1. Field
The present invention relates generally to cryptography and, more specifically, to block ciphers.
2. Description
Cryptographic ciphers can be broadly divided into stream ciphers and block ciphers. Stream ciphers encrypt a stream of data called xe2x80x9cplaintextxe2x80x9d into encrypted or xe2x80x9cciphertextxe2x80x9d by combining the stream of plain text with a pseudo random sequence dynamically generated using a cipher key. An example of a stream cipher is the well-known RC4 cipher. Block ciphers encrypt a block of plaintext into ciphertext by applying multiple successive rounds of transformation operations to the plaintext, using a cipher key. An example of a block cipher is the well-known Data Encryption Standard (DES) cipher.
Block ciphers typically work with a small number of fixed block sizes that are convenient for hardware or software implementation. For example, the block size may be 16, 32, 48, or 64 bits. Since the size of the ciphertext is always a multiple of the block size, a single plaintext message will require at least an entire block in order for encryption and decryption to take place. While this is not a significant problem for most applications, if the cost of storing each ciphertext bit is high, a block cipher that can vary the number of bits in its block size may be useful. Additionally, performance characteristics of a block cipher may determine where the cipher may be most useful. For example, in a communications process, it may be desirable to employ a cipher with fast setup, encryption and decryption times. However, in a manufacturing process (e.g., integrated circuit manufacturing), a different cipher may be employed when a slow setup time is acceptable, encryption and decryption times are small, but the cost of storing the ciphertext is high. Existing fixed block size ciphers may not be suitable for such situations.
An embodiment of the present invention is a block cipher supporting a selectable block size of bit granularity. The block cipher includes a recursive Feistal network structure having a plurality of substitution boxes (S-boxes), each S-box being generated by a message digest function used as a pseudo-random number generator and one of a plurality of keys.
Other embodiments are described and claimed.