This preview shows page 1. Sign up to view the full content.
Unformatted text preview: re determined by a multiplication modulo 232 – 1 with constant factors. The result is an algorithm that has both a 128bit key and a 128bit block size. MMB operates on 32bit subblocks of text (x0, x1, x2, x3) and 32bit subblocks of key (k0, k1, k2, k3). This makes the algorithm well suited for implementation on modern, 32bit processors. A nonlinear function, f, is applied six times alternating with XORing. Here it is (all index operations are mod 4): xi = xi • ki, for i = 0 to 3 f(x0,x1,x2,x3) xi = xi • ki + 1, for i = 0 to 3 f(x0,x1,x2,x3) xi = xi • ki + 2, for i = 0 to 3 f(x0,x1,x2,x3) xi = xi • ki, for i = 0 to 3 f(x0,x1,x2,x3) xi = xi • ki + 1, for i = 0 to 3 f(x0,x1,x2,x3) xi = xi • ki + 2, for i = 0 to 3 f(x0,x1,x2,x3) The function f has three steps: (1) xi = ci * xi, for i = 0 to 3 (If the input to the multiplication is all 1s, the output is also all 1s.) (2) If the least significant bit of x0 = 1, then x0 = x0 • C. If the least significant byte of x3 = 0, then x3 = x3 • C. (3) xi = xi – 1 • xi • xi + 1, for i = 0 to 3 All index operations are mod 4. The multiplication operation in step (1) is modulo 232 – 1. For the purposes of the algorithm, if the second operand is 232 – 1, then the result is 232 – 1. The various constants are: C = 2aaaaaaa c0 = 025f1cdb c1 = 2 * c0 c2 = 23 * c0 c3 = 27 * c0 The constant C is the “simplest” constant with a high ternary weight, a leastsignificant bit of zero, and no circular symmetry. The constant c0 has certain other characteristics. The constants c1, c2, and c3 are shifted versions of c0, preventing attacks based on symmetry. See [405] for more details. Decryption is the reverse process. Steps (2) and (3) are their own inverse. Step (1) uses ci1 instead of ci. The value of c01 is 0dad4694. Previous Table of Contents Next Products  Contact Us  About Us  Privacy  Ad Info  Home Use of this site is subject to certain Terms & Conditions, Copyright © 19962000 EarthWeb Inc. All rights reserved. Reproduction whole or...
View
Full
Document
This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.
 Fall '10
 ALIULGER
 Cryptography

Click to edit the document details