INFORMATION CONCEALMENT ENGINE ALGORITHM ABSTRACT ICE is an example of a class of ciphers called private-key block ciphers.

ICE is a standard Fiestel block cipher. ICE is a 64-bit block cipher presented at the Fast Software Encryption Workshop in January 1997. It introduced the concept of a keyed permutation to improve the resistance against differential and linear cryptanalysis. ICE algorithm is generally used in steganography. ICE encrypts data in blocks with a block size of 64 bits. It takes a 64-bit plaintext, which is split into two 32-bit halves. In each round the right half and a 60-bit subkey are fed into the F-function.The structure of the F function is somewhat similar to DES: The input is expanded by taking overlapping fields, the expanded input is XORed with a key, and the result is fed to a number of reducing S-boxes which undo the expansion. The output of F is XORed with the left half, then the halves are swapped. This is repeated for all but the final round, where the final swap is left out. The number of rounds is determined by the level of the variant in use. Level 0 (or Thin-ICE) uses 8 rounds, while higher levels n use 16n rounds.
ALGORITHM

Basic working of algorithm can be stated as: It takes a 64 bit plaintext which is split into two 32 bit halves .In each round of the algorithm the right half and a 60 bit subkey are fed into the function F .The output of F is XORed with the left half, then the halves are swapped. This repeated for all but the final round, where the final swap is left out, as is illustrated in figure . At the end of the rounds, the halves are concatenated to form the ciphertext. Decryption follows the same procedure, except that the subkeys are used in reverse order.

The Expansion Function E: The 32 bit plaintext half is expanded to four 10 bit values, E1 ,E2 ,E3 ,E4 in the following manner: E1= P1P0P31P30P29P28P27P26P25P24 E1= P25P24P23P22P21P20P19P18P17P16 E1= P17P16P15P14P13P12P11P10P9P8 E1= P9P8P7P6P5P4P3P2P1P0 This expansion function was chosen because four 10 bit values were needed for the Sboxes, and it was reasonably fast to implement in software. Keyed Permutation: After expansion, keyed permutation is used. The permutation subkey is 20 bits long and is used to swap bits between E1and E3 and between E2 and E4. For example if 19th bit of the subkey is set 9th bit of E1 and E3 will be swapped. If bit 0 of the subkey is set, bit 0 of E2 and E4 will be swapped. The values E1 E2 E3 and E4 after being permuted are XORed with 40 bits of subkey, and then used as input to the four S-boxes, S1 S2 S3 and S4.Each S-box takes a 10 bit input and produces an 8 bit output. S-Boxes: Each S-box takes a 10 bit input X. Bits X9 and X0 are concatenated to form the row selector R. Bits X8 to X1 are concatenated to form the 8 bit column selector C. For each row R, there is an XOR offset value OR and a Galois Field prime irreducible polynomial PR. The 8 bit output of an S-box for an input X is given by (C OR)7 mod PR, under 8 bit Galois Field arithmetic which is shifted at appropriate location by multiple of 8 bits in order to make it convenient to apply 32 bit permutation. The exponent was chosen because it is a oneto-one function and it produces reasonably flat XOR profile, useful for resistance to differential cryptanalysis.

Figure: Offset Values

Figure: S-box Galois field primes

The Permutation Function P: The P-box, which is specified, is designed to maximize diffusion from each S-box and to ensure that bits which are separated by 16 places never come neither from the same S-box nor from S-boxes separated by two places (e.g. S1 and S3). The permutation is applied referring to hardcoded P-box values using following algorithm. The values in pBox are as below: pBox[] = { 0x00000001, 0x00000080, 0x00000400, 0x00002000, 0x00080000, 0x00200000, 0x01000000, 0x40000000, 0x00000008, 0x00000020, 0x00000100, 0x00004000, 0x00010000, 0x00800000, 0x04000000, 0x20000000, 0x00000004, 0x00000010, 0x00000200, 0x00008000, 0x00020000, 0x00400000, 0x08000000, 0x10000000, 0x00000002, 0x00000040, 0x00000800, 0x00001000, 0x00040000, 0x00100000, 0x02000000, 0x80000000 };

The Pseudo code of permuting the S box into 32 bits is as described below: Perm32 (int x) { Val=x; I=1; While (Val != 0) { If (Val & 1 != 0) { Result |= pBox[i]; Increment I; } Shift Val by 1 bit to right; } }

The key schedule: The standard ICE algorithm takes a 64 bit key and uses 16 subkeys in16 rounds. There is a fast variant called thin-ICE which uses 8 rounds with a 64 bit key. In each round 60 key bits are used. These are typically stored in three SK1, SK2, and SK3. SK1 is the value XORed with the inputs to S1 and S2 SK2 is the value XORed with the inputs to S3 and S4 SK3 is the value used for key permutation The key is first converted into four 16 bit blocks, KB[0..3]. These blocks are used along with the key rotations KR predefined to derive the subkeys in each round using the algorithm as follows:

Figure: Key rotation schedule

KB [0] = K63...K48 KB [1] = K47...K32 KB [2] = K31...K16 KB [3] = K15...K0 Algorithm: For each round n=1...16 For SK =SK1SK2 SK3 in turn 5 times each For i =0...3 do Set B to bit B of KB [(i + KR[n]) mod 4] Shift SK left one bit Set bit 0 of SK to B Shift KB [(i + KR[n]) mod 4] right one bit Set bit 15 of KB [(i + KR[n]) mod 4] to the inverse of B End End End

IMPLEMENTATION: The implementation is done in JAVA using NETBEANS IDE. I implemented the thin ICE algorithm which contains only 8 rounds for encryption. The project contains two java files: 1. TestMain.java
2. IceKeyOwn.java Testmain.jav a

Key and Plain Text/Cipher Text Cipher Text/ Plain Text

IceKeyOwn.ja va

Perm32 ()

IceKeyOwn( ) spBoxinitiali buildKeySchedu ze() le()

encrypt ()

decrypt ()

Galoisfield_exponentiation 7() Galoisfield_multiplication ()

roundFun c()

Figure: Flowchart
1.

TestMain.java: This file defines the main class of project. It takes 8 character long (64 bit) key as input. It also takes 8 character long text to be encrypted as user input. The 8 bit key taken as user input is passed to the constructor of the class called IceKeyOwn. The encrypted text is printed onto console. Before decryption the plaintext array used for storing the user input to be encrypted is set to 0 values. After decrypt function has been called the decrypted data that is the original plaintext is again printed onto console.

2.

IceKeyOwn.java: This file is used to perform encryption and decryption of the plaintext. It defines several methods as follows:
a) IceKeyOwn (byte[] key): This is the constructor method to which the key is passed. It

checks the flag and calls a function to initialize the substitution and permutation boxes. As the implementation is done for thin-ICE algorithm the number of rounds is set to 8. It defines an array called Keys to store the keys generated for each of 8 rounds. Constructor also breaks the given 64 bit key into 4 parts 16 bit each analogous to KB array in the algorithm and it passes this array to buildKeySchedule method.
b) private void buildKeySchedule(int kb[]): This method calculates the subkeys for each

of 8 rounds of thin-ICE called SK1, SK2, SK3. The calculation of the subkeys is done according to algorithm described above.
c) private void spBoxinitialize(): This method is used to initialize the substitution and

permutation boxes using the precomputed SXOR, SMOD and PBOX values given in reference paper. This method determines the column_id, row_id for the S-BOXes using galois field arithmetic of exponentiation. This method in turn calls the method galoisfield_exponentiation7(int col_row_xor, int prval) to determine the value of (C OR)7 mod PR. The returned value is permuted by function perm32 in order to ensure that bits which are separated by 16 places never come from the same S-box nor from Sboxes separated by two places ( eg. S1and S3). Finally the spBox values are computed and stored for further use.
d) galoisfield_exponentiation7(int col_row_xor, int prval): This method calls the

galois_multiplication (int a, int b, int m) function in order to calculate the (a*b) mod m value i.e. calculating the values of exponent 7 by repeated calling of multiplying function.
e) public void encrypt(byte text[], byte cipher[]): This method is called in order to encrypt

the plaintext. This method takes two arrays as arguments. In this method 64 bit data is divided into two halves of 32 bit each called the left and right half. On each half alternately the roundFunc is called which actually operates in the same way as F function. The encrypted data is then stored into cipher array as ciphered text.
f) private int roundFunc(int p, int subkey[]): This method takes the left or the right half as

input along with the subkey for particular round. It expands the 32 bit halves into 40 bit and applies keyed permutations referring the spBox values previously determined. The returned result is XORed with the remaining half and the same procedure is repeated for all the 8 rounds of thin-ICE. This gives the final cipher text.
g) public void decrypt(byte cipher[], byte text[]): This method is called in order to decrypt

the ciphertext. In this method 64 bit ciphered data is divided into two halves of 32 bit each called the left and right half. This function acts exactly opposite to the encrypt function applying the key schedule in exactly reverse order as this algorithm uses FIESTAL NETWORKS. On each half alternately the roundFunc is called which actually operates in the same way as F function but in reverse key schedule order. The decrypted data is then stored into text array as decrypted text.

SNAPSHOT

REFERENCES
[1] www.wikipedia.com [2] http://www.mathworks.com/help/toolbox/comm/ug/fp6358.html [3] The design of ICE algorithm by Matthew Kwan