Pseudo-Hadamard transform: Difference between revisions

From Citizendium
Jump to navigation Jump to search
imported>Sandy Harris
(expand some, needs more)
imported>Sandy Harris
No edit summary
Line 1: Line 1:
The '''psuedo-Hadamard transform''', or '''PHT''', is a technique used in [[cryptography]], primarily [[block cipher]] design. It was introduced in the [[SAFER (cipher)|SAFER]] ciphers and has been used in others such as [[Twofish]]. For cryptography, a reversible transform is required so that decryption can be the inverse of encryption. The [[Walsh-Hadamard transform]] does not have that property, but the PHT variant does.
The '''psuedo-Hadamard transform''', or '''PHT''', is a technique used in [[cryptography]], primarily [[block cipher]] design. It was introduced in the [[SAFER (cipher)|SAFER]] ciphers and has been used in others such as [[Twofish]]. For cryptography, a reversible transform is required so that decryption can be the inverse of encryption. The [[Walsh-Hadamard transform]] does not have that property when modular arithmetic is involved, but the PHT variant does.


A two-element transform can be applied to any bit string of even length. Split it into two bit strings a and b of equal lengths, each of n bits. Then, with all arithmetic mod 2<sup>n</sup>, compute:
A two-element transform can be applied to any bit string of even length. Split it into two bit strings a and b of equal lengths, each of n bits. Then, with all arithmetic mod 2<sup>n</sup>, compute:

Revision as of 21:35, 24 November 2009

The psuedo-Hadamard transform, or PHT, is a technique used in cryptography, primarily block cipher design. It was introduced in the SAFER ciphers and has been used in others such as Twofish. For cryptography, a reversible transform is required so that decryption can be the inverse of encryption. The Walsh-Hadamard transform does not have that property when modular arithmetic is involved, but the PHT variant does.

A two-element transform can be applied to any bit string of even length. Split it into two bit strings a and b of equal lengths, each of n bits. Then, with all arithmetic mod 2n, compute:

 a' = a + b
 b' = a + 2b

To reverse this, clearly:

 b = b' - a'
 a = 2a' - b'

Generally, the transform is done in place, so it becomes:

 x = a + b
 y = a + 2b
 a = x
 b = y

This can be applied recursively to get a transform for any size with 2n blocks. For example, if pht(ab,) does an in place PHT of two blocks, then the PHT for an array x[] of four blocks is:

  pht(x[0],x[1])
  pht(x[2],x[3])
  pht(x[0],x[2])
  pht(x[1],x[3])

For an 8-element transform, apply the 4-element one to the two halves then mix the halves with eight two-element transforms: pht(x[0],x[8]), .... pht(x[7],x[15]). This can be extended to 16, 32 ... 2n elements.

This has two very desirable properties for cryptography. First, since the two-element transform is reversible, so are all the higher-level transforms constructed from it. Second, for any level of ansform, it is clear that all output blocks are made to depend on all input blocks. This is a very useful property in terms of cryptographic diffusion.