A Description of the KCipher-2 Encryption Algorithm
RFC 7008
Document | Type |
RFC - Informational
(August 2013; No errata)
Was draft-kiyomoto-kcipher2 (individual)
|
|
---|---|---|---|
Authors | Shinsaku Kiyomoto , Wook Shin | ||
Last updated | 2013-08-28 | ||
Stream | ISE | ||
Formats | plain text html pdf htmlized bibtex | ||
IETF conflict review | conflict-review-kiyomoto-kcipher2 | ||
Stream | ISE state | Published RFC | |
Consensus Boilerplate | Unknown | ||
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 7008 (Informational) | |
Telechat date | |||
Responsible AD | (None) | ||
Send notices to | (None) |
Independent Submission S. Kiyomoto Request for Comments: 7008 W. Shin Category: Informational KDDI R&D Laboratories, Inc. ISSN: 2070-1721 August 2013 A Description of the KCipher-2 Encryption Algorithm Abstract This document describes the KCipher-2 encryption algorithm. KCipher-2 is a stream cipher with a 128-bit key and a 128-bit initialization vector. Since the algorithm for KCipher-2 was published in 2007, security and efficiency have been rigorously evaluated through academic and industrial studies. As of the publication of this document, no security vulnerabilities have been found. KCipher-2 offers fast encryption and decryption by means of simple operations that enable efficient implementation. KCipher-2 has been used for industrial applications, especially for mobile health monitoring and diagnostic services in Japan. Status of This Memo This document is not an Internet Standards Track specification; it is published for informational purposes. This is a contribution to the RFC Series, independently of any other RFC stream. The RFC Editor has chosen to publish this document at its discretion and makes no statement about its value for implementation or deployment. Documents approved for publication by the RFC Editor are not a candidate for any level of Internet Standard; see Section 2 of RFC 5741. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7008. Copyright Notice Copyright (c) 2013 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Kiyomoto & Shin Informational [Page 1] RFC 7008 A Description of KCipher-2 August 2013 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Algorithm Description . . . . . . . . . . . . . . . . . . . . 3 2.1. Notations . . . . . . . . . . . . . . . . . . . . . . . . 4 2.2. Internal State . . . . . . . . . . . . . . . . . . . . . . 4 2.2.1. Feedback Shift Registers . . . . . . . . . . . . . . . 4 2.2.2. Internal Registers . . . . . . . . . . . . . . . . . . 5 2.3. Operations . . . . . . . . . . . . . . . . . . . . . . . . 5 2.3.1. next() . . . . . . . . . . . . . . . . . . . . . . . . 5 2.3.2. init() . . . . . . . . . . . . . . . . . . . . . . . . 7 2.3.3. stream() . . . . . . . . . . . . . . . . . . . . . . . 8 2.4. Subroutines . . . . . . . . . . . . . . . . . . . . . . . 9 2.4.1. NLF() . . . . . . . . . . . . . . . . . . . . . . . . 9 2.4.2. sub_K2() . . . . . . . . . . . . . . . . . . . . . . . 9 2.4.3. S_box() . . . . . . . . . . . . . . . . . . . . . . . 10 2.4.4. Multiplications in GF(2#32) . . . . . . . . . . . . . 11 2.5. Encryption and Decryption Scheme . . . . . . . . . . . . . 13 2.5.1. Key Stream Generation . . . . . . . . . . . . . . . . 13 2.5.2. Encryption and Decryption of a Message . . . . . . . . 14 3. Security Considerations . . . . . . . . . . . . . . . . . . . 14 4. References . . . . . . . . . . . . . . . . . . . . . . . . . . 14 4.1. Normative References . . . . . . . . . . . . . . . . . . . 14 4.2. Informative References . . . . . . . . . . . . . . . . . . 14 Appendix A. Tables for Multiplication in GF(2#32) . . . . . . . . 16 A.1. The table amul0 . . . . . . . . . . . . . . . . . . . . . 16 A.2. The table amul1 . . . . . . . . . . . . . . . . . . . . . 17 A.3. The table amul2 . . . . . . . . . . . . . . . . . . . . . 19 A.4. The table amul3 . . . . . . . . . . . . . . . . . . . . . 20 Appendix B. A Simple Implementation Example of KCipher-2 . . . . 22 B.1. Code Components I - Definitions and Declarations . . . . . 22 B.2. Code Components II - Functions . . . . . . . . . . . . . . 23 B.3. Use Case . . . . . . . . . . . . . . . . . . . . . . . . . 28 Appendix C. Test Vectors . . . . . . . . . . . . . . . . . . . . 28 C.1. Key Stream Generation Examples . . . . . . . . . . . . . . 28 C.2. Another Key Stream Generation with the State Values . . . 29 C.2.1. S after init(1) . . . . . . . . . . . . . . . . . . . 30 C.2.2. S after init(2) . . . . . . . . . . . . . . . . . . . 30 C.2.3. S after init(3) . . . . . . . . . . . . . . . . . . . 30Show full document text