CN111431697A - Novel method for realizing lightweight block cipher COR L - Google Patents

Novel method for realizing lightweight block cipher COR L Download PDF

Info

Publication number
CN111431697A
CN111431697A CN202010247023.8A CN202010247023A CN111431697A CN 111431697 A CN111431697 A CN 111431697A CN 202010247023 A CN202010247023 A CN 202010247023A CN 111431697 A CN111431697 A CN 111431697A
Authority
CN
China
Prior art keywords
round
transformation
bit
bits
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010247023.8A
Other languages
Chinese (zh)
Other versions
CN111431697B (en
Inventor
李浪
龙荣桀
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hengyang Normal University
Original Assignee
Hengyang Normal University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hengyang Normal University filed Critical Hengyang Normal University
Priority to CN202010247023.8A priority Critical patent/CN111431697B/en
Publication of CN111431697A publication Critical patent/CN111431697A/en
Application granted granted Critical
Publication of CN111431697B publication Critical patent/CN111431697B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0625Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation with splitting of the data block into left and right halves, e.g. Feistel based algorithms, DES, FEAL, IDEA or KASUMI

Abstract

The algorithm optimizes the defect that one round of iterative operation of the traditional Feistel network structure only changes half of data grouped data, and realizes that one round of iteration changes three-fourth grouped data, the algorithm round function comprises an F function, the transformation process of the F function sequentially comprises row displacement, round key addition, S box replacement, row displacement and column confusion, the algorithm structure is convenient for software and hardware realization, the algorithm decryption basically reuses an encryption module, decryption can be carried out only by adding a plurality of control signals, the operation is simple, more resources are not required to be consumed for decryption, and compared with the current block cipher, the block cipher has the advantages of small occupied resources, high encryption performance and capability of resisting known attacks.

Description

Novel method for realizing lightweight block cipher COR L
Technical Field
The invention designs a novel method for realizing a lightweight block cipher COR L.
Background
The block cipher algorithm is an algorithm for encrypting and decrypting by using the same key, and essentially, the block cipher algorithm is limited iterative replacement transformation with the key, and a plaintext with a fixed length is converted into a ciphertext with the same length through the limited iterative replacement transformation. The block cipher algorithm has the characteristics of high speed, standardization, convenience for realizing software and hardware and the like, and is always an encryption scheme under resource constraint. The block cipher is used as a core cipher in information security, and has wide application in the field of application security of the Internet of things.
In recent years, with the rapid development of the technology of the internet of things, Wireless Sensors (WSNs) and Radio Frequency Identification (RFID) are more and more widely used, and these devices have the characteristics of low hardware manufacturing and maintenance cost, strong network robustness and self-organization, and wide applicability, and have become a key component of the industry of the internet of things. WSN and RFOD transmit information based on wireless network, and attackers can more easily acquire, interfere with and even destroy information transmission. In these micro computing devices, resources required by software and hardware implementation are strictly limited, and the traditional block cipher algorithm is relatively large in implementation scale and is not suitable for application in application environments with extremely limited resources, so cipher designers propose lightweight block ciphers to ensure the security of internet of things information.
Recent research shows that lightweight Block cipher algorithms, typically represented by PRESENT, MIBS, twin, Piccolo, L ED, L Block, K L EIN, etc., are available.
At present, the lightweight block cipher algorithm has the following problems: (1) the lightweight block cipher algorithm mainly adopts two structures: one is an SP network structure, which has relatively poor symmetry, dissimilar encryption and decryption, consumes more resources during implementation, and has different encryption and decryption time. The other is a Feistel network structure, the structure is similar in encryption and decryption, less in hardware resource consumption during implementation and suitable for being used in an environment with limited computing capacity; however, the structural cryptographic algorithm is slow in diffusion speed, only half of packets enter a round function in one round of iterative operation, and therefore only half of the packets can be changed. (2) Some lightweight block cipher algorithm decryption processes are complicated, so that when algorithm decryption is realized, encryption process modules cannot be completely reused, and extra resources are consumed. (3) The light-weight block cipher algorithm still occupies too large resources for encryption, has low encryption performance and is inconvenient to realize in extremely resource-limited equipment; and some block cipher algorithms are weak against attacks, especially against common differential, linear and algebraic attacks.
Disclosure of Invention
The invention provides a novel implementation method of a lightweight efficient block cipher COR L, and aims to solve the problems that a Feistel network structure algorithm is weak in diffusion capacity, an algorithm decryption process is complex, a large amount of resources are additionally occupied for decryption, the lightweight block cipher still occupies too many resources, the encryption performance is low, and the lightweight block cipher is easy to attack.
In order to achieve the technical purpose, the technical scheme of the invention is that,
a novel lightweight COR L block cipher encryption implementation method comprises the following steps of sequentially dividing 64-bit data to be encrypted X/data to be encrypted into 4 groups from low order to high order according to a 16-bit group, wherein X is recorded as0X1X2X3Presetting an initial key with 80 bits, selecting two sections of keys with 16 bits from the initial key in each iteration operation as round keys and respectively recording the round keys as RK0、RK1
Carrying out N on data to be encryptedRAnd outputting the ciphertext through round iteration operation, wherein the current iteration round is represented by N, the initial value of N is 0, and N isRIs 22;
the encryption iterative operation comprises the following steps:
step 1) first, X is0F function transformation is carried out to obtain X ″)0While X is3F function transformation is also carried out to obtain X ″)3(ii) a Then, X ″' is introduced0And X1And X2Exclusive OR operation is carried out to obtain X'1And X'2,X″3And X0Exclusive OR operation to obtain X'0(ii) a Wherein, X0F function performed using a round key of RK0
X3F function performed using a round key of RK1
Judging whether N is equal to NRIf not, n +1, entering step 2), otherwise, entering step 3);
step 2) preparing X'0X′1X′2X3Performing a round replacement T transformation to obtain a roundPermute the T transform result and record it as XT
Mixing XTThe high order bits are divided into 4 groups according to a group of 16 bits, and the groups are recorded as follows:
Figure BDA0002434225810000021
will be provided with
Figure BDA0002434225810000022
Figure BDA0002434225810000023
Sequentially given X0、X1、X2、X3And returning to the step 1);
step 3) mixing
Figure BDA0002434225810000024
Sequentially given to Y0、Y1、Y2、Y3With Y0Y1Y2Y3And output as a ciphertext.
The novel lightweight COR L block cipher encryption implementation method comprises the step of selecting two sections of 16-bit keys as round keys, and the step of recording a preset 80-bit initial key as K ═ K-0、k1……k78、k79Firstly, the K in K is put together64、k65……k78、k79The data segments are changed by S-box permutation, then all the data segments in the S-box permutation are circularly shifted to the left by 9 bits, and finally { k } is taken48、k49……k62、k63Is RK0, { k64、k65……k78、k79Is RK1
In the method for realizing the encryption of the novel lightweight COR L block cipher, in the step 1) of encryption iterative operation, the F function transformation process is row shift transformation → round key addition transformation → S box replacement transformation → row shift transformation again → column confusion transformation;
wherein the rows are shifted such that each 16-bit datum is represented as a matrix of 4 × 4, wherein the first row is not shifted, the second row is cyclically shifted to the right by 1 bit, the third row is cyclically shifted to the right by 2 bits, and the fourth row is cyclically shifted to the right by 3 bits;
the round key addition transformation is to carry out XOR operation on each 16-bit data and a round key;
the column confusion is replaced by dividing each 16-bit data into a unit by 4-bit data to form a 4 × 1 matrix, and combining the matrix with the matrix M in a finite field 24Performing a matrix multiplication operation, wherein the matrix M is:
Figure BDA0002434225810000031
in the novel lightweight COR L block cipher encryption implementation method, in the step 2) of encryption iterative operation, round permutation T is as follows:
dividing 64-bit data to be encrypted to be subjected to round permutation T conversion into 4 words from low order to high order in sequence, wherein each word is 16 bits: t is0、T1、T2、T3With T2、T3、T0、T1The 64-bit output data is used as the round permutation T change operation.
The novel lightweight COR L block cipher encryption implementation method is characterized in that an S box used by the F function is as follows:
S=(6,5,C,A,1,E,7,9,B,0,3,D,8,F,4,2);
s-boxes are 4-bit mapped to 4-bit finite fields
Figure BDA0002434225810000032
Each group of 16-bit data to be permuted is sequentially arranged into a 4 × 4 matrix from low to high, and is permuted by an S box respectively according to columns.
A novel lightweight COR L block cipher decryption implementation method comprises the following steps:
taking 64-bit ciphertext data Y obtained according to any one of claims 1 to 5 as data to be decrypted, and sequentially dividing the data into 4 groups from the lower bit to the upper bit according to a group of 16 bits, wherein the 4 groups are recorded as: y is0Y1Y2Y3(ii) a Taking an initial secret key in a method as claimed in any one of claims 1 to 5, each iteration round starting from the initial secret keyTwo 16-bit keys are selected from the keys as round keys and are respectively marked as RK0、RK1
Carry out N to the data to be decryptedRAnd performing iteration operation in turn, and outputting the plain text, wherein the current iteration turn is represented by N, the initial value of N is 0, and N isRThe value of (a) is 22,
the decryption iteration operation is as follows:
step 1) first of all Y3F function transformation is carried out to obtain Y3Let Y3And Y0Exclusive OR to give Y'0Prepared from Y'0Y' is obtained by changing the F function0Then let Y ″ "0And Y1And Y2Exclusive OR to give Y'1And Y'2
Wherein, Y0F function performed using a round key of RK0
Y3F function performed using a round key of RK1
Judging whether N is equal to NRIf not, let n be n +1, go to step 2), if equal, go to step 3);
step 2) preparing Y'0Y′1Y′2Y3Performing round replacement T transformation to obtain round replacement T transformation result and recording as YT
Will run result YTThe high order bits are divided into 4 groups according to a group of 16 bits, and the groups are recorded as follows:
Figure BDA0002434225810000041
will be provided with
Figure BDA0002434225810000042
Figure BDA0002434225810000043
Sequentially given to Y0、Y1、Y2、Y3And returning to the step 1);
step 3) mixing
Figure BDA0002434225810000044
Sequentially given to Y0、Y1、Y2、Y3With Y0Y1Y2Y3As a plaintext output.
The novel lightweight COR L block cipher decryption implementation method comprises the step of selecting two sections of 16-bit keys as round keys, and the step of recording a preset 80-bit initial key as K ═ K-0、k1……k78、k79Firstly, the K in K is put together64、k65……k78、k79The data segments are changed by S-box permutation, then all the data segments in the S-box permutation are circularly shifted to the left by 9 bits, and finally { k } is taken48、k49……k62、k63Is RK0,{k64、k65……k78、k79Is RK1
In the method for realizing the decryption of the novel lightweight COR L block cipher, in the step 1) of decryption iterative operation, the F function transformation process comprises the steps of line shift transformation → round key addition transformation → S box replacement transformation → line shift transformation → column confusion transformation;
wherein the rows are shifted such that each 16-bit datum is represented as a matrix of 4 × 4, wherein the first row is not shifted, the second row is cyclically shifted to the right by 1 bit, the third row is cyclically shifted to the right by 2 bits, and the fourth row is cyclically shifted to the right by 3 bits;
the round key addition transformation is to carry out XOR operation on each 16-bit data and a round key;
the column confusion is replaced by dividing each 16-bit data into a unit by 4-bit data to form a 4 × 1 matrix, and combining the matrix with the matrix M in a finite field 24Performing a matrix multiplication operation, wherein the matrix M is:
Figure BDA0002434225810000045
in the novel lightweight COR L block cipher decryption implementation method, in the step 2) of decryption iterative operation, round permutation T is as follows:
64 bits to be subjected to round-robin T-conversionThe encrypted data is divided into 4 words from low order to high order, each word is 16 bits: t is0、T1、T2、T3With T2、T3、T0、T1The 64-bit output data is used as the round permutation T change operation.
The novel lightweight COR L block cipher decryption implementation method is characterized in that an S box used by the F function is as follows:
S=(6,5,C,A,1,E,7,9,B,0,3,D,8,F,4,2);
s-boxes are 4-bit mapped to 4-bit finite fields
Figure BDA0002434225810000046
Each group of 16-bit data to be permuted is sequentially arranged into a 4 × 4 matrix from low to high, and is permuted by an S box respectively according to columns.
The invention has the technical effects that a novel method for realizing the lightweight block cipher COR L is provided, a novel generalized Feistel network structure is designed, the structural algorithm optimizes the traditional Feistel network structure algorithm, only half of data is changed by one round of iterative operation, and three quarters of data can be changed by each round without adding excessively complicated change, the algorithm of the novel Feistel network structure has good diffusion effect, the strong diffusion of the lightweight algorithm of the SPN structure is effectively broken, but more resources are consumed during realization, the lightweight algorithm of the traditional Feistel network structure realizes fewer resources but two major bottleneck problems with poor algorithm diffusion effect, the algorithm encryption and decryption reuse rate is high, decryption can be realized only by adding a plurality of control signals during decryption, the operation is simple and convenient, the decryption does not need to consume too many resources, the cryptographic algorithm module has similar symmetrical components, F functions in round function transformation can be mutually multiplexed during realization, the transformation process is that a row-shift transformation wheel is a row-transform wheel with S-transform wheel → a row-shift transformation wheel → a row-shift-row-shift-row-shift-row-shift-row-shift-.
In conclusion, the novel lightweight block cipher COR L implementation method provided by the invention has the advantages that the attack resistance is very good in security verification, and compared with the prior art, the novel lightweight block cipher COR L implementation method is particularly effective in resisting differential and linear attacks and algebraic attacks.
Drawings
FIG. 1 is an encryption structure diagram of a novel lightweight block cipher COR L implementation method according to the invention;
FIG. 2 is a decryption structure diagram of an implementation method of a novel lightweight block cipher COR L according to the present invention;
FIG. 3 is a diagram of a round function transformation structure of the implementation method of the present invention;
FIG. 4 is a structural diagram of F function variation of the implementation method of the present invention;
FIG. 5 is a structural diagram of the S-box replacement change of the implementation method of the algorithm;
fig. 6 is a structural diagram of round permutation T transformation of the implementation method of the present algorithm.
Detailed Description
The invention is further described below with reference to the accompanying drawings and examples.
The COR L block cipher implementation mode includes designing cipher algorithm with block length of 64 bits, cipher key length of 80 bits and iteration number NRFor 22 rounds of operation.
The encryption structure of the COR L block cipher algorithm is shown in FIG. 1, and the decryption structure of the COR L block cipher algorithm is shown in FIG. 2;
the algorithm round Function operation mainly comprises F Function transformation (F-Function) and round permutation T transformation (round permutation); but the last round of function operation does not perform the round permutation T transform, as shown in fig. 3.
The F function transformation process is row shift transformation (Rowshift) → round key addition transformation (AddRoundKey) → S box replacement transformation (SubCell) → row shift transformation (Rowshift) → column confusion transformation (MixColumns);
dividing 64-bit Plaintext (Plaintext)/Ciphertext (cirtertext) data into 4 groups in turn from high order according to 16-bit groups, and recording encrypted Plaintext data as follows: x0、X1、X2、X3And the decrypted ciphertext data is recorded as Y0、Y1、Y2、Y3When 64-bit Key (Key) data is sequentially divided into 4 groups from the high bit according to a group of 16 bits, the Key is recorded as: k0、K1、K2、K3
COR L block cipher algorithm pseudo-code describes:
algorithm 1 COR L cryptographic encryption process
Inputting: plaintext, Key;
outputting Ciphertext;
Figure BDA0002434225810000061
algorithm 2 COR L cipher decryption process
Inputting: cipertext, Key;
outputting Plaintext;
Figure BDA0002434225810000062
Figure BDA0002434225810000071
f Function transformation (F _ Function)
The F function transformation comprises round key addition, row shift transformation, S box replacement transformation and column confusion transformation, and the specific operation process is as follows: the specific operation process of the row shift transformation → the round key plus transformation → the S box replacement transformation → the row shift transformation → the column confusion transformation is shown in FIG. 4.
1) Round key transformation (AddRoundKey)
The round key addition operation of each round is that 16 after entering the F function and shifting by rows is used as the encryption/decryption data and 16And performing exclusive or operation on the round key lines. Wherein each round of operation round key RK0And RK1And the algorithm encryption/decryption process uses the same key.
The algorithm round key generation process is as follows: initial key K ═ K0、k1……k78、k79The user proposes the key RK of the nth round stored in the register0And RK1K being the value K in the register respectively48、k49……k62、k63},{k64、k65……k78、k79}; the specific operation steps are as follows: 1) k value { K64、k65……k78、k79The data section is replaced and transformed by an S box; 2) k is circularly shifted to the left by 9 bits; 3) take { k48、k49……k62、k63}→RK0,{k64、k65……k78、k79}→RK1
2) Shift position change (Rowshift)
The row shift transform arranges the 16-bit data to be transformed into a 4 × 4 matrix, wherein the first row is not shifted, the second row is shifted circularly to the right by 1 bit, the third row is shifted circularly to the right by 2 bits, and the fourth row is shifted circularly to the right by 3 bits, so as to obtain the transformed matrix.
3) Column obfuscating transformations (MixColumns)
The column confusion matrix transform is to form a matrix of 16 bits to be transformed into 4 × 1, and then to combine the matrix in the field GF (2)4) Arithmetic substitutions are made above. Where the matrix used refers to the matrix used in AES:
Figure BDA0002434225810000081
4) s Box replacement transform (SubCell)
The S-box replacement transformation is a non-linear component in COR L algorithm, the S-box used in the algorithm is referred to as the S-box of rectangle algorithm as shown in Table 1, the data to be transformed with 16 bits are arranged into a matrix, and the data is divided into a according to columns0,a1,a2,a3Replacement is given as b0,b1,b2,b3As shown in equation (1), the specific S-box replacement transformation process is shown in fig. 5;
a finite field S:
Figure BDA0002434225810000082
ai→bi=S1(ai) Formula (1)
TABLE 1 COR L Algorithm S-Box Table element
X 0 1 2 3 4 5 6 7 8 9 A B C D E F
S[x] 6 5 C A 1 E 7 9 B 0 3 D 8 F 4 2
Round permutation T transform (Round Transposing)
The round permutation T is converted into the position alternate conversion of 4 data branches, and the specific operation is as follows: dividing 64-bit data to be converted into 4 branches, wherein each branch occupies 16 bits of data; branch 3 is switched to branch 1, branch 4 is switched to branch 2, branch 1 is switched to branch 3, branch 2 is switched to branch 4, and round permutation T conversion is completed. The specific transformation process of the round permutation T change is shown in fig. 6.
Algorithm test data, the test data for the COR L algorithm is shown in table 2:
TABLE 2
Plaintext Key Ciphertext
0000-0000-0000-0000 0000-0000-0000-0000-0000 054A-F12E-67FC-E99B
0000-0000-0000-0000 FFFF-FFFF-FFFF-FFFF-FFFF D238-E31D-C193-C5BC
FFFF-FFFF-FFFF-FFFF FFFF-FFFF-FFFF-FFFF-FFFF B8F2-521C-DD2F-52CC
FFFF-FFFF-FFFF-FFFF 0000-0000-0000-0000-0000 131B-1FBC8324-2174
13FC-450D-7AEF-3689 2903-75AC-DF0C-AE86-CCF5 7CAA-06B2-BC59-6BA6
The COR L cryptographic algorithm is realized in ASIC hardware, the area resource occupied by the comprehensive process library SMIC 0.18 μm. COR L algorithm is 1486GE, and the table 3 is realized in hardware of some typical lightweight block ciphers, the data comparison in the table 3 shows that the COR L occupies a smaller area compared with the current lightweight ciphers, and each round of the algorithm can change more data, so that the number of rounds required by encryption is less, the throughput is larger, and the time required by encrypting data of the same order of magnitude is less.
TABLE 3
Algorithm Number of wheels Structure of the product Packet length (bits) Key length (bits) Area of resources (GE)
PRESNET-80 31 SPN 64 80 1570
Twine-80 36 GFNS 64 80 1799
MISB 32 Feistel 64 80 1530
PICCOLO-80 25 Feistel 64 80 1496
LILLIPUT 30 GFNS 64 80 1545
CORL 22 GFNS 64 80 1486
The present invention has been described in detail with reference to the specific embodiments, which should not be construed as limiting the invention. Many variations and modifications may be made by one of ordinary skill in the art without departing from the principles of the present invention, which should also be considered within the scope of the present invention.

Claims (10)

1. A novel lightweight COR L block cipher encryption implementation method is characterized by comprising the following steps of enabling 64-bit data X to be encrypted/number to be encryptedThe low order to the high order according to 16 bit one group divide into 4 groups in proper order, note: x0X1X2X3Presetting an initial key with 80 bits, selecting two sections of keys with 16 bits from the initial key in each iteration operation as round keys and respectively recording the round keys as RK0、RK1
Carrying out N on data to be encryptedRAnd outputting the ciphertext through round iteration operation, wherein the current iteration round is represented by N, the initial value of N is 0, and N isRIs 22;
the encryption iterative operation comprises the following steps:
step 1) first, X is0F function transformation is carried out to obtain X ″)0While X is3F function transformation is also carried out to obtain X ″)3(ii) a Then, X ″' is introduced0And X1And X2Exclusive OR operation is carried out to obtain X'1And X'2,X″3And X0Exclusive OR operation to obtain X'0(ii) a Wherein, X0F function performed using a round key of RK0
X3F function performed using a round key of RK1
Judging whether N is equal to NRIf not, n +1, entering step 2), otherwise, entering step 3);
step 2) preparing X'0X′1X′2X3Performing round replacement T transformation to obtain round replacement T transformation result and recording as XT
Mixing XTThe high order bits are divided into 4 groups according to a group of 16 bits, and the groups are recorded as follows:
Figure FDA0002434225800000011
will be provided with
Figure FDA0002434225800000012
Figure FDA0002434225800000013
Sequentially given X0、X1、X2、X3And returning to the step 1);
step 3) mixing
Figure FDA0002434225800000014
Sequentially given to Y0、Y1、Y2、Y3With Y0Y1Y2Y3And output as a ciphertext.
2. The method as claimed in claim 1, wherein the step of selecting two 16-bit keys as round keys comprises assigning a predetermined 80-bit initial key as K ═ K { (K) }0、k1......k78、k79Firstly, the K in K is put together64、k65......k78、k79The data segments are changed by S-box permutation, then all the data segments in the S-box permutation are circularly shifted to the left by 9 bits, and finally { k } is taken48、k49......k62、k63Is RKo,{k64、k65......k78、k79Is RK1
3. The method for implementing the encryption of the novel lightweight COR L block cipher according to claim 1, wherein in the step 1) of the iterative encryption operation, the F function transformation process is row shift transformation → round key addition transformation → S box replacement transformation → row shift transformation again → column confusion transformation;
wherein the rows are shifted such that each 16-bit datum is represented as a matrix of 4 × 4, wherein the first row is not shifted, the second row is cyclically shifted to the right by 1 bit, the third row is cyclically shifted to the right by 2 bits, and the fourth row is cyclically shifted to the right by 3 bits;
the round key addition transformation is to carry out XOR operation on each 16-bit data and a round key;
the column confusion is replaced by dividing each 16-bit data into a unit by 4-bit data to form a 4 × 1 matrix, and combining the matrix with the matrix M in a finite field 24Performing a matrix multiplication operation, wherein the matrix M is:
Figure FDA0002434225800000021
4. the novel lightweight COR L block cipher encryption implementation method according to claim 1, wherein in step 2) of the encryption iterative operation, round permutation T is as follows:
dividing 64-bit data to be encrypted to be subjected to round permutation T conversion into 4 words from low order to high order in sequence, wherein each word is 16 bits: t is0、T1、T2、T3With T2、T3、T0、T1The 64-bit output data is used as the round permutation T change operation.
5. The novel lightweight COR L block cipher encryption implementation method as claimed in claim 1, wherein the S-box used by the F function is:
S=(6,5,C,A,1,E,7,9,B,0,3,D,8,F,4,2):
the S-box maps 4 bits to 4 bits: finite field
Figure FDA0002434225800000022
Each group of 16-bit data to be permuted is sequentially arranged into a 4 × 4 matrix from low to high, and is permuted by an S box respectively according to columns.
6. A novel lightweight COR L block cipher decryption implementation method is characterized by comprising the following steps:
taking 64-bit ciphertext data Y obtained according to any one of claims 1 to 5 as data to be decrypted, and sequentially dividing the data into 4 groups from the lower bit to the upper bit according to a group of 16 bits, wherein the 4 groups are recorded as: y is0Y1Y2Y3(ii) a Taking an initial key in the method according to any one of claims 1 to 5, selecting two 16-bit keys from the initial key as round keys in each round of iterative operation, and respectively recording the keys as RK0、RK1
Carry out N to the data to be decryptedRAnd performing iteration operation in turn, and outputting the plain text, wherein the current iteration turn is represented by N, the initial value of N is 0, and N isRThe value of (a) is 22,
the decryption iteration operation is as follows:
step 1) first of all Y3F function transformation is carried out to obtain Y3Let Y3And Y0Exclusive OR to give Y'0Prepared from Y'0Y' is obtained by changing the F function0Then let Y ″ "0And Y1And Y2Exclusive OR to give Y'1And Y'2
Wherein, Y0F function performed using a round key of RK0
Y3F function performed using a round key of RK1
Judging whether N is equal to NRIf not, let n be n +1, go to step 2), if equal, go to step 3);
step 2) preparing Y'0Y′1Y′2Y3Performing round replacement T transformation to obtain round replacement T transformation result and recording as YT
Will run result YTThe high order bits are divided into 4 groups according to a group of 16 bits, and the groups are recorded as follows:
Figure FDA0002434225800000023
will be provided with
Figure FDA0002434225800000024
Figure FDA0002434225800000025
Sequentially given to Y0、Y1、Y2、Y3And returning to the step 1);
step 3) mixing
Figure FDA0002434225800000031
Sequentially given to Y0、Y1、Y2、Y3With Y0Y1Y2Y3As a plaintext output.
7. The method as claimed in claim 6, wherein the step of selecting two 16-bit keys as round keys comprises assigning a predetermined 80-bit initial key as K ═ K { (K) }0、k1......k78、k79Firstly, the K in K is put together64、k65......k78、k79The data segments are changed by S-box permutation, then all the data segments in the S-box permutation are circularly shifted to the left by 9 bits, and finally { k } is taken48、k49......k62、k63Is RK0, { k64、k65......k78、k79Is RK1
8. The novel lightweight COR L block cipher decryption implementation method as claimed in claim 6, wherein in the step 1) of decryption iterative operation, the F function transformation process is line shift transformation → round key addition transformation → S box replacement transformation → line shift transformation → column confusion transformation;
wherein the rows are shifted such that each 16-bit datum is represented as a matrix of 4 × 4, wherein the first row is not shifted, the second row is cyclically shifted to the right by 1 bit, the third row is cyclically shifted to the right by 2 bits, and the fourth row is cyclically shifted to the right by 3 bits;
the round key addition transformation is to carry out XOR operation on each 16-bit data and a round key;
the column confusion is replaced by dividing each 16-bit data into a unit by 4-bit data to form a 4 × 1 matrix, and combining the matrix with the matrix M in a finite field 24Performing a matrix multiplication operation, wherein the matrix M is:
Figure FDA0002434225800000032
9. the novel lightweight COR L block cipher decryption implementation method according to claim 1, wherein in step 2) of the decryption iteration operation, round permutation T transform is as follows:
dividing 64-bit data to be encrypted to be subjected to round permutation T conversion into 4 words from low order to high order in sequence, wherein each word is 16 bits: t is0、T1、T2、T3With T2、T3、T0、T1The 64-bit output data is used as the round permutation T change operation.
10. The novel lightweight COR L block cipher decryption implementation method as claimed in claim 6, wherein the S-box used by the F function is:
S=(6,5,C,A,1,E,7,9,B,0,3,D,8,F,4,2);
the S-box maps 4 bits to 4 bits: finite field
Figure FDA0002434225800000033
Each group of 16-bit data to be permuted is sequentially arranged into a 4 × 4 matrix from low to high, and is permuted by an S box respectively according to columns.
CN202010247023.8A 2020-03-31 2020-03-31 Novel method for realizing lightweight block cipher CORL Active CN111431697B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010247023.8A CN111431697B (en) 2020-03-31 2020-03-31 Novel method for realizing lightweight block cipher CORL

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010247023.8A CN111431697B (en) 2020-03-31 2020-03-31 Novel method for realizing lightweight block cipher CORL

Publications (2)

Publication Number Publication Date
CN111431697A true CN111431697A (en) 2020-07-17
CN111431697B CN111431697B (en) 2022-06-21

Family

ID=71550259

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010247023.8A Active CN111431697B (en) 2020-03-31 2020-03-31 Novel method for realizing lightweight block cipher CORL

Country Status (1)

Country Link
CN (1) CN111431697B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112202547A (en) * 2020-11-11 2021-01-08 衡阳师范学院 Lightweight block cipher GFCS (generic fragment signature Circuit) implementation method and device and readable storage medium
CN112398639A (en) * 2020-11-04 2021-02-23 山东大学 Device and method for realizing Fountain lightweight encryption algorithm and application
CN113078997A (en) * 2021-03-24 2021-07-06 华北电力大学 Terminal protection method based on lightweight cryptographic algorithm
CN113343276A (en) * 2021-07-01 2021-09-03 衡阳师范学院 Generalized two-dimensional cat mapping-based lightweight block cipher algorithm GCM implementation method
CN113645615A (en) * 2021-08-12 2021-11-12 衡阳师范学院 Lightweight block cipher encryption and decryption method
CN113691364A (en) * 2021-08-31 2021-11-23 衡阳师范学院 Encryption and decryption method of dynamic S-box block cipher based on bit slice technology

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020101986A1 (en) * 2000-08-03 2002-08-01 Roelse Petrus Lambertus Adrianus Linear transformation for symmetric-key ciphers
CN104333446A (en) * 2014-11-10 2015-02-04 衡阳师范学院 Novel ultra-lightweight QTL (Quasi-Transmission Line) block cipher implementation method
CN110784307A (en) * 2019-11-05 2020-02-11 衡阳师范学院 Lightweight cryptographic algorithm SCENERY implementation method, device and storage medium

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020101986A1 (en) * 2000-08-03 2002-08-01 Roelse Petrus Lambertus Adrianus Linear transformation for symmetric-key ciphers
CN104333446A (en) * 2014-11-10 2015-02-04 衡阳师范学院 Novel ultra-lightweight QTL (Quasi-Transmission Line) block cipher implementation method
CN110784307A (en) * 2019-11-05 2020-02-11 衡阳师范学院 Lightweight cryptographic algorithm SCENERY implementation method, device and storage medium

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112398639A (en) * 2020-11-04 2021-02-23 山东大学 Device and method for realizing Fountain lightweight encryption algorithm and application
CN112398639B (en) * 2020-11-04 2022-02-22 山东大学 Device and method for realizing Fountain lightweight encryption algorithm and application
CN112202547A (en) * 2020-11-11 2021-01-08 衡阳师范学院 Lightweight block cipher GFCS (generic fragment signature Circuit) implementation method and device and readable storage medium
CN112202547B (en) * 2020-11-11 2022-04-12 衡阳师范学院 Lightweight block cipher GFCS (generic fragment signature Circuit) implementation method and device and readable storage medium
CN113078997A (en) * 2021-03-24 2021-07-06 华北电力大学 Terminal protection method based on lightweight cryptographic algorithm
CN113343276A (en) * 2021-07-01 2021-09-03 衡阳师范学院 Generalized two-dimensional cat mapping-based lightweight block cipher algorithm GCM implementation method
CN113343276B (en) * 2021-07-01 2022-06-14 衡阳师范学院 Encryption method of light-weight block cipher algorithm GCM based on generalized two-dimensional cat mapping
CN113645615A (en) * 2021-08-12 2021-11-12 衡阳师范学院 Lightweight block cipher encryption and decryption method
CN113645615B (en) * 2021-08-12 2023-12-22 衡阳师范学院 Lightweight block cipher encryption and decryption method
CN113691364A (en) * 2021-08-31 2021-11-23 衡阳师范学院 Encryption and decryption method of dynamic S-box block cipher based on bit slice technology
CN113691364B (en) * 2021-08-31 2024-02-09 衡阳师范学院 Encryption and decryption method of dynamic S-box block cipher based on bit slice technology

Also Published As

Publication number Publication date
CN111431697B (en) 2022-06-21

Similar Documents

Publication Publication Date Title
CN111431697B (en) Novel method for realizing lightweight block cipher CORL
CN107707343B (en) SP network structure lightweight block cipher realization method with consistent encryption and decryption
JP3499810B2 (en) ENCRYPTION DEVICE, ENCRYPTION METHOD, COMPUTER-READABLE RECORDING MEDIUM CONTAINING PROGRAM FOR FUNCTIONING COMPUTER AS ENCRYPTION DEVICE, AND COMPUTER READING RECORDING PROGRAM FOR FUNCTIONING COMPUTER AS DECRYPTION DEVICE, DECRYPTION METHOD, AND DECRYPTION DEVICE Possible recording media
US6769063B1 (en) Data converter and recording medium on which program for executing data conversion is recorded
CN104333446B (en) A kind of novel ultra-light magnitude QTL block cipher implementation method
CN109768854B (en) Method for realizing lightweight block cipher algorithm
Moldovyan et al. A cipher based on data-dependent permutations
US7499542B2 (en) Device and method for encrypting and decrypting a block of data
CN111245598B (en) Method for realizing lightweight AEROGEL block cipher
CN110784307A (en) Lightweight cryptographic algorithm SCENERY implementation method, device and storage medium
CN102713994B (en) Encryption device
CN116980194A (en) Safe and efficient data transmission method and system based on cloud edge end cooperation
Kang et al. Collision attacks on AES-192/256, Crypton-192/256, mCrypton-96/128, and anubis
CN113691364B (en) Encryption and decryption method of dynamic S-box block cipher based on bit slice technology
CN115811398A (en) Dynamic S-box-based block cipher algorithm, device, system and storage medium
CN110247754B (en) Method and device for realizing block cipher FBC
Cheng et al. Revised cryptanalysis for SMS4
CN107886463A (en) A kind of digital image encryption method based on Chen systems and cellular automaton
CN111262685B (en) Novel method and device for realizing Shield block cipher generated by secret key and readable storage medium
Dai et al. VH: a lightweight block cipher based on dual pseudo-random transformation
Kumar Full-round differential attack on DoT block cipher
Pramod et al. An advanced AES algorithm using swap and 400 bit data block with flexible S-Box in Cloud Computing
Kiran Kumar et al. Implementation and analysis of cryptographic ciphers in FPGA
CN112134691B (en) NLCS block cipher realization method, device and medium with repeatable components
Ji et al. Square attack on reduced-round Zodiac cipher

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant