementation method
CN105959107A (en) * 2016-06-24 2016-09-21 衡阳师范学院 Novel and highly secure lightweight SFN block cipher implementation method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
李浪等: "一种Piccolo加密算法硬件优化实现研究", 《计算机应用研究》 *

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108429613A (en) * 2018-03-09 2018-08-21 国网陕西省电力公司电力科学研究院 A kind of electric network information encryption method based on EN-PRESENT algorithms
CN108768617B (en) * 2018-06-06 2021-02-23 贵州大学 Format-preserving encryption method based on traditional block cipher
CN108768617A (en) * 2018-06-06 2018-11-06 贵州大学 A kind of holding format encryption method based on legacy packets password
CN109768854A (en) * 2019-03-29 2019-05-17 衡阳师范学院 A kind of implementation method of lightweight block cipher Wheel
CN109768854B (en) * 2019-03-29 2020-02-04 衡阳师范学院 Method for realizing lightweight block cipher algorithm
CN110266470A (en) * 2019-06-24 2019-09-20 清华大学 The make of novel block cipher round function
CN111262685A (en) * 2020-01-17 2020-06-09 衡阳师范学院 Novel method and device for realizing Shield block cipher generated by secret key and readable storage medium
CN111478766A (en) * 2020-01-21 2020-07-31 衡阳师范学院 Method, device and storage medium for realizing block cipher MEG
CN111245598A (en) * 2020-03-31 2020-06-05 衡阳师范学院 Method for realizing lightweight AEROGEL block cipher
CN111245598B (en) * 2020-03-31 2022-06-14 衡阳师范学院 Method for realizing lightweight AEROGEL block cipher
CN111614457A (en) * 2020-05-21 2020-09-01 衡阳师范学院 P replacement improvement-based lightweight packet encryption and decryption method, device and storage medium
CN111614457B (en) * 2020-05-21 2021-02-19 衡阳师范学院 P replacement improvement-based lightweight packet encryption and decryption method, device and storage medium
CN111756521B (en) * 2020-06-25 2022-05-27 桂林电子科技大学 Cipher S box design method based on Feistel-SP structure
CN111756521A (en) * 2020-06-25 2020-10-09 桂林电子科技大学 Cipher S box design method based on Feistel-SP structure
CN113645615A (en) * 2021-08-12 2021-11-12 衡阳师范学院 Lightweight block cipher encryption and decryption method
CN113645615B (en) * 2021-08-12 2023-12-22 衡阳师范学院 Lightweight block cipher encryption and decryption method
CN114124529A (en) * 2021-11-23 2022-03-01 国网山东省电力公司电力科学研究院 Method and device for encrypting/decrypting grid-connected test data and data processing method and device
CN114124529B (en) * 2021-11-23 2024-03-29 国网山东省电力公司电力科学研究院 Method and device for encrypting/decrypting grid-connected test data, and data processing method and device

Also Published As

Publication number Publication date
CN107707343B (en) 2020-10-16

Similar Documents

Publication Publication Date Title
CN107707343B (en) SP network structure lightweight block cipher realization method with consistent encryption and decryption
CN111431697B (en) Novel method for realizing lightweight block cipher CORL
Kumar et al. Effective implementation and avalanche effect of AES
Gupta et al. An enhanced AES algorithm using cascading method on 400 bits key size used in enhancing the safety of next generation internet of things (IOT)
CN109768854B (en) Method for realizing lightweight block cipher algorithm
CN104333446B (en) A kind of novel ultra-light magnitude QTL block cipher implementation method
AU2007232123B2 (en) Robust cipher design
Satoh et al. Hardware-focused performance comparison for the standard block ciphers aes, camellia, and triple-des
CN104065474B (en) Novel low-resource efficient lightweight Surge block cipher implementation method
Sulaiman et al. Enhancing advanced encryption standard S-box generation based on round key
Mohan et al. Performance analysis of AES and MARS encryption algorithms
CN105959107A (en) Novel and highly secure lightweight SFN block cipher implementation method
Feng et al. SCENERY: a lightweight block cipher based on Feistel structure
CN110784307A (en) Lightweight cryptographic algorithm SCENERY implementation method, device and storage medium
Dawood et al. Design large symmetric algorithm for securing big data
CN115484019B (en) AES key expansion improvement algorithm with weak correlation
CN111614457A (en) P replacement improvement-based lightweight packet encryption and decryption method, device and storage medium
GN et al. Performance enhancement of Blowfish and CAST-128 algorithms and Security analysis of improved Blowfish algorithm using Avalanche effect
CN113691364B (en) Encryption and decryption method of dynamic S-box block cipher based on bit slice technology
CN111262685B (en) Novel method and device for realizing Shield block cipher generated by secret key and readable storage medium
Kumar Gupta et al. Cryptanalysis of Kalyna block cipher using impossible differential technique
Pramod et al. An advanced AES algorithm using swap and 400 bit data block with flexible S-Box in Cloud Computing
Barhoush et al. DES22: DES-based algorithm with improved security
Sharma et al. Comparative analysis of block key encryption algorithms
Khurum Securing data encryption

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant