Block ciphers Linear and Differential Cryptanalysis 曹天杰 Tianjie Cao ticao(cumt. edu. cn College of Computer science and echnology, China University of Mining and Technology Xuzhou, China 中国矿业大学计算机科学与技术学院 2003.5.16
1 曹天杰 Tianjie Cao tjcao@cumt.edu.cn College of Computer Science and Technology, China University of Mining and Technology, Xuzhou, China 中国矿业大学计算机科学与技术学院 2003.5.16 Block ciphers Linear and Differential Cryptanalysis
Block cipher Definition An n-bit block cipher is a function E:V×Kn, such that for each key K∈K E(P; K)is an invertible mapping (the encryption function for k) from vn to vn, written Ek(P). The inverse mapping is the decryption function denoted Dk(C). P denotes that ciphertext results from encrypting plaintext P under K
2 Block cipher Definition An n-bit block cipher is a function E : VnK→Vn , such that for each key K K, E(P;K) is an invertible mapping (the encryption function for K) from Vn to Vn , written EK (P). The inverse mapping is the decryption function, denoted DK (C). P denotes that ciphertext results from encrypting plaintext P under K
Iterating Block ciphers Definition a product cipher combines two or more transformations in a manner intending that the resulting cipher is more secure than the individual components Definition An iterated block cipher is a block cipher involving the sequential repetition of an internal function called a round finction. Parameters include the number of rounds nr the block bitsize n and the bitsize k of the input key k from which Nr subkeys k;(round keys)are derived For invertibility(allowing unique decryption), for each value Ki the round function is a bijection on the round input
3 Iterating Block ciphers Definition A product cipher combines two or more transformations in a manner intending that the resulting cipher is more secure than the individual components. Definition An iterated block cipher is a block cipher involving the sequential repetition of an internal function called a round function. Parameters include the number of rounds Nr, the block bitsize n, and the bitsize k of the input key K from which Nr subkeys Ki (round keys) are derived. For invertibility (allowing unique decryption), for each value Ki the round function is a bijection on the round input
Iterating Block ciphers 1. terated block cipher Random( binary)keyK→ round keys:K1…,KN, 2. Round function g W=g(wr-1, Kr), Where wr-1 is the previous state
4 Iterating Block ciphers 1. Iterated block cipher Random (binary) key K ➔ round keys: K1 ,..., K Nr , 2. Round function g wr = g(wr-1 , Kr ), where wr-1 is the previous state
erated cipher Encryption operation Woe w1=g(wo, Ki), g w1, K2), WNr g(wNr-1, KNr), y←w
5 Iterated cipher … Encryption operation: w0 x w1 = g(w0 , K1 ), w2 = g(w1 , K2 ), wNr = g(wNr-1 , KNr), y wNr