SMS4 Encryption Algorithm for Wireless Networks

Similar documents
Visa Smart Debit/Credit Certificate Authority Public Keys

Advanced Encryption Standard by Example. 1.0 Preface. 2.0 Terminology. Written By: Adam Berent V.1.7

Advanced Encryption Standard by Example. 1.0 Preface. 2.0 Terminology. Written By: Adam Berent V.1.5

Rijndael Encryption implementation on different platforms, with emphasis on performance

SERVER CERTIFICATES OF THE VETUMA SERVICE

KALE: A High-Degree Algebraic-Resistant Variant of The Advanced Encryption Standard

SERVER CERTIFICATES OF THE VETUMA SERVICE

USB HID to PS/2 Scan Code Translation Table

SL-8800 HDCP 2.2 and HDCP 1.x Protocol Analyzer for HDMI User Guide

The ASCII Character Set

URL encoding uses hex code prefixed by %. Quoted Printable encoding uses hex code prefixed by =.

Secret File Sharing Techniques using AES algorithm. C. Navya Latha Garima Agarwal Anila Kumar GVN

ASCII CODES WITH GREEK CHARACTERS

3. April 2013 IT ZERTIFIKATE. Zertifizierungsstellen / Certification Center. IT Sicherheit UNTERNEHMENSBEREICH IT

EMV (Chip-and-PIN) Protocol

How to create OpenDocument URL s with SAP BusinessObjects BI 4.0

Luxembourg (Luxembourg): Trusted List

Geometry Handout 2 ~ Page 1

Community College of Philadelphia Calling Code 218 Employer Scan Client Approved: November 17, 2005 Region (CIRCLE) City MSA

Pattern Co. Monkey Trouble Wall Quilt. Size: 48" x 58"

The Advanced Encryption Standard (AES)

ON-BOARDING TOOL USER GUIDE. HKEx Orion Market Data Platform Securities Market & Index Datafeed Products Mainland Market Data Hub (MMDH)

HTML Codes - Characters and symbols

CROSS REFERENCE. Cross Reference Index Cast ID Number Connector ID Number 111 Engine ID Number Ford Motor Company 109

HSR TRAINING COURSE REQUIREMENTS HSR Training Course Guidance Booklet 2

Appendix C: Keyboard Scan Codes

EMDX3 Multifunction meter Cat No ModbusTable LGR EN v1.01.xls

DATING YOUR GUILD

NEOSHO COUNTY COMMUNITY COLLEGE MASTER COURSE SYLLABUS. Medical Administrative Aspects

ASV Scan Report Vulnerability Details PRESTO BIZ

Technical Specification Digital Video Broadcasting (DVB); Content Scrambling Algorithms for DVB-IPTV Services using MPEG2 Transport Streams

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

Cryptography and Network Security. Prof. D. Mukhopadhyay. Department of Computer Science and Engineering. Indian Institute of Technology, Kharagpur

Parallax Serial LCD 2 rows x 16 characters Non-backlit (#27976) 2 rows x 16 characters Backlit (#27977) 4 rows x 20 characters Backlit (#27979)

White Paper. Shay Gueron Intel Architecture Group, Israel Development Center Intel Corporation

CSCE 465 Computer & Network Security

Service Instruction. 1.0 SUBJECT: ECi Accessory Cases for Lycoming 4-Cylinder engines with single magneto configurations and TITAN 361 Engines

The colors in the Federal Standard set have no official names, just five-digit numbers. Any names given below are generic.

Network Security. Security. Security Services. Crytographic algorithms. privacy authenticity Message integrity. Public key (RSA) Message digest (MD5)

Application Note RMF Magic 5.1.0: EMC Array Group and EMC SRDF/A Reporting. July 2009

Secure Network Communication Part II II Public Key Cryptography. Public Key Cryptography

The current version of this document can always be found at

A Secure Software Implementation of Nonlinear Advanced Encryption Standard

SeChat: An AES Encrypted Chat

NEOSHO COUNTY COMMUNITY COLLEGE MASTER COURSE SYLLABUS. Medical Professional Issues

CS 758: Cryptography / Network Security

Cryptography and Network Security

South Texas Educational Technologies, Inc. TEL (956) FAX (956) Tomorrow s Education Today S. TEXAS BLVD WESLACO, TX 78596

Lecture 9 - Network Security TDTS (ht1)

Future Trends in Airline Pricing, Yield. March 13, 2013

Enhancing Advanced Encryption Standard S-Box Generation Based on Round Key

Design and Analysis of Parallel AES Encryption and Decryption Algorithm for Multi Processor Arrays

Chapter 2 Overview of Bluetooth Security

"HIGHER EDUCATION VALUES AND OPINIONS SURVEY" ADVANCED PLACEMENT TEACHERS and GUIDANCE COUNSELORS May-June 1994

COUNCIL OF INTERNATIONAL SCHOOLS (CIS) SCHOOL IMPROVEMENT THROUGH ACCREDITATION

6 Data Encryption Standard (DES)


IBM Emulation Mode Printer Commands

Network Security: Secret Key Cryptography

Collinearity and concurrence

The Advanced Encryption Standard (AES)

1. Find the length of BC in the following triangles. It will help to first find the length of the segment marked X.

US Code (Unofficial compilation from the Legal Information Institute)

Common Licensing Technology Overview

Montgomery GI Bill Selected Reserve (MGIB-SR) Command/Servicing Personnel Office Review

Intel Advanced Encryption Standard (AES) New Instructions Set

Attachment "A" - List of HP Inkjet Printers

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

Baltic Way Västerås (Sweden), November 12, Problems and solutions

How To Encrypt With A 64 Bit Block Cipher

MAC Address Management

Cryptography and Network Security Block Cipher

Modern Block Cipher Standards (AES) Debdeep Mukhopadhyay

A DIVISION OF THE MENO. Meno proposes a question: whether virtue can be taught. Three conversations or discussions following question

Online EFFECTIVE AS OF JANUARY 2013

Vehicle Identification Numbering System 00.03

1 Data Encryption Algorithm

Security of Online Social Networks

AVR1318: Using the XMEGA built-in AES accelerator. 8-bit Microcontrollers. Application Note. Features. 1 Introduction

CLOUD COMPUTING SECURITY ARCHITECTURE - IMPLEMENTING DES ALGORITHM IN CLOUD FOR DATA SECURITY

Network Security. Chapter 3 Symmetric Cryptography. Symmetric Encryption. Modes of Encryption. Symmetric Block Ciphers - Modes of Encryption ECB (1)

PCL PC -8. PCL Symbol Se t: 12G Unicode glyph correspondence table s.

Network Security. Omer Rana

Parallel AES Encryption with Modified Mix-columns For Many Core Processor Arrays M.S.Arun, V.Saminathan

Public Key Infrastructure. Certificates Standard X509v3

Properties of Secure Network Communication

Chapter 2 Homework 2-5, 7, 9-11, 13-18, 24. (9x + 2)(mod 26) y 1 1 (x 2)(mod 26) 3(x 2)(mod 26) U : y 1 = 3(20 2)(mod 26) 54(mod 26) 2(mod 26) c

A PPENDIX G S IMPLIFIED DES

Math 312 Homework 1 Solutions

Developing and Investigation of a New Technique Combining Message Authentication and Encryption

ASCII control characters (character code 0-31)

Combining Mifare Card and agsxmpp to Construct a Secure Instant Messaging Software

AESvisual: A Visualization Tool for the AES Cipher

Implementation of Full -Parallelism AES Encryption and Decryption

Acceptance Page 2. Revision History 3. Introduction 14. Control Categories 15. Scope 15. General Requirements 15

Elements of Abstract Group Theory

Automata Designs for Data Encryption with AES using the Micron Automata Processor

Session 5 Dissections and Proof


Transcription:

SMS4 Encryption Algorithm for Wireless Networks Translated and typeset by Whitfield Diffie of Sun Microsystems and George Ledin of Sonoma State University 15 May 2008 Version 1.03 SMS4 is a Chinese block cipher standard, mandated for use in protecting wireless networks, and issued in January 2006. The input, output, and key of SMS4 are each 128 bits. The algorithm has 32 rounds, each of which modifies one of the four 32-bit words that make up the block by xoring it with a keyed function of the other three words. Encryption and decryption have the same structure except that the round key schedule for decryption is the reverse of the round key schedule for encryption.

SMS4 Encryption Algorithm for Wireless Networks The SMS4 algorithm is a block cipher with 128-bit key and 128-bit input block. Encryption and decryption take 32 rounds of nonlinear substitutions. Encryption and decryption have the same structure, but the round key schedule for decryption is the reverse (goes in the opposite order) of the round key schedule for encryption. 1. Terminology (Definitions) 1.1 Zi and ZiJie (Word and Byte) Z2 e is the set of e-bit vectors. Specifically, the elements of Z2 32 are called Zi (32-bit words), and the elements of Z2 8 are called ZiJie (8-bit characters, or bytes). 1.2 S box The S (substitution) box takes in 8 bits and outputs 8 bits. It is written Sbox(.). 1.3 Fundamental Operations The two fundamental operations used by this algorithm are: the bitwise XOR of two 32-bit vectors, <<< i the circular shift of a 32-bit word, with i bits shifted left. 1.4 Input and output blocks, and key The 128-bit input block consists of four 32-bit words MK = (MK 1, MK 2, MK 3, MK 4 ) or MK i (i = 0, 1, 2, 3). The round key schedule, derived from the encryption key, is represented by (rk 0, rk 1,..., rk 31 ), where each rk i (i = 0,..., 31) is 32 bits long. The 128-bit output block consists of four 32-bit words F K = (F K 0, F K 1, F K 2, F K 3 ). For decryption, the round key schedule is represented by CK = (CK 0, CK 1,..., CK 31 ) or F K i (i = 0,..., 3), CK i (i = 0,..., 31). 2. The round function F This algorithm uses a nonlinear substitution structure, encrypting 32 bits at a time. This is called a one-round exchange. To illustrate, consider a one-round-substitution: Let the 128-bit input block be the four 32-bit elements (X 0, X 1, X 2, X 3 ) (Z2 32 ) 4, with rk Z2 32, then F is given by F (X 0, X 1, X 2, X 3, rk) = X 0 T (X 1 X 2 X 3 rk) 2

2.1 Mixer-substitution T T is a substitution that generates 32 bits from 32 bits T : Z2 32 Z2 32. This substitution is a reversible process. It consists of a non-linear substitution, τ, and a linear substitution L, i.e., T (.) = L(τ(.)). 2.1.1 Non-linear substitution τ τ applies 4 S-boxes in parallel. Let a 32-bit input word be A = (a 0, a 1, a 2, a 3 ) (Z 8 2) 4, where each a i is an 8-bit character. Let the 32-bit output word be B = (b 0, b 1, b 2, b 3 ) (Z 8 2) 4, given by (b 0, b 1, b 2, b 3 ) = τ(a) = (Sbox(a 0 ), Sbox(a 1 ), Sbox(a 2 ), Sbox(a 3 )) 2.1.2 Linear substitution L B Z2 32, the 32-bit output word of the non-linear substitution τ will be the input word of the linear substitution L. Let C Z2 32 be the 32-bit output word generated by L. Then C = L(B) = B (B <<< 2) (B <<< 10) (B <<< 18) (B <<< 24) 2.2 S box All Sbox numbers are in hexadecimal notation. 0 1 2 3 4 5 6 7 8 9 a b c d e f 0 d6 90 e9 fe cc e1 3d b7 16 b6 14 c2 28 fb 2c 05 1 2b 67 9a 76 2a be 04 c3 aa 44 13 26 49 86 06 99 2 9c 42 50 f4 91 ef 98 7a 33 54 0b 43 ed cf ac 62 3 e4 b3 1c a9 c9 08 e8 95 80 df 94 fa 75 8f 3f a6 4 47 07 a7 fc f3 73 17 ba 83 59 3c 19 e6 85 4f a8 5 68 6b 81 b2 71 64 da 8b f8 eb 0f 4b 70 56 9d 35 6 1e 24 0e 5e 63 58 d1 a2 25 22 7c 3b 01 21 78 87 7 d4 00 46 57 9f d3 27 52 4c 36 02 e7 a0 c4 c8 9e 8 ea bf 8a d2 40 c7 38 b5 a3 f7 f2 ce f9 61 15 a1 9 e0 ae 5d a4 9b 34 1a 55 ad 93 32 30 f5 8c b1 e3 a 1d f6 e2 2e 82 66 ca 60 c0 29 23 ab 0d 53 4e 6f b d5 db 37 45 de fd 8e 2f 03 ff 6a 72 6d 6c 5b 51 c 8d 1b af 92 bb dd bc 7f 11 d9 5c 41 1f 10 5a d8 d 0a c1 31 88 a5 cd 7b bd 2d 74 d0 12 b8 e5 b4 b0 e 89 69 97 4a 0c 96 77 7e 65 b9 f1 09 c5 6e c6 84 f 18 f0 7d ec 3a dc 4d 20 79 ee 5f 3e d7 cb 39 48 For example, if the input to the Sbox is ef, then go to e-th row and f-th column, to find Sbox( ef )= 84. 3

3. Encryption and decryption Let the reverse substitution R be: R(A 0, A 1, A 2, A 3 ) = (A 3, A 2, A 1, A 0 ), A i Z 32 2, i = 0, 1, 2, 3. Let the plaintext input be (X 0, X 1, X 2, X 3 ) (Z2 32 ) 4, the ciphertext output be (Y 0, Y 1, Y 2, Y 3 ) (Z2 32 ) 4, and the encrypting key be rk i Z2 32, i = 0, 1, 2,..., 31. Then encryption proceeds as follows: X i+4 = F (X i, X i+1, X i+2, X i+3, rk i ) = X i T (X i+1 X i+2 X i+3 rk i ), i = 0, 1,..., 31 (Y 0, Y 1, Y 2, Y 3 ) = R(X 32, X 33, X 34, X 35 ) = (X 35, X 34, X 33, X 32 ). This algorithm s encryption and decryption methods have the same structure, except the order in which the round keys are used is reversed. The key order for encryption is: (rk 0, rk 1,... rk 31 ). The key order for decryption is: (rk 31, rk 30,... rk 0 ). 4. Key expansion when encrypting The rk i round key used for encrypting in this algorithm is derived from the encryption key MK. Let MK = (MK 0, MK 1, MK 2, MK 3 ), MK i Z2 32, i = 0, 1, 2, 3; K i Z2 32, i = 0, 1,..., 31; rk i Z2 32, i = 0, 1,..., 31; the derivation proceeds as follows: First, (K 0, K 1, K 2, K 3 ) = (MK 0 F K 0, MK 1 F K 1, MK 2 F K 2, MK 3 F K 3 ) Then for i = 0, 1, 2,..., 31: rk i = K i+4 = K i T (K i+1 K i+2 K i+3 CK i ) Notes: (1) T substitution uses the same T as in encryption, except the linear substitution L is changed to L : L (B) = B (B <<< 13) (B <<< 23); (2) The system parameter F K, given in hexadecimal notation is F K 0 = (a3b1bac6), F K 1 = (56aa3350), F K 2 = (677d9197), F K 3 = (b27022dc). (3) The constant parameter CK is calculated as follows: Let ck i,j be the j-th byte of CK i,j (i = 0, 1,..., 31; j = 0, 1, 2, 3), i.e., CK i = (ck i,0, ck i,1, ck i,2, ck i,3 ) (Z 8 2) 4, then ck i,j = (4i + j) 7 (mod 256). The 32 constants CK i are represented in hexadecimal as tabulated below. 00070e15, 1c232a31, 383f464d, 545b6269, 70777e85, 8c939aa1, a8afb6bd, c4cbd2d9, e0e7eef5, fc030a11, 181f262d, 343b4249, 50575e65, 6c737a81, 888f969d, a4abb2b9, c0c7ced5, dce3eaf1, f8ff060d, 141b2229, 30373e45, 4c535a61, 686f767d, 848b9299, a0a7aeb5, bcc3cad1, d8dfe6ed, f4fb0209, 10171e25, 2c333a41, 484f565d, 646b7279 4

5. Encryption examples Below are encryption examples of this algorithm s ECB (electronic code book mode) calculation method. We use this to verify the correctness of this algorithm s encryption. The numbers are represented in hexadecimal notation. Example 1: Encrypt plaintext with key once plaintext: 01 23 45 67 89 ab cd ef fe dc ba 98 76 54 32 10 encrypting key: 01 23 45 67 89 ab cd ef fe dc ba 98 76 54 32 10 rk and the output in each round: rk[ 0] = f12186f9 X[ 0] = 27fad345 rk[ 1] = 41662b61 X[ 1] = a18b4cb2 rk[ 2] = 5a6ab19a X[ 2] = 11c1e22a rk[ 3] = 7ba92077 X[ 3] = cc13e2ee rk[ 4] = 367360f4 X[ 4] = f87c5bd5 rk[ 5] = 776a0c61 X[ 5] = 33220757 rk[ 6] = b6bb89b3 X[ 6] = 77f4c297 rk[ 7] = 24763151 X[ 7] = 7a96f2eb rk[ 8] = a520307c X[ 8] = 27dac07f rk[ 9] = b7584dbd X[ 9] = 42dd0f19 rk[10] = c30753ed X[10] = b8a5da02 rk[11] = 7ee55b57 X[11] = 907127fa rk[12] = 6988608c X[12] = 8b952b83 rk[13] = 30d895b7 X[13] = d42b7c59 rk[14] = 44ba14af X[14] = 2ffc5831 rk[15] = 104495a1 X[15] = f69e6888 rk[16] = d120b428 X[16] = af2432c4 rk[17] = 73b55fa3 X[17] = ed1ec85e rk[18] = cc874966 X[18] = 55a3ba22 rk[19] = 92244439 X[19] = 124b18aa rk[20] = e89e641f X[20] = 6ae7725f rk[21] = 98ca015a X[21] = f4cba1f9 rk[22] = c7159060 X[22] = 1dcdfa10 rk[23] = 99e1fd2e X[23] = 2ff60603 rk[24] = b79bd80c X[24] = eff24fdc rk[25] = 1d2115b0 X[25] = 6fe46b75 rk[26] = 0e228aeb X[26] = 893450ad rk[27] = f1780c81 X[27] = 7b938f4c rk[28] = 428d3654 X[28] = 536e4246 rk[29] = 62293496 X[29] = 86b3e94f rk[30] = 01cf72e5 X[30] = d206965e rk[31] = 9124a012 X[31] = 681edf34 ciphertext: 68 1e df 34 d2 06 96 5e 86 b3 e9 4f 53 6e 42 46 Example 2: Use the same encryption key and encrypt the plaintext again and again 1,000,000 times. plaintext: 01 23 45 67 89 ab cd ef fe dc ba 98 76 54 32 10 encrypting key: 01 23 45 67 89 ab cd ef fe dc ba 98 76 54 32 10 ciphertext: 59 52 98 c7 c6 fd 27 1f 04 02 f8 04 c3 3d 3f 66 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information