Re: [Cfrg] I-D Action:draft-kiyomoto-kcipher2-02.txt

"Wook Shin" <wookshin@kddilabs.jp> Thu, 14 April 2011 00:43 UTC

Return-Path: <wookshin@kddilabs.jp>
X-Original-To: cfrg@ietfc.amsl.com
Delivered-To: cfrg@ietfc.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfc.amsl.com (Postfix) with ESMTP id 38A29E0786 for <cfrg@ietfc.amsl.com>; Wed, 13 Apr 2011 17:43:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.579
X-Spam-Level:
X-Spam-Status: No, score=-2.579 tagged_above=-999 required=5 tests=[AWL=0.020, BAYES_00=-2.599]
Received: from mail.ietf.org ([208.66.40.236]) by localhost (ietfc.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qjTORdLy7MD1 for <cfrg@ietfc.amsl.com>; Wed, 13 Apr 2011 17:43:57 -0700 (PDT)
Received: from mandala.kddilabs.jp (mandala.kddilabs.jp [IPv6:2001:200:601:12::16]) by ietfc.amsl.com (Postfix) with ESMTP id 019C5E06DF for <cfrg@irtf.org>; Wed, 13 Apr 2011 17:43:57 -0700 (PDT)
Received: from localhost (mandala.kddilabs.jp [127.0.0.1]) by mandala.kddilabs.jp (Postfix) with ESMTP id 26CEE1748236; Thu, 14 Apr 2011 09:43:56 +0900 (JST)
X-Virus-Scanned: amavisd-new at kddilabs.jp
Received: from mandala.kddilabs.jp ([127.0.0.1]) by localhost (mandala.kddilabs.jp [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G-mhstSGSqxl; Thu, 14 Apr 2011 09:43:54 +0900 (JST)
Received: from ist.sec.kddilabs.jp (ist.sec.kddilabs.jp [IPv6:2001:200:601:d00:2e0:81ff:fe28:b57f]) by mandala.kddilabs.jp (Postfix) with ESMTP id 7164A17480F3; Thu, 14 Apr 2011 09:43:54 +0900 (JST)
Received: from ohpato-t61.sec.kddilabs.jp by ist.sec.kddilabs.jp (8.14.1/8.12.11) with ESMTP id p3E0i80Y024830; Thu, 14 Apr 2011 09:44:08 +0900
Content-Type: text/plain; charset=utf-8; format=flowed; delsp=yes
To: cfrg@irtf.org, "Jim Schaad" <ietf@augustcellars.com>
References: <20110413010001.17531.11616.idtracker@ietfc.amsl.com> <op.vtur72zepzjggh@ohpato-t61.sec.kddilabs.jp> <00a201cbf9b4$06bc8a00$14359e00$@augustcellars.com> <op.vtva9lw0pzjggh@ohpato-t61.sec.kddilabs.jp> <00f901cbfa3d$9a0ccbb0$ce266310$@augustcellars.com>
Date: Thu, 14 Apr 2011 09:43:56 +0900
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
From: "Wook Shin" <wookshin@kddilabs.jp>
Organization: KDDI
Message-ID: <op.vtwkbitypzjggh@ohpato-t61.sec.kddilabs.jp>
In-Reply-To: <00f901cbfa3d$9a0ccbb0$ce266310$@augustcellars.com>
User-Agent: Opera Mail/11.01 (Win32)
X-Antivirus: avast! (VPS 110413-1, 04/14/2011), Outbound message
X-Antivirus-Status: Clean
Cc: "Scott Fluhrer \(sfluhrer\)" <sfluhrer@cisco.com>
Subject: Re: [Cfrg] I-D Action:draft-kiyomoto-kcipher2-02.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Apr 2011 00:43:58 -0000

> Personal opinion.  It will be easier and clearer if you go back to using  
> circular shift operations.

I agree. I will go with the circular shift notations in the next
version of the draft.

Wook


On Thu, 14 Apr 2011 09:47:54 +0900, Jim Schaad <ietf@augustcellars.com>  
wrote:

> Personal opinion.  It will be easier and clearer if you go back to using  
> circular shift operations.
>
> Jim
>
>
>> -----Original Message-----
>> From: Wook Shin [mailto:wookshin@kddilabs.jp]
>> Sent: Wednesday, April 13, 2011 1:31 AM
>> To: cfrg@irtf.org; Jim Schaad
>> Subject: Re: I-D Action:draft-kiyomoto-kcipher2-02.txt
>>
>> Jim,
>>
>> That's my mistake. I think I made that mistake while converting  
>> circular shift
>> operations to the combination of XOR and non-circular shit operations.
>>
>> The notation in Section 2.1 should be corrected to
>>
>>    <<n t     t-bit left shift in an n-bit register
>>    >>n t     t-bit right shift in an n-bit register
>>
>> and then, the code
>>
>>    SubK2((IK[3] <<32 8) XOR (IK[3] >>32 24))
>>      XOR (0x01, 0x00, 0x00, 0x00);
>>
>> should mean that
>>
>>   (1) IK[3] gets left-shifted by 8 bits
>>   (2) IK[3] gets right-shifted by 24 bits
>>   (3) call SubK2() by giving "(1) XOR (2) XOR 0x01000000"
>>       as the input parameter
>>
>> Best regards,
>>
>> Wook
>>
>>
>>
>>
>> On Wed, 13 Apr 2011 17:23:10 +0900, Jim Schaad <ietf@augustcellars.com>
>> wrote:
>>
>> > You have a notation that is leaving me puzzled.
>> >
>> > In section 2.1 you say
>> >
>> >      <<n   Left circular rotation by n bits
>> >
>> >       >>n   Right circular rotation by n bits
>> >
>> > Which makes sense.
>> >
>> > However in section 2.3.2 you use the notation
>> >
>> >            SubK2((IK[3] <<32 8) XOR (IK[3] >>32 24)) XOR
>> >             (0x01, 0x00, 0x00, 0x00);
>> >
>> > Which is not covered by the above.
>> >
>> > Additionally I wonder if you mean to use IK[3] in both locations here
>> > as (I think)
>> >
>> > (IK[3] << 8) XOR (IK[3] >> 24) ---> (IK[3] << 8) XOR (IK[3] <<
>> > (32-24))
>> > --> (IK[3] << 8) XOR (IK[3] << 8)
>> >
>> > jim
>> >
>> >> -----Original Message-----
>> >> From: Wook Shin [mailto:wookshin@kddilabs.jp]
>> >> Sent: Tuesday, April 12, 2011 6:39 PM
>> >> To: cfrg@irtf.org
>> >> Subject: Re: I-D Action:draft-kiyomoto-kcipher2-02.txt
>> >>
>> >> Hello all,
>> >>
>> >> I've revised our previous draft that explains the KCipher-2 stream
>> >> cipher.
>> >> The current version includes some code snippets written in the C
>> >> language syntax, so that it could help implementers get clearer idea
>> >> of how it works and help them check their outputs with the test
>> >> vectors mentioned in the draft.
>> >> The new version of the draft can be found at
>> >>    http://www.ietf.org/internet-drafts/draft-kiyomoto-kcipher2-02.txt
>> >>
>> >> I have attached a naive implementation of KCipher-2 written in C.
>> >> Two files, KCipher2.c and KCipher2.h, are in the attached .zip file,
>> >> and no special option is required to compile and run the program.
>> >> The code snippets and the test vector running examples in the draft
>> >> are from the the attached code.
>> >>
>> >> Please look at the new version of the draft and the code, and let me
>> >> have your comments.
>> >>
>> >> Thank you,
>> >>
>> >> Wook
>>
>>
>> --
>> Wook Shin
>> Information Security Laboratory,
>> KDDI R&D Laboratories, Inc.


-- 
Wook Shin
Information Security Laboratory,
KDDI R&D Laboratories, Inc.