SMBA分组密码算法

On the SMBA Block Cipher

SMBA算法是一个安全性高、实用性强、创新设计的分组密码算法.SMBA算法支持三种版本,当分组长度为128比特时,密钥长度支持128比特和256比特,当分组长度为256比特时,密钥长度支持256比特.SMBA算法采用经典的Feistel结构,加解密过程一致,轮函数采用SP结构,密钥扩展算法使用广义Feistel结构.算法创新设计了非线性部件S0和S1,以及线性部件L64,均具有良好的密码学性质.S0和S1均由代数构造生成,具有较优的差分概率、线性概率和代数次数,且乘法复杂度低,侧信道防护代价小.L64由简单线性变换组合构成,具有较高的差分和线性分支数,关键路径短,延时低.SMBA算法在不同版本中共用主要部件S0、S1和L64,扩展自然.SMBA算法的安全界清晰,可以有效评估抵抗差分攻击、线性攻击、积分攻击等已知攻击的强度,有较大的安全冗余.算法的基本运算为查表、循环移位以及异或等逻辑运算,易于软件和硬件实现.算法实现方式灵活,软硬件速度快,可适用于多种平台(如8/32/64位平台).

SMBA is a block cipher with high security,good flexibility,and novel design.SMBA supports three versions,which are 128-bit block size with 128-bit and 256-bit keys,and 256-bit block size with 256-bit keys.SMBA uses the classical Feistel structure which has the same encryption and decryption procedure,the round function uses the SP network,and the key schedule uses a generalized Feistel structure.Two nonlinear transformations S0 and S1,and a linear transformation L64,are novelly designed,all of which have good cryptographic properties.S0 and S1 are algebraically constructed,with good differential probability,linear bias and algebraic degree,and both of them have lower multiplication complexity which leads to low cost on side-channel resistance.L64 is constructed by simple linear transformations,and it has large differential and linear branch number and short implementation path.SMBA has a natural expansion by commonly using S0,S1,and L64 in different versions.SMBA has a clear security margin with enough redundancy,and it can efficiently evaluate the ability to resist many known attacks,such as differential attacks,linear attacks,and integral attacks.The basic operations in SMBA are table lookups,rotations,and XOR logical operations,which is suitable for software and hardware implementation.SMBA has flexible implementations,high speeds and suitable for implementations on various platforms(8/32/64-bit platforms).