Results 1 
9 of
9
IDEA: A Cipher for Multimedia Architectures?
 In Selected Areas in Cryptography ’98
, 1998
"... MMX is a new technology to accelerate multimedia applications on Pentium processors. We report an implementation of IDEA on a Pentium MMX that is $1.65$ times faster than any previously known implementation on the Pentium. By parallelizing four IDEA's we reach an unprecedented $78$ Mbits/s thro ..."
Abstract

Cited by 23 (5 self)
 Add to MetaCart
(Show Context)
MMX is a new technology to accelerate multimedia applications on Pentium processors. We report an implementation of IDEA on a Pentium MMX that is $1.65$ times faster than any previously known implementation on the Pentium. By parallelizing four IDEA's we reach an unprecedented $78$ Mbits/s throughput per output block on a 166MHz MMX. In the light of rapidly increasing popularity of multimedia applications, causing more dedicated hardware to be built, and observing that most of the current block ciphers do not benefit from MMX, we raise the problem of designing block ciphers (and encryption modes) fully utilizing the basic operations of multimedia.
Recent Developments in the Design of Conventional Cryptographic Algorithms
 Computer Security and Industrial Cryptography  State of the Art and Evolution, LNCS
, 1998
"... This paper examines proposals for three cryptographic primitives: block ciphers, stream ciphers, and hash functions. It provides an overview of the design principles of a large number of recent proposals, which includes the global structure, the number of rounds, the way of introducing nonlinearity ..."
Abstract

Cited by 13 (3 self)
 Add to MetaCart
This paper examines proposals for three cryptographic primitives: block ciphers, stream ciphers, and hash functions. It provides an overview of the design principles of a large number of recent proposals, which includes the global structure, the number of rounds, the way of introducing nonlinearity and diffusion, and the key schedule. The software performance of about twenty primitives is compared based on highly optimized implementations for the Pentium. The goal of the paper is to provided a technical perspective on the wide variety of primitives that exist today.
On the design and security of RC2
 Fast Software Encryption, Fift International Workshop, FSE’98
, 1998
"... Abstract. The block cipher RC2 was designed in 1989 by Ron Rivest for RSA Data Security Inc. In this paper we describe both the cipher and preliminary attempts to use both differential and linear cryptanalysis. ..."
Abstract

Cited by 8 (6 self)
 Add to MetaCart
(Show Context)
Abstract. The block cipher RC2 was designed in 1989 by Ron Rivest for RSA Data Security Inc. In this paper we describe both the cipher and preliminary attempts to use both differential and linear cryptanalysis.
The MESH Block Ciphers
, 2002
"... This paper describes the MESH block ciphers, whose designs are based on the same group operations as the IDEA cipher, but with a number of novel features: flexible block sizes in steps of 32 bits (the block size of IDEA is fixed at 64 bits); larger MAboxes; distinct keymixing layers for odd an ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
(Show Context)
This paper describes the MESH block ciphers, whose designs are based on the same group operations as the IDEA cipher, but with a number of novel features: flexible block sizes in steps of 32 bits (the block size of IDEA is fixed at 64 bits); larger MAboxes; distinct keymixing layers for odd and even rounds; and new key schedule algorithms that achieve fast avalanche and avoid the weak keys of IDEA. The software performance of MESH ciphers are estimated to be better or comparable to that of tripleDES. A number of attacks, such as truncated and impossible di#erentials, linear and Demirci's attack, shows that more resources are required on the MESH ciphers than for IDEA, and indicates that both ciphers seem to have a large margin of security.
Cryptanalysis of Block Ciphers Using AlmostImpossible Differentials
"... Abstract. In this paper, inspired from the notion of impossible differentials, we present a model to use differentials that are less probable than a random permutation. We introduce such a distinguisher for 2 rounds of Crypton, and present an attack on 6 rounds of this predecessor AES candidate. As ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract. In this paper, inspired from the notion of impossible differentials, we present a model to use differentials that are less probable than a random permutation. We introduce such a distinguisher for 2 rounds of Crypton, and present an attack on 6 rounds of this predecessor AES candidate. As a special case of this idea, we embed parts of the additional rounds around the impossible differential into the distinguisher to make a probabilistic distinguisher with more rounds. We show that with this change, the data complexity is increased but the time complexity may be reduced or increased. Then we discuss that this change in the impossible differential cryptanalysis is commodious and rational when the data complexity is low and time complexity is marginal. 1
Improved square properties of IDEA
"... Block cipher encryption algorithms generally process on word structures of fixed length such as 8 or 16bits. IDEA is one of the most widely used block ciphers and operates on 16bit words. Square analysis is a method that exploits the word structure of block ciphers. Some square distinguishers of ID ..."
Abstract
 Add to MetaCart
(Show Context)
Block cipher encryption algorithms generally process on word structures of fixed length such as 8 or 16bits. IDEA is one of the most widely used block ciphers and operates on 16bit words. Square analysis is a method that exploits the word structure of block ciphers. Some square distinguishers of IDEA are given in previous studies. The best attacks against IDEA use squarelike techniques. In this paper, we focus on the square properties of the IDEA block cipher. We consider all fixed word combinations of the plaintext to investigate the structural behavior of the algorithm. We observe that the cipher can be distinguished from a random permutation by fixing one, two or three subblocks of the cipher for 2 and 3 rounds. We find out novel 3round distinguishers that require 2 16 chosen plaintexts. Furthermore, this approach enables us to propose the first four and five round square distinguishers of IDEA. Key Words: IDEA, block cipher, cryptanalysis
1Recent Developments in the Design of Conventional Cryptographic Algorithms
"... Abstract. This paper examines proposals for three cryptographic primitives: block ciphers, stream ciphers, and hash functions. It provides an overview of the design principles of a large number of recent proposals, which includes the global structure, the number of rounds, the way of introducing n ..."
Abstract
 Add to MetaCart
Abstract. This paper examines proposals for three cryptographic primitives: block ciphers, stream ciphers, and hash functions. It provides an overview of the design principles of a large number of recent proposals, which includes the global structure, the number of rounds, the way of introducing nonlinearity and di®usion, and the key schedule. The software performance of about twenty primitives is compared based on highly optimized implementations for the Pentium. The goal of the paper is to provided a technical perspective on the wide variety of primitives that exist today. 1
2No Title Given No Author Given
"... Abstract. The block cipher RC2 was designed in 1989 by Ron Rivest for RSA Data Security Inc. In this paper we describe both the cipher and preliminary attempts to use both di®erential and linear cryptanalysis. ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract. The block cipher RC2 was designed in 1989 by Ron Rivest for RSA Data Security Inc. In this paper we describe both the cipher and preliminary attempts to use both di®erential and linear cryptanalysis.
1On The Decorrelated Fast Cipher (DFC) and Its Theory?
"... Abstract. In the ¯rst part of this paper the decorrelation theory of Vaudenay is analysed. It is shown that the theory behind the proposed constructions does not guarantee security against stateoftheart di®erential attacks. In the second part of this paper the proposed Decorrelated Fast Cipher ( ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract. In the ¯rst part of this paper the decorrelation theory of Vaudenay is analysed. It is shown that the theory behind the proposed constructions does not guarantee security against stateoftheart di®erential attacks. In the second part of this paper the proposed Decorrelated Fast Cipher (DFC), a candidate for the Advanced Encryption Standard, is analysed. It is argued that the cipher does not obtain provable security against a di®erential attack. Also, an attack on DFC reduced to 6 rounds is given. 1