The key schedule of QUADIBLOC, while designed to avoid weak keys, and resist related-key attacks, is still something of an afterthought compared to the rest of the cipher.

A procedure to add 64 bits to the key of any variant of QUADIBLOC, and improve its key schedule (which may be applied repeatedly, even to the extent of modifying the key for every block enciphered, causing QUADIBLOC to act as sort of a stream cipher) is described here.

First, the key to be augmented is to be used normally to generate the 48 32-bit long subkeys used by QUADIBLOC.

Then, the augmented schedule of subkeys is generated as follows:

The 64 bit supplementary key is to be encrypted normally by QUADIBLOC with the schedule of subkeys in place. (The encrypted result is to be made available externally by hardware implementations of QUADIBLOC, to allow iterated key augmentation with a single 64-bit key supplement.) However, both the encrypted result of the QUADIBLOC encipherment, and the 32-bit output of the f-function in each round of that encipherment, are to be retained (in internal storage).

These results are to be applied to the subkeys of QUADIBLOC as follows:

The subkeys are to be moved as follows:

The second subkey for each round is to be replaced by the previous value of the first subkey for the previous round. The second subkey for round 1 is to be replaced by the previous value of the first subkey of round 16.

The third subkey for each round is to be replaced by the previous value of the second subkey that round.

The first subkey for each round is to be replaced by the previous value of the third subkey for that round.

Then, the saved f-function values are to be applied by being XORed with subkeys (the result replacing the former value of the subkey) in the following sequence:

The f-function for round:

9 7 11 5 13 3 15 1 16 2 14 4 12 6 10 8

is to be XORed with the first subkey for round:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16

The left half of the result of the QUADIBLOC encryption is to be XORed with the second subkey for the first round.

The right half of the result of the QUADIBLOC encryption is to be XORed with the third subkey for the ninth round.

Three key augmentations will ensure that every subkey is XORed with one f-function output; twenty-four key augmentations will ensure that every subkey is XORed with one of the halves of an encryption result.

Key augmentation is equally applicable to QUADIBLOC 96 and QUADIBLOC 99. In the plain form described here, key augmentation adds at least 64 bits to the length of the key. Some block ciphers include a process like key augmentation, but with a fixed input value, as a standard step in the key generation process to improve the quality of the key schedule.

To operate QUADIBLOC in this fashion, which will be referred to as closed key augmentation, after generating the initial key schedule from the 160-bit key, perform three iterated key augmentations, the latter two using as their input value the output value from the previous one, and the first one using the constant value

55330FAACCF05533

as the input value.

In addition to key augmentation, the use of a longer key can be permitted by the use of the following operation, intended to be applied after key augmentation has been applied to a previous set of subkeys.

In key extension, a new 160-bit key is used to generate subkeys in the normal fashion, but the resulting subkeys are then XORed to the existing subkeys instead of replacing them.

Thus, an alternative variant of QUADIBLOC with a 320-bit key can be achieved by:

- Using the first 160 bits as a key to generate an initial set of subkeys.
- Performing closed key augmentation.
- Performing key extension with the remaining 160 bits of the key.
- Performing closed key augmentation.

This variant shall be known as QUADIBLOC-320SE (96 or 99), and QUADIBLOC with closed key augmentation will be known as QUADIBLOC SE (96 or 99).

[Next] [Up] [Previous] [Index]