HastyPuddingCipher (HPC)
It is a variable size block block cipher designed by Richard Schroeppel. It has a number of unusual properties for a block of encryption block size and input key length is variable, and including an additional input parameter called the "spice" which is intended to be used as a secondary, not secret key. The figure was the only candidate HastyPudding AES designed exclusively by American cryptographers.
A variable length block cipher:
· Accepts any size key (primary key) of 0 or more bits.
· Accepts any size block of plaintext, 0 or more bits
· A 512-bit key optional secondary (SPICE).
· The figure is HastyPudding 5 different sub-ciphers:
HPC Tiny bits 0-35
HPC-Short bits 36-64
HPC-Medium 65-128
HPC-Long 129-512 bits
513 + HPC-bit Extended
The figure HastyPudding algorithms mostly use 64-bit words internally. Encryption is designed to run on 64-bit machines, which can easily perform simple operations on 64-bit words.
Basic Operations
· Addition
· Abduction
· Exclusive OR
· Shifts
Setup Key Expansion (KX)
· Each has a subcipher KX (key expansion) table size 256 words, generated from the key
· Procedures KX installation table:
(1) Initialization Table KX
(2) The first 128 words in the table XOR key KX (KX [0] - KX [127])
(3) Perform function stirring at psudo KX-randomize the table.
· Continue with step 2 and 3 with the second key 128 words, until all has been key in the matrix KX XOR
Initialization Table KX
• The first three words of the KX table are initialized:
KX [0] = PI19 + sub-cipher number.
KX [1] = E19 * the key length.
KX [2] = R220 turn left sub-number cipher bits.
· Where PI19, E19, R220 are internal "random" numbers. The remaining 253 words of the matrix are filled with pseudo-random:
KX [i] = KX [i-1] + (KX [i-2] ^ KX [I-3]> ᡏ KX ^ [i-3] <យ).
The function of the stirring of the KX table:
• Purpose: pseudo-random KX table, allowing each bit to influence all other bits.
• Eight internal state variables initialized as
s0 = KX [248], ..., s7 = KX [255]
• Several passes of agitation
A pass agitation
• s0 = ^ (KX [i] ^ KX [(i +83) + 255]) + KX [s0 and 255]
• s1 = s0 +
• ^ s3 s2 =
• s5 - = s4
• ^ = s6 s7
• s3 + = s0> ᡅ
• ^ s4 = s1 <
• ^ = s3 s5 << (s1, 31)
• s6 + = s2> ᡉ
• s7 | = s3 s4 +
• s2 - = s5
• s0 - = ^ i s6
• ^ s1 = s5 + PI19
• s2 + = j s7 >>
• s1 s2 ^ =
• s4 - s3 =
• ^ = s5 s6
• s0 + = s7
• KX [i] = s2 + s6 where I = 0 to 255, the KX table index. J is the pass number
Spice
The spice is a secondary key of 512 bits (an array of 8 words of 64 bits), may be completely or partially hidden, or fully open, is expected to be changed often, perhaps each block encryption.
Encryption
· Plain text is copied to encrypt the state variables s0, s1, ... (Up S7, as the block size)
· Performing intermediate mixture 8 rounds of: mixing the plaintext data with the table matrix KX and spice.
· Finally, s0 = s0 + KX [Block 8], s1 = s1 + KX [block 9], ... and so on.
Decoded
· Decryption is done by reversing the encryption steps (each step is invertible in encryption)
· The order of the steps is reversed
· The individual steps are replaced by their inverses.
Examples:
s0 = s1 + s0 is reversed - = s1
^ s0 = s1 is self-inverse.
Some special cases need to be addressed.
Performance
The Hasty Pudding figure was claimed to be the fastest AES candidate in a 64-bit architecture, said to be twice as fast as its nearest competitor, DFC, and three times faster than other candidates, and their performance in one 32-bit machine was adequate. In a 32-bit Pentium, Hasty Pudding encryption was rated to 1600 clock cycles, the 10 of the 15 best candidates, the speed of the figure would be significantly affected in a 32-bit machine due to its use of 64 - bit operations, including changes bits.
The encryption key settings Hasty Pudding was rated relatively slow, 120000 cycles on a Pentium. The figure was criticized for his performance in smart cards. Specifically noted the difficulty of maintaining more than 2 KB of RAM for the key table.
The C source code
The Key HastyPudding is fundamentally a system of 64-bit encryption, and it plays better on 64-bit, as the Alpha in December is performed reasonably well on 32-bit machines when compiled with a compiler that supports a 64 - bit integer data. This includes GCC, which has a 64-bit "longlong" datostipo. Unfortunately, the ANSI definition does not yet include C "largolargo", so that a solution is used for the reference implementation. The solution defines a structure of 64-bit data U64 (the U is for unsigned) some macros to manipulate the structure. This provides support ANSIimplementación, but at a significant performance penalty. Macros tambiénimpacto the algorithm code readability.
·
The key size can be any number (integer) of bits.
· The Key HastyPudding has a 512-bit key secondary SPICE. The spice can be changed in a statement. Concealment of spice is optional.
· It is estimated that the current security level of 400 bits HastyPudding figure. I am offering a symbolic prize for successful cryptanalytic work.
· The Key HastyPudding is fast, reaching 247 megabits per second in blocks of 512 bits in a 300MHz Alpha December.
· The Key HastyPudding is in the public domain and no known patent restrictions.
Bibliographies
