密/解密过程中只需要4K字节,因为子钥的产生通常在输入数据之前就完成了 。
置换箱S1-S8的内容参见附录A 。
2.4 密钥表
假设128位的密钥是x0x1x2x3x4x5x6x7x8x9xAxBxCxDxExF,其中x0是最高位的字节,
xF是最低位的字节 。
令z0…zF是中间(临时)字节 。
令S[i]表示置换箱i,“^”代表异或加 。
按照下述公式从密钥x0x1x2x3x4x5x6x7x8x9xAxBxCxDxExF生成子钥:
z0z1z2z3=x0x1x2x3^S5[xD]^S6[xF]^S7[xC]^S8[xE]^S7[x8]
z4z5z6z7=x8x9xAxB^S5[z0]^S6[z2]^S7[z1]^S8[z3]^S8[xA]
z8z9zAzB=xCxDxExF^S5[z7]^S6[z6]^S7[z5]^S8[z4]^S5[x9]
zCzDzEzF=x4x5x6x7^S5[zA]^S6[z9]^S7[zB]^S8[z8]^S6[xB]
K1=S5[z8]^S6[z9]^S7[z7]^S8[z6]^S5[z2]
K2=S5[zA]^S6[zB]^S7[z5]^S8[z4]^S6[z6]
K3=S5[zC]^S6[zD]^S7[z3]^S8[z2]^S7[z9]
K4=S5[zE]^S6[zF]^S7[z1]^S8[z0]^S8[zC]
x0x1x2x3=z8z9zAzB^S5[z5]^S6[z7]^S7[z4]^S8[z6]^S7[z0]
x4x5x6x7=z0z1z2z3^S5[x0]^S6[x2]^S7[x1]^S8[x3]^S8[z2]
x8x9xAxB=z4z5z6z7^S5[x7]^S6[x6]^S7[x5]^S8[x4]^S5[z1]
xCxDxExF=zCzDzEzF^S5[xA]^S6[x9]^S7[xB]^S8[x8]^S6[z3]
K5=S5[x3]^S6[x2]^S7[xC]^S8[xD]^S5[x8]
K6=S5[x1]^S6[x0]^S7[xE]^S8[xF]^S6[xD]
K7=S5[x7]^S6[x6]^S7[x8]^S8[x9]^S7[x3]
K8=S5[x5]^S6[x4]^S7[xA]^S8[xB]^S8[x7]
z0z1z2z3=x0x1x2x3^S5[xD]^S6[xF]^S7[xC]^S8[xE]^S7[x8]
z4z5z6z7=x8x9xAxB^S5[z0]^S6[z2]^S7[z1]^S8[z3]^S8[xA]
z8z9zAzB=xCxDxExF^S5[z7]^S6[z6]^S7[z5]^S8[z4]^S5[x9]
zCzDzEzF=x4x5x6x7^S5[zA]^S6[z9]^S7[zB]^S8[z8]^S6[xB]
K9=S5[z3]^S6[z2]^S7[zC]^S8[zD]^S5[z9]
K10=S5[z1]^S6[z0]^S7[zE]^S8[zF]^S6[zC]
K11=S5[z7]^S6[z6]^S7[z8]^S8[z9]^S7[z2]
K12=S5[z5]^S6[z4]^S7[zA]^S8[zB]^S8[z6]
x0x1x2x3=z8z9zAzB^S5[z5]^S6[z7]^S7[z4]^S8[z6]^S7[z0]
x4x5x6x7=z0z1z2z3^S5[x0]^S6[x2]^S7[x1]^S8[x3]^S8[z2]
x8x9xAxB=z4z5z6z7^S5[x7]^S6[x6]^S7[x5]^S8[x4]^S5[z1]
xCxDxExF=zCzDzEzF^S5[xA]^S6[x9]^S7[xB]^S8[x8]^S6[z3]
K13=S5[x8]^S6[x9]^S7[x7]^S8[x6]^S5[x3]
K14=S5[xA]^S6[xB]^S7[x5]^S8[x4]^S6[x7]
K15=S5[xC]^S6[xD]^S7[x3]^S8[x2]^S7[x8]
K16=S5[xE]^S6[xF]^S7[x1]^S8[x0]^S8[xD]
[剩下的一半与上面给出的一样,从最后生成的x0..xF产生密钥K17-K32 。]
z0z1z2z3=x0x1x2x3^S5[xD]^S6[xF]^S7[xC]^S8[xE]^S7[x8]
z4z5z6z7=x8x9xAxB^S5[z0]^S6[z2]^S7[z1]^S8[z3]^S8[xA]
z8z9zAzB=xCxDxExF^S5[z7]^S6[z6]^S7[z5]^S8[z4]^S5[x9]
zCzDzEzF=x4x5x6x7^S5[zA]^S6[z9]^S7[zB]^S8[z8]^S6[xB]
K17=S5[z8]^S6[z9]^S7[z7]^S8[z6]^S5[z2]
K18=S5[zA]^S6[zB]^S7[z5]^S8[z4]^S6[z6]
K19=S5[zC]^S6[zD]^S7[z3]^S8[z2]^S7[z9]
K20=S5[zE]^S6[zF]^S7[z1]^S8[z0]^S8[zC]
x0x1x2x3=z8z9zAzB^S5[z5]^S6[z7]^S7[z4]^S8[z6]^S7[z0]
x4x5x6x7=z0z1z2z3^S5[x0]^S6[x2]^S7[x1]^S8[x3]^S8[z2]
x8x9xAxB=z4z5z6z7^S5[x7]^S6[x6]^S7[x5]^S8[x4]^S5[z1]
xCxDxExF=zCzDzEzF^S5[xA]^S6[x9]^S7[xB]^S8[x8]^S6[z3]
K21=S5[x3]^S6[x2]^S7[xC]^S8[xD]^S5[x8]
K22=S5[x1]^S6[x0]^S7[xE]^S8[xF]^S6[xD]
K23=S5[x7]^S6[x6]^S7[x8]^S8[x9]^S7[x3]
K24=S5[x5]^S6[x4]^S7[xA]^S8[xB]^S8[x7]
z0z1z2z3=x0x1x2x3^S5[xD]^S6[xF]^S7[xC]^S8[xE]^S7[x8]
z4z5z6z7=x8x9xAxB^S5[z0]^S6[z2]^S7[z1]^S8[z3]^S8[xA]
z8z9zAzB=xCxDxExF^S5[z7]^S6[z6]^S7[z5]^S8[z4]^S5[x9]
zCzDzEzF=x4x5x6x7^S5[zA]^S6[z9]^S7[zB]^S8[z8]^S6[xB]
K25=S5[z3]^S6[z2]^S7[zC]^S8[zD]^S5[z9]
K26=S5[z1]^S6[z0]^S7[zE]^S8[zF]^S6[zC]
K27=S5[z7]^S6[z6]^S7[z8]^S8[z9]^S7[z2]
K28=S5[z5]^S6[z4]^S7[zA]^S8[zB]^S8[z6]
x0x1x2x3=z8z9zAzB^S5[z5]^S6[z7]^S7[z4]^S8[z6]^S7[z0]
x4x5x6x7=z0z1z2z3^S5[x0]^S6[x2]^S7[x1]^S8[x3]^S8[z2]
x8x9xAxB=z4z5z6z7^S5[x7]^S6[x6]^S7[x5]^S8[x4]^S5[z1]
xCxDxExF=zCzDzEzF^S5[xA]^S6[x9]^S7[xB]^S8[x8]^S6[z3]
K29=S5[x8]^S6[x9]^S7[x7]^S8[x6]^S5[x3]
K30=S5[xA]^S6[xB]^S7[x5]^S8[x4]^S6[x7]
K31=S5[xC]^S6[xD]^S7[x3]^S8[x2]^S7[x8]
K32=S5[xE]^S6[xF]^S7[x1]^S8[x0]^S8[xD]
2.4.1.掩码子钥与旋转子钥
令Km1,...,Km16为32位的掩码子钥(每次循环使用一个);
推荐阅读
- HTTP远程变量选择算法—RVSA/1.0
- PKCS#1:RSA加密 版本1.5
- 等价多径算法的分析
- ESP CBC模式加密算法
- NULL加密算法及其在IPsec协议中的应用
- 联想z5s中为应用加密具体操作步骤
- vivox23幻彩版开启应用指纹加密
- Moboplayer怎么文件夹加密
- 如何判断一个算法的好坏
- 1 RIP协议V-D算法的介绍