[14055] in cryptography@c2.net mail archive
Re: lopsided Feistel (was: cryptographic ergodic sequence
daemon@ATHENA.MIT.EDU (Tim Dierks)
Sun Sep 7 00:05:38 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Sat, 06 Sep 2003 21:20:44 -0400
To: "John S. Denker" <jsd@av8n.com>, cryptography@metzdowd.com
From: Tim Dierks <tim@dierks.org>
In-Reply-To: <3F5A7BAF.3000204@av8n.com>
At 08:28 PM 9/6/2003, John S. Denker wrote:
>On 09/06/2003 02:33 PM, Tim Dierks wrote:
> > I'm sure that it would be possible to design a Feistel-based block
> > cipher with variable block size, supporting some range of even values
> > of n.
>
>There's no need to exclude odd n.
Of course, I'd forgotten about unbalanced Feistel networks.
Here's an updated script:
use Crypt::DES;
$n = shift @ARGV;
if (!defined($n) || $n < 2 || $n > 32 || $#ARGV > 0) {
die "Usage: $0 n\n2 <= n <= 32\n";
}
$key = pack("A8", rand());
$cipher = new Crypt::DES $key;
$tb = int(($n+1)/2);
$sb = $n - $tb;
$tmask = (1 << ($tb)) - 1;
$smask = (1 << ($sb)) - 1;
sub f($$) {
my ($round, $v) = @_;
my $pt = pack("LL", $round, $v);
my $ct = $cipher->encrypt($pt);
my ($high, $low) = unpack("LL", $ct);
return $low & $tmask;
}
sub E($) {
my ($p) = @_;
my $L, $R, $Ln, $Rn, $round;
for $round (1..2) {
$L = $p >> $sb;
$R = $p & $smask;
$Ln = $R;
$Rn = $L ^ f($r, $R);
$p = ($Ln << $tb) | $Rn;
}
return $p;
}
foreach $v (0..(1<<$n)-1) {
$o = E($v);
print "$v => $o\n";
if ($o >= 1<<$n) {
die "Too big";
}
if ($retvals{$o}++) {
die "Duplicate";
}
}
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
