*** Title *** DNA Method: Expand Feistel Based Ciphers to unlimited Blocks Sizes ( with no impact on Speed ). *** Summary *** This paper describes a method to expand Feistel Cipher 2-half-blocks to N-half-blocks with NO theoretical limits though in practice BlockSize should not exceed the Disk Buffer size. As such the base-cipher becomes a simplification of the extended one... (simplification is commonly accepted as weakenning a cipher). Additionnaly maintaining the very SAME SPEED of the original cipher, or a lower reducing the number of loops allowed by sinergetic action from text due to the increased block size. *** Author *** Dutra de Lacerda, *** Introduction*** In the last years we took concience of how vulnerable communications may be and the threat that this represents to people, firms and institutions at a global level. Crypto as a major role in the security process though is never to much to stress that the strenght of the whole preocess is the one of the weakeast link. Here we examine the cipher part, trying to enhance it as Feedback modes have made it in the past. *** History A preliminary presentation was made about 1 year after others had (independently) created an expantion of a Feistel Network in a different scope (not a generarization). We refer to COBRA, also based in Blowfish, that duplicated the Block size. We got the notion that it used 4 columns bt didn't had the chance to examine it. Blowfish was choosen because of its huge password-space, versatility, and wide array of Non-defined P-Boxes. This last is of most importance because dedicated processors can be built to fasten the search for a password. The speedier the initialization method the faster the finding of the password by brute force. But the use of such simple method on an entire class of ciphers with the resultant consequences on security has been ignored if favor of limitation and easy to build dedicated processors. Danger here. This is also true if quantum-processors are used where this search is almost timeless in comparison with public technology. But even here there 2 extra advantages to the last mentioned: 1 - The construction of the routine is much more dificult and complex. 2 - The space of possibilities is a factor (or 2) above other ciphers. Reducing or blocking Quantum Computing brute attempts. So we choose to fight fire with fire. Blowfish seems the best bet against these attacks ON THE CIPHER. Blowfish will be used in the presentation. WARNING: The security of the cipher is just one element on security placed somewere between the following sequence: Computer Hardware - || Can be patched OR listened Computer Firmware - || (from design or plug) Operating System - || Examples: CPU, Monitor, Drivers, etc. Aplication - Flaws usually in Event Driven OSs USER - Ignorance and/or Manipulation. *** Limitations: This method is limited to Feistel Ciphers of the type Round(i) = F(halfblock) XOR (PBox_Values) where F function may be Irreversible. The security achieved is dependent of the parent cipher method. *** Definitions: Atom = Each basic Block, usually a 32bits Word. Cluster = The basic agrupation of Atoms, correspond to the Block. Usually Left and Right Atoms, here A_1 to A_ClusterSize. Buffer = Work Block of Clusters. *** Properties: Offers, not only the usual caracteristics of wide block ciphers, but also an important cascade effect on each block. And instead of 2 x N loop encryptations on a block, we achieve NLoops x ClusterSizeInAtoms encryptations. The actual time spent is SIMILAR to the original algorithm. The result being a stronger cipher (more iteractions) with practically with no extra work. Note: Since even week cipher get much stronger with the DNA method the analysis of the cipher MUST be made without envolvement of it to obtain a accurate evaluation of the basic cipher. *** The DNA Method: This method is based on the geometry of the crypting process that reminds a DNA molecule with their triplets (reduced to a pair instead of 3 codons) wich assisted in it's design when geometrical properties were noted by the author. So it may be modified to maintain compatibility with present ciphers from witch they descent just by using K=2 instead of N ... and being carefull with the implementation. The modification is simple though less elegant. *** Example using Blowfish Blowfish processes, in each loop, Clusters of 2 DoubleWords. Blowfish+ processes, in each loop, Clusters of K DoubleWords. The Numbered P-Boxes action is optimised (based on Xor properties), by uniting them in stages for each loop and thus: - Simplifying Implementation - Speeding up execution 2 Rounds Encriptation Diagram Standard Blowfish 4 Atoms Cluster Blowfish+ (with K=4) left right 0 1 2 3 | | | | | | 0-x | 0-x 1-x 2-x 3-x |-------->| | | | | | x-1 +----- | ------- | ------- | ------- | ------+ |<--------| +--->--x | | o--> ---+ ...|.........|... | | | | | | o-------->x | | 2-x | | | | | |-------->| | o-------->x | | x-3 | | | | |<--------| | | o-------->x ...|.........|... | | | | | | .....|.........|.........|.........|...... 4-x x-5 | | | | | | 4-x 5-x 6-x 7-x | | | | +----- | ------- | ------- | ------- | ------+ +--->--x | | o--> ---+ | | | | o-------->x | | | | | | | o-------->x | | | | | | | o-------->x | | | | .....|.........|.........|.........|...... | | | | 8-x 9-x 10-x 11-x | | | | 2 Rounds Decryptation Diagram Standard Blowfish 4 Atoms Cluster Blowfish+ (n-1) left right 0 1 2 3 | | | | | | | x-5 8-x 9-x 10-x 11-x |<--------| | | | | 4-x | o-------->x | | |-------->| | | | | ...|.........|... | o-------->x | | | | | | | | x-3 | | o-------->x |<--------| | | | | 2-x | +----- | ------- | ------- | ------- | ------+ |-------->| +--->--x | | o--> ---+ ...|.........|... | | | | | | .....|.........|.........|.........|...... 0-x x-1 | | | | | | 4-x 5-x 6-x 7-x | | | | o-------->x | | | | | | | o-------->x | | | | | | | o-------->x | | | | +----- | ------- | ------- | ------- | ------+ +--->--x | | o--> ---+ | | | | .....|.........|.........|.........|...... | | | | 0-x 1-x 2-x 3-x | | | | NOTE - Decryption starts with Last Cluster, however each cluster itself decrypts by the SAME ORDER used to encrypt... ... from Top to Bottom! *** Blowfish+ Code: Will presented soon with a functional program. *** Conclusions: | Standard | Same Rounds | | Blowfish | Blowfish+ (Example) | ----------------------+----------------+-------------------------| Atoms per Cluster | 2 Doubles | N ( 16 ) | Bits per Cluster | 64 bits | N*32 ( 512 ) | Rounds per Cluster | 8 Rounds | 8 Rounds ( 8 ) | Each Word WorkLoad | 16 Rounds | N*16 ( 256 ) | Speed | 16 * 16 / 2 | 1*256/16 | | | | ----------------------+----------------+-------------------------+ Complexity | 8 * 2 | 8 * K ( 128 ) | Speed (T=Text) | (T/8) * 2 | (T/4K) * K ( T/4 ) | Password Space | 576 | (32*K) * 9 ( 4608 ) | ----------------------+----------------+-------------------------+ [General] As we can see, we have an increase on the work done on every Atom resulting in extra dispersion of data allowing us to safely reduce the number of Rounds for increased speed. How much we can reduce should be a function of the chosen Cluster size. This is a bonus. This method may be used with other ciphers, and also give birth to other Multi-Atom ciphers. [Blowfish] A Blowfish Complexity issue is the PBox dependent Password Space which is also a bonus. Compatibility with Blowfish is just a matter of start encrypting from cell 0 instead of n-1. For decrypting start with 1 instead of zero... Of course it is somewhat less elegant but compatibility is achieved if N=2 ( Where N is the Number of Atoms per Cluster) *** Proposed usage: Cipher Disk Sectors in BSD, DOS, Linux, others... Dutra de Lacerda