KR20030000720A - Symmetric key block cipher algorithm design method with no operation between key and plaintext - Google Patents

Abstract

PURPOSE: A method for designing a symmetric key block cipher algorithm without calculation between a key and a plaintext is provided to obtain a high degree of encryption by varying an executing routine of an algorithm according to key values and by not performing a calculation process between a round key and a round block. CONSTITUTION: An input process is performed to receive a secret key corresponding to a size of 8 bitsxr(r is a positive integer) and a plaintext corresponding to a size of a multiple of 8(S10). Round keys of r number are generated by using the secret key according to a predetermined key scheduling algorithm(S12). The plaintext is encoded by performing repeatedly a round calculation process by using a bijective function selected according to the round keys of r number(S14). An output process is performed to output a cipher text generated from an encryption process(S16).

Description

SYMMETRIC KEY BLOCK CIPHER ALGORITHM DESIGN METHOD WITH NO OPERATION BETWEEN KEY AND PLAINTEXT}

The present invention relates to a method for designing a cryptographic algorithm, and more particularly, to a method for designing a symmetric key block cipher algorithm, wherein a routine of performing an algorithm is changed according to a round key value. The present invention relates to a method of designing a symmetric key block cryptographic algorithm in which a high degree of non-computation is obtained between a key and a round block.

In modern society, the Internet is becoming part of life. The Internet is gradually becoming a huge information point by eliminating time and distance constraints. In recent years, the Internet has been profoundly affecting economic activity as many people buy products using e-commerce instead of purchasing in stores. The proliferation of computers and the growing number of Internet users have increased the importance of protecting information. Information protection is achieved by the provision of information protection services, and the most common way of providing information protection services is through the use of cryptographic systems.

There are two methods of security using cryptosystems: hardware and software. However, since the hardware method has a disadvantage in that flexibility is inferior to the use target, a software method is mainly used in a system for general users.

Cryptographic systems are intended to protect information from various attacks on it. There are many types of attacks, such as interruption, interception, forgery / modification, and fabrication. Since these attack methods have an organic relationship with each other, in order to secure the information, it is necessary to find a safe mechanism from each attack method and to make the information safe using a combination of security technologies. Such cryptosystems are used to provide the characteristics of interruption-availability, interception-confidentiality, modification-integrity, and fabrication-authentication.

Cryptographic algorithms are being developed to ensure that only certain people know specific content. To date, cryptographic algorithms have evolved a lot and have been converted to more advanced cryptographic algorithms such as Data Encryption Standard (DES) and RSA (Rivest, Shamir, Adleman).

The encryption algorithm consists of encryption algorithm and decryption algorithm. The encryption algorithm uses an encryption key, and the decryption algorithm uses a decryption key. Encryption and decryption algorithms are a kind of function, each of which receives an encryption (decryption) key and a plain text (cipher text) as input and generates a cipher text (plain text).

Cryptographic algorithms can be broadly classified into secret-key cryptography algorithms and public-key cryptography algorithms. The secret key encryption algorithm is called a symmetric key encryption algorithm because the encryption key and the decryption key are the same, and the public key encryption algorithm is also called an asymmetric key encryption algorithm. The symmetric key encryption system is divided into a stream encryption algorithm and a block encryption algorithm by an encryption unit. The stream cipher algorithm encrypts in bits or bytes, and the block cipher algorithm encrypts in blocks. And a hash algorithm that is used for digital signatures.

Many basic structures for symmetric key block cryptographic algorithms have been proposed. Among them, the feistel network is the most commonly used basic structure, and most of the symmetric key block cryptographic algorithms proposed so far are based on this FIELStel network. In symmetric key block cryptographic algorithms, the input values are keys and plain text, which are generated as ciphertext through a fixed routine of the symmetric key block cryptographic algorithm.

1 shows the basic structure of a typical Fiestel network used in a symmetric key block cryptographic algorithm.

Referring to the drawings, K _i (i = 1,2,3, ...) is a round key generated by a key scheduling algorithm, and L ₀ and R ₀ are the left half and right of the input plaintext. Half. symbol Means an exclusive OR operation. The operation process of the symmetric key block encryption algorithm is as follows.

First, a key scheduling algorithm is performed to generate round keys K _i (i = 1,2,3, ...). In each round, the operation of inputs R _i-1 and K _i is performed by the fixed function F of the algorithm, and as a result, F ( R _i-1 , K _i ) is the exclusive OR of L _i-1. . And the final result L _i-1 F (R _i-1, K _i) is provided as an input R _i of the next round, and the input R _i-1 of the prior round is provided as an input L _i of the next round. The execution of the symmetric key block encryption algorithm is completed, and a pair of R _r and L _r output in the final round becomes a ciphertext. This is represented by the following equation (1).

F ( R _i-1 , K _i )

L _i = R _i-1

As such, the symmetric key block cipher algorithm generates ciphertext through a fixed routine (fixed function) described in the algorithm given a plaintext, and operations are performed between subkeys and subblocks in each round.

On the other hand, various attack methods have been proposed for the Feistel cipher, and the representative ones include differential cryptanalysis and linear cryptanalysis. They take advantage of the fact that the Fiestel network operates between round blocks and round keys in each round. In addition, it has been known that it is difficult to design a symmetric key block cryptographic algorithm in which the length of round key and plain text are variable at the same time in the proposed Feistel network.

If the encryption method using the symmetric key block cipher algorithm differs in the execution routine of the algorithm according to the key value, and if no operation is performed between the round key and the round block, an encryption method that can secure a high degree of security may be provided. Could be.

Accordingly, an object of the present invention is proposed to solve the above-mentioned problems, and a method of designing a symmetric key block cryptographic algorithm in which an algorithm execution routine differs according to a key value and no operation is performed between a round key and a round block. To provide.

Another object of the present invention is to provide a design method capable of providing a symmetric key block cryptographic algorithm having a variable length of a round key and a plain text.

1 shows the basic structure of a typical Fiestel network used in a symmetric key block cryptographic algorithm;

2 is a main flowchart of an encryption method using a symmetric key block encryption algorithm according to a preferred embodiment of the present invention;

3 is a flowchart of the key scheduling subroutine of FIG. 2;

4 is a block diagram illustrating a key scheduling algorithm in accordance with a preferred embodiment of the present invention;

5 is a view for explaining an example of obtaining ten integers using a round key;

6 is a flowchart showing the round operation processing subroutine of FIG. 2 in accordance with a preferred embodiment of the present invention;

7 is a flowchart showing a subroutine of the complement function of FIG. 6;

8 is a flowchart showing a subroutine of the transition function of FIG. 6;

9 is a flowchart showing a subroutine of the substitution function of FIG. 6;

10 is a flowchart showing a subroutine of the S-XOR function of FIG. 9; And

FIG. 11 is a flowchart showing a subroutine of the shift function of FIG. 6.

According to a feature of the present invention for achieving the object of the present invention as described above, the encryption method using a symmetric key block encryption algorithm of the present invention comprises: receiving a secret key and plain text; Generating a plurality of round keys from a secret key according to a key scheduling algorithm; A round block operation step of generating a cipher text by repeating a process of obtaining an image of each round block using a shear history function selected from a plurality of generated round keys and their synthesis functions; Outputting a cipher text generated in the round block operation step.

In a preferred embodiment of the present invention, the secret key is composed of n bits x r (n, r is a positive integer), and r round keys are generated by the key scheduling algorithm. Here, the secret key is K = k ₁ ∥ k ₂ ∥ k ₃ ... ∥ k _r-1 ∥ k _r ( k is n bits, '∥' is concatenated), r round keys K ₁ , K ₂ , k _3, ..., when each defined as k _r-1, k _r round keys is determined as _{k i = k i ∥ k r} -i + 1 (1≤i≤r, i is an integer).

In a preferred embodiment of the present invention, the round key is determined as a plurality of integers by combinations of selected bits of 2n bits, and the plurality of integers are a plurality of shear history functions and their synthesis functions in the operation of the round block. Determine.

The embodiments of the present invention may be modified in various forms, and the scope of the present invention should not be construed as being limited by the embodiments described below. It is provided to explain the present invention more clearly.

(Example)

Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings.

The novel symmetric key block cryptographic algorithm design method is based on a cipher algorithm that determines the shear function according to the round key value and repeats the process of obtaining the image of a given round block through a composite function of the determined shear history functions. Encrypt the plain text given by Decryption is the plaintext from the ciphertext given by the encryption algorithm which determines the shear function according to the round key value in the reverse order of encryption, and repeats the process of obtaining the original shape of the given round block through the inverse of the determined composite function of the shear history functions. Get

2 is a main flowchart of a design method using a symmetric key block cryptographic algorithm according to a preferred embodiment of the present invention.

Referring to the drawing, in the encryption method according to the preferred embodiment of the present invention, a secret key K having a size of 8 bits x r (r is a positive integer) and a plaintext of multiples of 8 are input in step S10. In step S12, r round keys are generated using the secret key K according to a predetermined key scheduling algorithm. A detailed description of the round key generation method according to the key scheduling algorithm will be given later.

In step S14, the given plaintext is encrypted by r-rounding a round operation process of obtaining an image of each round block by using shear yarn functions selected according to the generated r round keys. Detailed description thereof will be described later. In step S16, the cipher text generated through the encryption process is output.

As described above, in the encryption method using the symmetric key block encryption algorithm of the present invention, no operation is performed between the round key and the round block, and the round block is determined by a specific function designated by the round key among the plurality of shear company functions. This operation is performed to obtain an image in each round block.

3 is a flowchart of the key scheduling subroutine of FIG.

Referring to the drawing, in step S20 a secret key K for round key generation is input. The secret key K has a size of 8 bits × r. The secret key K can be expressed by Equation 2 as follows. In Equation 2, the symbol '∥' means a concatenation.

K = k ₁ ∥ k ₂ ∥ k ₃ ... ∥ k _r-1 ∥ k _r ( k is 8 bits, r is a positive integer)

For example, when r = 4, the secret key K can be represented as K = k ₁ ∥ k ₂ ∥ k ₃ ∥ k ₄ and the size is 8 bits × 4 = 32 bits. In step S22, r round keys are generated according to the key scheduling algorithm using the secret key K, and r round keys generated in step S23 are output.

4 is a block diagram illustrating a key scheduling algorithm according to a preferred embodiment of the present invention.

Referring to the drawings, r round keys K ₁ , K ₂ , K ₃ , ..., K _r-1 , K _r are paired with two 8-bits selected from the rightmost and left outermost sides of the secret key K. To generate a 16-bit round key. This may be expressed as in Equation 3 below.

K ₁ = k ₁ ∥ k _r , K ₂ = k ₂ ∥ k _r-1 , K ₃ = k ₃ ∥ k _r-2 , ... K _r-1 = k _r-1 ∥ k ₂ , K _r = k _r ∥ k ₁

And if this is generalized and displayed, it can be expressed as Equation 4 below.

K _i = k _i ∥ k _{r-i + 1} (1≤i≤r, i is an integer)

For example, when r = 4, the secret key K can be represented as K = k ₁ ∥ k ₂ ∥ k ₃ ∥ k ₄ . At this time, four round keys generated according to the key scheduling algorithm as described above are represented by Equation 5 below.

K ₁ = k ₁ ∥ k ₄ , K ₂ = k ₂ ∥ k ₃ , K ₃ = k ₃ ∥ k ₂ , K ₄ = k ₄ ∥ k ₁

Each round key generated as described above is divided into 10 integers, and the 10 integers are used to select a plurality of shear yarn functions described later. In other words, each round key of 10 integers is used to determine one function from the plurality of function sets, and the phase of the round block is obtained using the synthesis function of the determined functions.

The key scheduling algorithm in the decryption method using the symmetric key block encryption algorithm of the present invention is the same as the encryption key scheduling algorithm, and the order of applying the round key is the reverse of the order of applying the encryption round key.

In this embodiment, the secret key is a multiple of 8 bits, but is not limited thereto. The design can be variously modified into multiples of n bits (n is a positive integer) such as multiples of 4 bits and multiples of 16 bits, which is obvious to those skilled in the art.

5 is a diagram for describing an example of obtaining ten integers using a round key.

With reference to the drawings, i-th round key K _i = k _i ∥ k _{r-i + 1} is composed of 16 bits, bits b _0, b ₁ from the left is first to one integer I _1, the bit b _2, b ₃ Is the second integer I ₂ , bits b ₄ , b ₅ are the third integer I ₃ , bits b ₆ , b ₇ are the fourth integer I ₄ , bits b ₈ , b ₉ are the fifth integer I ₅ , Bit b ₁₀ is the sixth integer I ₆ , bit b ₁₁ , b ₁₂ the seventh integer I ₇ , bit b ₁₃ the eighth integer I ₈ , bit b ₁₄ the ninth integer I ₉ , and bit b ₁₅ corresponds to the tenth integer I ₁₀ , respectively. For example, if K _i = k _{r-i + 1} ∥ k _i = 1001110101010101 (binary), then I ₁ = 2, I ₂ = 1, I ₃ = 3, I ₄ = 1, I ₅ = 1, I Ten integers are determined by ₆ = 0, I ₇ = 2, I ₈ = 1, I ₉ = 0, and I ₁₀ = 1.

6 is a flowchart showing the round operation processing subroutine of FIG.

Referring to the drawing, the round block operation routine is started by receiving r round keys generated by the key scheduling algorithm as described above. In the round block operation routine, the corresponding shear yarn functions are selected from a plurality of shear yarn function sets by _ten integers I ₁ , I ₂ , I ₃ , ..., I ₁₀ determined by the corresponding round key. do.

In step S30, a complement function is called to perform a round block operation, and the operation result is provided to the next step. In step S32, a transition function is called, and the result calculated by the complement function is provided to the called transition function to perform a round block operation, and the result is provided to the next step.

In step S34, a substitution function is called, and the result calculated by the transition function is provided to the called substitution function, and a round block operation is performed to provide to the next step. In step S36, a shift function is called, and the result calculated by the substitution function is provided to the called shift function to perform a round block operation. This round block operation is performed during r rounds, and the result of the final round operation is output as a cipher text.

More specifically, the operation of the round block by each function will be described in detail with reference to FIGS. 7 to 10.

FIG. 7 is a flowchart showing a subroutine of the complement function of FIG. 6.

Referring to the drawing, when the calculation routine of the complement function is started, in step S40, an integer I ₁ determined by i round block B = B ₁ ∥B ₂ ∥B ₃ ∥B ₄ and i round key K _i is input. In step S42, the entire (I ₁ +1) th sub block in the round block is taken as a complement. In operation S44, the operation result is returned.

FIG. 8 is a flowchart showing a subroutine of the transition function of FIG. 6.

Referring to the drawing, when the calculation routine of the transition function starts, in step S50, i ₁ , I ₂ of i round block B = B ₁ ∥B ₂ ∥B ₃ ∥B ₄ and i round key K _i are input. In this case, the i round block is a result calculated by the complement function in the previous step. In step S52 (I ₁ +1) to the 4i + 1-th bit and the (I ₂ +1) 4i + j th bit of the second sub-block of the first sub-block transition _{(1≤4i + 1≤ | B 1 |} , j = 1,2,3,4,1,2,3,4, ... repeat). The symbol | B ₁ | here means the length of B ₁ .

In step S54 (I ₁ +1) to the 4i + 2-th bit and the (I ₂ +1) 4i + j th bit of the second sub-block of the first sub-block transition _{(1≤4i + 1≤ | B 1 |} , j = 2,3,4,1,2,3,4,1, ... repeat). In step S56 (I ₁ +1) to the 4i + 3-th bit and the (I ₂ +1) 4i + j th bit of the second sub-block of the first sub-block transition _{(1≤4i + 1≤ | B 1 |} , j = 3,4,1,2,3,4,1,2, ... repeat). In step S58 (I ₁ +1) to the 4i + 4-th bit and the (I ₂ +1) 4i + j th bit of the second sub-block of the first sub-block transition _{(1≤4i + 1≤ | B 1 |} , j = 4,1,2,3,4,1,2,3, ... repeat). In operation S59, the operation result is returned.

FIG. 9 is a flowchart showing a subroutine of the substitution function of FIG. 6.

Referring to the drawing, when the calculation routine of the substitution function is started, in step S60, i ₃ , I ₄ of i round block B = B ₁ ∥B ₂ ∥B ₃ ∥B ₄ and i round key K _i are input. In this case, the i round block is a result calculated by the transition function in the previous step. In step S61, the bit string of the round block B is left-circulated shifted by | B ₁ | × I ₃ bits by the function CLS (Circular Left Shift). The function CLS ( x , y ) is a function to left-circulate the bit string of x by y bits.

In step S62, the integer value of the integer I ₄ is determined, and the process proceeds to the corresponding step. In other words, when the integer value of I ₄ is '0', the function S-XOR (B, L) is performed in step S63, and when the integer value of I ₄ is '1', the function proceeds to step S64. S-XOR (B, R) is performed. If the integer value of I ₄ is '2', the function S-NXOR (B, L) is performed in step S65. If the integer value of I ₄ is '3', the function S- proceeds to step S66. NXOR (B, R) is performed.

The function S-XOR (B, D) performs an exclusive OR operation on two concatenated bits while circulating the bit string of B in the direction indicated by D, and sets the result to any one bit. If the circulation direction D is L, it is defined as left circulation, and in R, right circulation. The function S-NXOR (B, D) performs an exclusive NOR operation on two concatenated bits while circulating the bit string of B in the direction indicated by D, and sets the result to any one bit.

FIG. 10 is a flowchart showing a subroutine of the S-XOR function of FIG. 9.

Referring to the drawing, in step S70, a round block B = b ₁ b ₂ ... b _8xm (represented as a bit string, 8xm is a plaintext size) and a circulation direction D are input. In step S71, the circulation direction is determined. If L, then proceed to step S72 with left circulation and b _{8 x m} = b _{8 x m} perform the operation b ₁ , and in step S73, b _i = b _i b Repeats _{i + 1} operation from i = 8 × m-1 to 1. If the circulation direction D is R, then b _i = b _i in step S74 with the right cycle b _i-1 operation is repeated from 2 to i = 8 × m, and b ₁ = b ₁ in step S74 b Perform _8xm operation. In operation S76, the operation result is returned. The function S-XNOR performs an exclusive OR operation as an exclusive AND operation during the operation of the above-described S-XOR, and description thereof will be omitted.

Referring back to FIG. 9, in step S67, the bit string of the round block B is cyclically shifted by | B ₁ | × I ₃ bits by the function CRS (Circular Right Shift). The function CRS ( x , y ) is a function that cyclically shifts the bit string of x by y bits. In step S68, the operation result is returned.

FIG. 11 is a flowchart showing a subroutine of the shift function of FIG. 6.

With reference to the drawings, receives a round block i _{B = B 1 ∥B 2 ∥B 3} ∥B 4 and i of the round key K _i I I ₅ ~ ₁₀ at step S80. In step S81, the integer value of I ₆ is determined. If I ₆ is 1, the flow advances to step S82 to perform the operation B = CLS (B, I ₅ ). If I ₆ is 0, the flow advances to step S83 to perform operation B = CRS (B, I ₅ ).

In step S84 determines the integer value of I _8. If I ₈ is 1, the flow advances to step S85 to perform the operation B = CLS (B ₁ B ₂ , I ₇ ) ∥ CLS (B ₃ B ₄ , I ₇ ). If I ₈ is 0, the process proceeds to step S86 where the operation B = CRS (B ₁ B ₂ , I ₇ ) ∥ CRS (B ₃ B ₄ , I ₇ ) is performed.

In step S87, the integer value of I ₁₀ is determined. If I ₁₀ is 1, the process proceeds to step S88 where operation B = CLS (B ₁ , I ₉ ) ∥CLS (B ₂ , I ₉ ) ∥CLS (B ₃ , I ₉ ) ∥CLS (B ₄ , I ₉ ) Perform If I ₁₀ is 0, the process proceeds to step S89 where the operations B = CRS (B ₁ , I ₉ ) ∥CRS (B ₂ , I ₉ ) ∥CRS (B ₃ , I ₉ ) ∥CRS (B ₄ , I ₉ ). In operation S90, the operation result is returned.

The above operations by the plurality of functions are performed during r rounds, and finally the ciphertext is output.

Decryption from ciphertext to plaintext determines the shear history functions from the set of shear history functions according to the round key value, and repeats the process of obtaining the original image of a given round block through the inverse of the composite function of the determined shear history functions for the number of rounds. Since the plain text is generated from the ciphertext, repeated descriptions are omitted.

In this embodiment, a round block operation is performed using a complement function, a transition function, a substitution function, and a shift function. However, the operation order, type, and operation application method of the functions are not limited to the embodiment. That is, changes in the order of operations or various other functions can be applied.

As described above, the configuration and operation of an encryption method using a symmetric key block cryptographic algorithm in which no operation is performed between a key and plain text according to a preferred embodiment of the present invention are illustrated according to the above description and drawings. Those skilled in the art will appreciate that various changes and modifications can be made without departing from the spirit and scope of the present invention.

According to the present invention as described above, there is provided an encryption method that can obtain a high degree of security by varying the execution routine of the algorithm according to the round key value, so that no operation is performed between the round key and the round block. In addition, it is possible to provide a symmetric key block cryptographic algorithm having a variable length of round key and plain text at the same time.

Claims (4)

In the design method of symmetric key block cipher algorithm: Receiving a private key plain text; Generating a plurality of round keys from a secret key according to a key scheduling algorithm; A round block operation step of generating a cipher text by repeating a process of obtaining an image of each round block using a shear history function selected from a plurality of generated round keys and their synthesis functions; And a step of outputting a cipher text generated in the round block operation step. According to claim 1, The secret key is composed of n bits x r (n, r is a positive integer), r round key is generated by the key scheduling algorithm, characterized in that the encryption method using a symmetric key block encryption algorithm. The method of claim 2, Generating the round key includes: receiving an n-bit x r secret key; generating r round keys, where K = k ₁ ∥ k ₂ ∥ k ₃ ... ∥ k _r-1 ∥ k _r ( k is n bits, '∥' is concatenated), r round keys K ₁ , K ₂ , K ₃ , ..., K _r-1 , K _r , Round keys are determined to _{K i = k i ∥ k r} -i + 1 (1≤i≤r, i is an integer); And outputting the generated r round keys. According to claim 1, The round key is determined as a plurality of integers by combinations of selected bits of 2n bits, And a plurality of integers determine a plurality of shear history functions and their synthesis functions in the operation of the round block.