Thanks for the question! You’re spot on. Fisher-Yates is a key part of Quintrophy1x’s design, used twice per instance: once to generate a dynamic 256-element S-box and once for a 128-byte block permutation.
For both shuffles, we seed Fisher-Yates with a SHA-512 hash of the key and nonce.
For the S-box, we generate a 256-element lookup table. We feed the Fisher-Yates shuffle a robust stream of pseudo-random numbers derived from the 512-bit key and a 16-byte nonce, processed through a SHA-512 hash function. We tweak this input slightly for the S-box so it’s distinct from other uses, ensuring every encryption gets a unique table. The shuffle then scrambles the 0-255 values based on this randomness, giving us a key-dependent substitution layer. For the permutation, we take each 128-byte block of data and reorder its bytes. We feed Fisher-Yates the same key and nonce combo, hashed again, to produce another pseudo-random sequence. This drives the shuffle, rearranging the block’s byte positions in a way that’s consistent for a given key-nonce pair.
This approach ensures each shuffle is deterministic for a given key-nonce pair (crucial for reversibility) but appears random to an attacker without the key. SHA-512’s 512-bit output provides ample entropy, and the nonce adds uniqueness per encryption.
uws|1 year ago
For the S-box, we generate a 256-element lookup table. We feed the Fisher-Yates shuffle a robust stream of pseudo-random numbers derived from the 512-bit key and a 16-byte nonce, processed through a SHA-512 hash function. We tweak this input slightly for the S-box so it’s distinct from other uses, ensuring every encryption gets a unique table. The shuffle then scrambles the 0-255 values based on this randomness, giving us a key-dependent substitution layer. For the permutation, we take each 128-byte block of data and reorder its bytes. We feed Fisher-Yates the same key and nonce combo, hashed again, to produce another pseudo-random sequence. This drives the shuffle, rearranging the block’s byte positions in a way that’s consistent for a given key-nonce pair.
This approach ensures each shuffle is deterministic for a given key-nonce pair (crucial for reversibility) but appears random to an attacker without the key. SHA-512’s 512-bit output provides ample entropy, and the nonce adds uniqueness per encryption.