B. Preneel, V. Rijmen, and A. Bosselaers, \Recent developments in the design of conventional cryptographic algorithms," Computer Security and Industrial Cryptography - State of the Art and Evolution, LNCS, Springer-Verlag, to appear.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....messages is also investigated in Section 4.2.3. A surprising observation is that 3DES is only approximately twice as slow as DES, even though 3DES consists of a DES encryption, followed by a DES decryption, and a final DES encryption [NIST99] A similar ratio was found in Preneel s measurements [PRA98], but not explained. This speed ratio remained even when the JIT compiler was removed, indicating that it was due to an optimisation in the J Crypto code. Some implementations that we examined, including Crypto and Cryptix [Sys99] simply invoke their DES code three times, which forces 3DES to be ....

B. Preneel, V. Rijmen, and A. Bosselaers. Recent developments in the design of conventional cryptographic algorithms. In State of the Art in Applied Cryptography: Course on Computer Security and Industrial Cryptography - Revised Lectures, pp.105-30, Lecture Notes in Computer Science vol. 1528. Springer-Verlag, Berlin, 1998.

....decryption algorithms are defined by ##### ## ## ## ## ## ## (1) # # # # # ## ## ## ## ## ## ## # ## (2) where the dimension of all matrices is #x#,and# is a random data. 2.4.2. Fast Block Cipher The proposed one time pad cipher can serve as a strong cryptographic nonlinearity primitive [4]. Encryption Alice 1. Generate a random matrix # and encrypt the initial states. 2. Create a random hashcode # # .3. Encipher a message matrix # such as # # # # # ## # # #. 4. Send encrypted initial states and a cipher matrix # to Bob. Decryption Bob 1. Decipher seeds. 2. Generate a random ....

B. Preneel, V. Rijmen, and A. Bosselaers, "Recent Developments in the Design of Conventional Cryptographic Algorithms ", State of the Art in Applied Cryptography, B. Preneel and V. Rijmen (Eds.), Lecture Notes in Computer Science 1528, Springer-Verlag, 1998

....can be greatly enhanced using today s technology. These speeds are significantly faster than the best software implementations of DES [8] 9] 10] which typically have throughputs below 100 Mbit s, although implementations operating in the 130 Mbit s range have been reported as well [8] [11]. This performance di#erential is an expected result of DES having been designed in the 1970s with hardware implementations in mind. Other block ciphers have been implemented in FPGAs with varying degrees of success. A typical example is the IDEA block cipher which has been implemented at speeds ....

B. Preneel, V. Rijmen, and A. Bosselaers, "Recent Developments in the Design of Conventional Cryptographic Algorithms," in Computer Security and Industrial Cryptography, State of the Art and Evolution (B. Preneel and V. Rijmen, eds.), vol. LNCS 1528, pp. 106--131, Springer-Verlag, 1998.

....PipeRench implemented in 0.35 micron technology is expected in October 1999. It will have 16 stripes. Processor Clock Speed Clocks Throughput per Block (MBytes sec) PipeRench (template) 100 MHz 6. 3 126.6 PipeRench (compiler) 100 MHz 12 66.3 Pentium II using MMX [21] 450 MHz 358 10.0 Pentium [23] (scaled) 450 MHz 590 6.1 IDEACrypt Kernel [22] 100 MHz 3 90.0 Table 1. Comparison of IDEA implementations. In Table 1 we compare both the template and compiler generated IDEA to optimized software implementations running on state of the art processors, and to custom VLSI designs. PipeRench ....

B. Preneel, V. Rijmen, and A. Bosselaers. Recent developments in the design of conventional cryptographic algorithms. In Computer Security and Industrial Cryptography, volume 1528 of Lecture Notes in Computer Science, pages 106--131. Springer-Verlag, 1998.

.... a primitive in a pseudo random number generator suitable for generating session keys, public key parameters, protocol nonces, and so on [Plu94, KSWH98a, Gut98, KSWH98c] 23 These metrics are based on theoretical analyses of the algorithms and actual hand tooled assembly language implementations [SW97, PRB98]. 53 Algorithm Key Length Width (bits) Rounds Cycles Clocks Byte Two sh variable 128 16 8 18.1 Blow sh variable 64 16 8 19.8 Square 128 128 8 8 20.3 RC5 32 16 variable 64 32 16 24.8 CAST 128 128 64 16 8 29.5 DES 56 64 16 8 43 Serpent 128, 192, 256 128 32 32 45 SAFER (S)K 128 128 64 8 8 ....

B. Preneel, V. Rijmen, A. Bosselaers, \Recent Developments in the Design of Conventional Cryptographic Algorithms," State of the Art and Evolution of Computer Security and Industrial Cryptography, Lecture Notes in Computer Science, B. Preneel, R. Govaerts, J. Vandewalle, Eds., Springer-Verlag, 1998, to appear.

.... a primitive in a pseudo random number generator suitable for generating session keys, public key parameters, protocol nonces, and so on [Plu94, KSWH98a, Gut98, KSWH98c] 23 These metrics are based on theoretical analyses of the algorithms and actual hand tooled assembly language implementations [SW97, PRB98]. 53 Algorithm Key Length Width (bits) Rounds Cycles Clocks Byte Twofish variable 128 16 8 18.1 Blowfish variable 64 16 8 19.8 Square 128 128 8 8 20.3 RC5 32 16 variable 64 32 16 24.8 CAST 128 128 64 16 8 29.5 DES 56 64 16 8 43 Serpent 128, 192, 256 128 32 32 45 SAFER (S)K 128 128 64 8 8 ....

B. Preneel, V. Rijmen, A. Bosselaers, "Recent Developments in the Design of Conventional Cryptographic Algorithms," State of the Art and Evolution of Computer Security and Industrial Cryptography, Lecture Notes in Computer Science, B. Preneel, R. Govaerts, J. Vandewalle, Eds., Springer-Verlag, 1998, to appear.

.... a primitive in a pseudo random number generator suitable for generating session keys, public key parameters, protocol nonces, and so on [Plu94, KSWH98a, Gut98, KSWH98c] 23 These metrics are based on theoretical analyses of the algorithms and actual hand tooled assembly language implementations [SW97, PRB98]. 53 Algorithm Key Length Width (bits) Rounds Cycles Clocks Byte Twofish variable 128 16 8 18.1 Blowfish variable 64 16 8 19.8 Square 128 128 8 8 20.3 RC5 32 16 variable 64 32 16 24.8 CAST 128 128 64 16 8 29.5 DES 56 64 16 8 43 Serpent 128, 192, 256 128 32 32 45 SAFER (S)K 128 128 64 8 8 ....

B. Preneel, V. Rijmen, A. Bosselaers, "Recent Developments in the Design of Conventional Cryptographic Algorithms," State of the Art and Evolution of Computer Security and Industrial Cryptography, Lecture Notes in Computer Science, B. Preneel, R. Govaerts, J. Vandewalle, Eds., Springer-Verlag, 1998, to appear.

....implemented in 0.35 micron technology is expected in October 1999. It will have 16 stripes. 9 Processor Clock Speed Clocks Throughput per Block (MBytes sec) PipeRench (template) 100 MHz 6. 3 126.6 PipeRench (compiler) 100 MHz 12 66.3 Pentium II using MMX [21] 450 MHz 358 10.0 Pentium [23] (scaled) 450 MHz 590 6.1 IDEACrypt Kernel [22] 100 MHz 3 90.0 Tab l e 1 . Comparison of IDEA implementations. In Table 1 we compare both the template and compiler generated IDEA to optimized software implementations running on state of the art processors, and to custom VLSI designs. PipeRench ....

B. Preneel, V. Rijmen, and A. Bosselaers. Recent developments in the design of conventional cryptographic algorithms. In Computer Security and Industrial Cryptography, volume 1528 of Lecture Notes in Computer Science, pages 106--131. Springer-Verlag, 1998.

No context found.

B. Preneel, V. Rijmen, and A. Bosselaers, \Recent developments in the design of conventional cryptographic algorithms," Computer Security and Industrial Cryptography - State of the Art and Evolution, LNCS, Springer-Verlag, to appear.

....SPEED is broken For a cryptographic engineer, this means that the still secure variants of SPEED are significantly slower than other secure alternatives. Table 2 compares the throughput of SPEED with the throughput of other block ciphers. Benchmarks for the other algorithms were taken from [10, 6] 1 . We only include the SPEED blocklength and round number pairings that we believe are secure. Algorithm Block width # rounds Clocks byte of output Blowfish 64 16 19.8 Square 128 8 20.3 RC5 32 16 64 16 24.8 CAST 128 64 16 29.5 DES 64 16 43 SAFER (S)K 128 64 8 52 IDEA 64 8 74 ....

....of thinking about these attacks. Surprisingly many of the obvious di#erential attacks did not work against the cipher, although it s not obvious that a di#erent choice of F functions would present the same problems. 1 In [12] the author compares di#eret variants of SPEED with IDEA. Since [10, 6] both benchmark IDEA twice as fast as [12] we performed our own e#ciency analysis on SPEED. We estimate that a fully optimized version of SPEED on a Pentium will take 20 clock cycles per round, for word sizes of 64 bits, 128 bits, and 256 bits. 12 ....

B. Preneel, V. Rijmen, and A. Bosselaers, "Recent developments in the design of conventional cryptographic algorithms," Computer Security and Industrial Cryptography - State of the Art and Evolution, LNCS, Springer-Verlag, to appear.

....that SPEED is broken For a cryptographic engineer, this means that the still secure variants of SPEED are significantly slower than other secure alternatives. Table 2 compares the throughput of SPEED with the throughput of other block ciphers. Benchmarks for the other algorithms were taken from [10, 6] 1 . We only include the SPEED blocklength and round number pairings that we believe are secure. Algorithm Block width # rounds Clocks byte of output Blowfish 64 16 19.8 Square 128 8 20.3 RC5 32 16 64 16 24.8 CAST 128 64 16 29.5 DES 64 16 43 SAFER (S)K 128 64 8 52 IDEA 64 8 74 Triple DES 64 48 ....

....of thinking about these attacks. Surprisingly many of the obvious differential attacks did not work against the cipher, although it s not obvious that a different choice of F functions would present the same problems. 1 In [12] the author compares differet variants of SPEED with IDEA. Since [10, 6] both benchmark IDEA twice as fast as [12] we performed our own efficiency analysis on SPEED. We estimate that a fully optimized version of SPEED on a Pentium will take 20 clock cycles per round, for word sizes of 64 bits, 128 bits, and 256 bits. ....

B. Preneel, V. Rijmen, and A. Bosselaers, "Recent developments in the design of conventional cryptographic algorithms," Computer Security and Industrial Cryptography - State of the Art and Evolution, LNCS, Springer-Verlag, to appear.

No context found.

B. Preneel, V. Rijmen, and A. Bosselaers. Recent developments in the design of conventional cryptographic algorithms. In B. Preneel and V. Rijmen, editors, State of the Art in Applied Cryptography, Lecture Notes in Computer Science Volume 1528, pages 105-130, Springer-Verlag, 1998.

No context found.

B. Preneel, V. Rijmen, and A. Bosselaers, "Recent Developments in the Design of Conventional Cryptographic Algorithms," Proc. Computer Security and Industrial Cryptography, Lecture Notes in Computer Science, Vol. 1528, Springer-Verlag, New York, 1998, pp. 106-131.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC