The eleven standard rounds subject the block to a very strong diffusion, and, which, with the bit swaps, also create a certain level of algorithmic variability. In Quadibloc 2002E, however, they are supplemented with rounds of a different type. These rounds, in two groups of four, constitute the "cryptographic core" of the cipher, to use a term introduced with the MARS block cipher, despite the fact that the eleven rounds defined so far certainly are strong in their own right.
After each of the first three rounds in a group of four of these rounds, the halves of the block are swapped.
Thus, the overall structure of Quadibloc 2002E is:
Four standard rounds Four core rounds Three standard rounds Four core rounds Four standard rounds
with the standard rounds as described on the previous page.
Four rounds of Quadibloc 2002D, or four rounds of Quadibloc 2002, with suitable S-box replacements, would serve to produce a strong cipher in these positions. The round actually proposed for this purpose has some similarities to the Quadibloc 2002D round. The operation performed on the left half of the block is almost identical, except for the key-dependent S-box being designated SB5 instead of S7, and except for changing the direction of the f-function and introducing a swap halves operation in order to allow the cipher, with modifications to the key schedule, to invert itself:
but the remaining operations are different, although the overall structure of the round is similar. Also, note the bit swap applied to the intermediate result output; this is also done to permit the cipher to act as its own inverse.
The operation performed on the left half of the block consists of two Feistel rounds, with a swap of 32-bit halves of this half in between, which are similar to the operation used for Quadibloc S. In each case, the right half of the 64-bit subblock is used as the input to the f-function, and the left-half of the subblock is modified, since the reverse is the case in the combiner acting on the other half of the 128-bit block, thus requiring only an exchange of 64-bit halves of the block between cryptographic core rounds to maintain alternation of f-function input halves and modified halves.
The sequence of operations within the f-function is as follows:
1 2 27 28 21 22 15 16 9 10 3 4 29 30 23 24 17 18 11 12 5 6 31 32 25 26 19 20 13 14 7 8
Thus, the left half of the 128-bit block is modified as follows: its left half is XORed with the f-function of the right half, then its two 64-bit halves are swapped, and again the left half is XORed with the f-function of the right half.
The four intermediate results produced by this are arranged as follows, from left to right, to produce a 128-bit value:
the first intermediate result of the second f-function the second intermediate result of the first f-function the first intermediate result of the first f-function the second intermediate result of the second f-function
Next, shown and described here, is the first part of the overall f-function for a cryptographic core round in Quadibloc 2002E:
Then, a 64-bit exchange key is applied to this 128-bit value, being considered as divided into two 64-bit halves; where a bit in the exchange key is a zero, corresponding bits in the two halves are unaffected; where a bit in the exchange key is a one, corresponding bits in the two halves are switched.
Then, the 128-bit value is considered as being composed of sixteen bytes, and each byte is replaced by its substitute in S-box S7, again as described in the section on Euler's Constant and the Quadibloc S-boxes.
The 128-bit output from these manipulations now is modified by means of the main part of the main f-function for the round, to be described on the next page.
Next
Start of Section
Skip to Next Chapter
Table of Contents
Main Page