Showing papers on "Transposition cipher published in 2000"
TL;DR: A technical lemma of independent interest is bounding the success probability of a computationally unbounded adversary in distinguishing between a random ml-bit to l-bit function and the CBC MAC of a random l- bit to l -bit function.
679 citations
Journal Article•
TL;DR: The block cipher Rijndael, which is one of the fifteen candidate algorithms for the Advanced Encryption Standard (AES), is presented and it is shown that the cipher can be implemented very efficiently on Smart Cards.
Abstract: In this paper we present the block cipher Rijndael, which is one of the fifteen candidate algorithms for the Advanced Encryption Standard (AES). We show that the cipher can be implemented very efficiently on Smart Cards.
197 citations
10 Dec 2000
TL;DR: A5/1 is the stream cipher used in most European countries in order to ensure privacy of conversations on GSM mobile phones and is the best known result with respect to the total work complexity.
Abstract: A5/1 is the stream cipher used in most European countries in order to ensure privacy of conversations on GSM mobile phones. In this paper we describe an attack on this cipher with total work complexity 239.91 of A5/1 clockings, given 220.8 known plaintext. This is the best known result with respect to the total work complexity.
160 citations
10 Apr 2000
TL;DR: Mercy, a new block cipher accepting large blocks, which uses a key-dependent state machine to build a bijective F function for a Feistel cipher, which achieves 9 cycles/byte on a Pentium compatible processor.
Abstract: We discuss the special requirements imposed on the underlying cipher of systems which encrypt each sector of a disk partition independently, and demonstrate a certificational weakness in some existing block ciphers including Bellare and Rogaway's 1999 proposal, proposing a new quantitative measure of avalanche. To address these needs, we present Mercy, a new block cipher accepting large (4096-bit) blocks, which uses a key-dependent state machine to build a bijective F function for a Feistel cipher. Mercy achieves 9 cycles/byte on a Pentium compatible processor.
87 citations
TL;DR: A symmetric cipher that is actually a variation of the Hill cipher is presented, which makes use of “random” permutations of columns and rows of a matrix to form a “different” key for each data encryption.
Abstract: This paper presents a symmetric cipher that is actually a variation of the Hill cipher. The new scheme makes use of “random” permutations of columns and rows of a matrix to form a “different” key for each data encryption. The cipher has matrix products and permutations as the only operations which may be performed “efficiently” by primitive operators, when the system parameters are carefully chosen.
80 citations
Journal Article•
41 citations
Patent•
10 Apr 2000
TL;DR: In this article, the problem of combining the advantages of block cipher and stream cipher by making the number of bits in a key stream block larger than the size of a plaintext block is solved.
Abstract: PROBLEM TO BE SOLVED: To combine the advantages of block cipher and stream cipher by making the number of bits in a key stream block larger than the number of bits in a plaintext block. SOLUTION: A key stream generator KS generates an intermediate key in the system of a pseudo-random number sequence S in accordance with a cryptographic key K. The KS is a pseudo-random number generator used for stream cipher like WAKE, SEAL or RC4, for example. The KS can be the block cipher of a counter mode or a hash function with a counter. The intermediate key S is inputted to a mix function MX. The mix function MX receives a plain sentence message P, connects it with the pseudo-random number sequence S and generates a cipher text C. The number of bits in a key stream block is larger than the number of bits in the plaintext block.
26 citations
14 Aug 2000
TL;DR: A general stream cipher with memory in which each cipher-text symbol depends on both the current and previous plaintext symbols, as well as each plaintext symbol affects both theCurrent and previous ciphertext symbol, is pointed out.
Abstract: A general stream cipher with memory in which each cipher-text symbol depends on both the current and previous plaintext symbols, as well as each plaintext symbol depends on both the current and previous ciphertext symbols, is pointed out. It is shown how to convert any keystream generator into a stream cipher with memory and their security is discussed. It is proposed how to construct secure self-synchronizing stream ciphers, keyed hash functions, hash functions, and block ciphers from any secure stream cipher with memory. Rather new and unusual designs can thus be obtained, such as the designs of block ciphers and (keyed) hash functions based on clock-controlled shift registers only.
18 citations
01 Jan 2000
TL;DR: Camellia is a block cipher jointly developed by NTT and Mitsubishi in 2000 that describes some observations on the design of the cipher.
Abstract: Camellia is a block cipher jointly developed by NTT and Mitsubishi in 2000. In this note, we describe some observations on the design of the cipher.
9 citations
14 Aug 2000
TL;DR: A new family of symmetric block ciphers based on group bases is introduced, which enables us to construct a trivial 8-bit Caesar cipher as well as a strong 256-bit cipher with 512-bit key, both from the same specification.
Abstract: We introduce a new family of symmetric block ciphers based on group bases. The main advantage of our approach is its full scalability. It enables us to construct, for instance, a trivial 8-bit Caesar cipher as well as a strong 256-bit cipher with 512-bit key, both from the same specification. We discuss the practical aspects of the design, especially the choice of carrier groups, generation of random group bases and an efficient factorization algorithm. We also describe how the cryptographic properties of the system are optimized, and analyze the influence of parameters on its security. Finally we present some experimental results regarding the speed and security of concrete ciphers from the family.
6 citations
10 Dec 2000
TL;DR: A new block cipher called DONUT which is made by two pairwise perfect decorrelation modules is suggested which is secure against boomerang attack.
Abstract: Vaudenay[1] proposed a new way of protecting block ciphers against classes of attacks, which was based on the notion of decorrelation He also suggested two block cipher families COCONUT and PEANUT Wagner[2] suggested a new differential-style attack called boomerang attack and cryptanalysed COCONUT'98 In this paper we will suggest a new block cipher called DONUT which is made by two pairwise perfect decorrelation modules DONUT is secure against boomerang attack
TL;DR: A known-plaintext attack on a redundancy reducing cipher method which is proposed by Wayner is discussed and an extension of Wayner's redundancy reduce cipher scheme is proposed so that the security will be improved greatly.
Abstract: This paper discusses a known-plaintext attack on a redundancy reducing cipher method which is proposed by Wayner. We also propose an extension of Wayner's redundancy reducing cipher scheme so that the security will be improved greatly.
01 Jan 2000
TL;DR: This paper describes an additive stream cipher, given a block cipher with a fixed key, in which the keystream is the concatenation of the output blocks of the cipher with the input blocks defined by the integers in ascending order.
Abstract: Counter mode is well described in [8], which summarizes its advantages and reviews its security properties. Essentially, counter mode defines an additive stream cipher, given a block cipher with a fixed key, in which the keystream is the concatenation of the output blocks of the cipher with the input blocks defined by the integers in ascending order. We call this encryption mechanism integer counter mode in order to contrast it with the Linear Feedback Shift Register (LFSR) counter mode described below.
14 Aug 2000
TL;DR: It is demonstrated the existence of an efficient block cipher with the property that whenever it is composed with any nonperfect cipher, the resulting product is strictly more secure, against an ideal adversary, than the original cipher.
Abstract: We demonstrate the existence of an efficient block cipher with the property that whenever it is composed with any nonperfect cipher, the resulting product is strictly more secure, against an ideal adversary, than the original cipher We call this property universal security amplification, and note that it holds trivially for a one-time pad (a stream cipher) However, as far as we are aware, this is the first efficient block cipher with this property Several practical implications of this result are considered
25 Jun 2000
TL;DR: A new secret-key cipher system is suggested in which a message generated is transformed into two parts in such a way that the biggest part consists of independent and equiprobable bits and only this part is encrypted.
Abstract: It is well known in cryptography that it is easy to construct an unbreakable secret-key cipher system if a plaintext source generates letters which are independent and equiprobable even if the length of a key sequence is much less than the length of the message. In this paper, we suggest a new secret-key cipher system in which a message generated is transformed into two parts in such a way that the biggest part consists of independent and equiprobable bits and only this part is encrypted. The complexity of the method is exponentially less than that for other known methods.
Patent•
30 May 2000
TL;DR: In this article, a scalar-fold calculating method was proposed to solve the problem that there is possibility that the secret information is restored from the cipher processing progress by an attacking method called as power analysis of a DPA (demand possibility area) or the like in the case where secret information in an elliptic curve cipher is used.
Abstract: PROBLEM TO BE SOLVED: To provide a cipher processing method in which, even when a cipher processing progress is leaked by power analysis, secret information is not leaked in itself and moreover a cipher processing can be executed at high speed in order to solve the problem that there is possibility that the secret information is restored from the cipher processing progress by an attacking method called as power analysis of a DPA (demand possibility area) or the like in the cipher processing in which secret information in an elliptic curve cipher is used. SOLUTION: This method is a cipher processing method in which the dependency relationship between the cipher processing progress and the secret information is cut off. Especially, the method is a scalar-fold calculating method in which a scalar multiplication calculating progress is not depended on the value of bits with respect to a scalar value being the secret information. That is, when the scalar value is to be calculated in the elliptic curve cipher and scalar multiplication points are to be calculated from points on an elliptic curve, the value of bits of the scalar value is judged and operations on the elliptic curve are executed fixed times and in a fixed order without depending on the value of bits which are judged. COPYRIGHT: (C)2001,JPO
Posted Content•
TL;DR: A perfectly secure cipher system based on the concept of fake bits which has never been used in either classical or quantum cryptography is presented.
Abstract: We present a perfectly secure cipher system based on the concept of fake bits which has never been used in either classical or quantum cryptography.