Showing papers on "Block cipher published in 1993"
Book•
10 Nov 1993
TL;DR: This document describes the construction of protocols and their use in the real world, as well as some examples of protocols used in the virtual world.
Abstract: CRYPTOGRAPHIC PROTOCOLS. Protocol Building Blocks. Basic Protocols. Intermediate Protocols. Advanced Protocols. Esoteric Protocols. CRYPTOGRAPHIC TECHNIQUES. Key Length. Key Management. Algorithm Types and Modes. Using Algorithms. CRYPTOGRAPHIC ALGORITHMS. Data Encryption Standard (DES). Other Block Ciphers. Other Stream Ciphers and Real Random-Sequence Generators. Public-Key Algorithms. Special Algorithms for Protocols. THE REAL WORLD. Example Implementations. Politics. SOURCE CODE.source Code. References.
3,432 citations
Book•
01 Jan 1993TL;DR: This book introduces a new cryptographic method, called differential cryptanalysis, which can be applied to analyze cryptosystems, and describes the cryptanalysis of DES, deals with the influence of its building blocks on security, and analyzes modified variants.
Abstract: DES, the Data Encryption Standard, is one of several cryptographic standards. The authors of this text detail their cryptanalytic "attack" upon DES and several other systems, using creative and novel tactics to demonstrate how they broke DES up into 16 rounds of coding. The methodology used offers valuable insights to cryptographers and cryptanalysts alike in creating new encryption standards, strengthening current ones, and exploring new ways to test important data protection schemes. This book introduces a new cryptographic method, called differential cryptanalysis, which can be applied to analyze cryptosystems. It describes the cryptanalysis of DES, deals with the influence of its building blocks on security, and analyzes modified variants. The differential cryptanalysis of "Feal" and several other cryptosystems is also described. This method can also be used to cryptanalyze hash functions, as is exemplified by the cryptanalysis of "Snefru".
1,009 citations
09 Dec 1993
TL;DR: Blowfish, a new secret-key block cipher, is proposed, a Feistel network, iterating a simple encryption function 16 times, which is very efficient on large microprocessors.
Abstract: Blowfish, a new secret-key block cipher, is proposed. It is a Feistel network, iterating a simple encryption function 16 times. The block size is 64 bits, and the key can be any length up to 448 bits. Although there is a complex initialization phase required before any encryption can take place, the actual encryption of data is very efficient on large microprocessors.
893 citations
Journal Article•
TL;DR: In this paper, a general model for hash functions based on block ciphers is presented, where the size of the hashcode is equal to the block length of the block cipher and the key size is approximately equal to block length.
Abstract: Constructions for hash functions based on a block cipher are studied where the size of the hashcode is equal to the block length of the block cipher and where the key size is approximately equal to the block length. A general model is presented, and it is shown that this model covers 9 schemes that have appeared in the literature. Within this general model 64 possible schemes exist, and it is shown that 12 of these are secure; they can be reduced to 2 classes based on linear transformations of variables. The properties of these 12 schemes with respect to weaknesses of the underlying block cipher are studied. The same approach can be extended to study keyed hash functions (MAC's) based on block ciphers and hash functions based on modular arithmetic. Finally a new attack is presented on a scheme suggested by R. Merkle.
451 citations
Journal Article•
TL;DR: In this paper, the substitution boxes of DES are relatively small in dimension and they can be generated by testing randomly chosen functions for required design criteria, but when the dimensions grow larger, analytic construction methods become necessary.
Abstract: Highly nonlinear permutations play an important role in the design of cryptographic transformations such as block ciphers, hash functions and stream ciphers. The substitution boxes of DES are relatively small in dimension and they can be generated by testing randomly chosen functions for required design criteria. Security may be increased by the use of substitution transformations of higher dimensions. But when the dimensions grow larger, analytic construction methods become necessary.
167 citations
TL;DR: In this paper, a new approach to cryptanalysis based on the application of a directed random search algorithm called a genetic algorithm is proposed, which is shown that such a algorithm could be used to discover the key for a simple substitution cipher.
Abstract: This paper considers a new approach to cryptanalysis based on the application of a directed random search algorithm called a genetic algorithm. It is shown that such a algorithm could be used to discover the key for a simple substitution cipher.
128 citations
TL;DR: This work focuses on the cryptanalysis of a knapsack cipher based on the application of a directed random search algorithm called a genetic algorithm, which it is shown that could be used to easily compromise even high density knapsacks.
Abstract: This paper is the second in a series of papers which examine a new method of cryptanalysis. This work focuses on the cryptanalysis of a knapsack cipher. It is based on the application of a directed random search algorithm called a genetic algorithm. It is shown that such a algorithm could be used to easily compromise even high density knapsack ciphers.
85 citations
09 Dec 1993
TL;DR: This paper introduces a new concept, practical security against linear and differential attacks on Feistel ciphers, and gives examples of such Feistels resistant to differential attacks, linear attacks and other attacks.
Abstract: In this paper we give necessary design principles to be used, when constructing secure Feistel ciphers We introduce a new concept, practical security against linear and differential attacks on Feistel ciphers We give examples of such Feistel ciphers (practically) resistant to differential attacks, linear attacks and other attacks
78 citations
09 Dec 1993
TL;DR: The cryptographic finite state machine approach as introduced in [1] to the design of symmetric key block ciphers is applied and 3-Way is shown to be surprisingly strong with respect to both linear and differential cryptanalysis.
Abstract: In this paper we apply the cryptographic finite state machine approach as introduced in [1] to the design of symmetric key block ciphers. Key words in the design approach are simplicity, uniformity, parallelism, distributed nonlinearity and high diffusion. 3-Way is a block cipher with a block and key length of 96 bits. Key components in the construction of 3-Way are a 3-bit nonlinear S-box and a linear mapping that can be described by modular polynomial multiplication in ℤ 2 12 . The arrangement of the components allows software implementations in the range of 10 Mbit/s on a modern PC and dedicated hardware implementations above 1 Gbit/s using standard technology (1.2μ CMOS). The cipher structure of 3-Way is shown to be surprisingly strong with respect to both linear and differential cryptanalysis.
69 citations
Patent•
IBM1
TL;DR: In this article, the authors proposed a system to translate a first group of cipher blocks based on a first encryption key to a second group of respective cipher blocks using a second encryption key.
Abstract: A system translates a first group of cipher blocks based on a first encryption key to a second group of respective cipher blocks based on a second encryption key. Respective cipher blocks of the first and second groups represent the same data. The system comprises decryption hardware for sequentially decrypting the cipher blocks of the first group based on the first key. Encryption hardware is coupled to receive decrypted blocks output from the decryption hardware and sequentially encrypts the decrypted blocks into respective cipher blocks of the second group based on the second encryption key. A control unit controls the encryption hardware to encrypt the decrypted blocks into the respective cipher blocks of the second group while the decryption hardware decrypts cipher blocks of the first group. Consequently, decryption and encryption operations occur in parallel and the translation process is expedited.
61 citations
01 Dec 1993
TL;DR: A novel method based on group Hadamard matrices is developed to systematically generate S-boxes that satisfy a number of critical cryptographic properties, including the high nonlinearity, the strict avalanche characteristics, the balancedness, the robustness against differential cryptanalysis and the immunity to linear cryptanalysis.
Abstract: Substitution boxes (S-boxes) are a crucial component of DES-like block ciphers. This research addresses problems with previous approaches towards constructing S-boxes, and proposes a new definition for the robustness of S-boxes to differential cryptanalysis, which is the most powerful cryptanalytic attack known to date. A novel method based on group Hadamard matrices is developed to systematically generate S-boxes that satisfy a number of critical cryptographic properties. Among the properties are the high nonlinearity, the strict avalanche characteristics, the balancedness, the robustness against differential cryptanalysis, and the immunity to linear cryptanalysis. An example is provided to illustrate the S-box generating method.
09 Dec 1993
TL;DR: The differential cryptanalysis of additive stream ciphers, which are nonlinear filtered sequences driven by a counter rather than by a shift register, is introduced and its theoretical basis is developed.
Abstract: This paper introduces the differential cryptanalysis of additive stream ciphers, and develops its theoretical basis. The relationships between differential and other types of stream cipher analysis are presented. The conservation laws of patterns and of mutual information are derived. The cryptographic significance of pattern distribution of keystream sequences is shown. The cryptographic transformation densities are introduced, and their relations with other cryptographic factors are summarized. This work is illustrated by reference to the design and security of additive natural stream ciphers, which are nonlinear filtered sequences driven by a counter rather than by a shift register.
09 May 1993
TL;DR: The VLSI chip implements data encryption and decryption in a single hardware unit and is the first silicon block encryption device that can be applied to on-line encryption in high-speed networking protocols like ATM or FDDI (Fiber Distributed Data Interface).
Abstract: A VLSI implementation of a novel secret-key block cipher is presented. Security considerations lead to novel system concepts in chip design including protection of sensitive information and failure detection capabilities. The VLSI chip implements data encryption and decryption in a single hardware unit. All important standardized modes of operation of block ciphers are supported. In addition, new modes are proposed and implemented to fully exploit the algorithm's inherent parallelism. With a system clock frequency of 25 MHz, this device permits a data conversion rate of more than 177 Mbit/s. The chip is the first silicon block encryption device that can be applied to on-line encryption in high-speed networking protocols like ATM (Asynchronous Transfer Mode) or FDDI (Fiber Distributed Data Interface). The high data throughput of 177.8 Mbit/s has been achieved by utilization of a sophisticated pipelining scheme and four full-custom modulo (2/sup 16/ + 1) multipliers. Two unidirectional high-speed 16-bit data ports guarantee continuous occupancy of the encryption unit.
01 Dec 1993
TL;DR: A differential attack on several hash functions based on a block cipher with the emphasis on the results for cases where DES [8] is the underlying block cipher.
Abstract: This paper describes a differential attack on several hash functions based on a block cipher. The emphasis will be on the results for cases where DES [8] is the underlying block cipher. It will briefly discuss the case of FEAL-N [19, 21].
22 Aug 1993
TL;DR: Three attacks on the DES with a reduced number of rounds in the Cipher Feedback Mode (CFB) are studied, namely a meet in the middle attack, a differential attack, and a linear attack, showing that the final permutation has some cryptographic significance in the CFB mode.
Abstract: Three attacks on the DES with a reduced number of rounds in the Cipher Feedback Mode (CFB) are studied, namely a meet in the middle attack, a differential attack, and a linear attack. These attacks are based on the same principles as the corresponding attacks on the ECB mode, They are compared to the three basic attacks on the CFB mode. In 8-bit CFB and with 8 rounds in stead of 16, a differential attack with 239.4 chosen ciphertexts can find 3 key bits, and a linear attack with 231 known plaintexts can find 7 key bits. This suggests that it is not safe to reduce the number of rounds in order to improve the performance. Moreover, it is shown that the final permutation has some cryptographic significance in the CFB mode.
01 Jan 1993
TL;DR: The block ciphers PES and IPES were originally designed with the ambition to become the successor of DES as a standard, but it is pointed out why this would not be possible.
Abstract: The block ciphers PES and IPES were originally designed with the ambition to become the successor of DES as a standard. In this paper we point out why this wouldbeabadidea. Ononehandanewblockcipher(calledMMB)isproposed,that usessimilarprimitiveoperationsas(I)PESbutcanbemoree‐cientlyimplemented bothinhardwareandinsoftware. Ontheotherhandclassesofweakkeys(withsize up to 2 51 ) have been found for IPES.
Journal Article•
TL;DR: The cryptographic flnite state machine approach as introduced in (1) to the design of symmetric key block ci- phers is applied, showing the cipher structure of 3-Way to be surprisingly strong with respect to both linear and difierential cryptanalysis.
Abstract: In this paper we apply the cryptographic flnite state machine approach as introduced in (1) to the design of symmetric key block ci- phers. Key words in the design approach are simplicity, uniformity, par- allelism, distributed nonlinearity and high difiusion. 3-Way is a block cipher with a block and key length of 96 bits. Key components in the construction of 3-Way are a 3-bit nonlinear S-box and a linear mapping that can be described by modular polynomial multiplication in Z Z 12 . The arrangement of the components allows software implementations in the range of 10 Mbit/s on a modern PC and dedicated hardware implemen- tations above 1 Gbit/s using standard technology (1:2" CMOS). The cipher structure of 3-Way is shown to be surprisingly strong with respect to both linear and difierential cryptanalysis.
Journal Article•
Patent•
24 Jun 1993
TL;DR: The RSA algorithm is a known public-key method and block cipher as mentioned in this paper, which is based on the assumed difficulty of factoring large composite numbers using digital computation means. But a time consuming modular exponentiation is needed.
Abstract: The RSA algorithm is a known public-key method and block cipher. The algorithm is based on the assumed difficulty of factoring large composite numbers using digital computation means. The cipher keys are mathematically derived using two large prime numbers p and q. The prime numbers must meet certain properties. But a time consuming modular exponentiation is needed.
The speed is improved by modifying the definition of the ciphertexts in such a way that Montgomery-like multiplication resources and modified Square-and-Multiply procedure can be used.
17 Jan 1993
TL;DR: A scheme in which cryptographically strong permutations can be randomly selected from a large proper subset of the permutations on blocks of binary numbers which have certain properties of cryptographic strength that are independent of the underlying Boolean functions is suggested.
Abstract: This paper suggests a scheme in which cryptographically strong permutations can be randomly selected from a large proper subset of the permutations on blocks of binary numbers which have certain properties of cryptographic strength that are independent of the underlying Boolean functions.
19 Apr 1993
TL;DR: The resulting principle is the basis for the implementation of an efficient selftest scheme in a VLSI block cipher design in order to meet binding security requirements of cryptographic equipment.
Abstract: A well-known theorem of communications theory has been applied to show the inherent test-friendliness of implementations of modern block ciphers. The resulting principle is the basis for the implementation of an efficient selftest scheme in a VLSI block cipher design in order to meet binding security requirements of cryptographic equipment. >
Book•
01 Nov 1993
TL;DR: Public-key cryptosystem based on the discrete logarithm problem, including a modular exponentiation unit based on systolic arrays, and the design of a conference key distribution system.
Abstract: Threshold cryptosystems.- Authentication codes with perfect protection.- Practical proven secure authentication with arbitration.- Authentication codes under impersonation attack.- Cumulative arrays and geometric secret sharing schemes.- Nonperfect secret sharing schemes.- A construction of practical secret sharing schemes using linear block codes.- HAVAL - A one-way hashing algorithm with variable length of output (extended abstract).- On the power of memory in the design of collision resistant hash functions.- A practical digital multisignature scheme based on discrete logarithms (extended abstract).- Group-oriented undeniable signature schemes without the assistance of a mutually trusted party.- Highly nonlinear 0-1 balanced boolean functions satisfying strict avalanche criterion (extended abstract).- Linear nonequivalence versus nonlinearity.- Constructing large cryptographically strong S-boxes.- Nonasymptotic estimates of information protection efficiency for the wire-tap channel concept.- Cryptanalysis of LOKI 91.- Cryptanalysis of summation generator.- Secure addition sequence and its applications on the server-aided secret computation protocols.- Subliminal channels for signature transfer and their application to signature distribution schemes.- A practical secret voting scheme for large scale elections.- Privacy for multi-party protocols.- New protocols for electronic money.- Modelling and analyzing cryptographic protocols using Petri nets.- On verifiable implicit asking protocols for RSA computation.- Modified Maurer-Yacobi's scheme and its applications.- The vulnerability of geometric sequences based on fields of odd characteristic.- A fast cryptographic checksum algorithm based on stream ciphers.- An approach to the initial state reconstruction of a clock-controlled shift register based on a novel distance measure.- Construction of m-ary de Bruijn sequences (extended abstract).- Information technology security standards - An Australian perspective.- Non-interactive generation of shared pseudorandom sequences.- A generalized description of DES-based and Benes-based permutationgenerators.- Prime generation with the Demytko-Miller-Trbovich algorithm.- Constructions of feebly-one-way families of permutations.- On bit correlations among preimages of "Many to one" One-way functions.- The fast cascade exponentiation algorithm and its applications on cryptography.- The design of a conference key distribution system.- Remarks on "The design of a Conference Key Distribution System".- Public-key cryptosystem based on the discrete logarithm problem.- Elliptic curves over F p suitable for cryptosystems.- The probability Distribution of the Diffie-Hellman Key.- A modular exponentiation unit based on systolic arrays.- A comparison of key distribution patterns constructed from circle geometries.- A block cipher method using combinations of different methods under the control of the user key.- An attack on two hash functions by Zheng-Matsumoto-Imai.- Primality testing with Lucas functions.
Journal Article•
TL;DR: Dedicated hash functions are cryptographically secure compression functions which are designed specifically for hashing as discussed by the authors.They can form a practical alternative for hash functions based on another cryptographic primitive like a block cipher or modular squaring.
Abstract: Dedicated hash functions are cryptographically secure compression functions which are designed specifically for hashing They intend to form a practical alternative for hash functions based on another cryptographic primitive like a block cipher or modular squaring About a dozen of dedicated hash functions have been proposed in the literature This paper discusses the design principles on which these hash functions are based