Algorithm flow of DES, IDEA and Rijndeal
1 Description of the DES algorithm
Figure 3-1 Algorithm flow chart of DES
As shown in (Fig. 3-1): DES is operated on the 64-bit population packet. By an initial replacement IP, it is divided into a left half (L) and the right half (r), and 32 digits are long. Then 16 rounds of completely identical operations, these operations are called function f, and the data is combined with the key during operation. After 16 rounds, the left and right semi-partial partially taken together, after a single replacement IP-1 (initial replacement reverse replacement), this algorithm is completed.
Figure 3-2 Process of a round of DES
In each wheel (as shown in Figure 3-2), the key bit is shifted, and then 48 bits are selected from the 56 bits of the key. The right half of the data is extended to 48 bits by an extension replacement, and the 48-bit replacement of this 48-bit is replaced by new 32-bit data by one different or operation and the 48-bit key. . These four steps constitute the function f. Then, through another different or calculation, the output of the function F is bonded to the left half, which is a new right half, and the original right half is divided into a new left half. Repeat the operation 16 times and realize the 16 round of DES.
It is assumed that the BI is the result of the I iteration, Li and Ri are the left half of the BI, and the ki is the 48-bit key of the first round, and F is an instead, replacement, and key or other operations. The function, then each round is:
Li = ri-1
Ri = Li-1 ⊕F (Ri-1, Ki)
Summary: DES is a symmetric algorithm: encrypted and decrypting the same algorithm (except for the key arranging). The key has a length of 56 bits. (The key is usually represented as a 64-bit, but each of the 8th bits are used as parity, which can be ignored.) The key can be any 56-bit number, all confidentiality depends on the key.
2 Description of the IDEA algorithm:
Figure 3-3 Flowchart of IDEA algorithm
Figure 3-3 is an overview of the IDEA. 64-bit data packets are divided into four 16-bit packets: X1, X2, X3, and X4. These four sub-groups become the first round of input, with a total of 8 rounds. In each round, these four sub-packets are different from each other or each other, multiplied, and phase different from 6 16-seat keys, addition, and multiplication. Exchange in the wheel and the second and third sub-packets. Finally, the four sub-packets in the output transform are calculated in four sub-keys.
In each round, the order in which the execution is as follows:
1. The X1 and the first sub-key are multiplied.
2. X2 and the second subkey multiply.
3. X3 and the third subkey multiply.
4. X4 and the fourth subkey multiply.
5. Difude the results of steps 1 and 3 of steps or.
6. Difude the results of steps 2 and 4 of steps or.
7. Put the results of step 5 with the fifth subkey.
8. Add the results of steps 6 and 7.
9. Multiplion of the results of step 8 with the sixth subkey.
10. Add the results of steps 7 and 9.
11. Difude the results of steps 1 and 9 different or.
12. Different from the results of step 3 and 9th.
13. Difude the results of steps 2 and 10 of step 10 or.
14. Different from the results of step 4 and 10th.
The output of each round is four sub-packets formed by steps 11, 12, 13 and 14. After the intermediate two packet switches (except for the last round), it is the next round of input.
After 8 rounds, there is a final output transformation:
Xi: 16-bit mutant group
Yi: 16-bit dewrapping zi (r): 16-seat key
: 16-positions of the seat key or
: 16-bit integer model 216 plus
: 16-bit integers and 216 correspondence 0 sub-packets 216 1 multiplication
1. The X1 and the first sub-key are multiplied.
2. Add the X2 and the second subkey.
3. Add the X3 and the third subkey.
4. X4 and the fourth subkey multiply.
Finally, these four sub-packets are reconnected to create ciphertext.
It is also easy to generate a subkey. This algorithm uses 52 sub-keys (6 needed for each round in 8 rounds, and others are used to output transform). First, a 128-bit key is divided into 8 16-bit sub-keys. These are the first batch of 8 sub-keys (first rounds of first rounds, 2 of the first round). Then, the key moves 25 bits to the left ring to generate another 8 sub-keys, so that the algorithm ends.
3 rijndeal algorithm
Design ideas:
Rijndeal password design strives to meet the following three standards:
1. Anti-all known attacks.
2. The speed is fast on multiple platforms, and the encoding is compact.
3. Simple design.
Most of the current group passwords, whose round function Feistel structure or quasi-FEISTEL structure, the partial bit of the intermediate state is not changed to other locations. Rijndel does not have this structure whose wheel function is composed of three different reversible uniform transformations, called them three "layers." The so-called "unanimous conversion" means that each bit of the state is a similar method for processing. Most of the specific choices of different layers are based on the application of "wide track strategy"; simply say "wide track strategy" is a design for providing anti-linear cryptographic analysis and differential password analysis capabilities. In order to achieve a wide tariff policy, each of the three layers of the wheel has its own functions:
The linear mixing layer ensures high diffusion of the multi-wheel.
Nonlinear layers will be used in parallel with the optimal "worst case nonlinearity" in parallel.
The key plus layer single wheel key is simple or to the intermediate state to achieve a disposable mask.
Before the first round, an initial key is applied. This design is very simple, that is, in order to make the attacker unable to strip other computing parts from the bright text.
In order to make the encryption and decryption algorithm are more close to the structure, the last round of the linear mixing layer is different from the linear mixing layer of the front wheels. This design can be proved that the security of this password is not improved in any way.
Rijndael is an iterative grouping password that varies from the packet length and key length, each can independently designate 128 bits, bits, 256 bits.
Rijndael's plaintext group is called a state, and all operations are done between states. The state can be used to represent a matrix array diagram of bytes as an element indicated that the array has 4 rows, and the number of columns is recorded as NB, and Vb is equal to the packet length divided by 32.
The key seed (Cipher Key) is similarly represented by a matrix array of bytes, the array has 4 rows, and the column number is NK, the NK is equal to the packet length divided by 32. The following figure is the state of NB = 6 and the key seed of NK = 4.
A00 A01 A02 A03 A04 A05 A10 A11 A12 A13 A14 A15 A20 A21 A22 A23 A24 A25 A30 A31 A32 A33 A34 A35
K00 K01 K02 K03 K10 K11 K12 K13 K20 K21 K22 K23 K30 K31 K32 K33
A clear text is imaged in the state array in the order of the A00A10A20A30A01 A11A21A31 .... Similarly, the key is also used. When the text is output, each byte is taken from the status array in the same order. The text packet is regarded as a 4NB dimension vector, and each component is a byte, which is (t0t1t2 ... T4NB-1). The nth component of the text group corresponds to the elements of the status array (J, K) position. Where n = j 4K, 0 <= j <= 3. The number of the iteration is recorded as NR, NR is related to NB and NK, and the following table gives NR and NB and NK relationships.
NR
NB = 4
NB = 6
NB = 8
NK = 4
10 12 14 nk = 6
12 12 14 nk = 8
14 14 14
Wheel function
Rijndael's wheel function is composed of four different computing parts, namely byte replacement (Bytesub), line shift (SHIFTROW), MixColumn, an addroundkey.
The fertilization (BYTESUB) is the same transformation as each byte of the status array, which is synthesized by the following two sub-transformations:
1. Firstly byte as the racemic in GF (28), mapping to its own multiplication; 0 byte is imaged to itself.
2. Second, use the byte as follows (GF (2); reversible) affine transformation:
=
The implementation of the above two sub-transform synthesis, using an 8-bit input / 8 bit output S box.
Row shift (Shiftrow)
It is a multiplicity of each column of the state array as a coefficient, and the number of times is less than 4, and the same fixed polynomial C (x) multiplication is performed. Of course, C (X) is a reversible polynomial of X4 1, otherwise the mixing transformation is irreversible, and thus different express text packets have the same corresponding ciphertentface grouping. The C (X) given by Rundael's designer is (the coefficient is expressed):
C (x) = '03'X3 ' 01'X2 '01'X '02'
C (x) is an X4 1 mutant, so that the mode X4 1 is reversible. As a result of the previous discussion, the column mixing operation may be expressed as an reversible linear transformation on GF (28):
=
This calculation needs to do multiplication on GF (28), but since the multiplied factors are three fixed elements 02, 03, 01, these multiplication operations are still relatively simple (notes the multiplication mode used in the multiplication) M (x) = x8 x4 x3 x 1).
AddRoundKey
It is a bit different from the walker key array to the text array or. Here, it is certain that the sub-key array and the text array are in the same order.
Key extension:
We know that Rundael's encryption key has a length of 4NB (NR 1) bits), which requires a 4 nk byte key seed to be obtained by a key extension algorithm. When each column of the key seed array is called a word, the key seed has a NK word, and it is to extend to the encryption key of NB (NR 1) word, where the encryption key of the first NK word is Seed arrays, the later words are defined according to the previous words. The extended algorithm has two versions for NK <= 6 and for NK> 6. Where each byte of the output word of the function subbyte (W) is obtained by the corresponding byte of the Rijndael's S-box to the input word W. The output word of the function Subbit (W) is a 1-byte loop shift of the input word W, that is, when the input word is W = (A, B, C, D), the output word is subbyte (w) = (B, C) , D, a). RCON [J / NK] is a long-term number, its value is (byte 16 credit representation, and understanding the element on GF (28)):
RCON [1] = (01,00, 100)
RCON [J] = ((02) J-1, 100, 00); J = 2, 3, ...
It can be seen that the front NK word before the encryption key is a key seed. After each word W [J] is equal to the previous word W [J-1] before the word W [j-NK] Different or; but when J / NK is an integer, the previous word W [J-1] must be first transformed by the following series:
1 byte loop shift Rotbyte → Transform Subbyte → Doss or Wheel Region RCON [J / NK] with S-box.
The difference between the key extension algorithm of NK> 6 or NK <= 6 is to operate under conditions: When J is a multiple of 4, the previous word W [J-1] must be transformed through the Subbyte transformation.
Password encryption algorithm
The encryption algorithm of the Rijndael password is in order: the initial key plus: (NR-1) Ring; an end wheel.
Key extensions can be performed in advance (pre-count), and the RijndAel password encryption algorithm can be described in this extended key: rijndael (state, expandedKey).