Results 1  10
of
131
Description of a New VariableLength Key, 64bit Block Cipher (Blowfish)
 IN FAST SOFTWARE ENCRYPTION, CAMBRIDGE SECURITY WORKSHOP PROCEEDINGS
, 1994
"... Blowfish, a new secretkey block cipher, is proposed. It is a Feistel network, iterating a simple encryption function 16 times. The block size is 64 bits, and the key can be any length up to 448 bits. Although there is a complex initialization phase required before any encryption can take place, the ..."
Abstract

Cited by 217 (13 self)
 Add to MetaCart
(Show Context)
Blowfish, a new secretkey block cipher, is proposed. It is a Feistel network, iterating a simple encryption function 16 times. The block size is 64 bits, and the key can be any length up to 448 bits. Although there is a complex initialization phase required before any encryption can take place, the actual encryption of data is very efficient on large microprocessors. The cryptographic community needs to provide the world with a new encryption standard. DES [16], the workhorse encryption algorithm for the past fifteen years, is nearing the end of its useful life. Its 56bit key size is vulnerable to a bruteforce attack [22], and recent advances in differential cryptanalysis [1] and linear cryptanalysis [10] indicate that DES is vulnerable to other attacks as well. Many of the other unbroken algorithms in the literatureKhufu [11,12], REDOC II [2,23, 20], and IDEA [7,8,9]are protected by patents. RC2 and RC4, approved for export with a small key size, are proprietary [18]. GOST [6], a Soviet government algorithm, is specified without the Sboxes. The U.S. government is moving towards secret algorithms, such as the Skipjack algorithm in the Clipper and Capstone chips [17]. If the
PRESENT: An UltraLightweight Block Cipher
 THE PROCEEDINGS OF CHES 2007
, 2007
"... With the establishment of the AES the need for new block ciphers has been greatly diminished; for almost all block cipher applications the AES is an excellent and preferred choice. However, despite recent implementation advances, the AES is not suitable for extremely constrained environments such ..."
Abstract

Cited by 167 (19 self)
 Add to MetaCart
With the establishment of the AES the need for new block ciphers has been greatly diminished; for almost all block cipher applications the AES is an excellent and preferred choice. However, despite recent implementation advances, the AES is not suitable for extremely constrained environments such as RFID tags and sensor networks. In this paper we describe an ultralightweight block cipher, present. Both security and hardware efficiency have been equally important during the design of the cipher and at 1570 GE, the hardware requirements for present are competitive with today’s leading compact stream ciphers.
The Block Cipher SQUARE
 FAST SOFTWARE ENCRYPTION (FSE) 1997
, 1997
"... In this paper we present a new 128bit block cipher called Square. The original design of Square concentrates on the resistance against differential and linear cryptanalysis. However, after the initial design a dedicated attack was mounted that forced us to augment the number of rounds. The goal of ..."
Abstract

Cited by 166 (24 self)
 Add to MetaCart
In this paper we present a new 128bit block cipher called Square. The original design of Square concentrates on the resistance against differential and linear cryptanalysis. However, after the initial design a dedicated attack was mounted that forced us to augment the number of rounds. The goal of this paper is the publication of the resulting cipher for public scrutiny. A C implementation of Square is available that runs at 2.63 MByte/s on a 100 MHz Pentium. Our M68HC05 Smart Card implementation fits in 547 bytes and takes less than 2 msec. (4 MHz Clock). The high degree of parallellism allows hardware implementations in the Gbit/s range today.
Tweakable block ciphers
, 2002
"... Abstract. We propose a new cryptographic primitive, the “tweakable block cipher. ” Such a cipher has not only the usual inputs—message and cryptographic key—but also a third input, the “tweak. ” The tweak serves much the same purpose that an initialization vector does for CBC mode or that a nonce do ..."
Abstract

Cited by 153 (4 self)
 Add to MetaCart
Abstract. We propose a new cryptographic primitive, the “tweakable block cipher. ” Such a cipher has not only the usual inputs—message and cryptographic key—but also a third input, the “tweak. ” The tweak serves much the same purpose that an initialization vector does for CBC mode or that a nonce does for OCB mode. Our proposal thus brings this feature down to the primitive blockcipher level, instead of incorporating it only at the higher modesofoperation levels. We suggest that (1) tweakable block ciphers are easy to design, (2) the extra cost of making a block cipher “tweakable ” is small, and (3) it is easier to design and prove modes of operation based on tweakable block ciphers.
Twofish: A 128Bit Block Cipher
 in First Advanced Encryption Standard (AES) Conference
, 1998
"... Twofish is a 128bit block cipher that accepts a variablelength key up to 256 bits. The cipher is a 16round Feistel network with a bijective F function made up of four keydependent 8by8bit Sboxes, a fixed 4by4 maximum distance separable matrix over GF(2 8 ), a pseudoHadamard transform, bit ..."
Abstract

Cited by 66 (8 self)
 Add to MetaCart
Twofish is a 128bit block cipher that accepts a variablelength key up to 256 bits. The cipher is a 16round Feistel network with a bijective F function made up of four keydependent 8by8bit Sboxes, a fixed 4by4 maximum distance separable matrix over GF(2 8 ), a pseudoHadamard transform, bitwise rotations, and a carefully designed key schedule. A fully optimized implementation of Twofish encrypts on a Pentium Pro at 17.8 clock cycles per byte, and an 8bit smart card implementation encrypts at 1660 clock cycles per byte. Twofish can be implemented in hardware in 14000 gates. The design of both the round function and the key schedule permits a wide variety of tradeoffs between speed, software size, key setup time, gate count, and memory. We have extensively cryptanalyzed Twofish; our best attack breaks 5 rounds with 2 22.5 chosen plaintexts and 2 51 effort.
Comparison of MPEG Encryption Algorithms
 Computers and Graphics
, 1998
"... Over the last three years, several encryption algorithms, applied to MPEG video streams, emerged. Most of the algorithms tried to optimize the encryption process with respect to the encryption speed due to the temporal properties of video retieval and display process. In this paper, we will describe ..."
Abstract

Cited by 64 (1 self)
 Add to MetaCart
Over the last three years, several encryption algorithms, applied to MPEG video streams, emerged. Most of the algorithms tried to optimize the encryption process with respect to the encryption speed due to the temporal properties of video retieval and display process. In this paper, we will describe, evaluate, and compare five representative MPEG encryption algorithms, Naive Algorithm, Selective Algorithm, ZigZag Permutation Algorithm, Video Encryption Algorithm, and Pure Permutation Algorithm, with respect to not only their encryption speed metric, but also their security level and stream size metrics. We will show that there are tradeoffs among these metrics and the choice of encryption algorithm will depend on security requirements of the considered multimedia applications. 1 Introduction Distributed multimedia applications such as VideoonDemand, video broadcast, and video conferencing make the multimedia security research a key issue. It is necessary to design special encryptio...
Chaos and Cryptography: Block Encryption Ciphers Based on Chaotic Maps
 IEEE TRANSACTIONS ON CIRCUITS AND SYSTEMSI: FUNDAMENTAL THEORY AND APPLICATIONS
, 2001
"... This paper is devoted to the analysis of the impact of chaosbased techniques on block encryption ciphers. We present several chaos based ciphers. Using the wellknown principles in the cryptanalysis we show that these ciphers do not behave worse than the standard ones, opening in this way a novel ..."
Abstract

Cited by 63 (1 self)
 Add to MetaCart
(Show Context)
This paper is devoted to the analysis of the impact of chaosbased techniques on block encryption ciphers. We present several chaos based ciphers. Using the wellknown principles in the cryptanalysis we show that these ciphers do not behave worse than the standard ones, opening in this way a novel approach to the design of block encryption ciphers.
SAFER K64: A ByteOriented BlockCiphering Algorithm
 Fast Software Encryption, Cambridge Security Workshop Proceedings
, 1994
"... : A new nonproprietary secretkey blockenciphering algorithm, SAFER K64 (for Secure And Fast Encryption Routine with a Key of length 64 bits) is described. The blocklength is 64 bits (8 bytes) and only byte operationsareati in the processes of encryption and decryption. New cryptographic features ..."
Abstract

Cited by 58 (0 self)
 Add to MetaCart
: A new nonproprietary secretkey blockenciphering algorithm, SAFER K64 (for Secure And Fast Encryption Routine with a Key of length 64 bits) is described. The blocklength is 64 bits (8 bytes) and only byte operationsareati in the processes of encryption and decryption. New cryptographic features in SAFER K64 include the use of an unorthodox linear transform, called thePseudoHadamard 00 to achieve the desired "diffusion" of small changes in the plaintext or thekey761 the resulting ciphertext and the use of additive key biases to eliminatetheate 35144 of "weak keys". The design principles of K64 are explained and a program isgiven,36800 with examples, to define the encryption algorithm precisely. 1. Introduction This paper describes a new block encryption algorithm called SAFER K64 (for Secure And Fast Encryption Routine with a Key of length 64 bits) that the author recently developed for Cylink Corporation (Sunnyvale, CA, USA) asa126021800 cipher. SAFER K64 is a byteori...
Watermarking Schemes and Protocols For Protecting Rightful Ownership And Customer's Rights
, 1998
"... Various digital watermarking techniques have been proposed in recent years as methods to protect the copyright of multimedia data. However, as pointed out by the IBM research group, the rightful ownership problem has not been properly solved. Currently, there are two proposals to solve the ownership ..."
Abstract

Cited by 53 (0 self)
 Add to MetaCart
Various digital watermarking techniques have been proposed in recent years as methods to protect the copyright of multimedia data. However, as pointed out by the IBM research group, the rightful ownership problem has not been properly solved. Currently, there are two proposals to solve the ownership problem. Unfortunately, one proposal lacks a formal proof and the other can be easily defeated. In addition, because the purpose of watermark is mainly for protecting the original owner's rights, the rights of legitimate customers have not been addressed. This could eventually defeat the goal of using watermark to protect the owner's copyright. In this paper, we present solutions to both problems: the resolution of the rightful ownership problem and the protection of the customer's right problem. For the rightful ownership problem, we develop watermarking methods which successfully resolve the ownership of watermarked MPEG video and/or uncompressed video/image. We introduce specific require...