INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD, AND NON-TRANSITORY COMPUTER READABLE MEDIUM STORING PROGRAM

Abstract

An information processing apparatus includes an input receiving unit, a first permutation processing unit that repeats a first permutation process a times and outputs a first intermediate text, a second permutation processing unit that repeats a second permutation process b times and outputs a second intermediate text, and a termination processing unit that performs a termination process for outputting a ciphertext by using the second intermediate text as an input. The first permutation process is a permutation process in which an addition process, an S-box process, a bit permutation process, and a matrix multiplication process are successively performed. The second permutation process is a permutation process in which the addition process, the S-box process, a nibble permutation process, and the matrix multiplication process are successively performed. The termination process is a permutation process in which the S-box process and the addition process are successively performed.

Description

Claims

1. An information processing apparatus comprising: an input receiving circuit configured to receive an input of a plaintext in which 128 bits are handled as one block;a first permutation processing circuit configured to repeat a first permutation process a times (where a is a predetermined integer) in which one block of the plaintext is used as a first input, and thereby output a first intermediate text;a second permutation processing circuit configured to repeat a second permutation process b times (where b is a predetermined integer) in which the first intermediate text is used as a first input, and thereby output a second intermediate text; anda termination processing circuit configured to perform a termination process for outputting a ciphertext by using the second intermediate text as an input, wherein the first permutation process is a permutation process in which: an addition process for adding a round key and a round constant to the input;an S-box process for applying, for each nibble, a 4-bit S-box to the input, the 4-bit S-box being a nonlinear function of converting a 4-bit input into a 4-bit output;a bit permutation process for rearranging the input on a bit-by-bit basis; anda matrix multiplication process for dividing the input, at every four nibbles, into eight words, and applying a 4×4 Almost MDS matrix transformation to each of the words are successively performed,the second permutation process is a permutation process in which: the addition process;the S-box process;a nibble permutation process for rearranging the input on a nibble-by-nibble basis; andthe matrix multiplication process are successively performed, andthe termination process is a permutation process in which: the S-box process; andthe addition process are successively performed.

2. The information processing apparatus according to claim 1, wherein when input 32 nibbles are expressed as X(1),..., and X(32); output 32 nibbles are expressed as Y(1),..., and Y(32); the output is divided at every four nibbles and is expressed as W(1) = [Y(1), Y(2), Y(3), Y(4)], W(2) = [Y(5), Y(6), Y(7), Y(8)], ..., and W(8) = [Y(29), Y(30), Y(31), Y(32)]; nibbles to which four bits B(i,1), B(i,2), B(i,3) and B(i,4) of an input X(i) are mapped are represented by Y(a), Y(b), Y(c) and Y(d), respectively (where each of a, b, c and d is an integer no smaller than 1 and no greater 32); and 12 nibbles that are obtained by excluding Y(a), Y(b), Y(c) and Y(d) from W(j) to which the four nibbles belong are represented by Y(j[1]), Y(j[2]),..., and Y(j[12]) (where each of j[1], j[2] and j[12] is an integer no smaller than 1 and no greater 32),the bit permutation process is a process for performing a rearrangement so that a belowdescribed first condition and a second condition are satisfied,(First Condition) for each i = 1,..., and 32, all the four bits B(i,1), B(i,2), B(i,3) and B(i,4) of the input X(i) should be mapped to different W(j) (j = 1,..., and 8), and(Second Condition) at least two nibbles should be covered in each of W(1),..., and W(8) by mapping of 12 nibbles X(j[1]), X(j[2]),..., and X(j[12]) of the input, in which positions of the 12 nibbles in inputs X(1),..., and X(32) correspond to positions of Y(j[1]), Y(j[2]),..., and Y(j[12]) in Y(1),..., and Y(32).

3. The information processing apparatus according to claim 1, wherein the nibble permutation process is a process in which the number of rounds of the nibble permutation process necessary for increasing the number of Active S-boxes to a predetermined value or greater satisfies a predetermined condition.

4. The information processing apparatus according to claim 1, further comprising an addition circuit configured to receive a first cipher text and a second ciphertext, add the first and second ciphertexts to each other, and output a result of the addition as a pseudorandom number, the first and second ciphertexts being different ciphertexts for the same plaintext.

5. The information processing apparatus according to claim 4, wherein the first ciphertext is a ciphertext obtained by performing a first predetermined rearrangement as the nibble permutation process, and the second ciphertext is a ciphertext obtained by performing a second predetermined rearrangement as the nibble permutation process,when indices from 0 to 31 are sequentially assigned to every four bits of an input bit string, and the first predetermined rearrangement is expressed by a change in an arrangement of these indices, the nibble permutation process by the first predetermined rearrangement is a process in which an arrangement of the indexes when they are input is (0, 1,..., 31) and an arrangement of the indexes when they are output is (10, 27, 5, 1, 30, 23, 16, 13, 21, 31, 6, 14, 0, 25, 11, 18, 15, 28, 19, 24, 7, 8, 22, 3, 4, 29, 9, 2, 26, 20, 12, 17), andwhen indices from 0 to 31 are sequentially assigned to every four bits of the input bit string, and the second predetermined rearrangement is expressed by a change in the arrangement of these indices, the nibble permutation process by the second predetermined rearrangement is a process in which the arrangement of the indexes when they are input is (0, 1,..., 31) and the arrangement of the indexes when they are output is (26, 13, 7, 11, 29, 0, 17, 21, 23, 5, 18, 25, 12, 10, 28, 2, 14, 19, 24, 22, 1, 8, 4, 31, 15, 6, 27, 9, 16, 30, 20, 3).

6. An information processing method comprising: receiving an input of a plaintext in which 128 bits are handled as one block;repeating a first permutation process a times (where a is a predetermined integer) in which one block of the plaintext is used as a first input, and thereby outputting a first intermediate text;repeating a second permutation process b times (where b is a predetermined integer) in which the first intermediate text is used as a first input, and thereby outputting a second intermediate text; andperforming a termination process for outputting a ciphertext by using the second intermediate text as an input, wherein the first permutation process is a permutation process in which: an addition process for adding a round key and a round constant to the input;an S-box process for applying, for each nibble, a 4-bit S-box to the input, the 4-bit S-box being a nonlinear function of converting a 4-bit input into a 4-bit output;a bit permutation process for rearranging the input on a bit-by-bit basis; anda matrix multiplication process for dividing the input, at every four nibbles, into eight words, and applying a 4×4 Almost MDS matrix transformation to each of the words are successively performed,the second permutation process is a permutation process in which: the addition process;the S-box process;a nibble permutation process for rearranging the input on a nibble-by-nibble basis; andthe matrix multiplication process are successively performed, andthe termination process is a permutation process in which: the S-box process; andthe addition process are successively performed.

7. A non-transitory computer readable medium storing a program for causing a computer to perform: an input receiving step of receiving an input of a plaintext in which 128 bits are handled as one block;a first permutation processing step of repeating a first permutation process a times (where a is a predetermined integer) in which one block of the plaintext is used as a first input, and thereby outputting a first intermediate text;a second permutation processing step of repeating a second permutation process b times (where b is a predetermined integer) in which the first intermediate text is used as a first input, and thereby outputting a second intermediate text; anda termination processing step of performing a termination process for outputting a ciphertext by using the second intermediate text as an input, wherein the first permutation process is a permutation process in which: an addition process for adding a round key and a round constant to the input;an S-box process for applying, for each nibble, a 4-bit S-box to the input, the 4-bit S-box being a nonlinear function of converting a 4-bit input into a 4-bit output;a bit permutation process for rearranging the input on a bit-by-bit basis; anda matrix multiplication process for dividing the input, at every four nibbles, into eight words, and applying a 4×4 Almost MDS matrix transformation to each of the words are successively performed,the second permutation process is a permutation process in which: the addition process;the S-box process;a nibble permutation process for rearranging the input on a nibble-by-nibble basis; andthe matrix multiplication process are successively performed, andthe termination process is a permutation process in which: the S-box process; andthe addition process are successively performed.