Alternately, the random value itself may be sent unenciphered, but is then enciphered or hashed under a keyed cryptographic hash to produce a value used as the data ciphering key.. A mes
Trang 1deciphering the message data Alternately, the random value itself may be sent unenciphered, but is then enciphered or hashed (under a keyed
cryptographic hash) to produce a value used as the data ciphering key
The message key assures that the actual data is ciphered under a key which
is an arbitrary selection from a huge number of possible keys; it therefore prevents weakness due to user key selection A message key is used exactly once, no matter how many times the same message is enciphered, so at most,
a successful attack on a message key exposes just one message The internal construction of a random message key cannot be controlled by a user, and thus prevents all attacks based on repeated ciphering under a single key To the extent that the message key value really is random and is never exposed
on either end, the message key is much more easily protected than ordinary text (see ideal secrecy) In a sense, a message key is the higher-level concept
of an IV, which is necessarily distinct for each particular design
MITM
Man In The Middle
Mixing
The act of transforming multiple input values into one or more output
values, such that changing any input value will change the output value There is no implication that the result must be balanced, but effective mixing may need to be, in some sense, complete Also see Mixing Cipher,
combiner, Latin square combiner, and Balanced Block Mixing
Mixing Cipher
A block cipher based on Balanced Block Mixing of small elements in FFT-like or FWT-FFT-like mixing patterns
Below, we have a toy 32-bit-block Mixing Cipher Plaintext at the top is transformed into ciphertext at the bottom Each "S" is an 8-bit substitution table, and each table (and now each mixing operation also) is individually keyed
Horizontal lines connect elements which are to be mixed together: Each
* -* represents a single Balanced Block Mixing or BBM Each BBM takes two elements, mixes them, and returns two mixed values The mixed results then replace the original values in the selected positions just like the "butterfly" operations used in some FFT's
A 32-Bit Mixing Cipher
Trang 2| | | | <- Input Block (Plaintext)
S S S S <- Fencing
| | | |
* -* * -* <- 2 BBM Mixings
| | | |
* -* | <- 1 BBM Mixing
| * -* <- 1 BBM Mixing
| | | |
S S S S <- Fencing
| | | |
* -* |
| * -*
| | | |
* -* * -*
| | | |
S S S S <- Fencing
| | | | <- Output Block (Ciphertext)
By mixing each element with another, and then each pair with another pair and so on, every element is eventually mixed with every other element Each BBM mixing is dyadic, so each "sub-level" is a mixing of twice as many
elements as the sublevel before it A block of n elements is thus fully mixed
in log2 n sublevels, and each result element is equally influenced equally by
each and every input element
The pattern of these mixings is exactly like some implementations of the FFT, and thus the term "FFT-style." Also see the articles in the Mixing Ciphers section on the Ciphers By Ritter pages
Mod 2
The field formed from the set of integers {0,1} with operations + and * producing the remainder after dividing by modulus 2 Thus:
0 + 0 = 0
0 + 1 = 1
1 + 0 = 1
1 + 1 = 0
1 + 1 + 1 = 1
Trang 30 * 0 = 0
0 * 1 = 0
1 * 0 = 0
1 * 1 = 1
Subtraction mod 2 is the same as addition mod 2 The operations + and * can also be considered the logic functions XOR and AND respectively
Mod 2 Polynomial
A polynomial in which the coefficients are taken mod 2 The four arithmetic operations addition, subtraction, multiplication and division are supported
As usual, mod 2 subtraction is the same as mod 2 addition Each column of coefficients is added separately, without "carrys" to an adjacent column: Addition and Subtraction:
1 0 1 1
+ 0 1 0 1
+ 1 1 0 0
-
0 0 1 0
Multiplication:
1 0 1 1
* 1 1 0 0
-
0
0
1 0 1 1
1 0 1 1
-
1 1 1 0 1 0 0
Polynomial multiplication is not the same as repeated polynomial addition
But there is a fast approach to squaring mod 2 polynomials:
a b c d
a b c d
-
ad bd cd dd
ac bc cc dc
ab bb cb db
aa ba ca da
Trang 4-
a 0 b 0 c 0 d
To square a mod 2 polynomial, all we have to do is "insert" a zero between every column Note that aa = a for a = 0 or a = 1, and ab = ba, so either 0 + 0
= 0 or 1 + 1 = 0
Division:
1 0 1 1
-
1 1 0 0 ) 1 1 1 0 1 0 0
1 1 0 0
-
1 0 1 0
1 1 0 0
-
1 1 0 0
1 1 0 0
-
0
The decision about whether the divisor "goes into" the dividend is based exclusively on the most-significant (leftmost) digit This makes polynomial division far easier than integer division
Mod 2 polynomials behave much like integers in that one polynomial may
or may not divide another without remainder This means that we can expect
to find analogies to integer "primes," which we call irreducible polynomials
Mod 2 polynomials do not constitute a field; clearly, the size of a
multiplication is unbounded However, a finite field of polynomials can be created by choosing an irreducible modulus polynomial, thus producing a Galois field GF 2n
Mode
One possibility is: block cipher operating mode
Modulo
Casually, the remainder after an integer division by a modulus; see
congruence When the modulus is prime, this may generate a useful field
Monadic
Trang 5Relating to monad, which is Greek for single or one In particular, a function
with a single input or argument, also called unary Also see: dyadic
Monoalphabetic Substitution
Substitution using a single alphabet Also called simple substitution As opposed to Polyalphabetic Substitution
Monographic
Greek for "single letter." A cipher which translates one plaintext symbol at a time into ciphertext As opposed to polygraphic; also see homophonic and polyphonic
Multiple Encryption
Enciphering or encrypting a message more than once This usually has the strength advantage of producing a very random-like ciphertext from the first pass, which is of course the "plaintext" for the next pass
Multiple encryption using different keys can be a way to increase strength And multiple encryption using different ciphers can reduce the probability of using a single cipher which has been broken in secret In both cases, the cost
is additional ciphering operations
Unfortunately, multiple encryption using just two (2) ciphers may not be
much advantage: If we assume The Opponents know which ciphers are used,
they can manipulate both the plaintext and the ciphertext to search for a
match (a "meet-in-the-middle" attack strategy) One way to avoid this is to
use three (3) cipherings, as in Triple DES
Multiple encryption also can be dangerous, if a single cipher is used with the
same key each time Some ciphers are involutions which both encipher and
decipher with the same process; these ciphers will decipher a message if it is enciphered a second time under the same key This is typical of classic
additive synchronous stream ciphers, as it avoids the need to have separate encipher and decipher operations But it also can occur with block ciphers operated in stream-cipher-like modes such as OFB, for exactly the same reason
Nomenclator
Trang 6Originally, a list of transformations from names to symbols or numbers for
diplomatic communications Later, typically a list of transformations from names, polygraphic syllables, and monographic letters, to numbers Usually