Proposal of MISTY1 as a Block Cipher of Cipher Suites in TLS Hirosato Tsuji Toshio Tokita Mitsubishi Electric Corporation.

Slides:



Advertisements
Similar presentations
Origins  clear a replacement for DES was needed Key size is too small Key size is too small The variants are just patches The variants are just patches.
Advertisements

PKCS #15 v1.1 Magnus Nyström RSA Laboratories PKCS Workshop, 1999.
An Introduction to Stream Ciphers Zahra Ahmadian Electrical Engineering Department Sahrif University of Technology
128-bit Block Cipher Camellia
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Block Ciphers and the Data Encryption Standard
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
The Design of Improved Dynamic AES and Hardware Implementation Using FPGA 游精允.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Cryptography and Network Security Chapter 5. Chapter 5 –Advanced Encryption Standard "It seems very simple." "It is very simple. But if you don't know.
Lecture 23 Symmetric Encryption
SEED Updates March 2, 2004 Jongwook Park, KISA - SEED Encryption Algorithm - Use of the SEED Encryption Algorithm in CMS.
C HAPTER 13 Asymmetric Key Cryptography Slides adapted from "Foundations of Security: What Every Programmer Needs To Know" by Neil Daswani, Christoph Kern,
AES Proposal: Rijndael Joan Daemen Vincent Rijmen “Rijndael is expected, for all key and block lengths defined, to behave as good as can be expected from.
© Neeraj Suri EU-NSF ICT March 2006 DEWSNet Dependable Embedded Wired/Wireless Networks MUET Jamshoro Computer Security: Principles and Practice Slides.
Computer Networks NYUS FCSIT Spring 2008 Milos STOLIC, Bs.C. Teaching Assistant
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
A Compact and Efficient FPGA Implementation of DES Algorithm Saqib, N.A et al. In:International Conference on Reconfigurable Computing and FPGAs, Sept.
Securing Data at the Application Layer Planning Authenticity and Integrity of Transmitted Data Planning Encryption of Transmitted Data.
HASH Functions.
1 TCP/IP Applications. 2 NNTP: Network News Transport Protocol NNTP is a TCP/IP protocol based upon text strings sent bidirectionally over 7 bit ASCII.
CHAPTER 6 Cryptography. An Overview It is origin from the Greek word kruptos which means hidden. The objective is to hide information so that only the.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Chapter 20 Symmetric Encryption and Message Confidentiality.
New Block Cipher for Ultra-Compact Hardware   BeeM みかか A. Satoh K. Aoki.
Chapter 20 Symmetric Encryption and Message Confidentiality.
Cryptography and Network Security
On OAEP, PSS, and S/MIME John Linn RSA Laboratories S/MIME WG, San Diego IETF, 13 December 2000.
Network Security Lecture 4 Modes of Operation Waleed Ejaz
1 Chapter 5 Electronic mail security. 2 Outline Pretty good privacy S/MIME Recommended web sites.
The RSA Algorithm. Content Review of Encryption RSA An RSA example.
Cryptography Team Presentation 2
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 2 – Cryptographic.
第 48 回 IETF 報告会 Copyright (C) NTT 盛合 志帆 NTT 情報流通プラットフォーム研究所 TLS (Transport Layer Security) への new cipher suites 提案について.
Description of a New Variable-Length Key, 64-Bit Block Cipher (BLOWFISH) Bruce Schneier BY Sunitha Thodupunuri.
The C URUPIRA -2 Block Cipher for Constrained Platforms: Specification and Benchmarking Marcos Simplicio Paulo Barreto Tereza Carvalho Cintia Margi Mats.
Computer and Network Security Rabie A. Ramadan Lecture 3.
The RC5 Encryption Algorithm: Two Years On Lisa Yin RC5 Encryption –Ron Rivest, December 1994 –Fast Block Cipher –Software and Hardware Implementations.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Chapter 2 Symmetric Encryption.
1 The Cryptographic Token Key Initialization Protocol (CT-KIP) KEYPROV WG IETF-68 Prague March 2007 Andrea Doherty.
Electronic Mail Security Prepared by Dr. Lamiaa Elshenawy
CSE 5/7353 – January 25 th 2006 Cryptography. Conventional Encryption Shared Key Substitution Transposition.
RSA Data Security, Inc. PKCS #13: Elliptic Curve Cryptography Standard Burt Kaliski RSA Laboratories PKCS Workshop October 7, 1998.
CRYPTREC WorkshopCopyright (C) NTT & Mitsubishi Electric Corp bit Block Cipher Camellia Kazumaro Aoki * Tetsuya Ichikawa † Masayuki.
SEED Overview ‘Use of the SEED Encryption Algorithm in CMS’ November 11, 2003 Jongwook Park, KISA
1 CPCS425: Information Security (Topic 5) Topic 5  Symmetrical Cryptography  Understand the principles of modern symmetric (conventional) cryptography.
@Yuan Xue Announcement Project Release Team forming Homework 1 will be released next Tuesday.
Proposal for Term Project Information Security, Fall 2013 J. H. Wang Nov. 5, 2013.
Information Security and Management (Abstract) 5
128-bit Block Cipher Camellia
128-bit Block Cipher Camellia
128-bit Block Cipher Camellia
TLS (Transport Layer Security) への new cipher suites 提案について
128-bit Block Cipher Camellia
Update on Camellia Camellia Design Team Thank you, chairman.
Presentation transcript:

Proposal of MISTY1 as a Block Cipher of Cipher Suites in TLS Hirosato Tsuji Toshio Tokita Mitsubishi Electric Corporation

2000/08/0148th IETF, Pittsburgh, PA, USA2 Presentation Agenda  Current Status and Next Steps of MISTY1 to support TLS  Block Cipher “MISTY1” --- by Toshio Tokita --- by Hirosato Tsuji

Block Cipher Toshio Tokita Mitsubishi Electric Corporation MISTY1

2000/08/0148th IETF, Pittsburgh, PA, USA4 Overview  Secret-key block cipher 64-bit block, 128-bit key, a variable number of rounds (8-round recommended) proposed by M.Matsui (Mitsubishi) in 1996 at Fast Software Encryption Workshop “FSE4”  Widely used in many applications: Governmental applications: Public transportation systems, Secure network systems, etc,etc Commercial products: S/MIME software, VPN(Routers/Hubs), Encryption LSI, PKI Software & services, etc, etc

2000/08/0148th IETF, Pittsburgh, PA, USA5 Recent News  “KASUMI” has been adopted as a mandatory algorithm for data confidentiality and data integrity in W-CDMA by 3GPP. (March, 2000)  KASUMI will be also used in current GSM systems as an alternative for A5.  KASUMI is a variant of MISTY1 designed for W-CDMA systems. “KASUMI”=“MIST” 3GPP: 3rd Generation Partnership Project

2000/08/0148th IETF, Pittsburgh, PA, USA6 Pointers  ISO9979 No.13 (algorithm registration)  URL for Internet-Draft : misty1desc-02.txt  Specifications  Royalty Free License MISTY1 essential patent is licensed under royalty free conditions.

2000/08/0148th IETF, Pittsburgh, PA, USA7 Design Criteria  High security: –Provable security against differential and linear cryptanalysis  Multi platform: –High speed in both software and hardware implementations  Compact: –Low gate count and low power consumption in hardware

2000/08/0148th IETF, Pittsburgh, PA, USA8 High security  MISTY1 is designed to be highly secure as a 64-bit block cipher; particularly to be provably secure against differential and linear cryptanalysis. u Differential Cryptanalysis u Differential Cryptanalysis (Biham, Shamir 1990) – First DES attack faster than an exhaustive key search u Linear Cryptanalysis u Linear Cryptanalysis (Matsui 1993) – First successful computer experiment for breaking DES Powerful Cryptographic Attacks

2000/08/0148th IETF, Pittsburgh, PA, USA9 Multi Platform  MISTY1 is designed to be sufficiently fast in both software and hardware implementations. Ex1) Pentium III (800MHz) (Assembly Language Program) Encryption speed 230Mbps Ex2) ASIC H/W (Mitsubishi 0.35 micron CMOS Design Library) Encryption speed 800Mbps Gate size 50Kgates

2000/08/0148th IETF, Pittsburgh, PA, USA10 Compact  Encryption/decryption logics of MISTY1 can be realized in very compact size. Ex) ASIC (Mitsubishi 0.35 micron CMOS Design Library) Gate size 7.6Kgates Encryption speed 72Mbps Note: A requirement for W-CDMA encryption algorithm: “gate size must be smaller than 10Kgates”

2000/08/0148th IETF, Pittsburgh, PA, USA11 Structure of MISTY

2000/08/0148th IETF, Pittsburgh, PA, USA12 Hardware M16C Core Memory Rnd. Num. Gen. RSA core MISTY1 core M16C(CPU)

Current Status and Next Steps of MISTY1 to support TLS Hirosato Tsuji Mitsubishi Electric Corporation

2000/08/0148th IETF, Pittsburgh, PA, USA14 Summary  What is MISTY1? – High security, Multi platform, Compact, Block cipher  In this presentation – Actual Application of MISTY1 – Proposal of MISTY1 – Current Status to support TLS – Next Steps to support TLS

2000/08/0148th IETF, Pittsburgh, PA, USA15 Actual Application of MISTY1 (1) Secure Systems  S/MIME-based application  Extended S/MIME V2 specification  Implemented by Mitsubishi and other Japanese venders  Interoperability had been confirmed between these venders

2000/08/0148th IETF, Pittsburgh, PA, USA16 Actual Application of MISTY1 (2) Secure Web Access Systems  Secure Web Access Systems –provide authentication, access control, integrity and confidentiality  Implemented on the HTTP and TCP ( sorry, not on TLS )  Contents is encrypted by MISTY1

2000/08/0148th IETF, Pittsburgh, PA, USA17 Actual Application of MISTY1 (3) Other Apps based on MISTY Toolkit  MISTY Cryptographic / PKI Toolkit – Content Encryption Algorithm in PKCS #7 – Encryption Scheme ( Symmetric Cipher ) for PKCS #5 Password-based Encryption  Other Apps implemented on Toolkit – Secure Contents Distribution Systems – Governmental Services

2000/08/0148th IETF, Pittsburgh, PA, USA18 Proposal of MISTY1  As ONE of block ciphers of Cipher Suites for TLS 1.0  Reason to use MISTY1 – Suitable Block Cipher – Royalty Free License – Applied to Actual Internet Applications

2000/08/0148th IETF, Pittsburgh, PA, USA19 Current Status to support TLS  Submit Internet Draft of Description of MISTY1 – posted.  Make a presentation of MISTY1 at 48th IETF, Pittsburgh, PA – now.

2000/08/0148th IETF, Pittsburgh, PA, USA20 Next Steps to support TLS  Proceed Internet Draft of Description of MISTY1 to Informational RFC  Submit Internet Draft of MISTY1-based Cipher Suites for TLS 1.0  Request TLS WG to assign the Register Number of these Cipher Suites

2000/08/0148th IETF, Pittsburgh, PA, USA21 Next Steps to support TLS (continued)  Implementing TLS 1.0 with MISTY1 – processing now with OpenSSL

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.