Treyfer

Last updated
Treyfer
General
DesignersGideon Yuval
First published1997
Cipher detail
Key sizes 64 bits
Block sizes 64 bits
Rounds 32
Best public cryptanalysis
A slide attack using 232 known plaintexts and 244 work succeeds for any number of rounds

In cryptography, Treyfer is a block cipher/MAC designed in 1997 by Gideon Yuval. Aimed at smart card applications, the algorithm is extremely simple and compact; it can be implemented in just 29 bytes of 8051 machine code. [1]

Contents

Treyfer has a rather small key size and block size of 64 bits each. All operations are byte-oriented, and there is a single 8×8-bit S-box. The S-box is left undefined; the implementation can simply use whatever data is available in memory. In each round, each byte has added to it the S-box value of the sum of a key byte and the previous data byte, then it is rotated left one bit. The design attempts to compensate for the simplicity of this round transformation by using 32 rounds.

Due to the simplicity of its key schedule, using the same eight key bytes in each round, Treyfer was one of the first ciphers shown to be susceptible to a slide attack. This cryptanalysis, which is independent of the number of rounds and the choice of S-box, requires 232 known plaintexts and 244 computation time.

Implementation

A simple implementation of Treyfer can be done as follows [2] 

#include<stdint.h>#define NUMROUNDS 32externuint8_tconstsbox[256];voidtreyfer_encrypt(uint8_t*text[8],uint8_tconstkey[8]){unsignedi;uint8_tt=*text[0];for(i=0;i<8*NUMROUNDS;i++){t+=key[i%8];t=sbox[t]+*text[(i+1)%8];t=(t<<1)|(t>>7);/* Rotate left 1 bit */*text[(i+1)%8]=t}}voidencrypt(uint8_t*text[8],uint8_tconstkey[8]){unsignedinti=0;unsignedintj=0;uint8_tt=0;t=text[0];for(j=0;j<NUMROUNDS;j++){for(i=0;i<8;i++){t=t+key[i];t=sbox[t]+*text[(i+1)%8];t=(t<<1)|(t>>7);*text[(i+1)%8]=t;}}}voiddecrypt(uint8_t*text[8],uint8_tconstkey[8]){inti=0;intj=0;uint8_ttop=0;uint8_tbottom=0;for(j=0;j<NUMROUNDS;j++){for(i=7;i>=0;i--){top=*text[i]+key[i];top=sbox[top];bottom=*text[(i+1)%8];bottom=(bottom>>1)|(bottom<<7);*text[(i+1)%8]=bottom-top;}}}

See also

Related Research Articles

<span class="mw-page-title-main">Advanced Encryption Standard</span> Standard for the encryption of electronic data

The Advanced Encryption Standard (AES), also known by its original name Rijndael, is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001.

Blowfish is a symmetric-key block cipher, designed in 1993 by Bruce Schneier and included in many cipher suites and encryption products. Blowfish provides a good encryption rate in software, and no effective cryptanalysis of it has been found to date. However, the Advanced Encryption Standard (AES) now receives more attention, and Schneier recommends Twofish for modern applications.

<span class="mw-page-title-main">RC5</span> Block cipher

In cryptography, RC5 is a symmetric-key block cipher notable for its simplicity. Designed by Ronald Rivest in 1994, RC stands for "Rivest Cipher", or alternatively, "Ron's Code". The Advanced Encryption Standard (AES) candidate RC6 was based on RC5.

<span class="mw-page-title-main">Serpent (cipher)</span>

Serpent is a symmetric key block cipher that was a finalist in the Advanced Encryption Standard (AES) contest, in which it ranked second to Rijndael. Serpent was designed by Ross Anderson, Eli Biham, and Lars Knudsen.

<span class="mw-page-title-main">Tiny Encryption Algorithm</span> Block cipher

In cryptography, the Tiny Encryption Algorithm (TEA) is a block cipher notable for its simplicity of description and implementation, typically a few lines of code. It was designed by David Wheeler and Roger Needham of the Cambridge Computer Laboratory; it was first presented at the Fast Software Encryption workshop in Leuven in 1994, and first published in the proceedings of that workshop.

<span class="mw-page-title-main">XTEA</span> Block cipher

In cryptography, XTEA is a block cipher designed to correct weaknesses in TEA. The cipher's designers were David Wheeler and Roger Needham of the Cambridge Computer Laboratory, and the algorithm was presented in an unpublished technical report in 1997. It is not subject to any patents.

Red Pike is a classified United Kingdom government encryption algorithm, proposed for use by the National Health Service by GCHQ, but designed for a "broad range of applications in the British government" Archived 2004-04-23 at the Wayback Machine. Little is publicly known about Red Pike, except that it is a block cipher with a 64-bit block size and 64-bit key length. According to the academic study of the cipher cited below and quoted in a paper by Ross Anderson and Markus Kuhn, it "uses the same basic operations as RC5" and "has no look-up tables, virtually no key schedule and requires only five lines of code"; "the influence of each key bit quickly cascades" and "each encryption involves of the order of 100 operations". 64 bits of key entropy are not considered secure anymore.

The Fletcher checksum is an algorithm for computing a position-dependent checksum devised by John G. Fletcher (1934–2012) at Lawrence Livermore Labs in the late 1970s. The objective of the Fletcher checksum was to provide error-detection properties approaching those of a cyclic redundancy check but with the lower computational effort associated with summation techniques.

In cryptography, Madryga is a block cipher published in 1984 by W. E. Madryga. It was designed to be easy and efficient for implementation in software. Serious weaknesses have since been found in the algorithm, but it was one of the first encryption algorithms to make use of data-dependent rotations, later used in other ciphers, such as RC5 and RC6.

The Rijndael S-box is a substitution box used in the Rijndael cipher, on which the Advanced Encryption Standard (AES) cryptographic algorithm is based.

The bitap algorithm is an approximate string matching algorithm. The algorithm tells whether a given text contains a substring which is "approximately equal" to a given pattern, where approximate equality is defined in terms of Levenshtein distance – if the substring and pattern are within a given distance k of each other, then the algorithm considers them equal. The algorithm begins by precomputing a set of bitmasks containing one bit for each element of the pattern. Then it is able to do most of the work with bitwise operations, which are extremely fast.

A bit field is a data structure that consists of one or more adjacent bits which have been allocated for specific purposes, so that any single bit or group of bits within the structure can be set or inspected. A bit field is most commonly used to represent integral types of known, fixed bit-width, such as single-bit Booleans.

<span class="mw-page-title-main">Salsa20</span> Stream ciphers

Salsa20 and the closely related ChaCha are stream ciphers developed by Daniel J. Bernstein. Salsa20, the original cipher, was designed in 2005, then later submitted to the eSTREAM European Union cryptographic validation process by Bernstein. ChaCha is a modification of Salsa20 published in 2008. It uses a new round function that increases diffusion and increases performance on some architectures.

Py is a stream cipher submitted to eSTREAM by Eli Biham and Jennifer Seberry. It is one of the fastest eSTREAM candidates at around 2.6 cycles per byte on some platforms. It has a structure a little like RC4, but adds an array of 260 32-bit words which are indexed using a permutation of bytes, and produces 64 bits in each round.

In cryptography, Galois/Counter Mode (GCM) is a mode of operation for symmetric-key cryptographic block ciphers which is widely adopted for its performance. GCM throughput rates for state-of-the-art, high-speed communication channels can be achieved with inexpensive hardware resources.

In cryptography, the Fluhrer, Mantin and Shamir attack is a stream cipher attack on the widely used RC4 stream cipher. The attack allows an attacker to recover the key in an RC4 encrypted stream from a large number of messages in that stream.

bcrypt is a password-hashing function designed by Niels Provos and David Mazières, based on the Blowfish cipher and presented at USENIX in 1999. Besides incorporating a salt to protect against rainbow table attacks, bcrypt is an adaptive function: over time, the iteration count can be increased to make it slower, so it remains resistant to brute-force search attacks even with increasing computation power.

Consistent Overhead Byte Stuffing (COBS) is an algorithm for encoding data bytes that results in efficient, reliable, unambiguous packet framing regardless of packet content, thus making it easy for receiving applications to recover from malformed packets. It employs a particular byte value, typically zero, to serve as a packet delimiter. When zero is used as a delimiter, the algorithm replaces each zero data byte with a non-zero value so that no zero data bytes will appear in the packet and thus be misinterpreted as packet boundaries.

In the C programming language, operations can be performed on a bit level using bitwise operators.

<span class="mw-page-title-main">Speck (cipher)</span> Family of block ciphers

Speck is a family of lightweight block ciphers publicly released by the National Security Agency (NSA) in June 2013. Speck has been optimized for performance in software implementations, while its sister algorithm, Simon, has been optimized for hardware implementations. Speck is an add–rotate–xor (ARX) cipher.

References

  1. "A Related-Key Attack on Treyfer" (PDF). encs.concordia.ca. Retrieved 2024-04-01.
  2. "C implementation of Treyfer". Stackoverflow.com. Retrieved 2022-11-27.


This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.