Results 1  10
of
24
An FPGA Implementation and Performance Evaluation of the AES Block Cipher Candidate Algorithm Finalists
, 1999
"... The technical analysis used in determining which of the Advanced Encryption Standard candidates will be selected as the Advanced Encryption Algorithm includes efficiency testing of both hardware and software implementations of candidate algorithms. Reprogrmmable devices such as Field Programmable ..."
Abstract

Cited by 62 (5 self)
 Add to MetaCart
The technical analysis used in determining which of the Advanced Encryption Standard candidates will be selected as the Advanced Encryption Algorithm includes efficiency testing of both hardware and software implementations of candidate algorithms. Reprogrmmable devices such as Field Programmable Gate Arrays (FPGAs) are highly attractive options for hardware implementations of encryption algorithms as they provide cryptographic algorithm agility, physical security, and potentially much higher performance than software solutions. This contribution investigates the significance of FPGA implementations of four of the Advanced Encryption Standard candidate algorithm finalists. Multiple architectural implementation options are explored for each algorithm. A strong focus is placed on high throughput implementations, which are required to support security for current and future high bandwidth applications.
An FPGABased Performance Evaluation of the AES Block Cipher Candidate Algorithm Finalists
 IEEE TRANSACTIONS ON VERY LARGE SCALE INTEGRATION (VLSI) SYSTEMS
, 2001
"... The technical analysis used in determining which of the potential Advanced Encryption Standard candidates will be selected as the Advanced Encryption Algorithm includes efficiency testing of both hardware and software implementations of candidate algorithms. Reprogrammable devices such as Field P ..."
Abstract

Cited by 54 (9 self)
 Add to MetaCart
The technical analysis used in determining which of the potential Advanced Encryption Standard candidates will be selected as the Advanced Encryption Algorithm includes efficiency testing of both hardware and software implementations of candidate algorithms. Reprogrammable devices such as Field Programmable Gate Arrays (FPGAs) are highly attractive options for hardware implementations of encryption algorithms as they provide cryptographic algorithm agility, physical security, and potentially much higher performance than software solutions. This contribution investigates the significance of FPGA implementations of the Advanced Encryption Standard candidate algorithms. Multiple architectural implementation options are explored for each algorithm. A strong focus is placed on high throughput implementations, which are required to support security for current and future high bandwidth applications. Finally, the implementations of each algorithm will be compared in an effort to determine the most suitable candidate for hardware implementation within commercially available FPGAs.
Building a collisionresistant compression function from noncompressing primitives
 In ICALP 2008, Part II
, 2008
"... Abstract. We consider how to build an efficient compression function from a small number of random, noncompressing primitives. Our main goal is to achieve a level of collision resistance as close as possible to the optimal birthday bound. We present a 2nton bit compression function based on three ..."
Abstract

Cited by 18 (4 self)
 Add to MetaCart
(Show Context)
Abstract. We consider how to build an efficient compression function from a small number of random, noncompressing primitives. Our main goal is to achieve a level of collision resistance as close as possible to the optimal birthday bound. We present a 2nton bit compression function based on three independent nton bit random functions, each called only once. We show that if the three random functions are treated as black boxes then finding collisions requires Θ(2 n/2 /n c) queries for c ≈ 1. This result remains valid if two of the three random functions are replaced by a fixedkey ideal cipher in DaviesMeyer mode (i.e., EK(x) ⊕ x for permutation EK). We also give a heuristic, backed by experimental results, suggesting that the security loss is at most four bits for block sizes up to 256 bits. We believe this is the best result to date on the matter of building a collisionresistant compression function from noncompressing functions. It also relates to an open question from Black et al. (Eurocrypt’05), who showed that compression functions that invoke a single noncompressing random function cannot suffice. We also explore the relationship of our problem with that of doubling the output of a hash function and we show how our compression function can be used to double the output length of ideal hashes.
An FPGA Implementation and Performance Evaluation of the Serpent Block Cipher
 EIGHTH ACM INTERNATIONAL SYMPOSIUM ON FIELDPROGRAMMABLE GATE ARRAYS
, 2000
"... With the expiration of the Data Encryption Standard (DES) in 1998, the Advanced Encryption Standard (AES) development process is well underway. It is hoped that the result of the AES process will be the specification of a new nonclassified encryption algorithm that will have the global acceptance ac ..."
Abstract

Cited by 14 (3 self)
 Add to MetaCart
With the expiration of the Data Encryption Standard (DES) in 1998, the Advanced Encryption Standard (AES) development process is well underway. It is hoped that the result of the AES process will be the specification of a new nonclassified encryption algorithm that will have the global acceptance achieved by DES as well as the capability of longterm protection of sensitive information. The technical analysis used in determining which of the potential AES candidates will be selected as the Advanced Encryption Algorithm includes e#ciency testing of both hardware and software implementations of candidate algorithms. Reprogrammable devices such as Field Programmable Gate Arrays (FPGAs) are highly attractive options for hardware implementations of encryption algorithms as they provide cryptographic algorithm agility, physical security, and potentially much higher performance than software solutions. This contribution investigates the significance of an FPGA implementation of Serpent, one of the Advanced Encryption Standard candidate algorithms. Multiple architecture options of the Serpent algorithm will be explored with a strong focus being placed on a high speed implementation within an FPGA in order to support security for current and future high bandwidth applications. One of the main findings is that Serpent can be implemented with encryption rates beyond 4 Gbit/s on current FPGAs.
Status Report On The First Round Of The Development Of The Advanced Encryption Standard
 Journal of Research of the National Institute of Standards and Technology 104. URL: http://nvl.nist.gov/pub/ nistpubs/jres/104/5/cnt1045.htm. Citations in this document: §3
, 1999
"... : In 1997, the National Institute of Standards and Technology (NIST) initiated a process to select a symmetrickey encryption algorithm to be used to protect sensitive (unclassified) Federal information in furtherance of NIST's statutory responsibilities. In 1998, NIST announced the acceptance ..."
Abstract

Cited by 10 (0 self)
 Add to MetaCart
(Show Context)
: In 1997, the National Institute of Standards and Technology (NIST) initiated a process to select a symmetrickey encryption algorithm to be used to protect sensitive (unclassified) Federal information in furtherance of NIST's statutory responsibilities. In 1998, NIST announced the acceptance of fifteen candidate algorithms and requested the assistance of the cryptographic research community in analyzing the candidates. This analysis included an initial examination of the security and efficiency characteristics for each algorithm. NIST has reviewed the results of this research and selected five algorithms (MARS, RC6^TM, Rijndael, Serpent and Twofish) as finalists. The research results and rationale for the selection of the finalists are documented in this report. The five finalists will be the subject of further study before the selection of one or more of these algorithms for inclusion in the Advanced Encryption Standard. Key words: Advanced Encryption Standard (AES), cryptography...
A comparison of AES candidates on the Alpha 21264
 in The Third AES Candidate Conference, printed by the National Institute of Standards and Technology
, 2000
"... We compare the five candidates for the Advanced Encryption Standard based on their performance on the Alpha 21264, a 64bit superscalar processor. There are several new features of the 21264 that have a significant impact on encryption/decryption speed. The main ones are greater potential for instru ..."
Abstract

Cited by 7 (0 self)
 Add to MetaCart
(Show Context)
We compare the five candidates for the Advanced Encryption Standard based on their performance on the Alpha 21264, a 64bit superscalar processor. There are several new features of the 21264 that have a significant impact on encryption/decryption speed. The main ones are greater potential for instructionlevel parallelism (ILP) and larger level 1 cache. The ILP comes from the fact that the 21264 can issue four integer instructions per cycle. We envision that for highperformance servers, there will be multiple streams of data for encryption or decryption. The type of parallelism that we consider in this paper is the encryption of multiple, independent blocks interleaved in the same code loop running on the same processor. This benefits some algorithms more than others. Rijndael and Twofish turn out to be the fastest for a single block at a time, but RC6 is potentially the fastest when processing two blocks at a time. The reason for this is that outoforder execution together with an i...
An AlgorithmAgile Cryptographic CoProcessor Board on FPGAs
 The SPIE's Symposium on Voice, Video, and Data Communications, volume 3844
, 1999
"... Cryptographic algorithm agility, or the capability to switch between several encryption algorithms, has become a desirable feature due to the algorithmindependent design paradigm of modern security protocols. Moreover, applications such as cell encryption in ATM networks require the ability to quic ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
Cryptographic algorithm agility, or the capability to switch between several encryption algorithms, has become a desirable feature due to the algorithmindependent design paradigm of modern security protocols. Moreover, applications such as cell encryption in ATM networks require the ability to quickly change ciphers. A promising answer to algorithm agility in hardware is reconfigurable logic. This contribution describes the design and implementation of an algorithmagile cryptographic coprocessor board. The core of the board is an FPGA which can be dynamically configured with a variety of block ciphers. The FPGA is capable of encrypting data at high speed through an ISA bus interface. The board contains a RAM with a collection of FPGA configuration files. In addition, the algorithms can be added or deleted during operation. The coprocessor board also contains other reconfigurable logic and a microprocessor for control functions, and highspeed FIFOs for data storage. We report about the general design, our experiences with this proofofconcept implementation, and recommendations for future work.
The Case for Serpent
, 2000
"... The DES algorithm had such a complex description that until the late 1980's noone appears to have tried seriously to attack it. When they did, di#erential [5] and then linear [9] attacks were found  both of which can now be explained to bright students in a single 50minute lecture. Second, ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
(Show Context)
The DES algorithm had such a complex description that until the late 1980's noone appears to have tried seriously to attack it. When they did, di#erential [5] and then linear [9] attacks were found  both of which can now be explained to bright students in a single 50minute lecture. Second, a block cipher should have more rounds than are needed to block today's attacks. Improvements in cryptanalysis usually increase the number of rounds required. Third, a block cipher should use only well understood primitives. Sboxes and SPnetworks have been around for over a quarter of a century, so it is less likely that surprising new attacks will be found on them. Serpent was designed with all these considerations firmly in mind. 1.2 Engineering issues Moore's Law may be the most obvious interaction between crypto security and engineering. But assurance is at least as important. If Moore's law continues, then 128bit keys will be vulnerable in about a century; but many systems fail righ
Key Feedback Mode: a Keystream Generator with Provable Security
, 2000
"... We propose a key feedback mode of operation for the AES algorithm Rijndael (or any other block cipher), giving e#cient synchronous keystream generators. We show that if the block cipher possesses simple properties, normally accepted to exist in any secure block cipher, then also the generator is sec ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
We propose a key feedback mode of operation for the AES algorithm Rijndael (or any other block cipher), giving e#cient synchronous keystream generators. We show that if the block cipher possesses simple properties, normally accepted to exist in any secure block cipher, then also the generator is secure. 1 Introduction For confidentiality, the strongest notion of security that we can hope to achieve in practice is so called semantic security : whatever computational information that can be nontrivially derived from an encryption, E(m), should also be possible to obtain even without E(m). This notion was put forward in the seminal work by Goldwasser and Micali [9]. In the asymmetric case, we know that semantic security is impossible by deterministic systems, but [9] showed how to achieve it by probabilistic means. For (symmetric) block ciphers, we can easily see that the most obvious way of using it, Electronic Codebook Mode (ECB), is not semantically secure either. For instance, it is...