Enhanced block ciphers with data-dependent rotations

Assignee

• RSA Security LLC · US

Inventors

• Ronald L. Rivest · Arlington, US
• Matthew Robshaw · Seattle, US
• Raymond Mark Sidney · Foster City, US
• Yiqun Yin · Monroe, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L2209/24
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A plaintext message to be encrypted is segmented into a number of words, e.g., four words stored in registers A, B, C and D, and an integer multiplication function is applied to a subset of the words, e.g., to the two words in registers B and D. The integer multiplication function may be a quadratic function of the form .function.(x)=x(ax+b) or other suitable function such as a higher-order polynomial. The results of the integer multiplication function are rotated by lg w bits, where lg denotes log base 2 and w is the number of bits in a given word, to generate a pair of intermediate results t and u. An exclusive-or of another word, e.g., the word in register A, and one of the intermediate results, e.g., t, is rotated by an amount determined by the other intermediate result u. Similarly, an exclusive-or of the remaining word in register D and the intermediate result u is rotated by an amount determined by the other intermediate result t. An element of a secret key array is applied to each of these rotation results, and the register contents are then transposed. This process is repeated for a designated number of rounds to generate a ciphertext message. Pre-whitening and post-whiten…