IBM's Mars Encryption Algorithm implementation (top)

I. Background knowledge

The Data Encryption Standard DES Algorithm was promulgated in 1977. Its 56-bit long cipher space is becoming more and more uncomfortable in the fast development of chip technique and computing technology. The September 1997 American Institute of National Standards and Technology (NIST) proposed a new encryption Standard---AES (Advanced encryption Standard) as a 20th century encryption standard technology instead of DES. The objectives are: (1) Fast execution speed, (2) easy to design, (3) from large computer to Intelligent IC Card (CPU card) can be achieved. At the first AES conference in August 1998 (AES1), 15 candidate AES algorithms from 12 countries were announced. In August 1999, the second AES Conference (ARD2) screened out 5 candidate algorithms:

Algorithm Author (s)

(1) MARS IBM (US)

(2) RC6 RSA Laboratories (US)

(3) Rijndael John danemen,vincent Rijmen (Belgium)

(4) Serpent Ross Anderson (UK), Eli Bihan (Israel), Lars Knudsen (Nornay)

(5) Twofish Bruce schneier,john kelsey,doug whiting,david wagner,chris hall,nids

After a lot of analysis and evaluation, the NIST team finally chose the Rijndael. This is considered safe, a trade-off between performance, efficiency, ease of use, and flexibility, as NIST said in its report: "All of these five algorithms are safe for AES." This article will introduce the Mars algorithm proposed by IBM and some of the algorithm implementation code written by the author.

Second, the algorithm principle

As a pre-whitening process, the key is increased by 8-wheel-without-key-forward blending, 8-wheel-key forward transformation, 8-wheel-key-backward transformation, 8-wheel-without-key-backward blending, and key subtraction as a post-whitening process. The 16-wheel-key conversion is known as the cipher core (cryptographic core), with no key iterations using two 8x32 bit s-boxes, plus, XOR, or operation. In addition, there are key iterations using 32-bit key multiplication, data-relative rotation, and key addition. Mixing and core iterations are modified as iterations of the Feistel structure, where 1/4 of the data blocks are used to identify the other 3/4 blocks of data.

Conventions:

D[]: Storage of 4 32-bit plaintext containers for ciphertext after the encryption operation is completed

K[]: A container that holds 40 32-bit keys

S[]:S-BOX,512 a 32-digit number consisting of the first 256 indicated by S0, and the latter 256 indicated by S1

All array subscripts are counted starting from 0.

The addition mentioned in this article is modulo 232 plus, subtraction is modulo 232 minus, multiplication is modulo 232 multiply

<<< indicates that the loop moves left

^ Represents a bitwise XOR or

% modulo