Author: Yurii Pavlenko
Company: Extra Systems
Year of development: 2026
Contacts: esbc@extrasystems.biz
ESBC is a 512-bit block cipher designed specifically for modern 64-bit computing architectures. Unlike classical ciphers (including AES), which were developed in the era of 32-bit and 8-bit systems, ESBC was designed from the ground up with the capabilities and features of today's processors in mind.
The core concept behind the design is complete algorithmic transparency and the absence of any fixed constants that could serve as potential vectors for backdoors. All cipher elements, including substitution tables (S-boxes) and round keys, are dynamically generated from the user's key using a replaceable pseudorandom number generator (PRNG). The default implementation uses RC4, but it can be easily substituted.
| Parameter | Value |
| Block size: | 64 bytes (512 bits) |
| Block structure: | 8x8 byte matrix (8 uint64_t) |
| Number of rounds: | 32 |
| Number of half-rounds: | 2 per round (64 total) |
| S-box type: | Dynamic, Key-dependent permutations of 256 elements |
| Key generation: | Custom PRNG (default implementation is RC4) |
The main innovation of ESBC is the double application of cyclic shifts in each round:
1. The first shift ("shift_encode/shift_decode") is applied to the rows of the matrix before transposing.
2. Transpose ("transpose_the_matrix") - the rows become columns.
3. The second shift is applied to the columns of the original matrix.
This approach provides:
- Horizontal diffusion — mixing of bits within rows
- Vertical diffusion — mixing of bits between rows
- Transcending byte boundaries — shifts are performed at the bit level, not the byte level
As a result, a single changed plaintext bit after several rounds affects a randomly distributed set of ciphertext bits, which significantly complicates differential and linear cryptanalysis.
ESBC does not contain any fixed tables or constants of unknown origin. All key information is generated by the "make_key_data" procedure from the user-provided key:
- "shuffle_key" — 8-bit keys for bit shuffling (excluding 0x00 and 0xFF)
- "shift_key" — cyclic shift values (1-63, excluding 0)
- "xlat_encode_table / xlat_decode_table" — a pair of reversible S-boxes (random permutations of 256 elements)
- "step_key" — 64-bit round keys for addition
Each element is generated independently, eliminating the possibility of hidden dependencies or backdoors at the design stage.
The "add_const" and "sub_const" functions introduce additional nonlinearity depending on:
- Round number (i) — cubic dependence (i+1)³
- Half-round number (semi_step) — base shift
- Row position in the matrix (j) — quadratic dependence
The resulting additive is calculated using the formula:
d = ((j + s + 1)² × (i + s + 1)³)² // 10th power! d ^= (~d << 32) // nonlinear shuffling
This ensures that each row of the matrix receives a unique pseudorandom value in each half-round.
The main advantage of ESBC over existing standards (including AES) is the fundamental impossibility of backdoors based on fixed constants or S-boxes. Since all tables and keys are generated dynamically from the user's key, there are no "magic numbers" that could be deliberately chosen to create hidden vulnerabilities.
The user can optionally replace the default PRNG (RC4) with any other randomness source, for example:
- ChaCha20
- Hardware Random Number Generator (RDRAND)
- Hash function in counter mode
Thus, the security of ESBC relies solely on the strength of the key and the chosen PRNG, not on trust in the developer or standards organizations.
In full compliance with Kerckhoffs' principle (a cipher should remain secure even if an adversary knows all the details of the algorithm except the key), we are publishing the complete ESBC source code. The transparency of the implementation allows anyone to:
- Conduct independent cryptanalysis
- Ensure the absence of hidden backdoors
- Adapt the code to your needs (within the chosen license)
- Replace the PRNG with your preferred randomness source
ESBC offers a fresh approach to block ciphers, adapted to the capabilities of 64-bit systems and modern requirements for transparency in cryptographic algorithms. Key innovations — double bit shifts before and after transposition, full dynamic generation of all tables, and the absence of fixed constants — make this cipher not only competitive in performance but also resistant to a whole class of potential attacks involving design-time backdoors.
We invite the cryptographic community to analyze, test, and discuss our approach.
The content of this page is also available in French, German, Ukrainian and Russian.
| © Extra Systems, 2026 |
|