From msuinfo!netnews.upenn.edu!dsinc!newsfeed.pitt.edu!gatech!europa.eng.gtefsd.com!MathWorks.Com!zombie.ncsc.mil!golf!mizzou1.missouri.edu!C445585 Tue May 17 21:26:51 1994 Path: msuinfo!netnews.upenn.edu!dsinc!newsfeed.pitt.edu!gatech!europa.eng.gtefsd.com!MathWorks.Com!zombie.ncsc.mil!golf!mizzou1.missouri.edu!C445585 From: C445585@mizzou1.missouri.edu Newsgroups: sci.crypt Subject: A fast 32-bit to 32-bit crypto transformation Date: Mon, 16 May 94 20:38:03 CDT Organization: University of Missouri, Columbia Lines: 39 Message-ID: <16FB81222BS86.C445585@mizzou1.missouri.edu> NNTP-Posting-Host: mizzou1.missouri.edu I've been playing with ciphers like BLOWFISH, Khufu, and REDOC-III, and I think I can see a generally useful 32-bit to 32-bit transformation that answers some of my complaints about each. I originally was thinking that this could be useful in designing a 32-bit granularity stream cipher, but I can also see it as useful for "whitening" operations, and for preprocessing ciphertext blocks before shifting them into a CFB buffer. The general scheme uses: S(): An 8-bit to 32-bit s-box whose low-order 8 bits are all 0s. This is probably going to be key-derived, using a rule similar to the one used in Khufu--that is, it's going to require a permutation of 0..255 in each byte position. RLW(x,y) rotates 32-bit word x left y places. LB(x) is the low byte of x, probably by (x & 0xff) or some such. One round of this transformation is T(x,k) = x = x + k x = RLW(x xor S(LB(x)),8) x = RLW(x + S(LB(x)),8) x = RLW(x xor S(LB(x)),8) x = RLW(x + S(LB(x)),11) The transformation could be used with varying s-boxes, and PRNG- provided subkeys. The rotations seem to guard against most weak keys, and seem to make Shiriff's attack on REDOC-III unlikely to work here, even if we used all XORs or all +'s. Has some variation on this transformation been done before? It could easily be expanded to larger blocks, and in fact, simple and fast block ciphers can be built for 64-, 96-, or 128-bit blocks. --John Kelsey, c445585@mizzou1.missouri.edu