zuc 算法介绍.pdf

发布时间：2022-06-26 发布人：admin 分类：说明书资料大小：0.27M 资料格式：pdf 举报版权申诉

ca7a2b1b-98ca-414b-a9b3-a3fda17417d3.pdf-第1页.png

第1页 / 共18页

ca7a2b1b-98ca-414b-a9b3-a3fda17417d3.pdf-第2页.png

第2页 / 共18页

ca7a2b1b-98ca-414b-a9b3-a3fda17417d3.pdf-第3页.png

第3页 / 共18页

ca7a2b1b-98ca-414b-a9b3-a3fda17417d3.pdf-第4页.png

第4页 / 共18页

ca7a2b1b-98ca-414b-a9b3-a3fda17417d3.pdf-第5页.png

第5页 / 共18页

ca7a2b1b-98ca-414b-a9b3-a3fda17417d3.pdf-第6页.png

第6页 / 共18页

ca7a2b1b-98ca-414b-a9b3-a3fda17417d3.pdf-第7页.png

第7页 / 共18页

ca7a2b1b-98ca-414b-a9b3-a3fda17417d3.pdf-第8页.png

第8页 / 共18页

1 Introduction

2 Notations and conventions

2.1 Radix

2.2 Bit ordering

2.3 Notations

3 Algorithm description

3.1 General structure of the algorithm

3.2 The linear feedback shift register (LFSR)

3.3 The Bit-reorganization

3.4 The nonlinear function F

3.4.1 The S-box

3.4.2 The linear transforms L1 and L2

3.5 Key loading

3.6 The execution of ZUC

3.6.1 The initialization stage

3.6.2 The working stage

Appendix A: A C implementation of ZUC

ETSI/SAGE Specification Version: 1.4 Date: 30th July 2010 Specification of the 3GPP Confidentiality and Integrity Algorithms 128-EEA3 & 128-EIA3. Document 2: ZUC Specification The ZUC algorithm is the core of the standardised 3GPP Confidentiality and Integrity algorithms 128-EEA3 & 128-EIA3. 3GPP Confidentiality and Integrity Algorithms 128-EEA3 & 128-EIA3. ZUC Algorithm Specification Version 1.4 page 1 of 18

18-06-2010 26-07-2010 27-07-2010 30-07-2010 Document History Publication Improvements to C code Minor corrections to C code Corrected preface 1.0 1.2 1.3 1.4 3GPP Confidentiality and Integrity Algorithms 128-EEA3 & 128-EIA3. ZUC Algorithm Specification Version 1.4 page 2 of 18

Blank Page 3GPP Confidentiality and Integrity Algorithms 128-EEA3 & 128-EIA3. ZUC Algorithm Specification Version 1.4 page 3 of 18

PREFACE This specification has been prepared by the 3GPP Task Force, and gives a detailed specification of the 3GPP algorithm ZUC. ZUC is a stream cipher that forms the heart of the 3GPP confidentiality algorithm 128-EEA3 and the 3GPP integrity algorithm 128-EIA3. This document is the second of three, which between them form the entire specification of the 3GPP Confidentiality and Integrity Algorithms: • Specification of the 3GPP Confidentiality and Integrity Algorithms 128-EEA3 & 128-EIA3. Document 1: 128-EEA3 and 128-EIA3 Specifications. • Specification of the 3GPP Confidentiality and Integrity Algorithms 128-EEA3 & 128-EIA3. Document 2: ZUC Specification. • Specification of the 3GPP Confidentiality and Integrity Algorithms 128-EEA3 & 128-EIA3. Document 3: Implementors’ Test Data. The normative part of the specification of ZUC is in the main body of this document. Annex A, which is purely informative, contains an implementation program listing of the cryptographic algorithm specified in the main body of this document, written in the programming language C. 3GPP Confidentiality and Integrity Algorithms 128-EEA3 & 128-EIA3. ZUC Algorithm Specification Version 1.4 page 4 of 18

TABLE OF CONTENTS 1 Introduction ........................................................................................................................7 2 Notations and conventions..................................................................................................7 2.1 Radix...........................................................................................................................7 2.2 Bit ordering.................................................................................................................7 2.3 Notations.....................................................................................................................7 3 Algorithm description.........................................................................................................9 3.1 General structure of the algorithm ..............................................................................9 3.2 The linear feedback shift register (LFSR) ..................................................................9 3.3 The Bit-reorganization..............................................................................................10 3.4 The nonlinear function F ..........................................................................................10 3.5 Key loading...............................................................................................................13 3.6 The execution of ZUC ..............................................................................................14 Appendix A: A C implementation of ZUC ..............................................................................15 3GPP Confidentiality and Integrity Algorithms 128-EEA3 & 128-EIA3. ZUC Algorithm Specification Version 1.4 page 5 of 18

NORMATIVE SECTION This part of the document contains the normative specification of the ZUC algorithm. 3GPP Confidentiality and Integrity Algorithms 128-EEA3 & 128-EIA3. ZUC Algorithm Specification Version 1.4 page 6 of 18

1 Introduction ZUC is a word-oriented stream cipher. It takes a 128-bit initial key and a 128-bit initial vector as input, and outputs a key stream of 32-bit words (where each 32-bit word is hence called a key-word). This key stream can be used to encrypt the plaintext. The execution of ZUC has two stages: key initialization stage and working stage. In the first stage, a key initialization is performed, i.e. the cipher is clocked without producing output (see section 3.6.1). The second stage is a working stage. In this stage, with every clock tick, it produces a 32-bit word of output(see section 3.6.2). 2 Notations and conventions 2.1 Radix In this document, integers are represented as decimal numbers unless specified otherwise. We use the prefix “0x” to indicate hexadecimal numbers, and the subscript “2” to indicate a number in binary representation. Example 1 Integer a can be written in different representations: a = 1234567890 decimal representation = 0x499602D2 hexadecimal representation = 10010011001011000000010110100102 binary representation 2.2 Bit ordering In this document, all data variables are presented with the most significant bit(byte) on the left hand side and the least significant bit(byte) on the right hand side. Example 2 Let a=10010011001011000000010110100102. Then its most significant bit is 1 (the leftmost bit) and its least significant bit is 0 (the rightmost bit). 2.3 Notations + The addition of two integers ab The product of integers a and b = The assignment operator mod The modulo operation of integers ⊕ The bit-wise exclusive-or operation of integers ⊞ The modulo 232 addition a || b The concatenation of strings a and b 3GPP Confidentiality and Integrity Algorithms 128-EEA3 & 128-EIA3. ZUC Algorithm Specification Version 1.4 page 7 of 18

aH The leftmost 16 bits of integer a aL The rightmost 16 bits of integer a a <<< k The k-bit cyclic shift of a to the left a >> 1 The l-bit right shift of integer a (a1, a2,…, an)→ (b1, b2,…, bn) It assigns the values of ai to bi in parallel For any two strings a and b, the presentation of string c created by the Example 3 concatenation of a and b also follows the rules defined in section 2.2 i.e., the most significant digits is on the left hand side and the least significant digits is on the right hand side. For instance, a=0x1234, b=0x5678, c = a||b =0x12345678. a=10010011001011000000010110100102 aH=10010011001011002, aL=00000010110100102. a=110010011001011000000010110100102。 Then we have Example 4 Let Then we have Example 5 Let Then we have a >> 1=11001001100101100000001011010012。 Example 6 Let a0, a1, …, a15, b0, b1, …, b15 be all integer variables. Then (a0, a1, …, a15)→ (b0, b1, …, b15) will result in bi=ai, 0≤ i≤ 15. 3GPP Confidentiality and Integrity Algorithms 128-EEA3 & 128-EIA3. ZUC Algorithm Specification Version 1.4 page 8 of 18

分享到：

赞收藏

资料库

zuc 算法介绍.pdf

相关推荐

安全技术

热门标签

最新资料