Getting Ready for Grover … Meet SEED

There have been a whole lot of papers recently which outline the implementation of symmetric key methods using quantum implementations. Of…

Getting Ready for Grover … Meet SEED

There have been a whole lot of papers recently which outline the implementation of symmetric key methods using quantum implementations. Of particular worry is that of 128-bit versions, and which can be broken by Grover’s algorithm. A recent paper [1] focuses on the SEED block cipher method:

SEED is a block symmetric key encryption method which was developed by KISA (Korea Information Security Agency). It uses a 128-bit key and has a 16-round Feistel structure — and which splits the data into two 64-bit blocks, and where a 64-bit subkey is used for each round:

Overview of SEED [1]

SEED is easy to implement in both harwdware and software, and is memory efficient, along with being robust against side channel attacks. It has, in the past, been used in South Korea in the privacy of financial transactions.

First we create a folder named “bc_seed”, and then go into that folder.We can create a Dotnet console project for .NET 8.0 with:

dotnet new console --framework net8.0

This produces a Csproject file of:

<Project Sdk="Microsoft.NET.Sdk">
        <PropertyGroup>
        <OutputType>Exe</OutputType>
        <TargetFramework>net8.0</TargetFramework>
        <ImplicitUsings>enable</ImplicitUsings>
        <Nullable>enable</Nullable>
        </PropertyGroup>
 </Project>

We then add the latest Bouncy Castle library:

dotnet add package BouncyCastle.Cryptography --version 2.2.1

The following is the coding [here]:

namespace Serpent
{
using Org.BouncyCastle.Crypto;
    using Org.BouncyCastle.Crypto.Modes;
    using Org.BouncyCastle.Crypto.Paddings;
    using Org.BouncyCastle.Crypto.Parameters;
    using Org.BouncyCastle.Security;
    class Program
    {
        
        static void Main(string[] args)
        {
            
            
          
            var msg="Hello";
  
          var iv="00112233445566778899AABBCCDDEEFF00";
          var size=128;
          var mode="CBC";
          if (args.Length >0) msg=args[0];
          if (args.Length >1) iv=args[1];
          if (args.Length >2) size=Convert.ToInt32(args[2]);
        if (args.Length >3) mode=args[3];
          
  
             
            try {
var plainTextData=System.Text.Encoding.UTF8.GetBytes(msg);
var cipher = new Org.BouncyCastle.Crypto.Engines.SeedEngine();

byte[] nonce = new byte[8]; 
Array.Copy(Convert.FromHexString(iv), nonce, 8);

    PaddedBufferedBlockCipher cipherMode = new PaddedBufferedBlockCipher(new CbcBlockCipher(cipher), new Pkcs7Padding());
    
    if (mode=="ECB") cipherMode = new PaddedBufferedBlockCipher(new EcbBlockCipher (cipher), new Pkcs7Padding());  
    else if (mode=="CFB") cipherMode = new PaddedBufferedBlockCipher(new CfbBlockCipher (cipher,128 ), new Pkcs7Padding());  

CipherKeyGenerator keyGen = new CipherKeyGenerator();
keyGen.Init(new KeyGenerationParameters(new SecureRandom(), size));
KeyParameter keyParam = keyGen.GenerateKeyParameter();

cipherMode.Init(true,keyParam);
int outputSize = cipherMode.GetOutputSize(plainTextData.Length);
byte[] cipherTextData = new byte[outputSize];
int result = cipherMode.ProcessBytes(plainTextData, 0, plainTextData.Length, cipherTextData, 0);
cipherMode.DoFinal(cipherTextData, result);
var rtn =  cipherTextData;

// Decrypt
cipherMode.Init(false,keyParam);
outputSize = cipherMode.GetOutputSize(cipherTextData.Length);
plainTextData = new byte[outputSize];
 result = cipherMode.ProcessBytes(cipherTextData, 0, cipherTextData.Length,plainTextData, 0);
 
cipherMode.DoFinal(plainTextData, result);
var pln=plainTextData;

Console.WriteLine("=== {0} ==",cipher.AlgorithmName);
Console.WriteLine("Message:\t\t{0}",msg);
Console.WriteLine("Block size:\t\t{0} bits",cipher.GetBlockSize()*8);
Console.WriteLine("Mode:\t\t\t{0}",mode);
Console.WriteLine("IV:\t\t\t{0}",iv); 
Console.WriteLine("Key size:\t\t{0} bits",size);
Console.WriteLine("Key:\t\t\t{0} [{1}]",Convert.ToHexString(keyParam.GetKey()),Convert.ToBase64String(keyParam.GetKey()));

Console.WriteLine("\nCipher (hex):\t\t{0}",Convert.ToHexString(rtn));
Console.WriteLine("Cipher (Base64):\t{0}",Convert.ToBase64String(rtn));
Console.WriteLine("\nPlain:\t\t\t{0}",System.Text.Encoding.ASCII.GetString(pln).TrimEnd('\0'));

    } catch (Exception e) {
    Console.WriteLine("Error: {0}",e.Message);
    }
    }
    }

}

A sample run is [here]:

=== SEED ==
Message:		Hello 123
Block size:		128 bits
Mode:			ECB
IV:			00112233445566778899AABBCCDDEEFF00
Key size:		128 bits
Key:			48A62D18316E34999196B78D6A87ACF3 [SKYtGDFuNJmRlreNaoes8w==]
Cipher (hex):  AFB54ACAFDE22A9A6BC988413308B794
Cipher (Base64): r7VKyv3iKppryYhBMwi3lA==
Plain:   Hello 123

Reference

[1] Oh, Y., Jang, K., Yang, Y., & Seo, H. (2023). Optimized Quantum Implementation of SEED. Cryptology ePrint Archive.