Quadibloc 2002E RA, RC, and RR

This section involves three variants of Quadibloc 2002E which involve changes to the combiner portions of either the new type rounds (based on Quadibloc 2002) or to the core rounds.

Quadibloc 2002E RA

Another variation on Quadibloc 2002E U operates on 128-bit blocks. Here, the two stretches of eight new type rounds are replaced by stretches of twelve new type rounds, and, in addition, the twelve new type rounds are modified to use three different combiners operating on the rightmost 32 bits of the block. To preserve invertibility by changing only the key schedule, the order in which the combiners are used is reversed in the second stretch of twelve new type rounds.

The three different types of combiners alternate three different ways in which the 64 bits of input from the new type round f-function is concealed within the encipherment of the last 32 bits of the block, thus leading to the name of this variant, Quadibloc 2002E RA (Rotating Ambiguity).

The first combiner shown is identical to that in Quadibloc 2002E U, and it folds the 64 bits of input into modifying a 32 bit subblock by having four, rather than two, Feistel rounds within the f-function. The second combiner folds the 64 bits of input into a 32-bit value by using the second 32 bits of the input as two subkeys to encipher the first 32 bits. The third combiner folds the 64 bits of input into modifying a 32 bit subblock by having the combiner consist of four, rather than two, Feistel rounds.

It is intended that having successive rounds differing in this important aspect of how multiple f-function outputs produce the same result should remove an important regularity that a cryptanalyst would need to exploit.

For this cipher, the additional key material, over and above that needed by the original Quadibloc 2002E, that is required is:

The additional key material required is as follows:

• One hundred and sixty-eight 32-bit subkeys, K497 through K664
• Twenty-four 64-bit subkeys the bytes of which are the outputs of a 4 of 8 code, EK29 through EK52 (exchange keys)
• Sixteen 32-bit subkeys the bytes of which are the outputs of a 4 of 8 code, SEK1 through SEK16 (short exchange keys)
• Eight 16-bit subkeys the bytes of which are the outputs of a 4 of 8 code, TEK1 through TEK8 (tiny exchange keys)
• One hundred and ninety-two subkey pools, each comprising sixteen 32-bit subkeys, SP1 through SP192 (subkey pools)
• Fourteen S-boxes containing 256 8-bit elements, forming a permutation of the values from 0 to 255, SB17 through SB30 (bijective S-boxes)
• Eight S-boxes containing 256 16-bit elements, having no special properties, SR3 through SR10 (random S-boxes)

This key material is generated after the key material in the Quadibloc 2002E key schedule, making the order of subkey generation the following:

• Subkeys K1 through K192
• S-boxes SB1 and SB2
• Subkeys LK1 through LK22
• S-boxes SB3 and SB4
• Subkeys EK1 through EK12
• Subkeys K193 through K240
• S-box SB5
• Subkeys K241 through K496
• S-boxes SB6 through SB11
• Subkeys EK13 through EK20
• S-boxes SB12 through SB15
• Subkeys EK21 through EK28
• S-box SB16
• S-boxes SR1 and SR2
• Subkeys K497 through K616
• S-boxes SR3 and SR4
• S-box SB17
• Subkeys K617 through K664
• Subkey pools SP1 through SP192
• S-boxes SB18 through SB22
• S-boxes SR5 through SR8
• Subkeys SEK1 through SEK16
• S-box SB23
• Subkeys TEK1 through TEK8
• S-boxes SB24 through SB26
• S-boxes SR9 and SR10
• S-boxes SB27 through SB29

thus, note that while the first new type round in Quadibloc 2002E U uses subkeys 497 through 501 and 577 and 578, the first new type round in Quadibloc 2002E RA uses subkeys 497 through 501 and 617 and 618, since now there are twenty-four instead of sixteen new type rounds, so there are 120 rather than 80 subkeys of the type that are used five per round, and 48 instead of 32 subkeys of the type that are used two per round.

For decipherment, the order of short exchange keys SEK1 through SEK16 is reversed, and their bits are complemented, and the order of tiny exchange keys TEK1 through TEK8 is reversed, and their bits are complemented. Also, the order of subkeys K497 through K616 is reversed, and the order of pairs of subkeys within K617 through K664 is reversed, reflecting the larger number of new type subkeys in Quadibloc 2002E RA as against Quadibloc 2002E U.

Quadibloc 2002E RC

The main combiner in the core rounds can be replaced by another design, as illustrated below:

Here, SB16 and EK13 through EK20 are eliminated from the cipher, along with the bit swap and substitution operations that use them, and LK23 through LK38 are added to Quadibloc 2002E to produce Quadibloc 2002E RC (Revised Combiner).

In the key schedule, LK23 through LK38 are generated when EK13 through EK20 would have been.

For decipherment, the order of keys LK23 through LK38 is reversed.

Quadibloc 2002E RR

Combining Quadibloc 2002E RA with a modified version of Quadibloc 2002E RC yields Quadibloc 2002E RR (Rotating Revised). As in Quadibloc 2002E RC, LK23 through LK38 are added, this time after EK13 through EK20, as those exchange keys are now retained, unlike the case in Quadibloc 2002E RC. In addition, S-boxes SR11 and SR12 are added to the key schedule, and eight 32-bit keys K665 through K672.

The order of subkey generation in Quadibloc 2002E RR is as follows:

• Subkeys K1 through K192
• S-boxes SB1 and SB2
• Subkeys LK1 through LK22
• S-boxes SB3 and SB4
• Subkeys EK1 through EK12
• Subkeys K193 through K240
• S-box SB5
• Subkeys K241 through K496
• S-boxes SB6 through SB11
• Subkeys EK13 through EK20
• Subkeys LK23 through LK38
• Subkeys K665 through K672
• S-boxes SR11 and SR12
• S-boxes SB12 through SB15
• Subkeys EK21 through EK28
• S-box SB16
• S-boxes SR1 and SR2
• Subkeys K497 through K616
• S-boxes SR3 and SR4
• S-box SB17
• Subkeys K617 through K664
• Subkey pools SP1 through SP192
• S-boxes SB18 through SB22
• S-boxes SR5 through SR8
• Subkeys SEK1 through SEK16
• S-box SB23
• Subkeys TEK1 through TEK8
• S-boxes SB24 through SB26
• S-boxes SR9 and SR10
• S-boxes SB27 through SB29

The modified form of the combiner from Quadibloc 2002E RC used in Quadibloc 2002E RR is as illustrated below:

The modified combiner appears asymmetric, but the swap halves operations on the left half of the block in the core rounds ensure that both halves of the block do become modified.

Note that in the second Feistel round of the combiner, in order to obtain greater variation than that provided by the simple XOR of subkeys, the roles of SB12 and SB13 have been exchanged, and thus these two S-boxes need to be switched in the deciphering key schedule. Note that S-box SB16 and EK13 through EK20 are returned to the key schedule; here, they, combined with the order in which the 32-bit subblocks of the outputs of the XORs with the subkeys LK23 through LK38 are used, allow the four rounds to use their subkeys in reverse order as well, to further differentiate the two stages. The order of subkeys K665 through K672 must be reversed for deciphering; as well, the order of subkeys LK23 through LK38 must be reversed as in Quadibloc 2002E RC, and as in Quadibloc 2002E itself, the order of subkeys EK13 through EK20 must be reversed and their bits must be inverted; and the other subkey changes for deciphering are as in Quadibloc 2002E RA.

Next
Start of Section
Skip to Next Chapter
Table of Contents
Main Page