UA76554C2 - Method of block-to-block coding of data transmitted by electronic facilities - Google Patents

Abstract

The proposed method of block-to-block coding of data transmitted by electronic facilities consists in forming the encryption key, which has a fixed length and consists of four n-bit key elements K1, K2, K3, and K4, dividing the input data block into two n-bit constituent data blocks A and B, performing the encryption procedure by transforming the constituent data blocks according to the encryption key and performing operations of modulo 2 addition with respect to the data block and the encryption key and operations of cyclical shift with respect to the constituent data block. As the encryption key for the first data block, a random number is used. For each consequent data block, the encryption key is modified, depending on the current data block, by operations of modulo 2 addition and operations of cyclical shift that are performed with respect the encryption key depending on the constituent data block. The cyclical shift is performed by the value that is equal to the value of two bytes of the control operand added by modulo 2. The present invention provides a possibility to encrypt data with reduced number of operations.

Description

Description of the invention

The invention relates to the field of electronic computing and information transmission systems, namely to 2 cryptographic methods of information protection.

A well-known analogue of the proposed method of block encryption of electronic information is OE5. The SEZ block encryption method was until recently the encryption standard in the USA (Maiyopa! Vygeai oi eZiapdagaz. YuOaye Epsguriop 5iapaaga. Redega! Iptogtaiop Rgosezvipd 5iapadagaz Rybiisayop 46. daptsagu 1977).

This method involves presenting the encryption key as a set of 48-bit subkeys, dividing the 70 input 64-bit data block into two 32-bit subblocks Y and K, and performing 16 rounds of converting the 32-bit data subblock. The transformations include the expansion of the subblock К to 48 bits by repeating some bits of this subblock К, performing a modulo 2 addition operation over the subblock and the subkey, converting a 48-bit subblock into a 32-bit one using substitution tables B/ 27 , performing /5 bit permutation operations of the subblock in, according to a certain law, performing the operation of adding modulo 2 the subblock К U with the subblock I, permuting the subblocks E/ and 1.

The analogue in question has the following disadvantages: 1) low speed of encryption during software implementation, since the method during development was designed for hardware implementation in the form of electronic circuits and contains bit permutation operations, which are performed on processors for an unacceptably long time; 2) the use of a short 56-bit key, which allows the secret key to be revealed on powerful computers by the method of selecting possible key values;

C) the use of fixed subkeys for all possible input blocks of encrypted data, which leads to a decrease in cryptoresistance. with

The prototype of this invention is the KS-5|K block encryption method. Kimezi, Tpe KS5 Epsguriyop AIdogyit,

Grave Boiimage Epsgurip, besopa Ipiegpayopa! Uogkepor Rgoseedipdz (IGeymep, VeYidisht, YuOsetbreg 14-16, 1994) about

Y esitsge Moyez ip Sotrshiieg Zsiepv, m. 1008. Zrgipdeg-Mepad, 1995. 86-96). In this method, the encryption key is presented in the form of a set of subkeys - K0,K4,...,Kogo, where r is the number of encryption rounds. The input block of data is divided into two B-bit sub-blocks - A and B. Encryption consists in the successive transformation of its sub-blocks using addition operations modulo 2 b. that are performed on a subblock and a subkey, modulo 2 addition operations that are performed on two subblocks, and cyclic shift operations that are performed on each subblock depending on the other subblock. Variants of cyclic shift operations differ in shift value from 0 to 6-1 bits. To select a specific modification of the cyclic shift operation, the sdo B of the lower digits of the control unit is used. At each round of encryption, a new pair of keys is used, so for different y-o

Numbers of encryption rounds use keys of different lengths. However, the same set of subkeys is used for each new block.

The method is carried out as follows: 1. Set the number of rounds g and the length of sub-block B; « 2. The encryption key is formed in the form of a set of subkeys -Ko, Ku,..., Kogno. 3. The input block of data is divided into two r-bit sub-blocks -A and B. - c 4. The transformation is performed: z» As(AkKo)tovd25; " V:-(VaeK u )tod25; 5. Conduct g rounds of transformations:

А - (А ев ВИ" В) - Ko; that 29 of them В -(КВ ев A) А) same Kodi tov 25 (o) where is PP ..d)- encryption round number. sl The considered method has the following disadvantages : 1) the same subkeys are used for any input data blocks, therefore the method does not have sufficient (9) 50 resistance to differential and linear cryptanalysis;

And" 2) with a small number of encryption rounds, there is a possibility of partial disclosure of the encrypted text when using a key close to secret; 3) only the least significant bits of the control block are affected by the controlled cyclic shift operation, which leads to a decrease in cryptoresistance. 59 The invention is based on the task of creating a method of block encryption of electronic information, v

GF) which, due to the introduction of new and modification of existing operations in the prototype, will provide greater resistance to linear and differential cryptanalysis with a smaller number of transformation operations, which will increase the speed and reliability of the method.

The task is achieved by the fact that in the method of block encryption of electronic information, which includes the formation of an encryption key in the form of a set of rB-bit subkeys, the division of the input block of data into two r-bit sub-blocks A and B, carrying out rounds of encryption by transforming the sub-blocks under the control of the key encryption using addition operations modulo 2 b. which are performed on a sub-block and sub-key and cyclic shift operations, which are performed on a sub-block depending on another sub-block, use a key and encryption of a fixed length. The encryption key is presented in the form of four r-bit subkeys -

K/, Ko, Kz, Ka.. A random number is used as the first block of data. The encryption key is modified for each subsequent block of data depending on the current block of data, using modulo 2 addition operations and cyclic shift operations performed on the subkey depending on the sub-block. Perform operations of cyclic shifting of sub-blocks depending on the sub-keys. In cyclic Shift operations, the shift is performed by the value of the summated modulo 2 bytes of the control operand, such a cyclic shift operation will be denoted ".

Figure 1 shows the data representation structure for encryption. Figure 2 shows a block diagram of one round of data block encryption. Figure C shows the structural diagram of inter-block modification of the key.

The following notations are used in the figures: yuyu 4 U - addition operation by modulo 2; - operation of addition modulo I - operation of a cyclic shift by the value of the summated modulo 2 bytes of the control operand; the lines indicate the transmission of the r-bit signal.

The method is carried out as follows: 1. Set the length of the subblock b and the number of encryption rounds d. 1. The input data is divided into n-1 blocks, 25 bits long. c 2. Generate a random data block, and insert it before the source data blocks. ge) 3. The initial encryption key is represented as a set of four r-bit subkeys K., K»o, Kz, Ku. 4. Encrypt n blocks of data.

Data block encryption is carried out in the following sequence: 1. The input data block is divided into two B-bit sub-blocks - A and B. - 2. The key that will be used for the next data block is determined according to the following ratios:

KNT - (KO VA) « V

Kantu - (Code B) "A o

Ka(n-1):- (Ka) in A) « In (Se)

KNT) - (KO in B) "A M where i is (1 ..p| - data block number.

Z. Perform g rounds of transformations of sub-blocks A and B according to the ratios:

A - (A Ki) tod 25) "(Ki e Ku); "

B: - (V Ko) tod 22)" (Ko e K)); 70 A - (AB Ka) tov 25; n- s B:- (KV A i K/) toa 25, :z" Principle of operation of the invention is explained in Fig. 1-3.

The described method can be implemented in the form of specialized electronic circuits, based on built-in 15 microcontrollers and in the form of computer programs. - And oh

Claims (2)

The formula of the invention 1. The method of block encryption of electronic information, which includes the formation of an encryption key in the form of a set of 150 r-bit subkeys, the division of the input block of data into two bB-bit sub-blocks A | and c, T», carrying out rounds of encryption by transforming the sub-blocks under the control of the encryption key with the help of addition operations modulo 2 b which are performed on a subblock and a subkey, and cyclic shift operations that are performed on a subblock depending on another subblock, which differs in that vv Use a fixed-length encryption key, as the first block of data use a random number, perform modification of the encryption key for each subsequent block of data depending on the current block (F) of data, perform operations of cyclic shift of sub-blocks depending on sub-keys. Mr 2. The method according to claim 1, which differs in that the encryption key is presented in the form of four r-bit subkeys - Ku, Ko, Kz, Ku. in Q. The method according to claim 1, which differs in that during cyclic shift operations, the shift is carried out by the value of two bytes of the control operand summed modulo. 4. The method according to claim 1, which differs in that to modify the encryption key for each subsequent data block depending on the current data block, modulo two addition operations are used, which are performed on the subkey and data subblock, and cyclic shift operations are performed on the subkey depending c5 from the sub-block.