Specifications in 2001

Similar documents
Lecture - Data Encryption Standard 4

Related-Mode Attacks on CTR Encryption Mode

The stream cipher MICKEY-128 (version 1) Algorithm specification issue 1.0

Miss in the Middle Attacks on IDEA and Khufu

Cracking of the Merkle Hellman Cryptosystem Using Genetic Algorithm

Assignment # 2. Farrukh Jabeen Algorithms 510 Assignment #2 Due Date: June 15, 2009.

Parallel Inverse Halftoning by Look-Up Table (LUT) Partitioning

Load Balancing for Hex-Cell Interconnection Network

Conditional Speculative Decimal Addition*

An Optimal Algorithm for Prufer Codes *

A Comparative Analysis of Encryption Algorithms for Better Utilization

Compiler Design. Spring Register Allocation. Sample Exercises and Solutions. Prof. Pedro C. Diniz

Cluster Analysis of Electrical Behavior

A Secured Method for Image Steganography Based On Pixel Values

Sum of Linear and Fractional Multiobjective Programming Problem under Fuzzy Rules Constraints

Virtual Machine Migration based on Trust Measurement of Computer Node

RADIX-10 PARALLEL DECIMAL MULTIPLIER

A Binarization Algorithm specialized on Document Images and Photos

TECHNIQUE OF FORMATION HOMOGENEOUS SAMPLE SAME OBJECTS. Muradaliyev A.Z.

Assembler. Shimon Schocken. Spring Elements of Computing Systems 1 Assembler (Ch. 6) Compiler. abstract interface.

A Star-based Independent Biclique Attack on Full Rounds SQUARE

A New Approach For the Ranking of Fuzzy Sets With Different Heights

Biclique Cryptanalysis Of PRESENT, LED, And KLEIN

Array transposition in CUDA shared memory

A mathematical programming approach to the analysis, design and scheduling of offshore oilfields

DLK Pro the all-rounder for mobile data downloading. Tailor-made for various requirements.

IP Camera Configuration Software Instruction Manual

An Optimized Pseudorandom Generator using Packed Matrices

Storage Binding in RTL synthesis

High Payload Reversible Data Hiding Scheme Using Difference Segmentation and Histogram Shifting

Assembler. Building a Modern Computer From First Principles.

ETAtouch RESTful Webservices

Genetic Key Guided Neural Deep Learning based Encryption for Online Wireless Communication (GKNDLE)

4. Specifications and Additional Information

Course Introduction. Algorithm 8/31/2017. COSC 320 Advanced Data Structures and Algorithms. COSC 320 Advanced Data Structures and Algorithms

Problem Definitions and Evaluation Criteria for Computational Expensive Optimization

CIS-331 Spring 2016 Exam 1 Name: Total of 109 Points Version 1

Tsinghua University at TAC 2009: Summarizing Multi-documents by Information Distance

Floating-Point Division Algorithms for an x86 Microprocessor with a Rectangular Multiplier


mquest Quickstart Version 11.0

R s s f. m y s. SPH3UW Unit 7.3 Spherical Concave Mirrors Page 1 of 12. Notes

A Practical Attack on KeeLoq

6.854 Advanced Algorithms Petar Maymounkov Problem Set 11 (November 23, 2005) With: Benjamin Rossman, Oren Weimann, and Pouya Kheradpour

Algorithm To Convert A Decimal To A Fraction

CONTROLLING INFORMATION FLOWS DURING SOFTWARE DEVELOPMENT

Implementation and Evaluation of Authenticated Encryption Algorithms on Java Card Platform

MULTISPECTRAL IMAGES CLASSIFICATION BASED ON KLT AND ATR AUTOMATIC TARGET RECOGNITION

Research Article. ISSN (Print) s k and. d k rate of k -th flow, source node and

CIS-331 Fall 2013 Exam 1 Name: Total of 120 Points Version 1

An Iterative Solution Approach to Process Plant Layout using Mixed Integer Optimisation

Brushlet Features for Texture Image Retrieval

Subspace clustering. Clustering. Fundamental to all clustering techniques is the choice of distance measure between data points;

Virtual Memory. Background. No. 10. Virtual Memory: concept. Logical Memory Space (review) Demand Paging(1) Virtual Memory

Fuzzy Keyword Search over Encrypted Data in Cloud Computing

Design of Structure Optimization with APDL

High level vs Low Level. What is a Computer Program? What does gcc do for you? Program = Instructions + Data. Basic Computer Organization

Hermite Splines in Lie Groups as Products of Geodesics

A new attack on Jakobsson Hybrid Mix-Net

Weaknesses of a dynamic ID-based remote user authentication. He Debiao*, Chen Jianhua, Hu Jin

Sorting Review. Sorting. Comparison Sorting. CSE 680 Prof. Roger Crawfis. Assumptions

FEATURE EXTRACTION. Dr. K.Vijayarekha. Associate Dean School of Electrical and Electronics Engineering SASTRA University, Thanjavur

An Efficient Chaos-Based Feedback Stream cipher (ECBFSC) for Image Cryptosystems

VRT012 User s guide V0.1. Address: Žirmūnų g. 27, Vilnius LT-09105, Phone: (370-5) , Fax: (370-5) ,

F Geometric Mean Graphs

Simulation Based Analysis of FAST TCP using OMNET++

Enhanced AMBTC for Image Compression using Block Classification and Interpolation

SENSITIVITY ANALYSIS IN LINEAR PROGRAMMING USING A CALCULATOR

PYTHON IMPLEMENTATION OF VISUAL SECRET SHARING SCHEMES

AADL : about scheduling analysis

Using the Multiple-Clue approach for system testing on AIRBUS FAL (Final Assembly Line)

A Facet Generation Procedure. for solving 0/1 integer programs

Type-2 Fuzzy Non-uniform Rational B-spline Model with Type-2 Fuzzy Data

Research of Multiple Text Watermarks Technique in Electric Power System Texts

Lecture 5: Probability Distributions. Random Variables

FIBARO WALL PLUG OPERATING MANUAL FGBWHWPE-102/FGBWHWPF-102 CONTENTS

Harvard University CS 101 Fall 2005, Shimon Schocken. Assembler. Elements of Computing Systems 1 Assembler (Ch. 6)

Circuit Analysis I (ENGR 2405) Chapter 3 Method of Analysis Nodal(KCL) and Mesh(KVL)

Solving two-person zero-sum game by Matlab

Vectorization of Image Outlines Using Rational Spline and Genetic Algorithm

Gossip Codes for Fingerprinting: Construction, Erasure Analysis and Pirate Tracing

Enhanced Watermarking Technique for Color Images using Visual Cryptography

Article Reversible Dual-Image-Based Hiding Scheme Using Block Folding Technique

Mathematics 256 a course in differential equations for engineering students

Using Radial Basis Functions to Solve Geodesics Equations for Body Measurements *

Mallathahally, Bangalore, India 1 2

Machine Learning 9. week

CIS-331 Exam 2 Spring 2016 Total of 110 Points Version 1

PROPERTIES OF BIPOLAR FUZZY GRAPHS

FPGA Implementation of CORDIC Algorithms for Sine and Cosine Generator

LOOP ANALYSIS. The second systematic technique to determine all currents and voltages in a circuit

Shape-adaptive DCT and Its Application in Region-based Image Coding

CIS-331 Fall 2014 Exam 1 Name: Total of 109 Points Version 1

Buffering High-Speed Packets with Tri-Stage Memory Array and Its Performance Analysis

Outline. Digital Systems. C.2: Gates, Truth Tables and Logic Equations. Truth Tables. Logic Gates 9/8/2011

Classifier Selection Based on Data Complexity Measures *

A Background Subtraction for a Vision-based User Interface *

Efficient Broadcast Disks Program Construction in Asymmetric Communication Environments

Security Enhanced Dynamic ID based Remote User Authentication Scheme for Multi-Server Environments

NUMERICAL SOLVING OPTIMAL CONTROL PROBLEMS BY THE METHOD OF VARIATIONS

Transcription:

Specfcatons n 200 MISTY (updated : May 3, 2002) September 27, 200 Mtsubsh Electrc Corporaton

Block Cpher Algorthm MISTY Ths document shows a complete descrpton of encrypton algorthm MISTY, whch are secret-key cpher wth 64-bt data block and 28-bt secret key. The number of rounds n of MISTY s varable under the condton that n s a multple of four. Recommendaton value s n = 8. In the followng descrpton, t s defned that the most left bt s Most Sgnfcant Bt (MSB), the most rght bt s Least Sgnfcant Bt (LSB). Data Randomzng Part Fgure a and b show the data randomzng part of MISTY for encrypton and decrypton, respectvely. The plantext/cphertext s dvded nto two 32-bt data, whch are transformed by btwse XOR operatons denoted by the symbol and sub-functons FO ( n), FL ( n + 2) and FL ( n + 2). FO uses a 64-bt subkey O and a 48-bt subkey I. FL and FL are used n encrypton and decrypton, respectvely, both of whch use a 32-bt subkey L. Fgure 2 shows the structure of FO. The nput s dvded nto two -bt data, whch are transformed by btwse XOR operatons denoted by the symbol and sub-functons j ( j 3), where O j ( j 4) and I j ( j 3) are the j-th (from left) -bt data of O and I, respectvely. Fgure 3 shows the structure of. The nput s dvded nto left 9-bt data and rght 7-bt data, whch are transformed by btwse XOR operatons denoted by the symbol and substtuton tables S 7 and S 9. In the frst and thrd XORs, the 7-bt data s zero-extended to 9 bts, and on the second XOR, the 9-bt data s truncated to 7 bts by dscardng ts hghest two bts. I j and I j 2 are left 7-bt data and rght 9-bt data of I j, respectvely. Fgure 4a and 4b show the structure of FL and FL, respectvely. The nput s dvded nto two -bt data, whch are transformed by btwse XOR operatons denoted by the symbol, a btwse AND operaton denoted by the symbol and a btwse OR operaton denoted by the symbol, where ( j 2) L. L j s the j-th (from left) -bt data of Tables and 2 show decmal representaton of the substtuton tables S 7 and S 9, respectvely. ey Schedulng Part Fgure 5 shows the ey Schedulng part of MISTY. Let ( 8) be the -th (from left) -bt data of the secret key, and let ( 8) be the output of j where the nput of j s and the key I j s +. Also, dentfy 9 wth. The correspondence between the symbols O j, I j, L j and the actual key s as follows: Symbol O O 2 O 3 O 4 I I 2 I 3 L L 2 ey + 2 + 7 + 4 +5 + +3 + 2 + 2 2 ( odd ) ( even ) Where and are dentfed wth 8 and Test Data The followng s sample data for MISTY wth eght rounds n hexadecmal form: Secret ey L ) 00 22 33 44 55 66 77 88 99 aa bb cc dd ee ff ( 8 Plantext Extended ey ( ) 8 0 23 45 67 89 ab cd ef + + 6 2 + 4 2 8, respectvely, when exceeds 8. L cf 5 8e 7f 5e 29 67 3a cd bc 07 d6 bf 35 5e ( odd ) ( even ) Cphertext 8b d a5 f5 6a b3 d0 7c

P 64 32 32 L FL I,O FL2 L2 FO I2,O2 FO2 L3 FL3 I3,O3 FL4 L4 FO3 I4,O4 FO4 L5 FL5 I5,O5 FL6 L6 FO5 I6,O6 FO6 L7 FL7 I7,O7 FL8 L8 FO7 I8,O8 FO8 Ln+ FLn+ FLn+2 Ln+2 C Fgure a. MISTY (Encrypton)

Fgure b. MISTY (Decrypton) FLn+2 FLn+ Ln+ Ln+2 P C 64 32 32 FL5 FL6 FO5 FO6 I5,O5 I6,O6 L5 L6 FL7 FL8 FO7 FO8 I7,O7 I8,O8 L7 L8 FL FL2 FO FO2 I,O I2,O2 L L2 FL3 FL4 FO3 FO4 I3,O3 I4,O4 L3 L4

32 9 7 32 O L I S9 zero-extend L2 O2 I2 2 S7 Fgure 4a. FL truncate Ij Ij2 O3 32 I3 3 S9 L2 zero-extend L O4 Fgure 2. FO Fgure 3. j Fgure 4b. Fl 2 3 4 5 6 7 8 2 3 4 5 6 7 8 Fgure 5. ey Schedulng

27, 50, 5, 90, 59,, 23, 84, 9, 26,4,5,07, 44,02, 73, 3, 36, 9,08, 55, 46, 63, 74, 93, 5, 64, 86, 37, 8, 28, 4,, 70, 32, 3,23, 53, 68, 66, 43, 30, 65, 20, 75,2, 2,, 4, 85, 9, 54,, 2,03, 83, 40, 0,26, 56, 2, 7, 96, 4, 25, 8,0, 47, 48, 57, 8,04, 95,20, 42, 76,00, 69,7, 6, 89, 72, 3, 87,24, 79, 98, 60, 29, 33, 94, 39,06,2, 77, 58,,09,0, 99, 24,9, 35, 5, 38,8, 0, 49, 45,22,27, 97, 80, 34, 7, 6, 7, 22, 82, 78,3, 62,05, 67, 52, 92, 88,25 Table. The table of S 7 45,203,339,45,483,233,25, 53,385,85,279,49,307, 9, 45,2, 99,330, 55,26,235,356,403,472,3,286, 85, 44, 29,48,355,280, 33,338,466, 5, 43, 48,34,229,273,32,398, 99,227,200,500, 27,,57,248,4,365,499, 28,326,25,209,30,490,387,30,244,44, 467,22,482,296,480,236, 89,45, 7,303, 38,220,76,396,27,503, 23,364,82,249,2,337,257,332,259,84,340,299,430, 23,3, 2, 7, 88,27,420,308,297,32,349,43,434,49, 72,24, 8,458, 35, 37,423,357, 59, 66,28,402,206,93,07,59,497,300,388,250,406, 48,36,38, 49,384,266,48,474,390,38,284, 96,373,463,03,28, 0,04,53,336, 8, 7,380,83, 36, 25,222,295,29,228,425, 82, 265,44,42,449, 40,435,309,362,374,223,485,392,97,366,478,433, 95,479, 54,238,494,240,47, 73,54,438,05,29,293,, 94,80, 329,455,372, 62,35,439,42,454,74,,49,495, 78,242,509,33, 253,246,0,367,3,38,342,55,3,263,359,52,464,489, 3,50, 89,290,37,20,399, 8, 5,06,322,237,368,283,226,335,344,305, 327, 93,275,46,2,353,42,377,58,436,204, 34,306, 26,232, 4, 39,493,407, 57,447,47, 39,395,98,56,208,334,08, 52,498,0, 202, 37,86,40,254, 9,262, 47,429,370,475,92,267,470,245,492, 269,8,276,427,7,268,484,345, 84,287, 75,96,446,247, 4,4, 4,496,9, 77,378,34,39,79,369,9,270,260,5,347,352,360, 25,87,02,462,252,46,453,, 22, 74,,33,75,24,400, 0, 426,323,379, 86,397,358,22,507,333,404,40,35,504,29,7,440, 32, 60,505,320, 42,34,282,47,408,23,294,43, 97,302,343,476, 4,394,70,50,277,239, 69,23,4,325, 83, 95,376,78, 46, 32, 469, 63,457,487,428, 68, 56, 20,77,363,7,8, 90,386,456,468, 24,375,00,207,09,256,409,304,346, 5,288,443,445,224, 79,24, 39,452,298, 2, 6,255,4,6, 67,36, 80,35,488,289,5,382, 88,94,20,37,393,50,,460,486,424,405, 3, 65, 3,442, 50, 6,465,28,8, 87,44,354,328,27,26, 98,22, 33,5,274,264, 448,9,285,432,422,205,243, 92,258, 9,473,324,502,73,5, 58, 459,30,383, 70,225, 30,477,230,3,506,389,40,43, 64,437,90, 20, 0,72,272,350,292, 2,444,2,234,2,508,278,348, 76,450 Table 2. The table of S 9

Implementaton Methods The reference C source code attached to the submsson package shows an example of straghtforward mplementaton based on the specfcatons of MISTY. There are however many more technques for mplementng MISTY n software balancng speed and memory requrements. The followng shows how to speed up MISTY n software. It s not dffcult to see that the -functon can be also wrtten as shown n the left fgure, where S9A and S9B are newly ntroduced look-up tables that transform 9 and 7 nput bts nto output bts, respectvely. Note that the subkey j can be "embedded" nto other subkeys. Though mplementng ths form requres more memory than the straghtforward method, but faster speed s expected. Moreover, notng that the number of possble varetes of j2 s only eght, we can even remove the subkey by ntroducng eght dfferent S9A tables (S9A) f a target processor has on-chp cache of bytes or more. Verson Informaton MISTY has been proposed n the followng standardzaton actvtes, where the proposed specfcaton s exactly the same as the specfcaton descrbed n ths document. ISO / SC27 NESSIE IETF-TLS Also, ASUMI, whch was modfed on the bass of MISTY, has been adopted as the world standard of the forthcomng W-CDMA systems. ASUMI s a varant of MISTY, but s not compatble wth MISTY. Object Identfer The object dentfer of MISTY s descrbed n RFC2994 "A Descrpton of the MISTY Encrypton Algorthm". The followng s extracted from the RFC2994 document. The Object Identfer for MISTY n Cpher Block Channg (CBC) mode s as follows: MISTY-CBC OBJECT IDENTIER ::= {so() member-body(2) jsc(392) mtsubsh-electrc-corporaton(2000) sl(6) securty() algorthm() symmetrc-encrypton-algorthm() msty-cbc()} MISTY-CBC needs Intalzaton Vector (IV) as lke as other algorthms, such as DES-CBC, DES-EDE3-CBC and so on. To determne the value of IV, MISTY-CBC takes parameter as: MISTY-CBC Parameter ::= IV

where IV ::= OCTET STRING -- 8 octets. When ths Object Identfer s used, plantext s padded before encrypt t. At least paddng octet s appended at the end of the plantext to make the length of the plantext to the multple of 8 octets. The value of these octets s as same as the number of appended octets. (e.g., If 5 octets are needed to pad, the value s 0x05.) Applcatons and Products MISTY has been used n varous applcatons and products as follows; most of the nformaton can be found at http://www.securty.melco.co.jp/ [Software Products] Encrypton lbrary <PowerMISTY>, PI lbrary <CertMISTY>, PI server system <CERTMANAGER>, Fle encrypton software <CRYPTOLE>, Secure web access <TRUSTWEB>, Message encrypton software <CRYPTOSIGN>, Dgtal contents secure dstrbuton system <DIGICAPSULE>, Emal securty enhancement tool <MAHOUBIN-II> (by NTT Electroncs), Fle encrypton tool <SecureStaff> (by Mtsubsh Control Software) [Hardware Products] LAN encrypton hardware <MELWALL>, ey management hardware <MISTYEYPER> (by Mtsubsh Electrc Engneerng), Encrypton LSI CDI2050 (by Cogntve Desgn, Inc), Encrypton Algorthm IP for LSI development.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback