[go: up one dir, main page]

CN114640437A - Universal key expansion fast method - Google Patents

Universal key expansion fast method Download PDF

Info

Publication number
CN114640437A
CN114640437A CN202210126823.3A CN202210126823A CN114640437A CN 114640437 A CN114640437 A CN 114640437A CN 202210126823 A CN202210126823 A CN 202210126823A CN 114640437 A CN114640437 A CN 114640437A
Authority
CN
China
Prior art keywords
key
round
transformation
bits
output
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210126823.3A
Other languages
Chinese (zh)
Inventor
刘燕
李正宏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wuxi Aleader Intelligent Technology Co ltd
Original Assignee
Wuxi Aleader Intelligent Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wuxi Aleader Intelligent Technology Co ltd filed Critical Wuxi Aleader Intelligent Technology Co ltd
Priority to CN202210126823.3A priority Critical patent/CN114640437A/en
Publication of CN114640437A publication Critical patent/CN114640437A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

本发明提供一种通用的密钥扩展快速方法,所述密钥扩展快速方法为加密密钥长度为256比特、轮密钥长度为128比特的通用密钥扩展方法,输入加密密钥经过预定轮数的扩展生成输出密钥,即轮密钥;第一轮的输入加密密钥分成长度均为128比特且连续的左、右两个密钥片段,将这两个密钥片段经过逐比特异或后进行第一变换,输出的128比特数据再经过第二变换得到第一轮的输出轮密钥,从第二轮开始,前一轮的输出轮密钥反馈到NK中,然后经过第一变换和第二变换后得到当前轮的输出轮密钥。通过本发明,使得扩展密钥整体平衡性和随机性较高,同时密钥之间的关联性更低,产生扩展密钥的速度更快。The present invention provides a general fast method for key expansion. The fast method for key expansion is a general key expansion method with an encryption key length of 256 bits and a round key length of 128 bits. The input encryption key passes through a predetermined round of The expansion of the number generates the output key, that is, the round key; the input encryption key of the first round is divided into two consecutive left and right key segments with a length of 128 bits. Or after the first transformation, the output 128-bit data is then subjected to the second transformation to obtain the output round key of the first round. Starting from the second round, the output round key of the previous round is fed back to NK, and then after the first round After the transformation and the second transformation, the output round key of the current round is obtained. Through the present invention, the overall balance and randomness of the extended key are higher, the correlation between the keys is lower, and the speed of generating the extended key is faster.

Description

一种通用的密钥扩展快速方法A Universal Key Expansion Fast Method

技术领域technical field

本发明涉及密码学技术领域,具体地说涉及一种通用的密钥扩展快速方法。The invention relates to the technical field of cryptography, in particular to a general fast method for key expansion.

背景技术Background technique

分组密码算法是对长数据进行加密的主流算法,密钥扩展算法是支撑分组密码的重要组成部分。根据计算机计算能力的发展速度,256比特将是在很长一段时间内大多数分组密码算法首选的加密密钥长度。The block cipher algorithm is the mainstream algorithm for encrypting long data, and the key expansion algorithm is an important part of supporting the block cipher. Depending on the speed at which computer computing power develops, 256 bits will be the preferred encryption key length for most block cipher algorithms for a long time.

发明内容SUMMARY OF THE INVENTION

本发明提供一种通用的密钥扩展快速方法,以解决现有技术存在的针对256比特的加密密钥,平衡性和随机性较低,同时密钥之间的关联性高,产生扩展密钥的速度慢的问题。The present invention provides a general fast method for key expansion, so as to solve the 256-bit encryption key existing in the prior art, the balance and randomness are low, and at the same time, the correlation between the keys is high, and the expansion key is generated. problem of slow speed.

为解决上述技术问题,本发明提供一种通用的密钥扩展快速方法,所述密钥扩展快速方法为加密密钥长度为256比特、轮密钥长度为128比特的通用密钥扩展方法,输入加密密钥经过预定轮数的扩展生成输出密钥,即轮密钥;第一轮的输入加密密钥分成长度均为128比特且连续的左、右两个密钥片段,将这两个密钥片段经过逐比特异或后进行第一变换,输出的128比特数据再经过第二变换得到第一轮的输出轮密钥,从第二轮开始,前一轮的输出轮密钥反馈到NK中,然后经过第一变换和第二变换后得到当前轮的输出轮密钥。In order to solve the above-mentioned technical problems, the present invention provides a general fast method for key expansion. The fast method for key expansion is a general key expansion method with an encryption key length of 256 bits and a round key length of 128 bits. The encryption key is expanded by a predetermined number of rounds to generate an output key, that is, the round key; the input encryption key of the first round is divided into two consecutive left and right key segments with a length of 128 bits. The key segment undergoes the first transformation after bit-by-bit XOR, and the output 128-bit data is then transformed into the first round of the output round key. Starting from the second round, the output round key of the previous round is fed back to NK. , and then the output round key of the current round is obtained after the first transformation and the second transformation.

所述第一轮的输入加密密钥为256比特。The input encryption key for the first round is 256 bits.

所述第一变换包括将AES标准S盒表中的前16个字节数据依次联接得到的数据与NK进行逐比特异或运算。The first transformation includes performing bit-by-bit XOR operation on data obtained by sequentially connecting the first 16 bytes of data in the AES standard S-box table with NK.

所述AES标准S盒表中的前16个字节数据依次联接得到的数据为128比特。The data obtained by sequentially connecting the first 16 bytes of data in the AES standard S-box table is 128 bits.

所述第二变换包括将第一变换后得到的数据均分成长度为64比特的左、右两部分数据片段,然后将这两部分数据片段依次进行逐比特异或、移位和联接运算。The second transformation includes dividing the data obtained after the first transformation into left and right data segments with a length of 64 bits, and then performing bit-by-bit XOR, shift and concatenation operations on the two data segments in sequence.

所述第二变换中包括Rcon[n]操作,其中n为偏移的位数。The second transformation includes an Rcon[n] operation, where n is the number of bits of offset.

本发明带来的有益效果:本发明的通用的密钥扩展快速方法,每轮通过对128bits的密钥进行异或、移位和S盒操作处理进而得到扩展部分的密钥,使得扩展密钥整体平衡性和随机性较高,同时密钥之间的关联性更低,产生扩展密钥的速度更快。Beneficial effects brought by the present invention: the general key expansion fast method of the present invention obtains the expanded key by performing XOR, shift and S-box operation on the 128-bit key in each round, so that the expanded key is The overall balance and randomness are higher, while the correlation between keys is lower, and the speed of generating extended keys is faster.

附图说明Description of drawings

图1是根据本发明实施例的通用的密钥扩展快速方法的轮密钥迭代产生框图;1 is a block diagram of iterative generation of round keys according to a general key expansion fast method according to an embodiment of the present invention;

图2是根据本发明实施例的通用的密钥扩展快速方法的NK初始化框图;Fig. 2 is the NK initialization block diagram of the general key expansion quick method according to an embodiment of the present invention;

具体实施方式Detailed ways

为使本发明的目的、技术方案和优点更加清楚,以下结合附图及具体实施例,对本发明作进一步地详细说明。In order to make the objectives, technical solutions and advantages of the present invention clearer, the present invention will be further described in detail below with reference to the accompanying drawings and specific embodiments.

本密钥扩展快速方法的输入为256比特的密码算法加密密钥,采用迭代的方式输出预定轮数L、且长度为128比特的轮密钥。故轮密钥总长度为128×L。The input of the key expansion fast method is a 256-bit cryptographic algorithm encryption key, and an iterative manner is used to output a predetermined number of rounds L and a round key with a length of 128 bits. Therefore, the total length of the round key is 128×L.

如图1-2所示,一种通用的密钥扩展快速方法,具体实现步骤如下:As shown in Figure 1-2, a general key expansion fast method, the specific implementation steps are as follows:

步骤一:NK初始化:如图2,输出密钥CK=0,将256比特的加密密钥均分为长度均为128比特的左、右两部分,不妨表示为LK和RK。将LK和RK进行逐比特异或运算,所得结果表示为NK,则Step 1: NK initialization: As shown in Figure 2, the output key CK=0, the 256-bit encryption key is equally divided into left and right parts with a length of 128 bits, which may be expressed as LK and RK. Perform bit-by-bit XOR operation on LK and RK, and the result is expressed as NK, then

Figure BDA0003500770310000031
Figure BDA0003500770310000031

步骤二:如图1,将AES标准S盒表中的前16个字节数据依次联接得到的数据(128比特)与NK进行逐比特异或运算。运算得到的结果表示为SK,则Step 2: As shown in Figure 1, the data (128 bits) obtained by sequentially connecting the first 16 bytes of data in the AES standard S-box table is performed bit-by-bit XOR operation with NK. The result of the operation is expressed as SK, then

Figure BDA0003500770310000032
Figure BDA0003500770310000032

步骤三:将SK均分为长度为64比特且连续的左、右两部分,表示为LSK和RSK,进行如下运算:Step 3: Divide the SK into two consecutive left and right parts with a length of 64 bits, denoted as LSK and RSK, and perform the following operations:

Figure BDA0003500770310000033
Figure BDA0003500770310000033

RSK>>>Rcon[32];RSK>>>>Rcon[32];

Figure BDA0003500770310000034
Figure BDA0003500770310000034

步骤四:将完成步骤三运算后的左右两部分数据联接,得到128比特的当前轮输出密钥CKi,i≥0,i表示轮数;Step 4: connect the left and right parts of the data after completing the operation in step 3 to obtain the current round output key CK i of 128 bits, i≥0, i represents the number of rounds;

步骤五:令NK=CKi,即将NK更新为上一轮的输出轮密钥CKi,i自增1。重复步骤二-步骤四,直至i的值等于预先设定的轮数后跳出循环。Step 5: Let NK=CK i , that is, update NK to the output round key CK i of the previous round, and i increment by 1 automatically. Repeat steps 2-4 until the value of i is equal to the preset number of rounds and then jump out of the loop.

步骤一为NK初始化,如图2所示;步骤二至步骤五为本方法迭代产生轮密钥的操作步骤,如图1所示。如图中,运算符号

Figure BDA0003500770310000035
为异或运算,运算符号‖为联接运算。Step 1 is NK initialization, as shown in Figure 2; Steps 2 to 5 are the operation steps of iteratively generating the round key by the method, as shown in Figure 1. As shown in the figure, the operation symbol
Figure BDA0003500770310000035
is an exclusive OR operation, and the operator symbol ‖ is a concatenation operation.

本发明对256比特的加密密钥,仅通过异或、移位和S盒变换等运算来实现加密密钥扩展。本密钥扩展方法除了具有优良平衡性等随机性之外,同时满足轮密钥间关联性更低的性质,密钥扩展的速度更快。根据加密算法的需要,本密钥扩展方法可产生任意长的轮密钥,因此,本方法是一种适用于加密密钥长度为256比特、轮密钥长度为128比特的通用密钥扩展方法。The present invention only realizes the expansion of the encryption key through operations such as XOR, shift and S-box transformation for the encryption key of 256 bits. The key expansion method not only has good randomness such as balance, but also satisfies the property of lower correlation between round keys, and the key expansion speed is faster. According to the needs of the encryption algorithm, the key expansion method can generate an arbitrarily long round key. Therefore, this method is a general key expansion method suitable for the encryption key length of 256 bits and the round key length of 128 bits. .

综上所述,本发明的通用的密钥扩展快速方法,每轮通过对128bits的密钥进行异或、移位和S盒操作处理进而得到扩展部分的密钥,使得扩展密钥整体平衡性和随机性较高,同时密钥之间的关联性更低,产生扩展密钥的速度更快。To sum up, the general key expansion fast method of the present invention obtains the expanded key by performing XOR, shift and S-box operation on the 128-bit key in each round, so that the overall balance of the expanded key is balanced. and randomness is higher, while the correlation between keys is lower, and the speed of generating extended keys is faster.

以上所述仅为本发明的实施例而已,并不用于限制本发明,对于本领域的技术人员来说,本发明可以有各种更改和变化。凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的权利要求范围之内。The above description is only an embodiment of the present invention, and is not intended to limit the present invention. For those skilled in the art, the present invention may have various modifications and changes. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present invention shall be included within the scope of the claims of the present invention.

Claims (6)

1. A universal method for expanding keys quickly is characterized in that: the method for rapidly expanding the key is a general key expansion method with the encryption key length of 256 bits and the round key length of 128bits, and an input encryption key is expanded by a preset round number to generate an output key, namely a round key; the input encryption key of the first round is divided into a left key segment and a right key segment which are 128bits in length and continuous, the two key segments are subjected to bit-by-bit XOR and then subjected to first transformation, the output 128-bit data is subjected to second transformation to obtain an output round key of the first round, the output round key of the previous round is fed back to NK from the second round, and then the output round key of the current round is obtained after the first transformation and the second transformation.
2. The universal key expansion express method of claim 1, wherein the input encryption key of the first round is 256 bits.
3. The universal key expansion express method of claim 1, wherein the first transformation comprises a bit-by-bit exclusive-or operation of data obtained by concatenating first 16 bytes of data in an AES standard S-box table sequentially with NK.
4. The universal key expansion method according to claim 3, wherein the data obtained by concatenating the first 16 bytes of data in the AES Standard S-box table in sequence is 128 bits.
5. The method of claim 1, wherein the second transformation comprises dividing the data obtained from the first transformation equally into two left and right data segments with a length of 64 bits, and then performing bitwise exclusive-or, shift and join operations on the two data segments in sequence.
6. A universal key expansion speed method according to claim 5, characterized in that the second transformation comprises Rcon [ n ] operations, where n is the number of bits of the offset.
CN202210126823.3A 2022-02-11 2022-02-11 Universal key expansion fast method Pending CN114640437A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210126823.3A CN114640437A (en) 2022-02-11 2022-02-11 Universal key expansion fast method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210126823.3A CN114640437A (en) 2022-02-11 2022-02-11 Universal key expansion fast method

Publications (1)

Publication Number Publication Date
CN114640437A true CN114640437A (en) 2022-06-17

Family

ID=81945851

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210126823.3A Pending CN114640437A (en) 2022-02-11 2022-02-11 Universal key expansion fast method

Country Status (1)

Country Link
CN (1) CN114640437A (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6891950B1 (en) * 1999-08-31 2005-05-10 Kabushiki Kaisha Toshiba Extended key generator, encryption/decryption unit, extended key generation method, and storage medium
US20100008498A1 (en) * 2006-09-01 2010-01-14 Taizo Shirai Encryption processing apparatus, encryption method, and computer program
CN103051443A (en) * 2012-12-20 2013-04-17 山东华芯半导体有限公司 AES (Advanced Encryption Standard) key expansion method
CN111400730A (en) * 2020-03-11 2020-07-10 西南石油大学 AES key expansion method based on weak correlation

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6891950B1 (en) * 1999-08-31 2005-05-10 Kabushiki Kaisha Toshiba Extended key generator, encryption/decryption unit, extended key generation method, and storage medium
US20100008498A1 (en) * 2006-09-01 2010-01-14 Taizo Shirai Encryption processing apparatus, encryption method, and computer program
CN103051443A (en) * 2012-12-20 2013-04-17 山东华芯半导体有限公司 AES (Advanced Encryption Standard) key expansion method
CN111400730A (en) * 2020-03-11 2020-07-10 西南石油大学 AES key expansion method based on weak correlation

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
刘艳萍;李秋慧;: "AES算法的研究与其密钥扩展算法改进", 现代电子技术, no. 10, 15 May 2016 (2016-05-15) *

Similar Documents

Publication Publication Date Title
US7860241B2 (en) Simple universal hash for plaintext aware encryption
US10009170B2 (en) Apparatus and method for providing Feistel-based variable length block cipher
JP5462636B2 (en) Method and apparatus for encrypting plaintext messages
US20150244518A1 (en) Variable-length block cipher apparatus and method capable of format preserving encryption
CN101262341A (en) A Hybrid Encryption Method in Conference System
WO2013065241A1 (en) Incremental mac tag generation device, method, and program, and message authentication device
CA2414261A1 (en) Method of encryption using multi-key process to create a variable-length key
Aggarwal et al. Performance evaluation of RC6, blowfish, DES, IDEA, CAST-128 block ciphers
Zhao et al. Block cipher design: generalized single-use-algorithm based on chaos
CN105376261A (en) Encryption method and system for instant communication message
JP6552184B2 (en) INFORMATION PROCESSING APPARATUS AND METHOD THEREOF
CN101826959A (en) Byte-oriented key stream generation method and encryption method
CN110086619B (en) Method and device for generating key stream
CN104618092A (en) Information encryption method and system
CN114640437A (en) Universal key expansion fast method
CN107896149A (en) 128 symmetric encryption methods based on three group operationes
CN112422278A (en) Byte-oriented random multi-table replacement encryption and decryption method
US20240097880A1 (en) High-speed circuit combining aes and sm4 encryption and decryption
CN116132016A (en) Method for realizing additive expansion of cipher algorithm
CN112054889B (en) Method and device for generating message authentication code and computer readable storage medium
CN110247754B (en) A method and device for realizing block cipher FBC
CN115459950A (en) Iterative encryption method and device
Gupta et al. Advanced Encryption Standard Algorithm with Optimal S-box and Automated Key Generation
KR100842261B1 (en) Data generation method using hash algorithm for CDM type mobile communication system
Labbi et al. Symmetric encryption algorithm for RFID systems using a dynamic generation of key

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination