Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, Niels Ferguson  Home/Search
Context Related
| berkeley.edu/~daw/pa...twofishaes98.ps Cached: PS.gz PS PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
Image Update HelpPS.gz PS PDF From: berkeley.edu/~daw/papers/ (more) (Enter author homepages) |
Rate this article:      (best)Comment on this article |
Abstract: Twofish is a 128-bit block cipher that accepts a variable-length key up to 256 bits. The cipher is a 16-round Feistel network with a bijective F function made up of four key-dependent 8-by-8-bit S-boxes, a fixed 4-by-4 maximum distance separable matrix over GF(2 8 ), a pseudo-Hadamard transform, bitwise rotations, and a carefully designed key schedule. A fully optimized implementation of Twofish encrypts on a Pentium Pro at 17.8 clock cycles per byte, and an 8-bit smart card implementation... (Update)
Cited by: More
Characteristics of Key-Dependent S-Boxes: the Case of Twofish - Macchetti (2005) (Correct)
Cryptographic Access Control in a Distributed File System - Christian (2003) (Correct)
On the Differential and Linear Properties of Addition - Wallén (2003) (Correct)
Similar documents (at the sentence level):
67.3%: Twofish: A 128-Bit Block Cipher - Schneier, Kelsey, Whiting, Wagner.. (1998) (Correct)
12.5%: On The Twofish Key Schedule - Schneier, Kelsey, Whiting, Wagner.. (1998) (Correct)
5.3%: On the Twofish Key Schedule - Schneier, Kelsey, Whiting, Wagner.. (1998) (Correct)
Active bibliography (related documents): More All
1.6: Recent Developments in the Design of Conventional.. - Preneel, Rijmen.. (1998) (Correct)
1.4: Unbalanced Feistel Networks and Block-Cipher Design - Schneier, Kelsey (1996) (Correct)
1.4: Block Ciphers - Robshaw (1995) (Correct)
Similar documents based on text: More All
1.3: The Saturation Attack - a Bait for Twofish - Lucks (2000) (Correct)
1.2: Improved Impossible Differentials on Twofish - Biham, Furman (2000) (Correct)
1.2: New Results on the Twofish Encryption Algorithm - Schneier, Kelsey, Whiting.. (1999) (Correct)
Related documents from co-citation: More All
9: MARS --- A Candidate Cipher for AES - Burwick, Coppersmith et al.
7: AES Round 2 public comment (context) - Barreto, comment - 2000
7: The RC6 Block Cipher - Rivest, Robshaw et al. - 1998
BibTeX entry: (Update)
Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson. Twofish: A 128-Bit Block Cipher. In Selected Areas in Cryptography '98, June 1998. Lecture Notes in Computer Science (these proceedings). http://citeseer.ist.psu.edu/article/schneier98twofish.html More
@inproceedings{ schneier98twofish,
author = "Bruce Schneier and John Kelsey and Doug Whiting and David Wagner and Chris Hall",
title = "On the Twofish Key Schedule",
booktitle = "Selected Areas in Cryptography",
pages = "27-42",
year = "1998",
url = "citeseer.ist.psu.edu/article/schneier98twofish.html" }
Citations (may not include all citations):860 The Theory of Error-Correcting Codes (context) - MacWilliams, Sloane - 1977
635 New Directions in Cryptography - Diffie, Hellman - 1976 ACM
601 A Public-Key Cryptosystem and a Signature Scheme Based on Di.. (context) - ElGamal - 1985
288 Linear Cryptanalysis Method for DES Cipher (context) - Matsui - 1994 ACM
202 Data Encryption Standard (context) - of, NBS - 1977 ACM
189 Keying Hash Functions for Message Authentication - Bellare, Canetti et al. - 1996 ACM DBLP
161 Differential Cryptanalysis of the Data Encryption Standard (context) - Biham, Shamir - 1993 ACM
143 Digital Signature Standard (context) - of, Technologies et al. - 1994
135 the Importance of Checking Cryptographic Protocols for Fault.. - Boneh, DeMillo et al. - 1997
105 Secure Hash Standard (context) - of, Technology - 1993
103 A Proposal for a New Block Encryption Standard - Lai, Massey - 1991 ACM DBLP
88 Markov Ciphers and Differential Cryptanalysis - Lai, Massey et al. - 1991
86 How to Protect DES Against Exhaustive Key Search - Kilian, Rogaway - 1996 ACM DBLP
84 New Types of Cryptanalytic Attacks Using Related Keys - Biham - 1994 ACM DBLP
79 Cryptography and Computer Privacy (context) - Feistel - 1973
54 A Software-Optimized Encryption Algorithm - Rogaway, Coppersmith
52 The Interpolation Attack on Block Ciphers - Jakobsen, Knudsen - 1997 ACM DBLP
51 Exhaustive Cryptanalysis of the NBS Data Encryption Standard (context) - Diffie, Hellman - 1979
50 Two Practical and Provably Secure Block Ciphers: BEAR and LI.. - Anderson, Biham - 1996
50 Analysis and Design of Cryptographic Hash Functions (context) - Preneel - 1993
50 Perfect Nonlinear S-boxes (context) - Nyberg - 1991 DBLP
47 The Block Cipher Square - Daemen, Knudsen et al. - 1997 ACM DBLP
46 Differentially Uniform Mappings for Cryptography (context) - Nyberg - 1994 ACM DBLP
43 the Construction of Highly Nonlinear Permutations (context) - Nyberg - 1993
43 A Fast New DES Implementation in Software - Biham - 1997 ACM DBLP
41 Minimal Key Lengths for Symmetric Ciphers to Provide Adequat.. (context) - Blaze, Diffie et al. - 1996
40 LOKI: A Cryptographic Primitive for Authentication and Secre.. (context) - Brown, Pieprzyk et al. - 1990
39 New Block Encryption Algorithm MISTY (context) - Matsui - 1997 ACM DBLP
39 Linear Cryptanalysis Using Multiple Approximations and FEAL (context) - Jr, Robshaw - 1995
39 Linear Cryptanalysis Using Multiple Approximations (context) - Jr, Robshaw - 1994 ACM DBLP
36 Fast Software Encryption Functions (context) - Merkle - 1991
36 Linear Approximation of Block Ciphers (context) - Nyberg - 1995
36 Improving Resistance to Differential Cryptanalysis and the R.. - Brown, Kwan et al. - 1993 ACM DBLP
34 Some Cryptographic Techniques for Machine-to-Machine Data Co.. (context) - Feistel, Notz et al. - 1975
34 Provable Security Against Differential Cryptanalysis (context) - Nyberg, Knudsen - 1995
34 A Generalization of Linear Cryptanalysis and the Applicabili.. - Harpes, Kramer et al. - 1995
33 Differential Fault Analysis of Secret Key Cryptosystems - Biham, Shamir - 1997 ACM DBLP
33 Side Channel Cryptanalysis of Product Ciphers - Kelsey, Schneier et al. - 1998 ACM DBLP
32 Timing Attacks on Implementations of Diffie-Hellman, RSA, DS.. - Kocher - 1996 ACM DBLP
32 DES Modes of Operation (context) - of, NBS - 1980
32 Truncated and Higher Order Differentials - Knudsen - 1995 DBLP
28 Constructing Symmetric Ciphers Using the CAST Design Procedu.. - Adams - 1997 ACM DBLP
28 New Structure of Block Ciphers with Provable Security Agains.. (context) - Matsui - 1996 ACM DBLP
27 On Matsui's Linear Cryptanalysis - Biham - 1995 DBLP
27 RIPEMD-160: A Strengthened Version of RIPEMD (context) - Dobbertin, Bosselaers et al. - 1996 DBLP
26 the Distribution of Characteristics in Bijective Mappings - O'Connor - 1994
26 On Correlation Between the Order of S-Boxes and the Strength.. (context) - Matsui - 1995
25 Cryptanalytic Attacks on Pseudorandom Number Generators - Kelsey, Schneier et al. - 1998 ACM DBLP
24 DifferentialLinear Cryptanalysis (context) - Langford, Hellman - 1994
22 Cryptanalysis of LOKI - Knudsen - 1993 ACM DBLP
21 Weak Keys for IDEA - Daemen, Govaerts et al. - 1994 ACM DBLP
21 Key-Schedule Cryptanalysis of IDEA, GDES, GOST, SAFER, and T.. - Kelsey, Schneier et al. - 1996
19 Partitioning Cryptanalysis - Harpes, Massey - 1997
18 How to Strengthen DES Using Existing Hardware - Biham, Biryukov - 1994 ACM DBLP
18 An Improvement of Davies' Attack on DES - Biham, Biryukov - 1995 DBLP
17 Tiger: A Fast New Hash Function - Anderson, Biham - 1996
16 personal communication (context) - Coppersmith - 1998
15 Practically Secure Feistel Ciphers - Knudsen - 1994
15 A New Approach to Block Cipher Design (context) - Daemen, Govaerts et al. - 1994 ACM DBLP
15 A High Performance Encryption Algorithm (context) - Madryga - 1984 ACM
14 Improved Cryptanalysis of RC5 (context) - Biryukov, Kushilevitz - 1998 DBLP
14 Serpent: A New Block Cipher Proposal - Biham, Anderson et al. - 1998 DBLP
14 personal communication (context) - Kocher - 1998
14 Non-Linear Approximations in Linear Cryptanalysis - Knudsen, Robshaw - 1996
13 Recent Developments in the Design of Conventional Cryptograp.. - Preneel, Rijmen et al. - 1998
13 SAFER K-64: A ByteOriented Block-Ciphering Algorithm (context) - Massey - 1994
12 Cryptanalysis of LOKI91 (context) - Knudsen - 1993 ACM DBLP
11 Cryptographic Protection for Data Processing Systems (context) - Gosudarstvennyi - 1989
11 A Key-Schedule Weakness in SAFER K-64 (context) - Knudsen - 1995 ACM DBLP
11 Differential Cryptanalysis of Lucifer (context) - Ben-Aroya, Biham - 1994
11 Enumerating Nondegenerate Permutations (context) - O'Connor - 1994
11 On Differential and Linear Cryptanalysis of the RC5 Encrypti.. (context) - Kaliski, Yin - 1995
10 Cryptanalysis of Iterated Block Ciphers (context) - Harpes - 1996
10 Announcing Development of a Federal Information Standard for.. (context) - of, Technology - 1997
10 Announcing Request for Candidate Algorithm Nominations for t.. (context) - of, Technology - 1997
10 Akelarre: A New Block Cipher Algorithm (context) - 'Alvarez, Guia et al. - 1996
10 New Potentially `Weak' Keys for DES and LOKI (context) - Knudsen - 1995
10 Machine Cryptography and Modern Cryptanalysis (context) - Deavours, Kruh - 1985
10 Fast Hashing and Stream Encryption with PANAMA - Daemen, Clapp - 1998 ACM DBLP
10 Cryptanalysis of SPEED - Hall, Kelsey et al. - 1998
10 Cryptanalysis of SPEED - Hall, Kelsey et al. - 1998 ACM DBLP
10 the Distribution of Characteristics in Composite Permutation.. - O'Connor - 1994
9 Secure Applications of Low-Entropy Keys - Kelsey, Schneier et al. - 1998 ACM DBLP
9 Related-Key Cryptanalysis of 3-WAY, Biham-DES, CAST, DES-X, .. (context) - Kelsey, Schneier et al. - 1997 ACM DBLP
9 Software Generation of Random Numbers for Cryptographic Purp.. (context) - Gutmann - 1998
9 Block Ciphers Based on Modular Arithmetic - Daemen, Govaerts et al. - 1993
8 the Security of the CAST Encryption Algorithm (context) - Heys, Tavares - 1994
8 Reconstruction of s 2 DES S-Boxes and their Immunity to Diff.. (context) - Kim, Park et al. - 1993
8 Truly Random Numbers (context) - Plumb - 1994
7 A New Design Concept for Building Secure Block Ciphers (context) - Kiefer - 1996
7 Practical S-Box Design - Mister, Adams - 1996
7 The Data Encryption Standard (DES) and its Strength Against .. (context) - Coppersmith - 1994
7 personal communication (context) - Ferguson - 1996
6 The MacGuffin Block Cipher Algorithm - Blaze, Schneier - 1995 DBLP
6 Block Ciphers --- Analysis, Design, Applications (context) - Knudsen - 1994
6 DESV: A Latin Square Variation of DES (context) - Carter, Dawson et al. - 1995
6 Optimizing a Fast Stream Cipher for VLIW, SIMD, and Supersca.. - Clapp - 1997 ACM DBLP
6 Generalized Feistel Networks (context) - Nyberg - 1996 ACM DBLP
6 The Design of ICE Encryption Algorithm - Kwan - 1997
6 Workshop on Selected Areas in Cryptography (context) - Adams - 1997
6 Differential-Linear Weak Key Classes of IDEA (context) - Hawkes - 1998 DBLP
6 The REDOC-II Cryptosystem (context) - Cusick, Wood - 1991
5 Joint Hardware/Software Design of a Fast Stream Cipher (context) - Clapp - 1998
5 Iterative Characteristics of DES and s 2 DES (context) - Knudsen - 1993
5 A Million Random Digits with (context) - Corporation - 1955
5 the Design and Security of RC2 (context) - Knudsen, Rijmen et al. - 1998
4 Designing S-boxes for Ciphers Resistant to Differential Cryp.. - Adams, Tavares - 1993
4 A ChosenPlaintext Attack on the 16-Round Khufu Cryptosystem (context) - Gilbert, Chauvaud - 1994
4 A Better Key Schedule for DES-Like Ciphers (context) - Blumenthal, Bellovin - 1996
4 Fast Software Implementation of MISTY on Alpha Processors - Nakajima, Matsui - 1997
4 Two Rights Sometimes Make a Wrong - Knudsen, Rijmen - 1997
4 The Importance of `Good' Key Scheduling Schemes (context) - Quisquater, Desmedt et al. - 1986
4 Cipher and Hash Function Design (context) - Daemen
3 Master-Key Cryptosystems (context) - Blaze, Feigenbaum et al. - 1996 ACM
3 Bounds on Non-Uniformity Measures for Generalized Linear Cry.. - Jakobsen, Harpes - 1996
3 Yarrow: A Pseudorandom Number Generator (context) - Kelsey, Schneier et al.
3 Declaration of Independence (context) - Jefferson
3 Differential Cryptanalysis of Snefru, Khafre, REDOC II, LOKI.. - Biham, Shamir - 1992
3 The Block Cipher: SNAKE with Provable Resistance Against DC .. (context) - Lee, Cha - 1997
3 CRISP: A Feistel Network with Hardened Key Scheduling (context) - Leech - 1996
3 Key Schedules of Iterative Block Ciphers (context) - Carter, Dawson et al. ACM DBLP
3 Higher Order Differential Attack of a CAST Cipher (context) - Moriai, Shimoyama et al. - 1998
3 th International Workshop Proceedings (context) - Chabanne, Michon et al. - 1998
3 Interpolation Attacks of the Block Cipher: SNAKE (context) - Moriai, Shimoyama et al. - 1998
3 The Cryptanalysis of FEAL4 with 20 Chosen Plaintexts (context) - Murphy - 1990
2 Securing DES S-boxes Against Three Robust Cryptanalysis - Kim, Lee et al. - 1995
2 Cryptanalysis of Akelarre - Ferguson, Schneier - 1997
2 Higher Order Derivations and Differential Cryptanalysis (context) - Lai - 1994
2 Design of LOK97 (context) - Brown - 1998
2 NSA comments on criteria for AES (context) - McDermott
2 Cryptanalysis of TWOPRIME - Coppersmith, Wagner et al. - 1998
2 Dynamic Swapping Schemes and Differential Cryptanalysis (context) - Kaneko, Koyama et al. - 1994
1 Differential Cryptanalysis of RC5 (context) - Knudsen, Meier - 1997
The graph only includes citing articles where the year of publication is known.
Documents on the same site (http://www.cs.berkeley.edu/~daw/papers/): More
Building PRFs from PRPs - Hall, Wagner, Kelsey, Schneier (1998) (Correct)
Cryptanalysis of TWOPRIME - Coppersmith, Wagner, Schneier, Kelsey (1998) (Correct)
Cryptanalysis of Some Recently-Proposed Multiple Modes of Operation - Wagner (1998) (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC