Open Access
Camellia: A 128-Bit Block Cipher Suitable for Multiple Platforms
Kazumaro Aoki,Tetsuya Ichikawa,Masayuki Kanda,Mitsuru Matsui,Shiho Moriai,Nakajima Junko,Toshio Tokita,Nippon Telegraph +7 more
TLDR
Camellia as discussed by the authors is a new 128-bit block cipher with 128-, 192-, and 256-bit key lengths, which was designed to withstand all known cryptanalytic attacks and even to have a sufficiently large security leeway for use of the next 10-20 years.Abstract:
We present a new 128-bit block cipher called Camellia. Camellia sup- ports 128-bit block size and 128-, 192-, and 256-bit key lengths, i.e. the same interface specifications as the Advanced Encryption Standard (AES). Camellia was carefully designed to withstand all known cryptanalytic attacks and even to have a sufficiently large security leeway for use of the next 10-20 years. There are no hidden weakness inserted by the designers. It was also designed to have suitability for both software and hardware implementations and to cover all possible encryption applications that range from low-cost smart cards to high-speed network systems. Compared to the AES finalists, Camellia offers at least comparable encryption speed in software and hardware. An optimized implementation of Camellia in assembly language can en- crypt on a PentiumIII (800MHz) at the rate of m ore than 276 Mbits per second, which is much faster than the speed of an optimized DES implementation. In ad- dition, a distinguishing feature is its small hardware design. The hardware design, which includes key schedule, encryption and decryption, occupies approximately 11K gates, which is the smallest among all existing 128-bit block ciphers as far as we know. It perfectly meet current market requirements in wireless cards, for instance, where low power consumption is a mandaroty condition.read more
Citations
More filters
Journal ArticleDOI
More constructions of differentially 4-uniform permutations on $${\mathbb {F}}_{2^{2k}}$$F22k
TL;DR: The number of CCZ-inequivalent differentially 4-uniform permutations over F22k grows exponentially when k increases, which gives a positive answer to an open problem proposed in Qu et al.
Journal ArticleDOI
Applicable light-weight cryptographytosecure medical data in iot systems
TL;DR: This work study several realistic ligh tweight encryption algorithms suitable for IoT medical syst ems, outlining a comparison between ten applicable cryptographic algorithms resulting fair analysis in terms of memory utilization and speed.
Book ChapterDOI
Block Ciphers and Systems of Quadratic Equations
TL;DR: In this article, the authors compare systems of multivariate polynomials, which completely define the block ciphers Khazad, Misty1, Kasumi, Camellia, Rijndael and Serpent in the view of a potential danger of an algebraic relinearization attack.
Book ChapterDOI
Extended Generalized Feistel Networks Using Matrix Representation
TL;DR: A new class of such schemes called Extended Generalized Feistel Networks well suited for cryptographic applications is proposed, instantiate those proposals into two particular constructions and analyze their security.
Journal Article
On Feistel Structures Using a Diffusion Switching Mechanism
Taizo Shirai,Kyoji Shibutani +1 more
TL;DR: The theory of Feistel structure is extended by replacing the condition of optimal mappings with general-type mappings, consequently the restriction is eliminated and a method to estimate the guaranteed number of active S-boxes for arbitrary round numbers is established.
References
More filters
Book ChapterDOI
Differential Power Analysis
TL;DR: In this paper, the authors examine specific methods for analyzing power consumption measurements to find secret keys from tamper resistant devices. And they also discuss approaches for building cryptosystems that can operate securely in existing hardware that leaks information.
Book ChapterDOI
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems
TL;DR: By carefully measuring the amount of time required to perform private key operalions, attackers may be able to find fixed Diffie-Hellman exponents, factor RSA keys, and break other cryptosystems.
Book ChapterDOI
Linear cryptanalysis method for DES cipher
TL;DR: A new method is introduced for cryptanalysis of DES cipher, which is essentially a known-plaintext attack, that is applicable to an only-ciphertext attack in certain situations.
Book
Differential Cryptanalysis of the Data Encryption Standard
Eli Biham,Adi Shamir +1 more
TL;DR: This book introduces a new cryptographic method, called differential cryptanalysis, which can be applied to analyze cryptosystems, and describes the cryptanalysis of DES, deals with the influence of its building blocks on security, and analyzes modified variants.