3 Encipherement in the mode of simple replacements
Chart of device, realizing the mode of simple replacement resulted on a picture.
1
32 1
КЗУ
32
1
32
1
32
1
Encipherement
in the mode of simple replacement
T0
Tш
The opened report, subject to the encipherement, is broken up on 64-bit blocks of Т0. Procedure of encipherement includes 32 cycles ( j=1,…,32 ).
Before the beginning of encipherement in key storages (KS) enter the 256-bit key, divided into blocks long in 32 digits each. Thus, unlike an algorithm, forming the additional keys is not required and, consequently, there is not a necessity for the additional generator of the keys.
К = К7 К6 К5 К4 К3 К2 К1 К0.
Thus an entrance sequence is broken up in half on blocks
Т0 = a1(0), a2(0),…, a32(0), b1(0), b2(0),…, b32(0).
Bits b(0) - senior, standings on the left, and a(0) are junior bits, standings on the right.
Sequence
a(0) = a32(0), a31(0) ,…, a0(0)
enter in the store of N 1, sequence
b(0) = b32(0), b31(0) ,…, b0(0)
enter in the store of N 2.
The first cycle of procedure can be described as follows
a
(1)
=
(a(0), +
K0
)
b(0)
b(1) = a(0)
In this expression, filling of N 1 is after the first cycle of encipherement; b(1) filling of N 2 after the first cycle of encipherement; it is a function of encipherement.
The argument of function of f is a sum on the module 32 numbers a(0) and numbers of b(0). This function includes two operations above got 32th a bit sum (a(0), + K0 ).
The first operation is a substitution (by replacement) and executed the block of substitution of S.
A block consists of eight knots of replacement S1 S8 with memory of 64 bits everybody. Acting from the summator 32-bit block is broken up on eight four bit groups, each of which is replaced other fourdigit group. The order of replacement, producible a block replacement of S, is contained in secret and changes relatively rarely.
Let, for example, numbers are written in S of -blok replacement
7, 10, 2, 4, 15, 9, 0, 3, 6, 12, 5, 13, 1, 8, 11
It means that if on an entrance 0000 combination acts, on an output there will be 0111combination and if on an entrance 0001combination acts, on an output there will be 1010 combination.
The second operation is a circular shift of 32-bit vector to the left (on 11 digits). This operation is executed through an ordinary register of shift R.
On the next stage adding up is carried out on the module two results of calculation of function of f and content of store of N 1. The got result is written down in the store of N 1, and in a store N 2 rewrite the previous value of vector, contained in N 1. The first cycle of encipherement is there on closed.
The last cycles are executed like. A difference consists of that, since a 25th cycle, the keys are given from the block of KS upside-down K7 K0.
Thus, during all of 32th cycles, the giving of the keys is carried out in the following order:
K0 , K1 , K2 , K3 , K4 , K5 , K6 , K7 , K0 , K1 , K2 , K3 , K4 , K5 , K6 , K7,
K0 , K1 , K2 , K3 , K4 , K5 , K6 , K7 , K7 , K6 , K5 , K4 , K3 , K2 , K1 , K0 ,
In the 32th cycle a result from a summator on the module is entered in the store of N 2, and his former content is saved in the store of N 1. Thus content of both stores of N 1 and N 2 is a block of in cipher data of Tc, proper the block of the opened data of T0.
In a general view, equalizations, describing the process of encipherement can be presented in the following kind:
a
(j)
=
f [(a(
j
- 1), +
K
j-1(mod 8) ]
b(
j
- 1)
at j = 1, … , 24
b(j) = a( j - 1),
a (j) = f [(a( j - 1), + K 32 - j ] b( j - 1)
at j = 25, … , 31
b(j) = a( j - 1),
a (32) = a(31)
at j = 32
b(j) = f [(a(31) + K 0 ] b( 31)
where a(j) = a32(j), a32(j), … , a1(j) is filling of N 1 after j -th cycle of encipherement, and b(j) = b32(j), b32(j), … , b 1(j), - is filling N 2 after j -th cycle of encipherement; j = 1,2, … , 31.
The block of ciphered data hatches from both stores in a next order.
Тш = [a1(32), a2(32), … , a32(32) b1(32), b2(32), … , b32(32)] , (1)
Procedure of decoding has a that kind, what at an encipherement. Block of Tc of kind (1) accepted from a communication channel, write down in the stores of N 1 and N 2 so that the initial value of content of store of N 1 looked like
[a32(32), a31(32) ,…, a2(32), a1(32)] ,
and content of store of N 2, looked like
[b32(32), b31(32) ,…, b2(32), b1(32)] .
Decoding is carried out by a that method, what encipherement, however carried out an order of giving of the 32th bit keys is in the following order:
K0 , K1 , K2 , K3 , K4 , K5 , K6 , K7 , K7 , K6 , K5 , K4 , K3 , K2 , K1 , K0 ,
K7 , K6 , K5 , K4 , K3 , K2 , K1 , K0 , K7 , K6 , K5 , K4 , K3 , K2 , K1 , K0 .
Equalizations of decoding look like here:
a (32 - j) = f [(a( 32 - j + 1), + K j-1] b(32 - j + 1)
at j = 1, … , 8;
b(32 - j) = a( 32 - j + 1),
a (32 - j) = f [(a( 32 - j + 1), + K 32 - j(mod 8)] b(32 - j + 1)
at j = 9, … , 31;
b(32 - j) = a(32 - j + 1),
a(0) = a(1)
at j = 32.
b(0) = f [(a(1) + K 0 ] b( 1)
Fillings of stores of N 1 and N 2 got after the 32th cycles of work form the block of the opened data.
Т0 = [a1(0), a2(0), … , a32(0) b1(0), b2(0), … , b32(0)] .
Other blocks of in cipher data are like decrypted.