BLOCK CIPHERS WITH INTEGER MULTIPLICATION, DATA-DEPENDENT AND FIXED NUMBER OF ROTATIONS IN EACH ROUND

摘要

A plaintext message to be encrypted is segmented into a number of words, e.g., four words stored in registers A, B, C and D, and an integer multiplication function (14, 20) is applied to a subset of the words, e.g., to the two words in registers B and D. The use of such an integer multiplication greatly increases the diffusion achieved per round of encryption, allowing for higher security per round, and increased throughput. The integer multiplication function (14, 20) may be a quadratic function of the form f(x)=x(ax+b), where a is an even integer and b is an odd integer, or other suitable function such as a higher-order polynomial. The results of the integer multiplication function are rotated (16, 22) by 1g w bits, where 1g denotes log base 2 and w is the number of bits in a given word, to generate a pair of intermediate results t and u. An exclusive-or (18) of another word, e.g., the word in register A, and one of the intermediate results, e.g., t, is rotated (26) by an amount determined by the other intermediate result u. Similarly, an exclusive-or (24) of the remaining word in register D and the intermediate result u is rotated (30) by an amount determined by the other intermediate result t. An element of a secret key array is applied to each of these rotation results (28, 32), and the register contents are then transposed. This process is repeated for a designated number of rounds to generate a ciphertext message. Pre-whitening (10, 12) and post-whitening (34, 36) operations may be included to ensure that the input or output does not reveal any internal information about any encryption round. Corresponding decryption operations may be used to decrypt the ciphertext message.