In the introductory section, two possible ways to derive a practical cipher from Quadibloc 2002E by excluding portions of it were noted.

Eliminating the cryptographic core rounds, and simply building a cipher using only the standard rounds, is a considerably more radical change. Even such a cipher, however, given the use of several key-dependent S-boxes to provide nonlinearity in the diffusion phase, given the bit swap that is the chief item added to the cipher from Quadibloc 2002A (and leading to the bilateral symmetry of the diffusion phases, so that the bit swap directs bits to either half of the miniature Feistel round component) has a strong resistance to the XSL attack as currently understood.

In this form, instead of 11 rounds, the cipher would use 17 rounds. The ninth round would be the symmetric augmented round, and it would contain a greater diffusion phase. Thus, there would be nine greater diffusion phases in the cipher, and thus the key material used would consist of:

- Two hundred and ninety-eight 32-bit subkeys, K1 through K298
- Thirty-four 128-bit subkeys, LK1 through LK34 (long keys)
- Eighteen 64-bit subkeys the bytes of which are the outputs of a 4 of 8 code, EK1 through EK18 (exchange keys)
- Four S-boxes containing 256 8-bit elements, forming a permutation of the values from 0 to 255, SB1 through SB4 (bijective S-boxes)

and they would be generated in the order:

- K1 through K298
- SB1 and SB2
- LK1 through LK34
- SB3 and SB4
- EK1 through EK18

This variant may be called Quadibloc 2002E SR (Standard Round).

One possible way was replacing the main portion of the f-function of the cryptographic core rounds, the four layer rounds, with a greater diffusion phase, since both take a 128-bit input and produce a 128-bit output. As well, the number of 32-bit subkeys used would remain constant.

In that case, EK13 through EK28 would remain part of the cipher, as would S-box SB16. The cryptographic core rounds would use the first two S-boxes that would have been used with the large fractal Feistel structure, SB6 and SB7, as its S-boxes, and SR1, SR2, and SB8 through SB11 would not be used or generated, but the cipher and the key schedule would be otherwise unchanged.

This variant can be called Quadibloc 2002E DC (Diffusion Core).

Note that both in Quadibloc 2002EC DC and even in Quadibloc 2002EM DC, the greater diffusion phase used as an f-function is also modified in the same manner as the one used in the standard rounds, in order that only one form of the greater diffusion phase need be implemented for any one block cipher variant.

[Next] [Up/Previous] [Index]

Next

Start of Section

Skip to Next Chapter

Table of Contents

Main Page