Rambutan (cryptography)

Last updated November 29, 2023

Rambutan is a family of encryption technologies designed by the Communications-Electronics Security Group (CESG), the technical division of the United Kingdom government's secret communications agency, GCHQ.

It includes a range of encryption products designed by CESG for use in handling confidential (not secret) communications between parts of the British government, government agencies, and related bodies such as NHS Trusts. Unlike CESG's Red Pike system, Rambutan is not available as software: it is distributed only as a self-contained electronic device (an ASIC) which implements the entire cryptosystem and handles the related key distribution and storage tasks.^[1] Rambutan is not sold outside the government sector.^[2]

Technical details of the Rambutan algorithm are secret. Security researcher Bruce Schneier describes it as being a stream cipher (linear-feedback shift register) based cryptosystem with 5 shift registers each of around 80 bits, and a key size of 112 bits.^[2] RAMBUTAN-I communications chips (which implement a secure X.25 based communications system) are made by approved contractors Racal and Baltimore Technologies/Zergo Ltd.^[3]^[4] CESG later specified RAMBUTAN-II, an enhanced system with backward compatibility with existing RAMBUTAN-I infrastructure.^[5] The RAMBUTAN-II chip is a 64-pin quad ceramic pack chip, which implements the electronic codebook, cipher block chaining, and output feedback operating modes (each in 64 bits) and the cipher feedback mode in 1 or 8 bits.^[6] Schneier suggests that these modes may indicate Rambutan is a block cipher rather than a stream.^[2] The three 64 bit modes operate at 88 megabits/second.^[6] Rambutan operates in three modes: ECB, CBC, and 8 bit CFB.^[7]

Related Research Articles

The Advanced Encryption Standard (AES), also known by its original name Rijndael, is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001.

Blowfish is a symmetric-key block cipher, designed in 1993 by Bruce Schneier and included in many cipher suites and encryption products. Blowfish provides a good encryption rate in software, and no effective cryptanalysis of it has been found to date. However, the Advanced Encryption Standard (AES) now receives more attention, and Schneier recommends Twofish for modern applications.

In cryptography, a block cipher is a deterministic algorithm that operates on fixed-length groups of bits, called blocks. Block ciphers are the elementary building blocks of many cryptographic protocols. They are ubiquitous in the storage and exchange of data, where such data is secured and authenticated via encryption.

<span class="mw-page-title-main">Cryptanalysis</span> Study of analyzing information systems in order to discover their hidden aspects

Cryptanalysis refers to the process of analyzing information systems in order to understand hidden aspects of the systems. Cryptanalysis is used to breach cryptographic security systems and gain access to the contents of encrypted messages, even if the cryptographic key is unknown.

The Data Encryption Standard is a symmetric-key algorithm for the encryption of digital data. Although its short key length of 56 bits makes it too insecure for modern applications, it has been highly influential in the advancement of cryptography.

In cryptography, an initialization vector (IV) or starting variable is an input to a cryptographic primitive being used to provide the initial state. The IV is typically required to be random or pseudorandom, but sometimes an IV only needs to be unpredictable or unique. Randomization is crucial for some encryption schemes to achieve semantic security, a property whereby repeated usage of the scheme under the same key does not allow an attacker to infer relationships between segments of the encrypted message. For block ciphers, the use of an IV is described by the modes of operation.

In cryptography, a block cipher mode of operation is an algorithm that uses a block cipher to provide information security such as confidentiality or authenticity. A block cipher by itself is only suitable for the secure cryptographic transformation of one fixed-length group of bits called a block. A mode of operation describes how to repeatedly apply a cipher's single-block operation to securely transform amounts of data larger than a block.

In cryptography, ciphertext or cyphertext is the result of encryption performed on plaintext using an algorithm, called a cipher. Ciphertext is also known as encrypted or encoded information because it contains a form of the original plaintext that is unreadable by a human or computer without the proper cipher to decrypt it. This process prevents the loss of sensitive information via hacking. Decryption, the inverse of encryption, is the process of turning ciphertext into readable plaintext. Ciphertext is not to be confused with codetext because the latter is a result of a code, not a cipher.

Articles related to cryptography include:

In cryptography, an S-box (substitution-box) is a basic component of symmetric key algorithms which performs substitution. In block ciphers, they are typically used to obscure the relationship between the key and the ciphertext, thus ensuring Shannon's property of confusion. Mathematically, an S-box is a nonlinear vectorial Boolean function.

<span class="mw-page-title-main">CAST-128</span> Block cipher

In cryptography, CAST-128 is a symmetric-key block cipher used in a number of products, notably as the default cipher in some versions of GPG and PGP. It has also been approved for Government of Canada use by the Communications Security Establishment. The algorithm was created in 1996 by Carlisle Adams and Stafford Tavares using the CAST design procedure.

In cryptography, Skipjack is a block cipher—an algorithm for encryption—developed by the U.S. National Security Agency (NSA). Initially classified, it was originally intended for use in the controversial Clipper chip. Subsequently, the algorithm was declassified.

In cryptography, snake oil is any cryptographic method or product considered to be bogus or fraudulent. The name derives from snake oil, one type of patent medicine widely available in 19th century United States.

In cryptography, nothing-up-my-sleeve numbers are any numbers which, by their construction, are above suspicion of hidden properties. They are used in creating cryptographic functions such as hashes and ciphers. These algorithms often need randomized constants for mixing or initialization purposes. The cryptographer may wish to pick these values in a way that demonstrates the constants were not selected for a nefarious purpose, for example, to create a backdoor to the algorithm. These fears can be allayed by using numbers created in a way that leaves little room for adjustment. An example would be the use of initial digits from the number $π$ as the constants. Using digits of $π$ millions of places after the decimal point would not be considered trustworthy because the algorithm designer might have selected that starting point because it created a secret weakness the designer could later exploit.

The security of cryptographic systems depends on some secret data that is known to authorized persons but unknown and unpredictable to others. To achieve this unpredictability, some randomization is typically employed. Modern cryptographic protocols often require frequent generation of random quantities. Cryptographic attacks that subvert or exploit weaknesses in this process are known as random number generator attacks.

Strong cryptography or cryptographically strong are general terms used to designate the cryptographic algorithms that, when used correctly, provide a very high level of protection against any eavesdropper, including the government agencies. There is no precise definition of the boundary line between the strong cryptography and (breakable) weak cryptography, as this border constantly shifts due to improvements in hardware and cryptanalysis techniques. These improvements eventually place the capabilities once available only to the NSA within the reach of a skilled individual, so in practice there are only two levels of cryptographic security, "cryptography that will stop your kid sister from reading your files, and cryptography that will stop major governments from reading your files".

In cryptography, SXAL is a block cipher designed in 1993 by Yokohama-based Laurel Intelligent Systems. It is normally used in a special mode of operation called MBAL. SXAL/MBAL has been used for encryption in a number of Japanese PC cards and smart cards.

<span class="mw-page-title-main">Cryptography</span> Practice and study of secure communication techniques

Cryptography, or cryptology, is the practice and study of techniques for secure communication in the presence of adversarial behavior. More generally, cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages. Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, information security, electrical engineering, digital signal processing, physics, and others. Core concepts related to information security are also central to cryptography. Practical applications of cryptography include electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications.

The following outline is provided as an overview of and topical guide to cryptography:

<span class="mw-page-title-main">Twofish</span> Block cipher

In cryptography, Twofish is a symmetric key block cipher with a block size of 128 bits and key sizes up to 256 bits. It was one of the five finalists of the Advanced Encryption Standard contest, but it was not selected for standardization. Twofish is related to the earlier block cipher Blowfish.

References

↑ "The use of encryption and related services with the NHSnet", report by Zergo Ltd.
1 2 3 Schneier, Bruce Applied Cryptography (2nd ed), John Wiley & Sons, 1996
↑ Racal Rambutan SAFE X25 and Rambutan SAFE 2M product descriptions Archived 30 September 2007 at the Wayback Machine
↑ Baltimore Technologies (UK) approved Rambutan devices Archived 30 September 2007 at the Wayback Machine
↑ "RAMBUTAN-II" Archived 6 February 2007 at the Wayback Machine , CESG website, URL retrieved 17 December 2006
1 2 "RAMBUTAN II cryptographic chip" Archived 28 September 2007 at the Wayback Machine , CESG brochure
↑ Schneier, Bruce (25 May 2017). Applied Cryptography: Protocols, Algorithms and Source Code in C. John Wiley & Sons. ISBN 9781119439028.

This cryptography-related article is a stub. You can help Wikipedia by expanding it.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[zergo-1] "The use of encryption and related services with the NHSnet", report by Zergo Ltd.

[schneier-2] 1 2 3 Schneier, Bruce Applied Cryptography (2nd ed), John Wiley & Sons, 1996

[racal-3] Racal Rambutan SAFE X25 and Rambutan SAFE 2M product descriptions Archived 30 September 2007 at the Wayback Machine

[baltimore-4] Baltimore Technologies (UK) approved Rambutan devices Archived 30 September 2007 at the Wayback Machine

[cesg-5] "RAMBUTAN-II" Archived 6 February 2007 at the Wayback Machine , CESG website, URL retrieved 17 December 2006

[brochure-6] 1 2 "RAMBUTAN II cryptographic chip" Archived 28 September 2007 at the Wayback Machine , CESG brochure

[7] Schneier, Bruce (25 May 2017). Applied Cryptography: Protocols, Algorithms and Source Code in C. John Wiley & Sons. ISBN 9781119439028.

[1]

[2]

[3]

[4]

[5]

[6]

[7]