[Next] [Up] [Previous] [Index]

FROG

FROG is another block cipher which is based on whole-byte operations. In structure, it has a slight resemblance to NewDES. The original description of it is available at http://www.tecapro.com/aesfrog.htm.

A weakness has been uncovered in it, but a minor modification would correct that: of its eight rounds, the last four could be performed in deciphering mode. (An appropriate rearrangement of bytes between the first four rounds and the last four would ensure against the possibility of a key existing that would cause the last four rounds to undo the work of the first four.)

It does, however, require a considerable amount of RAM to store an unusually large amount of subkey material.

Each round consists of sixteen steps, one for each byte of the block. Each round has the following subkey material:

16 bytes of conventional subkey.
One key-dependent invertible S-box with 8 inputs and 8 outputs.
A sequence of the numbers 0 through 15 having certain properties.

In each step, one does the following:

XOR that byte with one subkey byte.
Take the result, and replace it by its substitute in the current round's S-box.
Take that result, and (in addition to using it as the new value of that byte; the previous two steps modify the byte, and are not an f-function) XOR it with the next byte in the block (cyclically, of course, so byte 0 comes after byte 15).
Also take that result, and XOR it with one other byte in the block, as indicated by the sequence of numbers from 0 to 15.

The sequence of numbers from 0 to 15 is generated so that it is a permutation of the numbers from 0 to 15 with a single cycle. This ensures that no number is its own substitute. Then, if any number has itself plus 1 as its substitute, that number is incremented (modulo 16) to avoid cancelling the fixed XOR.

[Next] [Up] [Previous] [Index]

Next
Chapter Start
Table of Contents
Main Page