Open Access
Camellia: A 128-Bit Block Cipher Suitable for Multiple Platforms
Kazumaro Aoki,Tetsuya Ichikawa,Masayuki Kanda,Mitsuru Matsui,Shiho Moriai,Nakajima Junko,Toshio Tokita,Nippon Telegraph +7 more
TLDR
Camellia as discussed by the authors is a new 128-bit block cipher with 128-, 192-, and 256-bit key lengths, which was designed to withstand all known cryptanalytic attacks and even to have a sufficiently large security leeway for use of the next 10-20 years.Abstract:
We present a new 128-bit block cipher called Camellia. Camellia sup- ports 128-bit block size and 128-, 192-, and 256-bit key lengths, i.e. the same interface specifications as the Advanced Encryption Standard (AES). Camellia was carefully designed to withstand all known cryptanalytic attacks and even to have a sufficiently large security leeway for use of the next 10-20 years. There are no hidden weakness inserted by the designers. It was also designed to have suitability for both software and hardware implementations and to cover all possible encryption applications that range from low-cost smart cards to high-speed network systems. Compared to the AES finalists, Camellia offers at least comparable encryption speed in software and hardware. An optimized implementation of Camellia in assembly language can en- crypt on a PentiumIII (800MHz) at the rate of m ore than 276 Mbits per second, which is much faster than the speed of an optimized DES implementation. In ad- dition, a distinguishing feature is its small hardware design. The hardware design, which includes key schedule, encryption and decryption, occupies approximately 11K gates, which is the smallest among all existing 128-bit block ciphers as far as we know. It perfectly meet current market requirements in wireless cards, for instance, where low power consumption is a mandaroty condition.read more
Citations
More filters
Journal Article
PRESENT: An Ultra-Lightweight Block Cipher
Andrey Bogdanov,Lars R. Knudsen,Gregor Leander,Christof Paar,Axel Poschmann,Matthew Robshaw,Yannick Seurin,C. Vikkelsoe +7 more
TL;DR: In this paper, the authors describe an ultra-lightweight block cipher, present, which is suitable for extremely constrained environments such as RFID tags and sensor networks, but it is not suitable for very large networks such as sensor networks.
BookDOI
Cryptographic Hardware and Embedded Systems - CHES 2004
TL;DR: This work considers two variants of secondorder differential power analysis: Zero-Offset 2DPA and FFT2DPA, and explores a couple of attacks that attempt to efficiently employ second-order techniques to overcome masking.
Book ChapterDOI
The 128-Bit Blockcipher CLEFIA (Extended Abstract)
TL;DR: A new 128-bit blockcipher CLEFIA supporting key lengths of 128, 192 and 256 bits, which is compatible with AES is proposed, which achieves enough immunity against known attacks and flexibility for efficient implementation in both hardware and software.
Posted Content
LBlock: A Lightweight Block Cipher.
Wenling Wu,Lei Zhang +1 more
TL;DR: The security evaluation shows that LBlock can achieve enough security margin against known attacks, such as differential crypt analysis, linear cryptanalysis, impossible differential cryptanalysis and related-key attacks etc.
Journal ArticleDOI
Survey and benchmark of block ciphers for wireless sensor networks
TL;DR: This work constructs an evaluation framework, and selects the most suitable ciphers for WSNs, namely Skipjack, MISTY1, and Rijndael, depending on the combination of available memory and required security (energy efficiency being implicit).
References
More filters
Performance Evaluation of AES/DES/Camellia On the 6805 and H8/300 CPUs *
TL;DR: The implementation results of several cryptographic algorithms on the Motorola 6805 and Hitachi H8/300 CPUs, including Data Encryption Standard (DES), Advanced Enc encryption Standard (AES), and Camellia are described.
Journal Article
Practical Evaluation of Security against Generalized Interpolation Attack
TL;DR: The generalized interpolation attack is generalized and the relationship between linear sum attack and higher order differential attack is shown and the security of CRYPTON, E2, and RIJNDAEL is shown againstlinear sum attack using the algorithm.
Journal Article
Optimized Software Implementations of E 2
Kazumaro Aoki,Hiroki Ueda +1 more
TL;DR: Several optimization techniques for SPN (Substitution-Permutation Network) on 32or 64bit processors are shown, applicable to other byte-oriented ciphers.