Doug Whiting

Improved Cryptanalysis of Rijndael

We improve the best attack on Rijndael reduced to 6 rounds from complexity 272 to 244. We also present the first known attacks on 7- and 8-round Rijndael. The attacks on 8-round Rijndael work for 192- bit and 256-bit keys. Finally, we discuss the key schedule of Rijndael and describe a related-key attack that can break 9-round Rijndael with 256-bit keys.

Helix: Fast Encryption and Authentication in a Single Cryptographic Primitive

Helix is a high-speed stream cipher with a built-in MAC functionality. On a Pentium II CPU it is about twice as fast as Rijndael or Twofish, and comparable in speed to RC4. The overhead per encrypted/authenticated message is low, making it suitable for small messages. It is efficient in both hardware and software, and with some pre-computation can effectively switch keys on a per-message basis without additional overhead.

A Simple Algebraic Representation of Rijndael

We show that there is a very straightforward closed algebraic formula for the Rijndael block cipher. This formula is highly structured and far simpler then algebraic formulations of any other block cipher we know. The security of Rijndael depends on a new and untested hardness assumption: it is computationally infeasible to solve equations of this type. The lack of research on this new assumption raises concerns over the wisdom of using Rijndael for security-critical applications.

Fast Software Encryption: Designing Encryption Algorithms for Optimal Software Speed on the Intel Pentium Processor

Most encryption algorithms are designed without regard to their performance on top-of-the-line microprocessors. This paper discusses general optimization principles algorithms designers should keep in mind when designing algorithms, and analyzes the performance of RC4, SEAL, RC5, Blowfish, and Khufu/Khafre on the Intel Pentium with respect to those principles. Finally, we suggest directions for algorithm design, and give example algorithms, that take performance into account.

On the Twofish Key Schedule

Twofish is a new block cipher with a 128 bit block, and a key length of 128, 192, or 256 bits, which has been submitted as an AES candidate. In this paper, we briefly review the structure of Twofish, and then discuss the key schedule of Twofish, and its resistance to attack. We close with some open questions on the security of Twofishs key schedule.

Twofish on Smart Cards

Twofish is a 128-bit block cipher with a 128-, 192-, or 256-bit key. The algorithm was designed with smart cards in mind, and can be implemented on 8-bit CPUs with only 60 bytes of RAM. A variety of implementation options allows Twofish to encrypt and decrypt quicker if more RAM is available.