|
Hierocrypt
In cryptography, Hierocrypt-L1 and Hierocrypt-3 are block ciphers created by Toshiba in 2000. They were submitted to the NESSIE project, but were not selected. Both algorithms were among the cryptographic techniques recommended for Japanese government use by CRYPTREC in 2003, however, both have been dropped to "candidate" by CRYPTREC revision in 2013. The Hierocrypt ciphers are very similar, differing mainly in block size: 64 bits for Hierocrypt-L1, 128 bits for Hierocrypt-3. Hierocrypt-L1's key size is 128 bits, while Hierocrypt-3 can use keys of 128, 192, or 256 bits. The number of rounds of encryption also varies: Hierocrypt-L1 uses 6.5 rounds, and Hierocrypt-3 uses 6.5, 7.5, or 8.5, depending on the key size. The Hierocrypt ciphers use a nested substitution–permutation network (SPN) structure. Each round consists of parallel applications of a transformation called the ''XS-box'', followed by a linear diffusion operation. The final half-round replaces the diffusion with a ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
CRYPTREC
CRYPTREC is the Cryptography Research and Evaluation Committees set up by the Japanese Government to evaluate and recommend cryptographic techniques for government and industrial use. It is comparable in many respects to the European Union's NESSIE project and to the Advanced Encryption Standard process run by National Institute of Standards and Technology in the U.S. Comparison with NESSIE There is some overlap, and some conflict, between the NESSIE selections and the CRYPTREC draft recommendations. Both efforts include some of the best cryptographers in the world therefore conflicts in their selections and recommendations should be examined with care. For instance, CRYPTREC recommends several 64 bit block ciphers while NESSIE selected none, but CRYPTREC was obliged by its terms of reference to take into account existing standards and practices, while NESSIE was not. Similar differences in terms of reference account for CRYPTREC recommending at least one stream cipher, RC4, while ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Integral Cryptanalysis
In cryptography, integral cryptanalysis is a cryptanalytic attack that is particularly applicable to block ciphers based on substitution–permutation networks. It was originally designed by Lars Knudsen as a dedicated attack against Square, so it is commonly known as the Square attack. It was also extended to a few other ciphers related to Square: CRYPTON, Rijndael, and SHARK. Stefan Lucks generalized the attack to what he called a ''saturation attack'' and used it to attack Twofish, which is not at all similar to Square, having a radically different Feistel network structure. Forms of integral cryptanalysis have since been applied to a variety of ciphers, including Hierocrypt, IDEA, Camellia, Skipjack, MISTY1, MISTY2, SAFER++, KHAZAD, and ''FOX'' (now called IDEA NXT). Unlike differential cryptanalysis, which uses pairs of chosen plaintexts with a fixed XOR difference, integral cryptanalysis uses sets or even multisets of chosen plaintexts of which part is held consta ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
NESSIE
NESSIE (New European Schemes for Signatures, Integrity and Encryption) was a European research project funded from 2000 to 2003 to identify secure cryptographic primitives. The project was comparable to the NIST AES process and the Japanese Government-sponsored CRYPTREC project, but with notable differences from both. In particular, there is both overlap and disagreement between the selections and recommendations from NESSIE and CRYPTREC (as of the August 2003 draft report). The NESSIE participants include some of the foremost active cryptographers in the world, as does the CRYPTREC project. NESSIE was intended to identify and evaluate quality cryptographic designs in several categories, and to that end issued a public call for submissions in March 2000. Forty-two were received, and in February 2003 twelve of the submissions were selected. In addition, five algorithms already publicly known, but not explicitly submitted to the project, were chosen as "selectees". The project has ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Integral Attack
In cryptography, integral cryptanalysis is a cryptanalytic attack that is particularly applicable to block ciphers based on substitution–permutation networks. It was originally designed by Lars Knudsen as a dedicated attack against Square, so it is commonly known as the Square attack. It was also extended to a few other ciphers related to Square: CRYPTON, Rijndael, and SHARK. Stefan Lucks generalized the attack to what he called a ''saturation attack'' and used it to attack Twofish, which is not at all similar to Square, having a radically different Feistel network structure. Forms of integral cryptanalysis have since been applied to a variety of ciphers, including Hierocrypt, IDEA, Camellia, Skipjack, MISTY1, MISTY2, SAFER++, KHAZAD, and ''FOX'' (now called IDEA NXT). Unlike differential cryptanalysis, which uses pairs of chosen plaintexts with a fixed XOR difference, integral cryptanalysis uses sets or even multisets of chosen plaintexts of which part is held constant and ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
MDS Matrix
An MDS matrix (maximum distance separable) is a matrix representing a function with certain diffusion properties that have useful applications in cryptography. Technically, an m \times n matrix A over a finite field K is an MDS matrix if it is the transformation matrix of a linear transformation f(x) = Ax from K^n to K^m such that no two different (m + n)-tuples of the form (x, f(x)) coincide in n or more components. Equivalently, the set of all (m + n)-tuples (x, f(x)) is an MDS code, i.e., a linear code that reaches the Singleton bound. Let \tilde A = \begin \mathrm_n \\ \hline \mathrm \end be the matrix obtained by joining the identity matrix \mathrm_n to A. Then a necessary and sufficient condition for a matrix A to be MDS is that every possible n \times n submatrix obtained by removing m rows from \tilde A is non-singular. This is also equivalent to the following: all the sub-determinants of the matrix A are non-zero. Then a binary matrix A (namely over the field with two el ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Cryptanalysis
Cryptanalysis (from the Greek ''kryptós'', "hidden", and ''analýein'', "to analyze") refers to the process of analyzing information systems in order to understand hidden aspects of the systems. Cryptanalysis is used to breach cryptographic security systems and gain access to the contents of encrypted messages, even if the cryptographic key is unknown. In addition to mathematical analysis of cryptographic algorithms, cryptanalysis includes the study of side-channel attacks that do not target weaknesses in the cryptographic algorithms themselves, but instead exploit weaknesses in their implementation. Even though the goal has been the same, the methods and techniques of cryptanalysis have changed drastically through the history of cryptography, adapting to increasing cryptographic complexity, ranging from the pen-and-paper methods of the past, through machines like the British Bombes and Colossus computers at Bletchley Park in World War II, to the mathematically advanced comput ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Nothing Up My Sleeve Number
In cryptography, nothing-up-my-sleeve numbers are any numbers which, by their construction, are above suspicion of hidden properties. They are used in creating cryptographic functions such as hashes and ciphers. These algorithms often need randomized constants for mixing or initialization purposes. The cryptographer may wish to pick these values in a way that demonstrates the constants were not selected for a nefarious purpose, for example, to create a backdoor to the algorithm. These fears can be allayed by using numbers created in a way that leaves little room for adjustment. An example would be the use of initial digits from the number as the constants. Using digits of millions of places after the decimal point would not be considered trustworthy because the algorithm designer might have selected that starting point because it created a secret weakness the designer could later exploit. Digits in the positional representations of real numbers such as , ''e'', and irration ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Key Schedule
In cryptography, the so-called product ciphers are a certain kind of cipher, where the (de-)ciphering of data is typically done as an iteration of ''rounds''. The setup for each round is generally the same, except for round-specific fixed values called a round constant, and round-specific data derived from the cipher key called a round key. A key schedule is an algorithm that calculates all the round keys from the key. Some types of key schedules *Some ciphers have simple key schedules. For example, the block cipher TEA splits the 128-bit key into four 32-bit pieces and uses them repeatedly in successive rounds. *DES has a key schedule in which the 56-bit key is divided into two 28-bit halves; each half is thereafter treated separately. In successive rounds, both halves are rotated left by one or two bits (specified for each round), and then 48 round key bits are selected by Permuted Choice 2 (PC-2) – 24 bits from the left half and 24 from the right. The rotations have t ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Substitution Box
In cryptography, an S-box (substitution-box) is a basic component of symmetric key algorithms which performs substitution. In block ciphers, they are typically used to obscure the relationship between the key and the ciphertext, thus ensuring Shannon's property of confusion. Mathematically, an S-box is a vectorial Boolean function. In general, an S-box takes some number of input bits, ''m'', and transforms them into some number of output bits, ''n'', where ''n'' is not necessarily equal to ''m''. An ''m''×''n'' S-box can be implemented as a lookup table with 2''m'' words of ''n'' bits each. Fixed tables are normally used, as in the Data Encryption Standard (DES), but in some ciphers the tables are generated dynamically from the key (e.g. the Blowfish and the Twofish encryption algorithms). Example One good example of a fixed table is the S-box from DES (S5), mapping 6-bit input into a 4-bit output: Given a 6-bit input, the 4-bit output is found by selecting the row using th ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Key Whitening
In cryptography, key whitening is a technique intended to increase the security of an iterated block cipher. It consists of steps that combine the data with portions of the key. Details The most common form of key whitening is xor-encrypt-xor -- using a simple XOR before the first round and after the last round of encryption. The first block cipher to use a form of key whitening is DES-X, which simply uses two extra 64-bit keys for whitening, beyond the normal 56-bit key of DES. This is intended to increase the complexity of a brute force attack, increasing the effective size of the key without major changes in the algorithm. DES-X's inventor, Ron Rivest, named the technique ''whitening''. The cipher FEAL (followed by Khufu and Khafre) introduced the practice of key whitening using portions of the same key used in the rest of the cipher. This offers no additional protection from brute force attacks, but it can make other attacks more difficult. In a Feistel cipher or similar al ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Diffusion (cryptography)
In cryptography, confusion and diffusion are two properties of the operation of a secure cipher identified by Claude Shannon in his 1945 classified report ''A Mathematical Theory of Cryptography'.'' These properties, when present, work to thwart the application of statistics and other methods of cryptanalysis. These concepts are also important in the design of secure hash functions and pseudorandom number generators where decorrelation of the generated values is the main feature. Definition Confusion Confusion means that each binary digit (bit) of the ciphertext should depend on several parts of the key, obscuring the connections between the two. The property of confusion hides the relationship between the ciphertext and the key. This property makes it difficult to find the key from the ciphertext and if a single bit in a key is changed, the calculation of most or all of the bits in the ciphertext will be affected. Confusion increases the ambiguity of ciphertext and it is ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Substitution–permutation Network
In cryptography, an SP-network, or substitution–permutation network (SPN), is a series of linked mathematical operations used in block cipher algorithms such as AES (Rijndael), 3-Way, Kalyna, Kuznyechik, PRESENT, SAFER, SHARK, and Square. Such a network takes a block of the plaintext and the key as inputs, and applies several alternating ''rounds'' or ''layers'' of substitution boxes (S-boxes) and permutation boxes (P-boxes) to produce the ciphertext block. The S-boxes and P-boxes transform of input bits into output bits. It is common for these transformations to be operations that are efficient to perform in hardware, such as exclusive or (XOR) and bitwise rotation. The key is introduced in each round, usually in the form of "round keys" derived from it. (In some designs, the S-boxes themselves depend on the key.) Decryption is done by simply reversing the process (using the inverses of the S-boxes and P-boxes and applying the round keys in reversed order). Components ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
