Abstract

在对称密码设计中, 组件的设计是一个重要的问题. 为了达到某种设计思想, 需要选用满足某种性质或指标的组件. 拟群运算由于易于求逆且具有很好的平衡性, 所以作为结合运算或压缩变换, 在密码算法的设计中具有广泛的应用. 分组密码IDEA中, 通过使用三个“不相容”的群运算达到了混乱的目的, 其中的“不相容”主要是指这些群运算作为拟群运算的非合痕性. 本文从Pappus定理的几何意义出发, 在固定四条直线的情况下, 给出了另外两条直线的对应关系; 并针对一个坐标分量, 利用拉丁方截线扩张的方法, 构造了一个可作为对称密码组件的拟群运算. 接下来, 我们给出 的代数表达式, 并证明了该拟群运算与IDEA算法中使用的三个拟群运算均不合痕. 该运算的特点是:的代数表达式与结构相似; 由于拟群运算具有较强的数学结构, 所以可不使用查表方式实现, 这对提升算法的硬件效率很有好处.

Alternate abstract:

Component design is an important problem in designing symmetric ciphers. In order to achieve certain goals, some kinds of components with certain properties or criteria are needed. Because quasi-group operation is balanced and easy to invert, it is widely used as a combined operation or compression transformation in the design of the cryptographic algorithms. The block cipher IDEA achieves the goal of confusion by using three “incompatible” group operations, where the “incompatible” implies that those group operations as quasi-groups are not isotopic. In this paper, according to the geometric explanation of Pappus Theorem, we give the correspondence of the other two lines when four lines are fixed. Moreover, we construct a quasi-group operation , which can be used as a component for symmetric ciphers, by means of expanding transverals of Latin Squares on a coordinate component. Then, we give the algebraic expression of and prove that is not isotopic with those three quasi-group operations of IDEA. The algebraic expression of has similar structure to that of . Furthermore, the quasi-group operation has so nice mathematical structure that we can implement it without looking-up tables, which is helpful to improve the efficiency of the hardware implementation.