2001.9.12 2nd NESSIE Workshop Copyright (C) NTT&MELCO 2001 Update on Camellia Camellia Design Team.

Slides:



Advertisements
Similar presentations
Origins  clear a replacement for DES was needed Key size is too small Key size is too small The variants are just patches The variants are just patches.
Advertisements

14. Aug Towards Practical Lattice-Based Public-Key Encryption on Reconfigurable Hardware SAC 2013, Burnaby, Canada Thomas Pöppelmann and Tim Güneysu.
TIE Extensions for Cryptographic Acceleration Charles-Henri Gros Alan Keefer Ankur Singla.
128-bit Block Cipher Camellia
Cryptography and Network Security Chapter 5
Submission May, 2000 Doc: IEEE / 086 Steven Gray, Nokia Slide Brief Overview of Information Theory and Channel Coding Steven D. Gray 1.
Polymorphic blending attacks Prahlad Fogla et al USENIX 2006 Presented By Himanshu Pagey.
Proposal of MISTY1 as a Block Cipher of Cipher Suites in TLS Hirosato Tsuji Toshio Tokita Mitsubishi Electric Corporation.
Zheming CSCE715.  A wireless sensor network (WSN) ◦ Spatially distributed sensors to monitor physical or environmental conditions, and to cooperatively.
Cryptography and Network Security
This Lecture: AES Key Expansion Equivalent Inverse Cipher Rijndael performance summary.
Performed by: Lin Ilia Khinich Fanny Instructor: Fiksman Eugene המעבדה למערכות ספרתיות מהירות High Speed Digital Systems Laboratory הטכניון - מכון טכנולוגי.
AES clear a replacement for DES was needed
Cryptography and Network Security (AES) Dr. Monther Aldwairi New York Institute of Technology- Amman Campus 10/18/2009 INCS 741: Cryptography 10/18/20091Dr.
Cryptography and Network Security Chapter 5. Chapter 5 –Advanced Encryption Standard "It seems very simple." "It is very simple. But if you don't know.
Cryptography and Network Security Chapter 5 Fourth Edition by William Stallings.
Implementation of DSP Algorithm on SoC. Characterization presentation Student : Einat Tevel Supervisor : Isaschar Walter Accompany engineer : Emilia Burlak.
AES Proposal: Rijndael Joan Daemen Vincent Rijmen “Rijndael is expected, for all key and block lengths defined, to behave as good as can be expected from.
Study of AES Encryption/Decription Optimizations Nathan Windels.
Final presentation Encryption/Decryption on embedded system Supervisor: Ina Rivkin students: Chen Ponchek Liel Shoshan Winter 2013 Part A.
Digital signature using MD5 algorithm Hardware Acceleration
Networking Virtualization Using FPGAs Russell Tessier, Deepak Unnikrishnan, Dong Yin, and Lixin Gao Reconfigurable Computing Group Department of Electrical.
Chapter 5 Advanced Encryption Standard. Origins clear a replacement for DES was needed –have theoretical attacks that can break it –have demonstrated.
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester
Cryptography and Network Security
Chapter 5 –Advanced Encryption Standard "It seems very simple." "It is very simple. But if you don't know what the key is it's virtually indecipherable."
A Compact and Efficient FPGA Implementation of DES Algorithm Saqib, N.A et al. In:International Conference on Reconfigurable Computing and FPGAs, Sept.
9/17/15UB Fall 2015 CSE565: S. Upadhyaya Lec 6.1 CSE565: Computer Security Lecture 6 Advanced Encryption Standard Shambhu Upadhyaya Computer Science &
Advance Encryption Standard. Topics  Origin of AES  Basic AES  Inside Algorithm  Final Notes.
Information Security Lab. Dept. of Computer Engineering 122/151 PART I Symmetric Ciphers CHAPTER 5 Advanced Encryption Standard 5.1 Evaluation Criteria.
Multi-dimensional Packet Classification on FPGA 100 Gbps and Beyond Author: Yaxuan Qi, Jeffrey Fong, Weirong Jiang, Bo Xu, Jun Li, Viktor Prasanna Publisher:
 Team Members & Responsibilities › Adam Jackson  Primary hardware AES implementation  Coprocessor Interfacing › Daniel Risse (project “leader”)  Linux.
SHA-3 Candidate Evaluation 1. FPGA Benchmarking - Phase Round-2 SHA-3 Candidates implemented by 33 graduate students following the same design.
Cryptography Team Presentation 2
AES Encryption Code Generator Undergraduate Research Project by Paul Magrath. Supervised by Dr David Gregg.
Swankoski MAPLD 2005 / B103 1 Dynamic High-Performance Multi-Mode Architectures for AES Encryption Eric Swankoski Naval Research Lab Vijay Narayanan Penn.
Accelerating Homomorphic Evaluation on Reconfigurable Hardware Thomas Pöppelmann, Michael Naehrig, Andrew Putnam, Adrian Macias.
“Implementation of a RC5 block cipher algorithm and implementing an attack on it” Cryptography Team Presentation 1.
Implementing Memory Protection Primitives on Reconfigurable Hardware Brett Brotherton Nick Callegari Ted Huffmire.
Chapter 2 (C) –Advanced Encryption Standard. Origins clearly a replacement for DES was needed –have theoretical attacks that can break it –have demonstrated.
Advanced Encryption Standard Dr. Shengli Liu Tel: (O) Cryptography and Information Security Lab. Dept. of Computer.
FPGA Implementation of RC6 including key schedule Hunar Qadir Fouad Ramia.
A Ultra-Light Block Cipher KB1 Changhoon Lee Center for Information Security Technologies, Korea University.
Final Presentation Encryption on Embedded System Supervisor: Ina Rivkin students: Chen Ponchek Liel Shoshan Spring 2014 Part B.
1 1.SHA-3 contest - Your Round 2 Report 2.Analyzing the Influence of a Computer Platform on Ranking of the SHA-3 Candidates in Terms of Performance in.
Lecture5 – Introduction to Cryptography 3/ Implementation Rice ELEC 528/ COMP 538 Farinaz Koushanfar Spring 2009.
Encryption / Decryption on FPGA Final Presentation Written by: Daniel Farcovich ID Saar Vigodskey ID Advisor: Mony Orbach Summer.
An optimization of the SAFER+ algorithm for custom hardware and TMS320C6x DSP implementation. By: Sachin Garg Vikas Sharma.
Attacking an obfuscated cipher by injecting faults Matthias Jacob Dan Boneh Edward.
Understanding Cryptography by Christof Paar and Jan Pelzl Chapter 4 – The Advanced Encryption Standard (AES) ver. October 28, 2009.
CRYPTREC WorkshopCopyright (C) NTT & Mitsubishi Electric Corp bit Block Cipher Camellia Kazumaro Aoki * Tetsuya Ichikawa † Masayuki.
Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.
Encryption / Decryption on FPGA Midterm Presentation Written by: Daniel Farcovich ID Saar Vigodskey ID Advisor: Mony Orbach Summer.
1 CPCS425: Information Security (Topic 5) Topic 5  Symmetrical Cryptography  Understand the principles of modern symmetric (conventional) cryptography.
Zong-Cing Lin 2007/10/31.  Algorithm Description  Why chose Rijndael  Reference.
Design and Analysis of Low-Power novel implementation of encryption standard algorithm by hybrid method using SHA3 and parallel AES.
School of Computer Science and Engineering Pusan National University
Improving java performance using Dynamic Method Migration on FPGAs
Cryptography after DES
Implementation of IDEA on a Reconfigurable Computer
128-bit Block Cipher Camellia
Cryptography and Network Security
Secure Execution Crypto Microprocessor
Dynamic High-Performance Multi-Mode Architectures for AES Encryption
128-bit Block Cipher Camellia
128-bit Block Cipher Camellia
128-bit Block Cipher Camellia
Alireza Hodjat IVGroup
Update on Camellia Camellia Design Team Thank you, chairman.
Advanced Encryption Standard
Presentation transcript:

nd NESSIE Workshop Copyright (C) NTT&MELCO 2001 Update on Camellia Camellia Design Team

nd NESSIE Workshop Copyright (C) NTT&MELCO 2001 New Results on Security As far as we know, the following results are published. No attacks exist on 12 and more rounds without FL/FL -1 for 128-bit key (14 and more rounds for 256-bit key). Full Camellia [18 (for 128-bit key) or 24 (for 192/256-bit key) rounds with FL/FL -1 ] seems to be secure and achieve high security margin. AttackersMain ResultsPresentation T.Kawabata, T.Kaneko 8rounds without FL/FL -1 are breakable for 128-bit keys by H.O.D. This Workshop Y. He, S. Qing 6 rounds are breakable by Square attack ICICS 2001 M. Sugita, et. al. 9 rounds without FL/FL -1 are distinguishable (and 11 rounds are breakable for 128-bit key) by T.D.C. ASIACRYPT 2001

nd NESSIE Workshop Copyright (C) NTT&MELCO 2001 Updated Performance on SW #1 From CRYPTREC Report 2000 For 32-bit and 64-bit processors Assembly code Measurement function is provided by CRYPTREC Processors Encryption (Decryption) Speed One block encryption (decryption) and Key Generation Encryption [cycles] Decryption [cycles] Enc + Key [cycles] Dec + Key [cycles] Pentium III UltraSPARCIIi Alpha

nd NESSIE Workshop Copyright (C) NTT&MELCO 2001 Updated Performance on SW #2 New Implementation – Best Results Assembly code for Z80 processor  ROM Usage: 1,268 bytes  RAM Usage: 60 bytes (including stack, text, key area)  Enc+Key: 35,951 states  Dec+Key: 37,553 states (using on-the-fly key generation) Java for Pentium III  Key Generation: 9,091 cycles  Encryption Speed: 793 cycles

nd NESSIE Workshop Copyright (C) NTT&MELCO 2001 Updated Performance on HW New Implementation – Best Results (ASIC) Mitsubishi 0.18  m ASIC CMOS (FPGA) Xilinx VirtexE TargetArea [Kgates]Speed [Mbps] Efficiency (=Speed/Area) Smallest Best Efficiency11.871, Fastest44.301, TargetArea [slices]Speed [Mbps] Efficiency (=Speed/Area) Smallest1, Best Efficiency (Fastest) 9,6926,

nd NESSIE Workshop Copyright (C) NTT&MELCO 2001 Summary New Results on Security of Camellia Updated Performance on SW and HW A Comment on D14 “Report on the Performance Evaluation of NESSIE Candidates I” D14 contains (I) Estimation of # of basic operations (II) Performance measurement using reference C code Our reference C code is NOT optimized.  D14 describes 161 cycles/byte on P III for Camellia  Our optimized C code runs in 36 cycles/byte on P II/III (See NESSIE submission) Please also look at performance of optimized codes !! Camellia is a Royalty-free algorithm

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.