???????? -SEED, AES - PowerPoint PPT Presentation

1 / 40
About This Presentation
Title:

???????? -SEED, AES

Description:

-seed, aes seed 1999 2 ( ) ... – PowerPoint PPT presentation

Number of Views:50
Avg rating:3.0/5.0
Slides: 41
Provided by: ackr
Category:
Tags: aes | seed

less

Transcript and Presenter's Notes

Title: ???????? -SEED, AES


1
????????-SEED, AES
2
SEED
3
??
  • 1999? 2? ????????(? ?????????)?? ??
  • ?? ??? ???, ?????, ?? ????? ?? ?? ??? ??? ?? ? ??
    ?? ??? ?? ????? ?? ?? ?? ??? ??? ????????
  • 128 bit block encryption algorithm
  • 3? DES?? ???????? ?? ????
  • ???????? ??? ??? ????
  • Smart Card ??? ????

4
??
  • Feistel ??
  • 3??? ????, ?? ???? ??
  • ??? ??? ???? ???? ??
  • (?, ??/??? ??? ??)
  • ??? ???? ??? ??? diffusion? ????
  • ????
  • ??? ???? 8, 16, 32bit ?? ??
  • ?/????? ?? ?? ??
  • ?/???? ?? 128bit
  • ?? Key? ?? 128bit
  • ??? DC/LC? ??? ????? ??
  • ??? ?/??? ??? 3? DES ??

5
??
  • ????(??)
  • ????
  • SPN????, ?????? Look-up table? ???? ??
  • ??? ??? XOR ??? ??
  • ???? F? ??? DES?? ???
  • ??? ?
  • ???? Key? ?? ????? ??? ????? ? ??/??? ?(2128)???
    ?? ??? ??, ??? ????? ????? ?
  • ??? ????
  • ????? ??? ??? ??? ?/??? ??? ?? ??? ? ??? ??

6
Seed? ??
? a b a bit-wise AND b
? Xltlts X? s bit ?? ???? ?? ???? ??
? Xgtgts X? s bit ?? ????? ?? ???? ??
? Li i Round?? ??? ?? Message Block (64 bit)
? Ri i Round?? ??? ??? Message Block (64 bit)
? Ki (Ki,0, Ki,1) i Round? Round Key (64 bit)
? Ki,0 i Round F??? ??? ?? Key (32 bit)
? Ki,1 i Round F??? ?? ?? Key (32 bit)
? X (X3 X2 X1 X0) G??? ?? ? (32 bit)
? Y (Y3 Y2 Y1 Y0) G???? S-Box(S1,
S2)? ?? ? (32 bit)
? Z (Z3 Z2 Z1 Z0) G??? ?? ? (32 bit)
? mi ??
? KCi Round Key ?? ???? ???? i 1 Round ??
7
?? ???
  • Algorithm ?? ??? Feistel ??
  • 128 bit? ?? Block ???128 bit Key? ?? ??? 64 bit?
    Round Key(16?) ??
  • ? 16?? Round? ?? 128 bit ??? Block? ??

SEED ?? ???
8
F ??
9
G??
MSB
LSB
X3 X2 X1 X0
S2 S1 S2 S1
4 bit left shift rotation
Z3 Z2 Z1 Z0
Y3 (Y31, Y30) S2(X3) Z3
(Y30, Y21)
Y2 (Y21, Y20) S1(X2) Z2
(Y20, Y11)
Y1 (Y11, Y10) S2(X1) , Z1
(Y10, Y01)
Y0 (Y01, Y00) S1(X0) Z0
(Y00, Y31)
10
G??? ???
X3 X2 X1 X0
S2 S1 S2 S1
m3 m2 m1 m0
m3 m2 m1 m0
m3 m2 m1 m0
m3 m2 m1 m0
Z3 Z2 Z1 Z0
G ??
11
S-box
lt S1-Box gt
12
S-box
lt S2-Box gt
13
???? ??
KC0
A B C D
K 1,0
K 1,1
A B
KC0
gtgt8
KC1
A B C D
K 2,0
K 2,1
C D
KC1
ltlt8
A B C D
Key ?? Algorithm ???
14
???? ??
? 128 bit ?? Key? 32 bit 4?? ???? ??? (A, B, C, D)
? K1,0 G(A C - KC0), K1,1 G(B KC0 D)
(?, KC0 Round ??)? 1 Round Key? ??
? B A (B A)gtgt8
? K2,0 G(A C KC1), K2,1 G(B KC1 D)
(?, KC1 Round ??)? 2 Round Key? ??
? D C (D C)ltlt8
? K3,0 G(A C KC2), K3,1 G(B KC2 D)
(?, KC2 Round ??)? 2 Round Key? ??
? ?? 16 Round Key ???? ??
for(i 1 i 16 i) Ki,0 ? G(A C -
KCi-1) Ki,1 ? G(B D - KCi-1) if(i 2 1)
AB ? (AB)gtgt8 else CD ? (CD)ltlt8
15
???? ??
? Round ?? KCi? ???? ?? ?????? ??? ?? ????
KCi KCi-1ltlt1 for 1 I 15
? ? ? ?
KC0 0x9e3779b9 KC8 0x3779b99e
KC1 0x3c6ef373 KC9 0x6ef3733c
KC2 0x78dde6e6 KC10 0xdde6e678
KC3 0xf1bbcdcc KC11 0xbbcdccf1
KC4 0xe3779b99 KC12 0x779b99e3
KC5 0xc6ef3733 KC13 0xef3733c6
KC6 0x8dde6e67 KC14 0xde6e678d
KC7 0x1bbcdccf KC15 0xbcdccf1b
16
??? ??
  • Block ??? Key? ??? 128bit?? ??? ???? ???? ???
    (??? ????? ??? key size)
  • DES? 56??? ??? ?? ??? 56?? ?? ????
  • 1998? 7? 250,000 chip?? ???(RSA DES Challenge
    II)
  • ?????, ?????? ??? ??? ??

17
SEED vs. DES
? ? DES SEED
Structure Feistel Feistel
Block length 128 64
Key length 128 64(56)
Number of rounds 16 16
Characteristic Symmetric, Block Symmetric, Block
18
SEED vs. DES
  • ???? ??
  • ?? ???? ?? ??? ??
  • DES? ?? XOR??? Permutation???? ???? ?????? ?????
    ???? ?? ?? ??
  • SEED? ?? ???? G??? ?? ???? ???? G??? ?? ??? ??
    ??? ??

19
AES
20
AES(Advanced Encryption Standard)
1997 Aes ???? ?? ??? ?? ?? ???? ??? ?? 128?? ? ?? 128/192/256??
1998 15? ?? ???? ??
1999 ??? ???? ???? MARS ,RC6 ,Rijndael, Serpent, Twofish
2001 Rijndael ?? ??? J.Daemen, v.Rijmen
21
Simplified Rijndael Scheme
22
AES Pseudo Code
  • AES(in,out,key)
  • KeyExpansion(Key,RoundKey)
  • state in
  • AddRoundKey (state,RoundKey0)
  • for round1 step 1 to Nr-1
  • SubBytes(stats)
  • ShiftRows(stats)
  • MixColumns(stats)
  • AddRoundKey(stats,RoundKeyi
  • end for
  • SubBytes(stats)
  • ShiftRows(stats)
  • AddRoundKey(stats,RoundKeypNr)

23
Rijndael ??
  • ????? 128 ?? , ? ??? 128/192/256 ??

Nr rounds Nb block size / 32bit Nk key
size / 32bit
24
(No Transcript)
25
  • ?? 10 / 12 / 14 ???? SPN ??
  • Byte ??? ??? ??
  • ??? layer? ??

? Linear mixing layer ?? ???? ?? ?? ?? ShiftRow(state) , MixColumn(state)
? Non-linear Layer S-box? ?? ?? ByteSub(state)
? Key Addition Layer ?? state? ??? ?? EXOR AddRoundKey(state)
26
State
  • Rijndael ???? ??(state)?? ?? 2?? ?????? ????
  • State? 2?? ??? ????.?? 4??? ???? ,
    ? ?? Nb ???? ????.

A0,0 A0,1 A0,2 A0,3
A1,1 A1,1 A1,2 A1,3
A2,0 A2,1 A2,2 A2,3
A3,0 A3,1 A3,2 A3,3
K0,0 K0,1 K0,2 K0,3
K1,1 K1,1 K1,2 K1,3
K2,0 K2,1 K2,2 K2,3
K3,0 K3,1 K3,2 K3,3
Nb 4 ??? block state ? Nk 4 ??? key state
27
State? ??
  • ex) 128?? ?? EA 83 5C F0 04 45 33 2D 65 5D 98
    AD 85 96 B0 C5

EA 04 65 85
83 45 5D 96
5C 33 98 B0
F0 2D AD C5
28
Substitute Bytes Transformation
  • state ? ? ???? ??
  • ? ???? 16x16 s-box? ???? ??
  • 8??? ?? 4??? ?, ?? 4??? ?? ??.

29
Substitute Bytes Transformation
  • S-box()? ????? m(x) x8 x4 x3x1? ???? ????.
  • ????
  • ?? s-box()? 00,01,...,FF ??? ??? ??.
  • ? ??? GF(28)?? ??? ?? ???? ????. 00 -gt 00
  • ? ?? ?? b7b6b5b4b3b2b1b0 ?? ?? ?? ?? ????.
  • bi bi ? b(i4)mod 8 ? b(i6)mod 8 ?
    b(i7)mod 8 ? ci
  • i ? 0 7?? ???? ???? ???? ??? . ??? ?? 63?
    ??? ??? 1 ??? ? ??.

30
95
95-1 8A
31
S-box
32
Inverse Substitute Bytes Transformation
  • Inverse s-box ? s-box()? bi bi ? b(i4)mod 8
    ? b(i6)mod 8 ? b(i7)mod 8 ? ci ? ?? ??? ??
    GF(28)?? ??? ?? ???? ????. ????
  • bi b(i2)mod 8 ? b(i5)mod 8 ?
    b(i7)mod 8 ? di ?? ??? d? 63? ??? ?? ??? 05 ??.

33
Inverse S-box
34
Shift row Transformation
  • ??? ?? index ?? ???? circular shift ?

35
Mix Column
  • Mix column??? state? column? GF()??? ??? a(x)?
    ??? ??? c(x)? ?? a(x) ? c(x) mod (x41) ??? ???.
  • c(x) 03 x3 01 x2 01 x 02
  • d(x) 0Bx3 0Dx2 09x 0E
  • m(x) x41
  • ????? 4? ?? ?? ? ??? a(x) b(x)? ??? ????
  • a(x) a3x3 a2x2 a1xa0 , b(x) b3x3 b2x2
    b1xb0 ??
  • c(x) a(x)b(x) ??
  • c(x) c6x6 c5x5 c4x4 c3x3 c2x2 c1x1c0

c0 a0b0 c1 a1b0 ? a0 b1 c2 a2b0 ? a1b1
? a0b2 c3 a3b0 ? a2b1 ? a1b2 ? a0b3 c4
a3b1 ? a2b2 ? a1b3 c5 a3b2 ? a2b3 c6
a3b3
36
Mix Column

37
Round Key Addition
  • ??? ?? ? ???? ?? ??? ??? state? EXOR ??.

38
???
128 ?? ?? 4Nr4 ?? 32?? ??? ??
39
??? Pseudo code
40
AES ??
  • AES? ??? ??? ?? ???? ?? ??
  • S-box ???? ??? GF(28) ??? ??
  • gt ?? ??? ????? ?
  • ??? ????? ??? ????? ??
  • ????? ????? ???? ???? ?? ?????? ???
  • 1 ??? ? ??? 3??? ??? ???? ??, ??, ???? ??
  • gt ????? ???? ??
Write a Comment
User Comments (0)
About PowerShow.com