Joint Development of Next-Generation Encryption Algorithm 'Camellia' by NTT and Mitsubishi Electric.Business Editors/High-Tech Writers TOKYO--(BUSINESS WIRE)--March 10, 2000 Symmetric Block Cipher An encryption method that processes the input stream as groups of bytes that are fixed in size, typically 64, 128 or 256 bits long. The state of a block cipher is reset before processing each block. The DES and AES algorithms are examples of block ciphers (see DES and AES). Achieves High Security and World's Highest Efficiency Nippon Telegraph and Telephone Nippon Telegraph and Telephone Corporation (日本電信電話株式会社 Corporation (NTT NTT Nippon Telegraph and Telephone Corporation NTT New Technology Telescope NTT National Technology Transfer, Inc NTT Name That Tune (TV game show) NTT National Tree Trust NTT Number Theoretic Transform ) and Mitsubishi Electric Mitsubishi Electric Corporation (三菱電機株式会社 Corporation (Mitsubishi) announced today their joint development of "Camellia camellia (kəmēl`yə) [for G. J. Kamel, a Moravian Jesuit missionary], any plant of the genus Camellia in the tea family, evergreen shrubs or small trees native to Asia but now cultivated extensively in warm climates and in ," a next-generation symmetric-key encryption algorithm(1). Next-generation symmetric-key encryption algorithms with high security and efficiency on various platforms are indispensable for ensuring the secrecy of corporate and individual private information in the advanced information society. The new next-generation encryption algorithm Camellia is a symmetric-key encryption algorithm with a block size(2) of 128 bits. It was developed by NTT and Mitsubishi using NTT's cipher cipher: see cryptography. (1) The core algorithm used to encrypt data. A cipher transforms regular data (plaintext) into a coded set of data (ciphertext) that is not reversible without a key. design technologies geared to high speed software implementation, Mitsubishi's cipher design technologies for compact and high-speed hardware implementation, and state-of-the-art security evaluation technologies of both companies. Camellia was designed to ensure security in usage for more than 20 years and to provide high speed in software and hardware implementation as well as compactness of hardware chips. Camellia therefore provides world's highest level performance in terms of efficiency and practicality on various platforms. Background As the Internet has come into wide use, the protection of privacy has become an important issue. Cryptography is one of the keys that enable technology to solve this problem. To provide secure electronic commerce there is a particular need for next-generation encryption algorithms that can ensure both high security and efficiency on various platforms. Encryption standards are being developed throughout the world. In the USA, the new federal Advanced Encryption Standard (cryptography, algorithm) Advanced Encryption Standard - (AES) The NIST's replacement for the Data Encryption Standard (DES). The Rijndael /rayn-dahl/ symmetric block cipher, designed by Joan Daemen and Vincent Rijmen, was chosen by a NIST contest to be AES. (AES)(3) has been developed as a replacement for DES(4). In Europe, a project to develop new schemes for signature, integrity and encryption algorithms has begun. In Japan there is a plan for "electronic government" scheduled to start in 2003, in which it is assumed next-generation encryption algorithms will be used. NTT and Mitsubishi have world top-level researchers in this field, and have jointly developed the next-generation encryption algorithm, "Camellia," each contributing its own strong points. Camellia is characterized by its suitability for both software and hardware implementation as well as its high level of security. Camellia supports 128-bit block size and 128-, 192-, and 256-bit key length(5), which is the same interface as AES. From a practical viewpoint, it is designed to enable flexibility in software and hardware implementation including 32-bit processors widely used over the Internet and many applications, 8-bit processors used in smart cards, cryptographic hardware, and embedded systems. Compared with the AES finalists(6), the encryption speed is similar or possibly faster in software and hardware implementation. The distinguishing characteristic is the smallest 128-bit block cipher hardware in the world. Technical Features (A) Standard interface of next generation symmetric block ciphers(7) Most block ciphers in use now encrypt data in the block size of 64 bits. In the coming years block ciphers with a block size of 128 bits will be also be required to improve security. The block size of AES is 128 bits. The proposed encryption algorithm Camellia adopts has a block size of 128 bits and key sizes of 128, 192, and 256 bits. (B) High level of security Recently, cryptanalytic crypt·a·nal·y·sis n. 1. The analysis and deciphering of cryptographic writings or systems. 2. also crypt·an·a·lyt·ics (used with a sing. technology has been making remarkable progress. The quantitative evaluation of security against powerful cryptanalyses, e.g., differential cryptanalysis and linear cryptanalysis, is recognized to be important in designing a new block cipher. NTT and Mitsubishi evaluated the security of Camellia through the concentrated application of a great deal of cryptanalytic skills. This evaluation has confirmed that Camellia cannot be broken by differential cryptanalysis and linear cryptanalysis. Moreover, Camellia's design takes into account security against other cryptanalytic techniques including related-key attacks, truncated differential cryptanalysis In cryptography, truncated differential cryptanalysis is a generalization of differential cryptanalysis, an attack against block ciphers. Lars Knudsen developed the technique in 1994. , and slide attacks. (C) Suitability for multiple platforms Since information security technology is widely applied, encryption algorithms which can be implemented efficiently in various environments are required. In addition to its high speed, Camellia was designed to provide efficient hardware and software implementation, including gate counts for hardware implementation and RAM requirements for software implementation. For example, Camellia consists only of substitution tables and logical operations that can be efficiently implemented on a wide variety of platforms. Therefore, it can be implemented in software, including 8-bit processors used in smart cards, 32-bit processors widely used in PCs, and 64-bit processors. An optimized implementation of Camellia in assembly language encrypts on a Pentium III (800MHz (MegaHertZ) One million cycles per second. It is used to measure the transmission speed of electronic devices, including channels, buses and the computer's internal clock. A one-megahertz clock (1 MHz) means some number of bits (16, 32, 64, etc. ) at a speed of 300 Mbits per second, which is more than twice the speed of DES. Moreover, the substitution tables (s-boxes) are designed to be suitable for small hardware. The key schedule can share a part of data randomizing and the memory requirement for subkeys is reduced. As a result, Camellia encryption hardware achieves a size of approximately 10Kgates, which is in the smallest class in the world for 128-bit block ciphers. Future Development NTT and Mitsubishi will propose Camellia in response to calls for contributions from ISO/IEC ISO/IEC International Organization for Standardization/International Electrotechnical Commission (ITU-T M 3000) JTC (standard, body) JTC - Joint Technical Committee. 1/SC 27 and are aiming at adoption as a international standard. Notes: (1) Symmetric-key encryption algorithm An algorithm that uses the same key for both encryption and decryption (cryptography) decryption - Any procedure used in cryptography to convert ciphertext (encrypted data) into plaintext. . Widely used to quickly encrypt large quantities of data in messages or files. (2) Block size The size of the bundle used in block ciphers. DES uses a block size of 64 bits. NIST (National Institute of Standards & Technology, Washington, DC, www.nist.gov) The standards-defining agency of the U.S. government, formerly the National Bureau of Standards. It is one of three agencies that fall under the Technology Administration (www.technology. has mandated a block size of 128 bits for a successor symmetric-key block cipher to improve security. (3) AES Literally "Advanced Encryption Standard." NIST is seeking to establish a successor symmetric-key block cipher to DES by 2001. (4) DES Literally "Data Encryption Standard See DES. Data Encryption Standard - (DES) The NBS's popular, standard encryption algorithm. It is a product cipher that operates on 64-bit blocks of data, using a 56-bit key. It is defined in FIPS 46-1 (1988) (which supersedes FIPS 46 (1977)). ." A symmetric-key encryption algorithm designated as the standard for encryption by the National Bureau of Standards National Bureau of Standards: see National Institute of Standards and Technology. National Bureau of Standards - National Institute of Standards and Technology (now NIST) in 1977. Still widely used for encrypting data sent between banks. (5) Key length Determines the total number of available keys. For example, DES uses a 56-bit key, which means there are 256 possible keys. Longer keys result in encryption that is more resistant to brute force attacks. (6) AES finalists Candidate algorithms for AES. NIST selected five finalists: MARS (U.S.A.), RC6 (U.S.A.), Rijndael (Belgium), Serpent (UK, Israel, Norway), and Twofish (U.S.A.). (7) Block cipher There are two kinds of symmetric-key encryption algorithm: block ciphers and stream ciphers. Block ciphers bundle data into blocks of a certain length and encrypt each block. Stream ciphers encrypt data bit by bit. (8) Differential cryptanalysis and linear cryptanalysis Currently, these techniques are the most effective methods of attacking block ciphers. Both rely on using plaintext-ciphertext pairs to find the key. Compared with brute-force attack, these can break certain block ciphers with fewer computing resources. (9) ISO/JTC1/SC27 ISO (1) See ISO speed. (2) (International Organization for Standardization, Geneva, Switzerland, www.iso.ch) An organization that sets international standards, founded in 1946. The U.S. member body is ANSI. is the international organization for standardization International Organization for Standardization (ISO) Organization for determining standards in most technical and nontechnical fields. Founded in Geneva in 1947, its membership includes more than 100 countries. . JTC1/SC27 is a committee of ISO for standardization of security techniques including encryption algorithms. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion