HC-256

Last updated

HC-256 is a stream cipher designed to provide bulk encryption in software at high speeds while permitting strong confidence in its security. [1] A 128-bit variant was submitted as an eSTREAM cipher candidate and has been selected as one of the four final contestants in the software profile. [2] [3]

Contents

The algorithm is designed by Hongjun Wu, and was first published in 2004. It is not patented.

Function

HC-256 has a 256 bit key and an initialization vector (nonce) of 256 bits. [1]

Internally, it consists of two secret tables (P and Q). Each table contains 1024 32-bit words. For each state update one 32-bit word in each table is updated using a non-linear update function. After 2048 steps all elements of the tables have been updated.

It generates one 32-bit word for each update step using a 32-bit to 32-bit mapping function similar to the output function of the Blowfish cipher. Finally a linear bit-masking function is applied to generate an output word. It uses the two message schedule functions in the hash function SHA-256 internally, but with the tables P and Q as S-boxes.

HC-128 is similar in function, and reduces each of key length, nonce, number of words in the tables P and Q, and number of table updating steps by half. [2]

Performance

The performance of HC-256 is estimated by its author to be about 4 cycles per byte on a Pentium 4 processor. However the initialization phase of the cipher includes expanding the 256-bit key into the tables P, Q and then running the cipher for 4096 steps. The author of HC-256 estimates this process to take around 74,000 cycles.

For HC-128 an encryption speed of about 3 cycles per byte on a Pentium M processor are cited.

The implementation of HC-128 on various computing structures is studied in detail, with significant performance gains compared to naive SW implementation. [4] [5]

Related Research Articles

<span class="mw-page-title-main">Advanced Encryption Standard</span> Standard for the encryption of electronic data

The Advanced Encryption Standard (AES), also known by its original name Rijndael, is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001.

Blowfish is a symmetric-key block cipher, designed in 1993 by Bruce Schneier and included in many cipher suites and encryption products. Blowfish provides a good encryption rate in software, and no effective cryptanalysis of it has been found to date for smaller files. It is recommended Blowfish should not be used to encrypt files larger than 4GB in size, Twofish should be used instead.

In cryptography, RC4 is a stream cipher. While it is remarkable for its simplicity and speed in software, multiple vulnerabilities have been discovered in RC4, rendering it insecure. It is especially vulnerable when the beginning of the output keystream is not discarded, or when nonrandom or related keys are used. Particularly problematic uses of RC4 have led to very insecure protocols such as WEP.

<span class="mw-page-title-main">Stream cipher</span> Type of symmetric key cipher

A stream cipher is a symmetric key cipher where plaintext digits are combined with a pseudorandom cipher digit stream (keystream). In a stream cipher, each plaintext digit is encrypted one at a time with the corresponding digit of the keystream, to give a digit of the ciphertext stream. Since encryption of each digit is dependent on the current state of the cipher, it is also known as state cipher. In practice, a digit is typically a bit and the combining operation is an exclusive-or (XOR).

<span class="mw-page-title-main">Block cipher mode of operation</span> Cryptography algorithm

In cryptography, a block cipher mode of operation is an algorithm that uses a block cipher to provide information security such as confidentiality or authenticity. A block cipher by itself is only suitable for the secure cryptographic transformation of one fixed-length group of bits called a block. A mode of operation describes how to repeatedly apply a cipher's single-block operation to securely transform amounts of data larger than a block.

<span class="mw-page-title-main">Serpent (cipher)</span>

Serpent is a symmetric key block cipher that was a finalist in the Advanced Encryption Standard (AES) contest, in which it ranked second to Rijndael. Serpent was designed by Ross Anderson, Eli Biham, and Lars Knudsen.

<span class="mw-page-title-main">Cryptographic hash function</span> Hash function that is suitable for use in cryptography

A cryptographic hash function (CHF) is a hash algorithm that has special properties desirable for a cryptographic application:

Phelix is a high-speed stream cipher with a built-in single-pass message authentication code (MAC) functionality, submitted in 2004 to the eSTREAM contest by Doug Whiting, Bruce Schneier, Stefan Lucks, and Frédéric Muller. The cipher uses only the operations of addition modulo 232, exclusive or, and rotation by a fixed number of bits. Phelix uses a 256-bit key and a 128-bit nonce, claiming a design strength of 128 bits. Concerns have been raised over the ability to recover the secret key if the cipher is used incorrectly.

In cryptography, MUGI is a pseudorandom number generator (PRNG) designed for use as a stream cipher. It was among the cryptographic techniques recommended for Japanese government use by CRYPTREC in 2003, however, has been dropped to "candidate" by CRYPTREC revision in 2013.

<span class="mw-page-title-main">VEST</span> Family of stream ciphers

VEST (Very Efficient Substitution Transposition) ciphers are a set of families of general-purpose hardware-dedicated ciphers that support single pass authenticated encryption and can operate as collision-resistant hash functions designed by Sean O'Neil, Benjamin Gittins and Howard Landman. VEST cannot be implemented efficiently in software.

<span class="mw-page-title-main">Salsa20</span> Stream ciphers

Salsa20 and the closely related ChaCha are stream ciphers developed by Daniel J. Bernstein. Salsa20, the original cipher, was designed in 2005, then later submitted to the eSTREAM European Union cryptographic validation process by Bernstein. ChaCha is a modification of Salsa20 published in 2008. It uses a new round function that increases diffusion and increases performance on some architectures.

Py is a stream cipher submitted to eSTREAM by Eli Biham and Jennifer Seberry. It is one of the fastest eSTREAM candidates at around 2.6 cycles per byte on some platforms. It has a structure a little like RC4, but adds an array of 260 32-bit words which are indexed using a permutation of bytes, and produces 64 bits in each round.

The Scream cipher is a word-based stream cipher developed by Shai Halevi, Don Coppersmith and Charanjit Jutla from IBM.

The Hasty Pudding cipher (HPC) is a variable-block-size block cipher designed by Richard Schroeppel, which was an unsuccessful candidate in the competition for selecting the U.S. Advanced Encryption Standard (AES). It has a number of unusual properties for a block cipher: its input block size and key length are variable, and it includes an additional input parameter called the "spice" for use as a secondary, non-secret key. The Hasty Pudding cipher was the only AES candidate designed exclusively by U.S. cryptographers.

In cryptography, the QUAD cipher is a stream cipher which was designed with provable security arguments in mind.

An AES instruction set is a set of instructions that are specifically designed to perform AES encryption and decryption operations efficiently. These instructions are typically found in modern processors and can greatly accelerate AES operations compared to software implementations. An AES instruction set includes instructions for key expansion, encryption, and decryption using various key sizes.

In cryptography, format-preserving encryption (FPE), refers to encrypting in such a way that the output is in the same format as the input. The meaning of "format" varies. Typically only finite sets of characters are used; numeric, alphabetic or alphanumeric. For example:

Microsoft Office password protection is a security feature that allows Microsoft Office documents to be protected with a user-provided password.

<span class="mw-page-title-main">Speck (cipher)</span> Family of block ciphers

Speck is a family of lightweight block ciphers publicly released by the National Security Agency (NSA) in June 2013. Speck has been optimized for performance in software implementations, while its sister algorithm, Simon, has been optimized for hardware implementations. Speck is an add–rotate–xor (ARX) cipher.

ChaCha20-Poly1305 is an authenticated encryption with associated data (AEAD) algorithm, that combines the ChaCha20 stream cipher with the Poly1305 message authentication code. It has fast software performance, and without hardware acceleration, is usually faster than AES-GCM.

References

  1. 1 2 Wu, Hongjun (2004). "A New Stream Cipher HC-256" (PDF). Fast Software Encryption – FSE 2004, LNCS 3017: 226–244.
  2. 1 2 Wu, Hongjun (2004). "The Stream Cipher HC-128" (PDF). Archived from the original (PDF) on 2008-07-24. Retrieved 2010-11-15.{{cite journal}}: Cite journal requires |journal= (help)
  3. "The eSTREAM Project". Archived from the original on 2017-02-13. Retrieved 2010-11-15.
  4. Chattopadhyay, Anupam; Khalid, Ayesha; Maitra, Subhamoy; Raizada, Shashwat (2012). "Designing high-throughput hardware accelerator for stream cipher HC-128". 2012 IEEE International Symposium on Circuits and Systems. pp. 1448–1451. doi:10.1109/ISCAS.2012.6271518. ISBN   978-1-4673-0219-7. S2CID   5520516.
  5. Khalid, Ayesha; Bagchi, Deblin; Paul, Goutam; Chattopadhyay, Anupam (2013). "Optimized GPU Implementation and Performance Analysis of HC Series of Stream Ciphers". Information Security and Cryptology – ICISC 2012. Lecture Notes in Computer Science. Vol. 7839. pp. 293–308. doi:10.1007/978-3-642-37682-5_21. ISBN   978-3-642-37681-8.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.