RC6 encryption and decryption

• Download source files - 50 Kb
• Download demo project - 121 Kb

Introduction

RC6 is an evolutionary improvement of RC5, designed to meet the requirements of the Advanced Encryption Standard (AES). Like RC5, RC6 makes essential use of data-dependent rotations. New features of RC6 include the use of four working registers instead of two, and the inclusion of integer multiplication as an additional primitive operation. The use of multiplication greatly increases the diffusion achieved per round, allowing for greater security, fewer rounds, and increased throughput. I found an article about it online and fulfilled the algorithm using C++ for fun. Hope it'd be helpful to some interested people.

Details of RC6

Like RC5, RC6 is a fully parameterized family of encryption algorithms. A version of RC6 is more accurately specified as RC6-w/r/b where the word size is w bits, encryption consists of a nonnegative number of rounds r, and b denotes the length of the encryption key in bytes. Since the AES submission is targeted at w = 32 and r = 20, we shall use RC6 as shorthand to refer to such versions. When any other value of w or r is intended in the text, the parameter values will be specified as RC6-w/r. Of particular relevance to the AES effort will be the versions of RC6 with 16-, 24-, and 32-byte keys. For all variants, RC6-w/r/b operates on units of four w-bit words using the following six basic operations. The base-two logarithm of w will be denoted by lgw.

• a + b: integer addition modulo 2^w
• a - b: integer subtraction modulo 2^w
• a @ b: bitwise exclusive-or of w-bit words
• a * b: integer multiplication modulo 2^w
• a <<< b: rotate the w-bit word a to the left by the amount given by the least significant lgw bits of b
• a >>> b: rotate the w-bit word a to the right by the amount given by the least significant lgw bits of b

Note that in the description of RC6 the term "round" is somewhat analogous to the usual DES-like idea of a round: half of the data is updated by the other half; and the two are then swapped. In RC5, the term "half-round" was used to describe this style of action, and an RC5 round was deemed to consist of two half-rounds. This seems to have become a potential cause of confusion, and so RC6 reverts to using the term "round" in the more established way.

To get the detailed algorithm description of RC6-w/r/b. Please read the article "The RC6 Block Cipher" by Ronald L. Rivest, M.J.B. Robshaw, R. Sidney and, Y.L. Yin.

Details of Code

In my program, I fulfilled RC6-32/16. Since the integer addition, subtraction and multiplication don't exceed 2^32 in my program, I don't let their results modulo 2^32 like the operations described above. Anyway, the encryption and decryption go well.

I wrapped the bits rotation operations in two functions DWORD CHexDoc::LeftRotate(DWORD dwVar, DWORD dwOffset) and DWORD CHexDoc::RightRotate(DWORD dwVar, DWORD dwOffset).

DWORD CHexDoc::LeftRotate(DWORD dwVar, DWORD dwOffset)
{
    DWORD temp1, temp2;

    temp1 = dwVar >> (W - dwOffset);
    temp2 = dwVar << dwOffset;
    temp2 = temp2 | temp1;

    return temp2;
}

DWORD CHexDoc::RightRotate(DWORD dwVar, DWORD dwOffset)
{
    DWORD temp1, temp2;

    temp1 = dwVar << (W - dwOffset);
    temp2 = dwVar >> dwOffset;
    temp2 = temp2 | temp1;

    return temp2;
}

The key generation part is like

void CHexDoc::KeyGen(DWORD dwKey)
{
    DWORD P32 = 0xB7E15163;
    DWORD Q32 = 0x9E3779B9;
    DWORD i, A, B;
    DWORD dwByteOne, dwByteTwo, dwByteThree, dwByteFour;

    dwByteOne = dwKey >> 24;
    dwByteTwo = dwKey >> 8;
    dwByteTwo = dwByteTwo & 0x0010;
    dwByteThree = dwKey << 8;
    dwByteThree = dwByteThree & 0x0100;
    dwByteFour = dwKey << 24;

    dwKey = dwByteOne | dwByteTwo | dwByteThree
        | dwByteFour;

    m_dwS[0] = P32;

    for(i = 1; i < 2 * R + 4; i++)
        m_dwS[i] = m_dwS[i - 1] + Q32;

    i = A = B = 0;

    int v = 3 * max(1, 2 * R + 4);

    for(int s = 1; s <= v; s++)
    {
        A = m_dwS[i] = LeftRotate(m_dwS[i] + A + B, 
            OffsetAmount(3));
        B = dwKey = LeftRotate(dwKey + A + B, 
            OffsetAmount(A + B));

        i = (i + 1) % (2 * R + 4);
    }
}

Finally, the core parts of encryption and decryption are as following:

// encrypt the file

void CHexDoc::EncodeFile()
{
    DWORD* pdwTemp;

    for(UINT i = 0; i < m_nDocLength; i += 16)
    {
        pdwTemp = (DWORD*)&m_pFileData[i];

        pdwTemp[0] = (pdwTemp[0] - m_dwS[2 * R + 2]);
        pdwTemp[2] = (pdwTemp[2] - m_dwS[2 * R + 3]);

        for(int j = R; j >= 1; j--)
        {
            DWORD temp = pdwTemp[3];
            pdwTemp[3] = pdwTemp[2];
            pdwTemp[2] = pdwTemp[1];
            pdwTemp[1] = pdwTemp[0];
            pdwTemp[0] = temp;

            DWORD t = 
                LeftRotate((pdwTemp[1] * (2 * pdwTemp[1] + 1)),
                OffsetAmount((DWORD)(log((double)W)/log(2.0))));
            DWORD u = 
                LeftRotate((pdwTemp[3] * (2 * pdwTemp[3] + 1)),
                OffsetAmount((DWORD)(log((double)W)/log(2.0))));
            pdwTemp[0] =
                (RightRotate((pdwTemp[0] - m_dwS[2 * j]),
                OffsetAmount(u))) ^ t;
            pdwTemp[2] = 
                (RightRotate((pdwTemp[2] - m_dwS[2 * j + 1]),
                OffsetAmount(t))) ^ u;
        }

        pdwTemp[1] = (pdwTemp[1] - m_dwS[0]);
        pdwTemp[3] = (pdwTemp[3] - m_dwS[1]);
    }
    pdwTemp = NULL;
    SetModifiedFlag(TRUE);

    POSITION pos = GetFirstViewPosition();
    while(pos != NULL)
    {
        CView* pView = GetNextView(pos);
        pView->RedrawWindow();
    }
}

// decrypt the file

void CHexDoc::DecodeFile()
{
    DWORD* pdwTemp;

    for(UINT i = 0; i < m_nDocLength; i += 16)
    {
        pdwTemp = (DWORD*)&m_pFileData[i];

        pdwTemp[1] = (pdwTemp[1] + m_dwS[0]);
        pdwTemp[3] = (pdwTemp[3] + m_dwS[1]);

        for(int j = 1; j <= R; j++)
        {
            DWORD t = 
                LeftRotate((pdwTemp[1] * (2 * pdwTemp[1] + 1)),
                OffsetAmount((DWORD)(log((double)W)/log(2.0))));
            DWORD u = 
                LeftRotate((pdwTemp[3] * (2 * pdwTemp[3] + 1)),
                OffsetAmount((DWORD)(log((double)W)/log(2.0))));
            pdwTemp[0] = 
                (LeftRotate(pdwTemp[0] ^ t, OffsetAmount(u)) +
                m_dwS[2 * j]);
            pdwTemp[2] = 
                (LeftRotate(pdwTemp[2] ^ u, OffsetAmount(t)) +
                m_dwS[2 * j + 1]);

            DWORD temp = pdwTemp[0];
            pdwTemp[0] = pdwTemp[1];
            pdwTemp[1] = pdwTemp[2];
            pdwTemp[2] = pdwTemp[3];
            pdwTemp[3] = temp;
        }

        pdwTemp[0] = (pdwTemp[0] + m_dwS[2 * R + 2]);
        pdwTemp[2] = (pdwTemp[2] + m_dwS[2 * R + 3]);
    }
    pdwTemp = NULL;
    SetModifiedFlag(TRUE);

    POSITION pos = GetFirstViewPosition();
    while(pos != NULL)
    {
        CView* pView = GetNextView(pos);
        pView->RedrawWindow();
    }
}

Conclusion

In the view window, I showed the Hex and Char content of the loaded file and their addresses. You can see the changes every time you encrypt/decrypt it. Thanks!