Re: [Cfrg] I-D Action:draft-kiyomoto-kcipher2-02.txt

"Scott Fluhrer (sfluhrer)" <sfluhrer@cisco.com> Wed, 13 April 2011 14:30 UTC

Return-Path: <sfluhrer@cisco.com>
X-Original-To: cfrg@ietfc.amsl.com
Delivered-To: cfrg@ietfc.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfc.amsl.com (Postfix) with ESMTP id 45890E076E for <cfrg@ietfc.amsl.com>; Wed, 13 Apr 2011 07:30:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([208.66.40.236]) by localhost (ietfc.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id POsoZHrOikct for <cfrg@ietfc.amsl.com>; Wed, 13 Apr 2011 07:30:54 -0700 (PDT)
Received: from sj-iport-3.cisco.com (sj-iport-3.cisco.com [171.71.176.72]) by ietfc.amsl.com (Postfix) with ESMTP id 11FC8E0759 for <cfrg@irtf.org>; Wed, 13 Apr 2011 07:30:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=sfluhrer@cisco.com; l=3758; q=dns/txt; s=iport; t=1302705054; x=1303914654; h=mime-version:content-transfer-encoding:subject:date: message-id:in-reply-to:references:from:to; bh=MP+wlhyKPba9mjMI7qr6HYBTWvImomum374t5H0gRhY=; b=E5Ze0lY9w7fQweu7tt0YbOUjr3URO2x8Ve2nc7++kBCsDIb5Xpxn+ELB Br/mLpSEAoU92YKGnyFgqIh4LaIHv/V5zeRDUc5CobCi2MUndp90M3ym8 p/hz+szO8yNNFhPcM9RLmYVH2gpgwmC2wkLVNzLznSqOTOJ47qlR9q09n k=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AhkBAGeypU2rRDoG/2dsb2JhbACYJo1xd4hvnUuce4VuBIVajAQ
X-IronPort-AV: E=Sophos;i="4.64,204,1301875200"; d="scan'208";a="295417266"
Received: from mtv-core-1.cisco.com ([171.68.58.6]) by sj-iport-3.cisco.com with ESMTP; 13 Apr 2011 14:30:39 +0000
Received: from xbh-sjc-221.amer.cisco.com (xbh-sjc-221.cisco.com [128.107.191.63]) by mtv-core-1.cisco.com (8.14.3/8.14.3) with ESMTP id p3DEUdhF002619; Wed, 13 Apr 2011 14:30:39 GMT
Received: from xmb-sjc-23e.amer.cisco.com ([128.107.191.15]) by xbh-sjc-221.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.4675); Wed, 13 Apr 2011 07:30:38 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 13 Apr 2011 07:30:35 -0700
Message-ID: <EE0C2F9E065E634B84FC3BE36CF8A4B2068A8BBF@xmb-sjc-23e.amer.cisco.com>
In-Reply-To: <op.vtva9lw0pzjggh@ohpato-t61.sec.kddilabs.jp>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [Cfrg] I-D Action:draft-kiyomoto-kcipher2-02.txt
Thread-Index: Acv5tTI3OOo+wf+eRA2QHRQgoOkTmAAMRYsg
X-Priority: 5
Priority: Non-Urgent
Importance: low
References: <20110413010001.17531.11616.idtracker@ietfc.amsl.com><op.vtur72zepzjggh@ohpato-t61.sec.kddilabs.jp><00a201cbf9b4$06bc8a00$14359e00$@augustcellars.com> <op.vtva9lw0pzjggh@ohpato-t61.sec.kddilabs.jp>
From: "Scott Fluhrer (sfluhrer)" <sfluhrer@cisco.com>
To: "Wook Shin" <wookshin@kddilabs.jp>, <cfrg@irtf.org>, "Jim Schaad" <ietf@augustcellars.com>
X-OriginalArrivalTime: 13 Apr 2011 14:30:38.0980 (UTC) FILETIME=[5C330440:01CBF9E7]
Subject: Re: [Cfrg] I-D Action:draft-kiyomoto-kcipher2-02.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Apr 2011 14:30:55 -0000

> -----Original Message-----
> From: cfrg-bounces@irtf.org [mailto:cfrg-bounces@irtf.org] On Behalf
Of
> Wook Shin
> Sent: Wednesday, April 13, 2011 4:31 AM
> To: cfrg@irtf.org; Jim Schaad
> Subject: Re: [Cfrg] I-D Action:draft-kiyomoto-kcipher2-02.txt
> 
> Jim,
> 
> That's my mistake. I think I made that mistake while converting
> circular shift operations to the combination of XOR and
> non-circular shit operations.
> 
> The notation in Section 2.1 should be corrected to
> 
>    <<n t     t-bit left shift in an n-bit register
>    >>n t     t-bit right shift in an n-bit register
> 
> and then, the code
> 
>    SubK2((IK[3] <<32 8) XOR (IK[3] >>32 24))
>      XOR (0x01, 0x00, 0x00, 0x00);
> 
> should mean that
> 
>   (1) IK[3] gets left-shifted by 8 bits
>   (2) IK[3] gets right-shifted by 24 bits
>   (3) call SubK2() by giving "(1) XOR (2) XOR 0x01000000"
>       as the input parameter

If that's what you meant, well, that's a really odd notation.
Typically, where someone writes:
    Func(A) op B
They usually mean:
   - Give the value A to function Func, then take the result, and use it
to perform the operation with B.

A more conventional way of writing what you said you meant would be:

    SubK2((IK[3] <<32 8) XOR (IK[3] >>32 24) XOR
                            (0x01, 0x00, 0x00, 0x00));

So, did you mean what you wrote, or did you mean what you said you
meant?

> 
> Best regards,
> 
> Wook
> 
> 
> 
> 
> On Wed, 13 Apr 2011 17:23:10 +0900, Jim Schaad
<ietf@augustcellars.com>
> wrote:
> 
> > You have a notation that is leaving me puzzled.
> >
> > In section 2.1 you say
> >
> >      <<n   Left circular rotation by n bits
> >
> >       >>n   Right circular rotation by n bits
> >
> > Which makes sense.
> >
> > However in section 2.3.2 you use the notation
> >
> >            SubK2((IK[3] <<32 8) XOR (IK[3] >>32 24)) XOR
> >             (0x01, 0x00, 0x00, 0x00);
> >
> > Which is not covered by the above.
> >
> > Additionally I wonder if you mean to use IK[3] in both locations
here
> as
> > (I think)
> >
> > (IK[3] << 8) XOR (IK[3] >> 24) ---> (IK[3] << 8) XOR (IK[3] << (32-
> 24))
> > --> (IK[3] << 8) XOR (IK[3] << 8)
> >
> > jim
> >
> >> -----Original Message-----
> >> From: Wook Shin [mailto:wookshin@kddilabs.jp]
> >> Sent: Tuesday, April 12, 2011 6:39 PM
> >> To: cfrg@irtf.org
> >> Subject: Re: I-D Action:draft-kiyomoto-kcipher2-02.txt
> >>
> >> Hello all,
> >>
> >> I've revised our previous draft that explains the KCipher-2 stream
> >> cipher.
> >> The current version includes some code snippets written in the C
> >> language
> >> syntax, so that it could help implementers get clearer idea of how
> it
> >> works
> >> and help them check their outputs with the test vectors mentioned
in
> the
> >> draft.
> >> The new version of the draft can be found at
> >>    http://www.ietf.org/internet-drafts/draft-kiyomoto-kcipher2-
> 02.txt
> >>
> >> I have attached a naive implementation of KCipher-2 written in C.
> >> Two files, KCipher2.c and KCipher2.h, are in the attached .zip
file,
> >> and no
> >> special option is required to compile and run the program.
> >> The code snippets and the test vector running examples in the draft
> are
> >> from the the attached code.
> >>
> >> Please look at the new version of the draft and the code, and let
me
> >> have
> >> your comments.
> >>
> >> Thank you,
> >>
> >> Wook
> 
> 
> --
> Wook Shin
> Information Security Laboratory,
> KDDI R&D Laboratories, Inc.
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> http://www.irtf.org/mailman/listinfo/cfrg