KR19990027040A - Encryption method and device - Google Patents

Abstract

The present invention relates to an encryption method and apparatus that can increase the key length by increasing the key length without reducing the encryption and decryption processing speed.

The present invention includes a round including permutation and rearrangement to divide the plain text data into at least two data blocks, so that an encrypted data block for each of the at least two data blocks is generated. Is repeatedly performed and the encrypted data block is computed as a self-exclusive logical sum (SXOR) in any round.

The encryption method and apparatus of the present invention can increase the key length by extending the key length without reducing the encryption and decryption processing speed.

Description

Encryption method and device

The present invention relates to an encryption algorithm for providing security to a digital document, and more particularly, to an encryption method and apparatus capable of increasing a key length by extending a key length without degrading encryption and decryption processing speed.

Recently, with the rapid development of communication networks and computer technologies, security of digital documents is required. In order to provide security for this digital document, an encryption algorithm for converting plain text into cipher text is being used. This encryption algorithm is implemented in the form of hardware, such as a smart card, or in the form of software that can be executed by a Central Processing Unit. The encryption software or hardware is applied to a communication terminal to prevent illegal viewing of digital broadcasting information or illegal use of digital documents.

As an encryption algorithm for providing security to digital documents, the Data Encryption Standard (DES) type encryption / decryption algorithm adopted in 1997 as an international standard algorithm has been mainly used in financial networks and commercial communication networks. The DES type encryption algorithm belongs to a repetitive block cipher system and increases the degree of secretity by appropriately using a weak secret function. Here, each step or each block to which the cryptographic function is applied is called a round. The cryptographic functions included in each round (RD) simply use bitwise operation, permutation, and substitution, making the DES encryption system faster than public-key cryptosystems (asymmetric-key systems). To convert plaintext into ciphertext. The DES type encryption system may be implemented in the form of 2 rounds (RD), 3 rounds (RD), 4 rounds (RD), 16 rounds, and the like, depending on the security provided in the digital document.

Among these, the operation characteristics of the 16th round (RD) DES type encryption / decryption algorithm of FIPS PUB 46-2 designated by the US Department of Commerce will be examined. Encryption or decryption uses 56 key bits with the same algorithm, encrypting a 64-bit block of data at a time. Decryption is performed using a key such as encryption, but the applied key applies the key schedule in the reverse order of encryption. The key dependent calculation is defined by the encryption function f and the key scheduling function KS. The encryption function f is represented by the selection function S _i and the permuation function P. The algorithms of functions P and KS are shown in the appendix to FIPS PUB 46 2.

1 is a block diagram showing a conventional 16 round DES type encryption system.

Referring to Fig. 1, the conventional sixteenth round (RD) DES type encryption system has first to sixteenth rounds RD1 to RD16 that are cascaded to the initial sequencer 2. When the 64-bit input data D is supplied to the initial sequencer 2, the initial sequencer 2 rearranges the bit order of the input data D according to a predetermined rule. As a result, the upper 32 bits and the lower 32 bits of the value are called the left data L ₀ and the right data R _0, respectively, and these are the inputs of the first round of 16 iteration encryption functions.

The first to sixteenth rounds RD1 to RD16 are each encrypted with 32-bit left and right data supplied from the previous round using the function processor 4 and the exclusive OR operator 6 (hereinafter referred to as an `` XOR operator ''). Generate left and right data.

When the encryption scheme according to the operations of the first to sixteenth rounds RD1 to RD16 is described in detail through the j th round RDj, inputs to be applied to the encryption of the j th round RDj are (L _j-1 , R _{j). -1} ), the right data R _j-1 of the input data is supplied to the function processor 4 and becomes the left data L _j to be supplied to the next round RDj + 1. The encryption function processor 4 inputs the right data R _j-1 and the encryption key K _j of the j th round RDj, and processes them to generate an encryption function, and converts the encryption function into an XOR operator. It supplies to (6). The XOR operator 6 generates an encrypted right data R _j by performing an XOR operation on the operation result values of the left data L _j-1 and the encryption function processor 4. This expression is the same as Equation 1.

[Equation 1]

L _j = R _j-1

R _j = L _{j_1} f (R _j-1 , K _j )

The encrypted right data R _j and left data L _{j of the j} th round RDj are supplied as input data to the J + 1 th round RDj + 1 of the next stage. This process is repeated 16 times, and the sixteenth round RD16 generates encrypted left and right data L ₁₆ and R ₁₆ . These data L ₁₆ and R ₁₆ are exchanged in position with each other and supplied to the input of the reverse permeation processor 8. Then, the inverse permutation processor 8 performs arithmetic processing by Inverse Initial Permutation (IP ^_1 ) to finally generate the ciphertext C.

Fig. 2 shows a triple DES type encryption system for improving the conventional secret degree.

In Fig. 2, a conventional triple DES encryption system has been proposed by Tuchman. In the triple encryption / decryption system, two DES keys KA and KB are used to repeat the DES encryption method three times as shown in the following equation to increase the key to 112 bits and increase the degree of secretion.

[Formula 2]

Encryption: C = Enc (Dec (Enc (D, KA), KB), KA)

Decoding: D = Dec (Enc (DEC (C, KA), KB), KA)

In this case, D is plain text, C is cipher text, Dec is decryption function, and Enc is encryption function.

However, the DES type encryption algorithm according to the prior art has a key length of only 56 bits, so that the development of microprocessor technology and a new attack method, for example, of the differential cryptanalysis jointly published by Biham and Shamir in 1990 Proposals do not provide sufficient security. In addition, when the triple encryption scheme is used as a scheme for having a key of 112 bits, the encryption speed is reduced to 1/3, which results in three times as long as the conventional DES encryption algorithm.

Accordingly, an object of the present invention is to provide an encryption method and apparatus that can increase the height by expanding the key length without reducing the encryption and decryption processing speed.

1 is a block diagram showing a conventional DES encryption system.

Fig. 2 is a block diagram showing another conventional DES type encryption system.

3 is a block diagram showing an encryption system according to a first embodiment of the present invention.

FIG. 4 is a detailed circuit diagram of the self-exclusive logical sum operator (SXOR) of the present invention shown in FIG.

5 is a block diagram showing an encryption system according to a second embodiment of the present invention.

Explanation of symbols for main parts of the drawings

2,12,22,32,42: Initial permuter 4,14,24,34,44: Function processor

8,18,28: Reverse permeation processor 10,20,30,40: DES block

6,16,26,36,32,46: exclusive OR operator (XOR)

In order to achieve the above object, the encryption method of the present invention comprises the steps of permutation and rearrangement to divide into at least two data blocks for plain text data, and to generate an encrypted data block for each of the at least two data blocks; Iteratively performing a round comprising a function processing and a logical operation using a key, and a step of computing a block of data encrypted in any round with a self-exclusive logical sum (SXOR).

The encryption method of the present invention includes permutation and rearrangement to divide the plain text data into two data blocks, and includes a function processing and a logical operation using a key to generate an encrypted data block for each of the two data blocks. Performing the round repeatedly and computing a self-exclusive logical sum (SXOR) on the encrypted data blocks generated in any round.

The encryption method of the present invention comprises the steps of permuting and rearranging to divide the plain text data into four data blocks, and a round including a function processing and a logical operation using a key to generate an encrypted data block for the four data blocks. Performing a recursive operation, computing the encrypted data generated in the odd round so that the two data blocks are related to each other, and performing self-exclusive logical OR, and generating the first round so that the four data blocks are associated with each other. Computing the encrypted data block with a self-exclusive logical OR.

The decryption method of the present invention comprises the steps of permutation and rearrangement to divide the ciphertext data into at least two data blocks, function processing and logical operation using a key to generate an encrypted data block for at least two data blocks. Iteratively performing a round comprising a; and a step of performing a self-exclusive logical sum on the data block encrypted in any round.

The encryption apparatus of the present invention uses a permutation calculation means for rearranging at least two data blocks by performing permutation on plain text data connected to an input line, and using a key to generate an encrypted data block by cascading to the permutation calculation means. And round calculation means for repeatedly performing function processing and logic operation, and at least one SXOR calculation means for performing a self-exclusive logical sum operation on an encrypted data block connected to any round calculation means.

The decryption apparatus of the present invention uses a permutation calculation means for rearranging at least two data blocks by performing a permutation operation on the ciphertext data connected to an input line, and using a key to generate an encrypted data block by cascading to the permutation calculation means. And round calculation means for repeatedly performing the function processing and logic operation, and at least one SXOR calculation means for performing a self-exclusive logical sum on the encrypted data block connected to any round calculation means.

Other objects and features of the present invention in addition to the above objects will become apparent from the description of the embodiments with reference to the accompanying drawings.

Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to FIGS. 3 to 5.

3 is a schematic block diagram of encrypting two DES blocks simultaneously based on the DES algorithm, showing an encryption system according to a first embodiment of the present invention.

Referring to Fig. 3, the encryption system of the present invention is cascaded to the first and second DES blocks 10 and 20 and the initial sequencers 12 and 22 of the first and second DES blocks 10 and 20. Self exclusive XOR (SXOR, hereinafter referred to as SXOR) connected to the first to sixteenth rounds RD1 to RD16 and the output terminals of the radix-th round RD1, RD3, RD5, RD7, ..., RD15. 60).

The SXOR operator 60 performs an XOR operation on three data blocks except for one of four left and right data blocks input thereto.

The encryption system of the present invention is designed to affect each other between two blocks in the middle of the encryption and decryption process, thereby increasing the short key of 56 bits, which is a weakness of DES, to 112 bits, and inputting 64 bits of input data at a time. The 128-bit input data of the first and second DES blocks are encrypted. The encryption system of the present invention uses a 112-bit encryption key (K), where K is a 56-bit key, K ₁ and K ₂ used in two DESs. (K = {K ₁ , K ₂ }) K ₁ And K ₂ are applied to two DES blocks, that is, the first DES block 10 and the second DES block 20, respectively. Each round RD1 to RD16 has the right data and key input to itself {(K _1,1 K _1,2 K _1,3 ... K _1,16 ), (K _2,1 K _2,2 K _2,3 ... K _2,16 )}, and the left side data connected to the function processors 14, 24 to generate the cryptographic function for the right data, and supplied to itself. And the right-hand data encrypted by XOR operation of the encryption function from the function processor 14, 24 {(R _1,1 R _1,2 ... R _1,16 ), (R _2,1 R _2,2 .. .R _2,16 )}. The key applied to each round of the DES is the key (K _1,1 K _1,2 K _1,3 , .. K _1,16 ) applied to the first to sixteenth rounds in the first DES block 10. Keys (K _2,1 K _2,2 K _2,3 ... K _2,16 ) applied to the first to sixteenth rounds in the second DES block 20, and the function handlers 14 and 24 of each round. Is entered. These keys are generated from K ₁ and K ₂ respectively by DES round key generation method.

4 is a detailed circuit diagram illustrating an SXOR operator of the present invention.

Referring to FIG. 4, the SXOR operator of the present invention has three data of four data blocks L _{1, j} , R _{1, j} , L _{2, j} , R _{2, j} generated in the j th round RDj. An XOR operator 62 for XORing the block is provided.

The XOR operator 62 includes three pieces of data of four data blocks (L _{1, j} , R _{1, j} , L _{2, j} , R _{2, j} ) except the input data block corresponding to its output data block. An XOR operation on the block generates new left and right data blocks L ' _{1, j} , R' _{1, j} , L ' _{2, j} , and R' _{2, j} .

The inverse operation exists due to the SXOR operation characteristic of the SXOR operator 60.

That is, four inverse data blocks L _{1, j} from four output data blocks L ' _{1, j} , R' _{1, j} , L ' _{2, j} , R' _{2, j} of the SXOR operator 60. , R _{1, j} , L _{2, j} , R _{2, j} ) can be obtained from Equation 3 as follows.

[Equation 3]

L _{1, j} = R ' _{1, j} L ' _{2, j} R ' _{2, j}

R _{1, j} = L ' _{1, j} L ' _{2, j} R ' _{2, j}

L _{2, j} = L ' _{1, j} R ' _{1, j} R ' _{2, j}

R _{2, j} = L ' _{1, j} R ' _{1, j} L ' _{2, j}

Referring to the encryption processing procedure of the present invention for simultaneously encrypting two DES blocks as shown in FIG. 3, the first and second DES blocks 10 and 20 each include two 8-byte (64-bit) data blocks D1, D2) is supplied. These data blocks (D1, D2) are rearranged in bit order according to a predetermined rule by the initial sequencers 12, 22, and the result is the upper four bytes (32 bits) and the lower four bytes (32 bits) of the result value. Divided. Each of these is input data blocks L _1,0 , R _1,0 of the first round RD1 in the first DES block 10 and inputs of the first round RD1 in the second DES block 20. The data blocks L _2,0 and R _2,0 are supplied. At this time, the keys K ₁ and K ₂ applied to each DES block have a length of 56 bits. Then, if the left and right data blocks applied to the encryption of the first DES block 10 in the jth round RDj are (L _{1, j-1} , R _{1, j-1} ), the right data of the input data ( R _{1, j-1} ) is supplied to the function processor 14 and becomes left data L _{1, j} supplied to the next round RDj + 1. The encryption function processor 14 inputs the right data R _{1, j-1} and the encryption key K _{1, j} of the j th round RDj, and computes these to generate an encryption function, and generates the encryption function. The function is supplied to the XOR operator 16. The XOR operator 16 generates an encrypted right data R _{1, j} by performing an XOR operation on the left data L _{1, j-1} and the result value of the function processor 14. By the same processing procedure, the j th round RDj of the second DES block 20 generates encrypted left and right data L _{2, j} , R _{2, j} . This expression is expressed as Equation 4.

[Equation 4]

L _{1, j} = R _{1, j-1}

R _{1, j} = f (R _{1, j-1} , K _{1, j} ) L _{1, j-1}

L _{2, j} = R _{2, j-1}

R _{2, j} = f (R _{2, j-1} , K _{2, j} ) L _{2, j-1}

At this time, if j is excellent, the current output data block (L _{1, j} , R _{1, j} , L _{2, j} , R _{2, j} ) is used as an input of j + 1 th round (RDj + 1) as it is, j If is an odd number, this output is SXOR (Self XOR) computed by SXOR operator 60 to produce four new data blocks (L ' _{1, j} , R' _{1, j} , L ' _{2, j} , R' _{2, j} ). Create This expression is the same as Equation 5.

[Equation 5]

L ' _{1, j} = R _{1, j} L _{2, j} R _{2, j}

R ' _{1, j} = L _{1, j} L _{2, j} R _{2, j}

L ' _{2, j} = L _{1, j} R _{1, j} R _{2, j}

R ' _{2, j} = L _{1, j} R _{1, j} L _{2, j}

These four new data blocks L ' _{1, j} , R' _{1, j} , L ' _{2, j} , R' _{2, j} are used as inputs of the j + 1th round RDj + 1. The operation of the SXOR operator 60 connected to the output terminals of the first to sixteenth rounds RD1 to RD16 and the radix-th rounds RD1, RD3, RD5,..., RD15 is performed with the j th round RDj. It works the same. Once this iterative last round by the encryption algorithm that is, the output 16 the encrypted data blocks of round (RD16) _(1,16 L, R _{1,16, 2,16} L, R _2,16) are generated, the first DES block 10 the left and right data block _(1,16 L, R _1,16), a first DES block 2 the left and right data block _(2,16 L, R _2,16) generated in 20 is generated from each The values of the left and right data blocks are exchanged and supplied to the reverse permutation processors 18 and 28. Then, the inverse permutation processor (18,28) generates a 16-byte cipher text (C ₁ , C ₂ ) by arithmetic processing by the inverse Initial Permutation (IP ^_1 ).

Looking at the processing procedure for the decryption method for obtaining the plain text for the ciphertext (C ₁ , C ₂ ) generated in this way, it is performed in the same manner as the encryption process from the ciphertext (C ₁ , C ₂ ) encrypted by the above algorithm do. First, the ciphertext (C _1, C ₂₎ C ₁ and C ₂ for each of the initial permutation (IP) to take each of the 4 bytes (32 bits) consisting of a left and right block data as shown in Equation 6 _(1,16 R, from L _{1, 16} , R _2,16 , L _2,16 ).

[Equation 6]

(R _1,16 , L _1,16 ) = IP (C ₁ )

(R _2,16 , L _2,16 ) = IP (C ₂ )

And the decoding process from the rearranged left and right data block _(1,16 L, R _{1,16, 2,16} L, R _2,16) from the 16th round (RD16) to the first round (RD1) performed 16 times repeatedly . The processing procedure of the j th round RDj among these rounds RD16 to RD1 will be described. If the data block input to the j th round RDj is (R _{1, j} , L _{1, j} , R _{2, j} , L _{2, j} ), the output of this round RDj is expressed as shown in Equation 7.

[Formula 7]

R ' _{1, j-1} = L _{1, j}

L ' _{1, j} = R _{1, j} f (L _{1, j} , K _{1, j} )

R ' _{2, j-1} = L _{2, j}

L _{2, j-1} = R _{2, j} f (L _{2, j} , K _{2, j} )

Here, if j-1 is good, the output data blocks L ' _{1, j-1} , R' _{1, j-1} , L ' _{2, j-1} , R' _{2, j-1} ) are j-1th as they are. It is used as the input of the round (RDj-1). If j is an odd number, this output is calculated by the SXOR operator 60 to be SXOR (Se1f exclusive XOR) and the new four data blocks (R _{1, j-1} , L _{1, j-1} , R _{2, j-1} , L _{2, j-1} ) is obtained in the same manner as in Equation 8 below, and is supplied as an input to the j-1th round RDj-1.

Equation 8

R _{1, j-1} = L ' _{1, j-1} L ' _{2, j-1} R ' _{2, j-1}

L _{1, j-1} = R ' _{1, j-1} L ' _{2, j-1} R ' _{2, j-1}

R _{2, j-1} = L ' _{1, j-1} L ' _{2, j-1} R ' _{2, j-1}

L _{2, j-1} = R ' _{1, j-1} L ' _{2, j-1} R ' _{2, j-1}

By performing the j-1 th round RDj-1 to the first round RD1 as described above, the output data blocks R ₁ , ₁ , L ₁ , ₁ , R _2, in the first round RD1 are finally performed _{. 1} , L _2,1 ) is generated, and the left and right data blocks are exchanged and supplied to the reverse permutation processors 18 and 28 as in the encryption process. Then, the inverse permutation processor (18,28) can be processed by the inverse Initial Permutation (IP ^_1 ) of the initial permutation value to obtain the 16-byte plain text data blocks D ₁ and D ₂ each consisting of 8 bytes.

5 is a block diagram showing an encryption system according to a second embodiment of the present invention.

Referring to FIG. 5, the encryption system of the present invention includes an initial sequencer of the first to fourth DES blocks 10, 20, 30, and 40 and the first to fourth DES blocks 10, 20, 30, and 40. The first to sixteenth rounds RD1 to RD16 cascaded to (12,22,32,42) and the output terminals connected to the output terminals of the radix-th round RD1, RD3, RD5, RD7, ..., RD15. And a second SXOR operator 50 connected to the output terminal of the first SXOR operator 60 and the even-numbered rounds RD2, RD4, RD6, RD8, ..., RD14.

When the encryption and decryption algorithm of the present invention is applied to four first through fourth DES blocks 10, 20, 30, and 40, 32 bytes of plain text input data D1, D2, D3, and D4 each consisting of 8 bytes. ) Are simultaneously input, and the keys K ₁ , K ₂ , K ₃ , and K ₄ of each DES block are used as keys to obtain a total of 224 bit key effects.

Referring to this encryption procedure, 32 bytes of plain text input data D ₁ , D ₂ , D ₃ , and D ₄ are supplied to the first to fourth DES blocks ₁₀ , ₂₀ , ₃₀ , and ₄₀ , respectively. These data blocks (D ₁ , D ₂ , D ₃ , D ₄ ) are rearranged in bit order by the initial sequencers 12, 22, 32, and 42 of each DES block, and the upper four bytes of the result value. The input data blocks L _1,0 , R _1,0 , L _2,0 , R _2,0 , L _{3, on} the left and right sides of the first round RD1 are divided into (32 bits) and lower 4 bytes (32 bits). ₀ , R _3,0 , L _4,0 , R _4,0 ). The first round RD1 is the left and right data blocks L _1,1 , R _1,1 , L encrypted using the function processors 14, 24, 34, 44 and the XOR operators 16, 26, 36, 36. _2,1 , R _2,1 , L _3,1 , R _3,1 , L _4,1 , R _4,1 ). The first SXOR operator 60 generates four data blocks L ₁ , ₁ , R ₁ , ₁ generated in the first DES block 10 and the second DES block 20 during the output of the first round RD1. , L _2,1, R _2,1) of the three data blocks an XOR operation to the second round (RD2) input data blocks (L _'1,1, R' of _1,1, L _'2,1, R ' _2,1 ). Similarly, four data blocks L ₃ , ₁ , R ₃ , ₁ , L ₄ , ₁ , and R generated in the third DES block 30 and the fourth DES block 40 among the outputs of the first round RDl. Three data blocks of _4,1 are XORed by the first SXOR operator 60 to input the second data block L' _3,1 , _R'3,1 , L' _{4,1 of} the second round RD2. , R ' _4,1 ). Then, the second round RD2 is the left and right data blocks L _1,2 and R _1,2 encrypted using the function processors 14, 24, 34 and 44 and the XOR operators 16, 26, 36 and 36. , L _2,2 , R _2,2 , L _3,2 , R _3,2 , L _4,2 , R _4,2 ). Among these data blocks (L _1,2 , R _1,2 , L _2,2 , R _2,2 , L _3,2 , R _3,2 , L _4,2 , R _4,2 ), the second SXOR operator By 50, the output data blocks L _1,2 , R _1,2 , L _3,2 , R _{3,2 of} the first and third DES blocks 10, 30 are subjected to SXOR operation so that a new data block ( L ' _1,2 , R' _1,2 , L ' _3,2 , R' _3,2 ) and supplied to the third round RD3. In addition, the output data blocks L ₂ , ₂ , R ₂ , ₂ , L ₄ , ₂ , and R ₄ , 2 of the second and fourth DES blocks 20 and 40 of the second round RD2 may be separated from each other. SXOR is calculated by the computing unit SXOR 50 is converted into a new data block _{(L '2,2, R' 2,2} , L '4,2, R' 4,2) is supplied to the third round (RD3) .

In this way, the outputs of the radix-th round RD1, RD3, RD5, RD7, RD9, RD11, RD15 are SXOR-calculated by the first SXOR operator 60 in the same manner as the first round RD1 to perform the next round. Supplied to. And the output of the even rounds (RD2, RD4, RD6, RD8, RD10, RD12, RD14, except 16 rounds) is the same as the second round (RD2) and the odd DES blocks (10, 30) respectively. SXOR operation is performed by two second SXOR operators 50 which perform XOR operation on the output data blocks of the first DES block 20, 40 and is supplied in the next round. Finally, the 16th output encrypted data blocks of round (RD16) _(1,16 L, R _{1,16, 2,16} L, R _{2,16, 3,16} L, R _{3,16, 4,16} L , R _4,16 ), each DES block (10, 20, 30, 40) is a 32-byte ciphertext (C) by exchanging the data block values and processing them by the inverse transformation (1P ^_1 ) of the initial permutation value ₁ , C ₂ , C ₃ , C ₄ ) are generated.

The decryption process is performed in the same manner as the encryption process from the ciphertext (C ₁ , C ₂ , C ₃ , C ₄ ) encrypted by the above encryption algorithm. Therefore, by encrypting or decrypting by such an encryption and decryption algorithm, a key effect of 224 bits is obtained.

As a result, the encryption method and apparatus of the present invention simultaneously encrypts and decrypts at least two or more DES blocks using a 56-bit key to take an SXOR of the intermediate result value at the output of the odd-numbered round, thereby providing at least two or more DESs. Each key applied to a block affects each other between DES blocks, so that a key expansion effect can be obtained without reducing the encryption speed (for example, when encrypting or decrypting two DES blocks simultaneously, the key is extended to 112 bits). If four DES blocks are encrypted or decrypted at the same time, the key can be extended to 224.)

In the encryption method and apparatus of the present invention, if two or four DES blocks are taken as 8-byte input data blocks (D ₁ = D ₂ (= D ₃ = D ₄ )), two 56-bit DES keys or The ciphertext (C ₁ = C ₂ (= C ₃ = C ₄ )) generated when used with four DES block keys (K ₁ = K ₂ (= K ₃ = K ₄ )) decodes 8-byte plain text data. Because it is the same as that encrypted with, it is compatible with the conventional DES encryption algorithm.

As described above, the encryption method and apparatus of the present invention can increase the key length by extending the key length without reducing the encryption and decryption processing speed.

Those skilled in the art will appreciate that various changes and modifications can be made without departing from the technical spirit of the present invention. Therefore, the technical scope of the present invention should not be limited to the contents described in the detailed description of the specification but should be defined by the claims.

Claims (20)

Permuting and rearranging the data to be divided into at least two data blocks for plain text data; Iteratively performing a round comprising a function processing and a logical operation using a key to generate an encrypted data block for each of the at least two data blocks; Computing the encrypted block of data in a self-exclusive logical sum (SXOR) in the round. The method of claim 1, wherein the operation of performing a self exclusive XOR comprises: n except for the mth encrypted data block in the n encrypted data blocks to generate an arbitrary mth output element. -Encryption method, characterized in that one encrypted data is calculated with an exclusive OR. Permuting and rearranging the plain text data into two data blocks; Iteratively performing a round comprising a function processing and a logical operation using a key to generate an encrypted data block for each of the two data blocks; And computing a self-exclusive logical sum (SXOR) on the encrypted data blocks generated in the any round. 4. The method of claim 3, wherein a 56-bit key is supplied for the respective data blocks in the round to generate the encrypted data block with a 112-bit key. The encryption method as claimed in claim 3, wherein the operation of performing the self-exclusive logical OR comprises performing the logical operation on the encrypted data block generated in the odd-numbered rounds. 4. The method of claim 3, wherein the encrypted data blocks generated in the arbitrary j-1 th round are respectively (L _{1, j-1} , R _{1, j-1} , L _{2, j-1} , R _{2, j -1} ), L _{1, j} = R _{1, j-1} R _{1, j} = f (R _{1, j-1} , K _{1, j} ) L _{1, j-1} L _{2, j} = R _{2, j-1} R _{2, j} = f (R _{2, j-1} , K _{2, j} ) L _{2, j-1} here, Denotes an exclusive OR operation, and encrypted data blocks (L _{1, j} , R _{1, j} , L _{2, j} , R _{2, j} ) are generated in the j th round. The method according to claim 3 or 6, wherein the j th round is an odd round and the encrypted data generated in the j th round is L _{1, j} , R _{1, j} , L _{2, j} , R _{2, j} If so, the encrypted data is calculated by a self-exclusive logical OR, L ' _{1, j} = R _{1, j} L _{2, j} R _{2, j} R ' _{1, j} = L _{1, j} L _{2, j} R _{2, j} L ' _{2, j} = L _{1, j} R _{1, j} R _{2, j} R ' _{2, j} = L _{1, j} R _{1, j} L _{2, j} here Means an exclusive OR operation, and generates encrypted data blocks of L ' _{1, j} , R' _{1, j} , L ' _{2, j} , R' _{2, j} . 4. The method of claim 3, wherein the encrypted data blocks that occurred in the even-th round are not computed by self-exclusive logical OR. 4. The encryption method according to claim 3, wherein the ciphertext data is generated by performing the inverse of the permutation on the encrypted data generated in the round located at the last stage. Permuting and rearranging the data to be divided into four data blocks for the plain text data; Iteratively performing a round comprising a function processing and a logical operation using a key to generate an encrypted data block for the four data blocks; Computing the encrypted data generated in the odd rounds by a self-exclusive logical sum such that the two data blocks are associated with each other; Computing the encrypted data block generated in the even round to self-exclusive logical sum such that the four data blocks are associated with each other. 11. The method of claim 10, wherein a 56-bit key is supplied for the respective data blocks in the round to generate the encrypted data block with a 224-bit key. Permutating and rearranging the ciphertext data into at least two data blocks; Repeatedly performing a round including function processing and a logical operation using a key to generate an encrypted data block for the at least two data blocks; And performing a self-exclusive logical OR on the encrypted data blocks in the arbitrary rounds. 13. The decoding method of claim 12, wherein the plaintext data is generated by performing the inverse of the permutation on the data block generated in the round located at the last stage. Permutation computing means connected to an input line for reordering the plain text data into at least two data blocks; Round arithmetic means for repetitively performing a function processing and a logical operation using a key so as to be subordinately connected to the permutation arithmetic means to generate an encrypted data block; And at least one SXOR arithmetic means connected to said arbitrary round arithmetic means for performing a self-exclusive logical sum on said encrypted data block. 15. The encryption apparatus according to claim 14, wherein the round calculation means performs a calculation using a key supplied for each of the data blocks. 15. The encryption apparatus according to claim 14, wherein the round computing means located at the last stage further comprises a reverse permutation calculating means for performing the inverse of the permutation of the encrypted data block to generate encrypted text data. . 15. The encryption apparatus according to claim 14, wherein said SXOR calculation means is connected to an output terminal of said odd-numbered round calculation means to calculate said encrypted data block by self-exclusive logical sum. 15. The encryption apparatus according to claim 14, wherein said SXOR calculating means is connected to an output terminal of said even-numbered round calculating means and calculates said encrypted data block of said odd-numbered DES block by self-exclusive logical sum. Permutation computing means connected to an input line for reordering ciphertext data into at least two data blocks; Round arithmetic means for repetitively performing a function processing and a logical operation using a key so as to be subordinately connected to the permutation arithmetic means to generate an encrypted data block; And at least one SXOR arithmetic unit connected to any of the round arithmetic units and performing a self-exclusive logical sum on the encrypted data block. 20. The decryption apparatus as set forth in claim 19, further comprising: inverse permutation computing means connected to the last round computing means to perform inverse computation of the permutation operation on the encrypted data block to generate the plain text data. Device.