| 摘要 |
A tweakable block cipher apparatus includes an input unit that receives a pair of a plaintext M and a tweak; an offset calculation unit that calculates a sum of a value (E(K, const)), which is generated by encrypting a constant plaintext (constant const) using a block cipher, and the tweak and outputs a value (G(Ksub, E(K, const)+tweak), which is generated by encrypting the result (E(K, const)+tweak) using a partial block cipher (G), as an offset; an internal encryption unit that calculates a sum of the offset and the plaintext M, encrypts the sum using the block cipher E, calculates a sum (E(K, M+offset)+offset) of the result (E(K, M+offset)) and the offset, and outputs the sum as a ciphertext (C); and an output unit that outputs the ciphertext.
|
