Am 18.06.2013 09:00, schrieb Mok-Kong Shen: > The iterative solution of a system of n linear equations can be > formulated as follows: > > x1 := a11*x1 + a12*x2 + ... + a1n*xn + b1 > x2 := a21*x1 + a22*x2 + ... + a2n*xn + b2 > ..................... > xn := an1*x1 + an2*x2 + ... + ann*xn + bn > > where (in the so-called single-step or Seidel method) the assignments > are performed sequentially. See V. N. Faddeeva, Computational Methods > of Linear Algebra, p.117, Dover Publ., 1959. (Note that many textbooks > of linear algebra present however a different, in fact less general, > formulation.) > > Using this as a hint, we propose to do for block encryption processing > of n blocks, x1, x2, ... xn, the follwoing, where the f's are > invertible non-linear functions, the r's are pseudo-random numbers and > the assignments are performed sequentially (the f's and the r's are > (secret) key-dependent and different for different rounds, if more > than one rounds are used, computation is mod 2**m for block size of > m bits): > > x1 := f1(x1 + x2 ... + xn + r1) > x2 := f2(x1 + x2 ... + xn + r2) > ................ > xn := fn(x1 + x2 ... + xn + rn) > > Note that we have left out the multiplication with a's, which is > deemed a justifiable simplicity since the f's are non-linear and > further the r's are pseudo-random. Note also that the effect of > block-chaining in the use of the common block ciphers is intrinsically > present in our scheme. A viable variant of the scheme is to employ > ^r instead of +r.