Showing papers on "Triple DES published in 2000"

Camellia: A 128-Bit Block Cipher Suitable for Multiple Platforms - Design and Analysis

Abstract: We present a new 128-bit block cipher called Camellia. Camellia supports 128-bit block size and 128-, 192-, and 256-bit keys, i.e., the same interface specifications as the Advanced Encryption Standard (AES). Efficiency on both software and hardware platforms is a remarkable characteristic of Camellia in addition to its high level of security. It is confirmed that Camellia provides strong security against differential and linear cryptanalyses. Compared to the AES finalists, i.e., MARS, RC6, Rijndael, Serpent, and Twofish, Camellia offers at least comparable encryption speed in software and hardware. An optimized implementation of Camellia in assembly language can encrypt on a Pentium III (800MHz) at the rate of more than 276 Mbits per second, which is much faster than the speed of an optimized DES implementation. In addition, a distinguishing feature is its small hardware design. The hardware design, which includes encryption and decryption and key schedule, occupies approximately 11K gates, which is the smallest among all existing 128-bit block ciphers as far as we know.

Camellia: A 128-Bit Block Cipher Suitable for Multiple Platforms

Abstract: We present a new 128-bit block cipher called Camellia. Camellia sup- ports 128-bit block size and 128-, 192-, and 256-bit key lengths, i.e. the same interface specifications as the Advanced Encryption Standard (AES). Camellia was carefully designed to withstand all known cryptanalytic attacks and even to have a sufficiently large security leeway for use of the next 10-20 years. There are no hidden weakness inserted by the designers. It was also designed to have suitability for both software and hardware implementations and to cover all possible encryption applications that range from low-cost smart cards to high-speed network systems. Compared to the AES finalists, Camellia offers at least comparable encryption speed in software and hardware. An optimized implementation of Camellia in assembly language can en- crypt on a PentiumIII (800MHz) at the rate of m ore than 276 Mbits per second, which is much faster than the speed of an optimized DES implementation. In ad- dition, a distinguishing feature is its small hardware design. The hardware design, which includes key schedule, encryption and decryption, occupies approximately 11K gates, which is the smallest among all existing 128-bit block ciphers as far as we know. It perfectly meet current market requirements in wireless cards, for instance, where low power consumption is a mandaroty condition.

The block cipher rijndael

Abstract: In this paper we present the block cipher Rijndael, which is one of the fifteen candidate algorithms for the Advanced Encryption Standard (AES). We show that the cipher can be implemented very efficiently on Smart Cards.

Architectural support for fast symmetric-key cryptography

Abstract: The emergence of the Internet as a trusted medium for commerce and communication has made cryptography an essential component of modern information systems. Cryptography provides the mechanisms necessary to implement accountability, accuracy, and confidentiality in communication. As demands for secure communication bandwidth grow, efficient cryptographic processing will become increasingly vital to good system performance.In this paper, we explore techniques to improve the performance of symmetric key cipher algorithms. Eight popular strong encryption algorithms are examined in detail. Analysis reveals the algorithms are computationally complex and contain little parallelism. Overall throughput on a high-end microprocessor is quite poor, a 600 Mhz processor is incapable of saturating a T3 communication line with 3DES (triple DES) encrypted data.We introduce new instructions that improve the efficiency of the analyzed algorithms. Our approach adds instruction set support for fast substitutions, general permutations, rotates, and modular arithmetic. Performance analysis of the optimized ciphers shows an overall speedup of 59% over a baseline machine with rotate instructions and 74% speedup over a baseline without rotates. Even higher speedups are demonstrated with optimized substitutions (SBOXes) and additional functional unit resources. Our analyses of the original and optimized algorithms suggest future directions for the design of high-performance programmable cryptographic processors.

Mercy: A Fast Large Block Cipher for Disk Sector Encryption

Abstract: We discuss the special requirements imposed on the underlying cipher of systems which encrypt each sector of a disk partition independently, and demonstrate a certificational weakness in some existing block ciphers including Bellare and Rogaway's 1999 proposal, proposing a new quantitative measure of avalanche. To address these needs, we present Mercy, a new block cipher accepting large (4096-bit) blocks, which uses a key-dependent state machine to build a bijective F function for a Feistel cipher. Mercy achieves 9 cycles/byte on a Pentium compatible processor.

Performance of the AES Candidate Algorithms in Java.

Abstract: We analyze the five remaining AES candidate algorithms MARS, RC6, Rijndael, Serpent, and Twofish as well as DES, Triple DES, and IDEA by examining independently developed Java implementations. We give performance measurement results on several platforms, list the memory requirements, and present a subjective estimate for the implementation difficulty of the algorithms. Our results indicate that all AES ciphers offer reasonable performance in Java, the fastest algorithm being about twice as fast as the slowest.

A Description of the MISTY1 Encryption Algorithm

Abstract: This document describes a secret-key cryptosystem MISTY1, which is block cipher with a 128-bit key, a 64-bit block and a variable number of rounds. It documents the algorithm description including key scheduling part and data randomizing part.

Data Encryption using DES/Triple-DES Functionality in Spartan-II FPGAs

Abstract: Summary Today’s connected society requires secure data encryption devices to preserve data privacy and authentication in critical applications. Of the several data encryption types, Data Encryption Standard (DES) and its variant Triple-DES (TDES) have emerged to be the most commonly used in varying applications. The Spartan™-II devices with their extensive features and cost effectiveness compete effectively against ASICs and ASSPs. Through the value proposition of the DES/TDES IP in a Spartan-II FPGA, the programmable ASSP message is further confirmed. There is an immense value in integrating critical IP solutions like Discrete Cosine Transform/Inverse DCT (DCT/IDCT) and DES within a Xilinx FPGA to enhance performance and security in communication applications. A FPGA-based DES/TDES solution provides the necessary scalability and flexibility to handle all these applications and allows for tracking of new standards.

On the hardware design for DES cipher in tamper resistant devices against differential fault analysis

Abstract: In the past 20 years, DES has been the most widely used symmetric block cipher for information security. Recently, a novel method called Differential Fault Analysis (DFA) has been proposed to attack DES. Under the assumption that the attacker can induce errors into the cipher device, the key of DES can be unveiled easily. The assumed technique is not mature today, but is like to appear in the near future, especially for attacking a tamper resistant device with an embedded DES VLSI chip. In this paper, we proposed a new hardware design for the DES cipher to resist DFA. By adding some protection circuitry, all the unidirectional faults induced into the registers of a DES chip can be detected, and then alter to the cryptosystem immediately. A hardware emulation experiment using Altera's CPLD chip shows the effectiveness of the protection design.

A Note on the Block Cipher Camellia

Abstract: Camellia is a block cipher jointly developed by NTT and Mitsubishi in 2000. In this note, we describe some observations on the design of the cipher.

A 155 Mbps Triple-DES Network Encryptor

Abstract: The presented Triple-DES encryptor is a single-chip solution to encrypt network communication. It is optimized for throughput and fast switching between virtual connections like found in ATM networks. A broad range of optimization techniques were applied to reach encryption rates above 155 Mbps even for Triple-DES encryption in outer CBC mode. A high-speed logic style and full-custom design methodology made first-time working silicon on a standard 0.6 µm CMOS process possible. Correct functionality of the prototype was verified up to a clock rate of 275 MHz.

How to Make DES-Based Smartcards Fit for the 21-St Century

Abstract: With its 56-bit key size, the data encryption standard (DES) seems to be at end of its useful lifetime. Also, the 64-bit DES block size is dangerously small for some applications. We discuss techniques such as triple DES and DESX to push up the key size, and we present DEALKX to increase both block and key size. We propose DEALKX, a new variant of DEAL with an improved key schedule.

The Block Cipher: SEA2 With Provable Resistance Against DC and LC Attacks.

Abstract: SHIH-HSU CHANG, FANG-HSUAN CHENG* AND WEN-HSING HSU+,++ Department of Computer Science and Information Engineering Da-Yeh Unviersity Changhwa, Taiwan 515, R.O.C. Department of Computer Science Chung-Hua University Hsinchu, Taiwan 300, R.O.C. Department of Electrical Engineering National Tsing Hua Univeristy Hsinchu, Taiwan 300, R.O.C. E-mail: whhsu©snoopy.ee.nthu.edu.tw ++ Institute of Information Science Academia Sinica Taipei, Taiwan 115, R.O.C.

A 155 Mbps Triple-DES network encryptor

Abstract: The presented Triple-DES encryptor is a single-chip solution to encrypt network communication. It is optimized for throughput and fast switching between virtual connections like found in ATM networks. A broad range of optimization techniques were applied to reach encryption rates above 155 Mbps even for Triple-DES encryption in outer CBC mode. A high-speed logic style and full-custom design methodology made first-time working silicon on a standard 0.6 pm CMOS process possible. Correct functionality of the prototype was verified up to a clock rate of 275 MHz.

Symmetric Block Ciphers Based on Group Bases

Abstract: We introduce a new family of symmetric block ciphers based on group bases. The main advantage of our approach is its full scalability. It enables us to construct, for instance, a trivial 8-bit Caesar cipher as well as a strong 256-bit cipher with 512-bit key, both from the same specification. We discuss the practical aspects of the design, especially the choice of carrier groups, generation of random group bases and an efficient factorization algorithm. We also describe how the cryptographic properties of the system are optimized, and analyze the influence of parameters on its security. Finally we present some experimental results regarding the speed and security of concrete ciphers from the family.

Report on the Symmetric Key Block Cipher Modes of Operation Workshop | NIST

Abstract: Elaine Barker extended a welcome to the workshop attendees and served as the workshop moderator. Elaine stated that the purpose of this workshop was to discuss the modes for protecting data using symmetric key block cipher techniques such as the Advanced Encryption Standard (AES). NIST plans to develop a new modes standard that is written to be independent of specific key or block sizes for specific algorithms, and to include the four DES modes (ECB, CBC, ECB, OFB) that were originally defined in Federal Information Processing Standard (FIPS) 81. Since FIPS 81 was written to be specific to DES and its key and block size, a new standard is needed that will address other symmetric key block cipher algorithms such as AES. Since the world has advanced beyond the world of the 1980s, other modes for protecting data for applications using these technologies are required. The intent of this workshop was to discuss additional modes, the security they afford and their applications. NIST would like to minimize the number of additional modes in order to avoid unnecessary implementation costs and promote interoperability.

New Block Cipher DONUT Using Pairwise Perfect Decorrelation

Abstract: Vaudenay[1] proposed a new way of protecting block ciphers against classes of attacks, which was based on the notion of decorrelation He also suggested two block cipher families COCONUT and PEANUT Wagner[2] suggested a new differential-style attack called boomerang attack and cryptanalysed COCONUT'98 In this paper we will suggest a new block cipher called DONUT which is made by two pairwise perfect decorrelation modules DONUT is secure against boomerang attack

A New Redundancy Reducing Cipher

Abstract: This paper discusses a known-plaintext attack on a redundancy reducing cipher method which is proposed by Wayner. We also propose an extension of Wayner's redundancy reducing cipher scheme so that the security will be improved greatly.

Method and apparatus for protecting copy control information provided to a video recording device

Abstract: A video source device includes a cipher unit. The cipher unit includes a block cipher and a stream cipher. The video source device uses the block cipher to generate at least one cipher key for use by the stream cipher to generate cipher bits for ciphering video to be transmitted to a video recording device. The video source device further provides n bits of copy control information to the video recording device. The video source device incorporates the n-bit copy control information as part of an initialization value, and initializes a register of a round function of the block cipher with the initialization value. The video recording device also includes a cipher unit of like kind, and operates the block and stream ciphers in like manner to decipher the ciphered video received from the video source device. Upon receiving the n-bit copy control information, the video recording device also forms an initialization value and initializes a corresponding register of the corresponding round function of its block cipher. Accordingly, protection is provided to the copy control information.

A Polynomial-Time Universal Security Amplifier in the Class of Block Ciphers

Abstract: We demonstrate the existence of an efficient block cipher with the property that whenever it is composed with any nonperfect cipher, the resulting product is strictly more secure, against an ideal adversary, than the original cipher We call this property universal security amplification, and note that it holds trivially for a one-time pad (a stream cipher) However, as far as we are aware, this is the first efficient block cipher with this property Several practical implications of this result are considered

Telnet Encryption: DES 64 bit Cipher Feedback

Abstract: This document specifies how to use the DES encryption algorithm in cipher feedback mode with the telnet encryption option

Data Encryption Standard (DES).

Abstract: Der „Data Encryption Algorithm“ (DEA) ist das erste und bis heute einzige in einem internationalen Standard spezifizierte Verschlusselungsverfahren (DES). Auf Initiative des amerikanischen National Bureau of Standards (NBS), dem Vorlaufer des heutigen National Institute of Standards and Technology (NIST), entwickelte IBM die Chiffre Lucifer, die 1975 zur Standardisierung vorgeschlagen wurde. Die National Security Agency (NSA) modifizierte den Algorithmus: Die internen Substitutionen wurden verandert, und die Schlussellange von 128 bit auf 56 bit verkurzt. Dieses Verfahren wurde – ungeachtet Protesten aus der Fachwelt – 1977 amerikanischer Standard [NSA_77].

Information recording apparatus, information reproducing apparatus, information recording medium, information recording method, information reproducing method, and program providing medium

Abstract: PROBLEM TO BE SOLVED: To provide an information recording apparatus which is enhanced in security and improved in key storing structure in encryption of data to be stored in a storage means. SOLUTION: For example, in data storing structure for data storage means of a flush memory, etc., an encryption key applying for each sector is made the key being different each other. These encryption processing keys are stored in headers of the contents. Because the same key is used in the same sector even in the block of which key is different, the number of storage keys is limited, thereby restraining increase of storage key data. As for the key which is selected for each sector, one or more than two keys are selected depending on the applying encryption processing, for example, a single DES, a triple DES, etc., and sector data encryption and decoding processing are executed.

Robustness-Agile Encryptor for ATM Networks

Abstract: This paper describes a robustness-agile ATM encryption unit which exploits parallel control processes. A VLSI chip implementing these concepts is presented. This single-chip encryptor performs CBC-mode Triple-DES encryption up to 155 Mbps with delays well below one ATM cell period. The microchip advances the field of confidentiality services in ATM networks in several dimensions: First, the delay introduced due to encryption has been minimized and is negligible in terms of Quality of Services requirements of delay sensitive applications. Second, outer-CBC Triple-DES is supported at 155 Mbps, so far not used by ATM encryptors. Third, the unit is scalable in the number of virtual connections, i.e. the number of agile session keys. Finally, the single-chip approach allows to integrate encryption into the end-user ATM access device, such as a desktop PC.