Cryptography
Essay by review • November 29, 2010 • Research Paper • 546 Words (3 Pages) • 1,013 Views
Helix
Fast Encryption and Authentication
in a Single Cryptographic Primitive
Niels Ferguson 1 , Doug Whiting 2 , Bruce Schneier 3 , John Kelsey 4 , Stefan
Lucks 5 , and Tadayoshi Kohno 6
1
MacFergus, niels@ferguson.net
2
HiFn, dwhiting@hifn.com
3
Counterpane Internet Security, schneier@counterpane.com
4 kelsey.j@ix.netcom.com
5
UniversitÐ at Mannheim, lucks@weisskugel.informatik.uni-mannheim.de
6
UCSD, tkohno@cs.ucsd.edu
Abstract. Helix is a high-speed stream cipher with a built-in MAC function-ality.
On a Pentium II CPU it is about twice as fast as Rijndael or Twofish,
and comparable in speed to RC4. The overhead per encrypted/authenticated
message is low, making it suitable for small messages. It is efficient in both
hardware and software, and with some pre-computation can effectively switch
keys on a per-message basis without additional overhead.
Keywords: Stream cipher, MAC, authentication, encryption.
1 Introduction
Securing data in transmission is the most common real-life cryptographic prob-lem.
Basic security services require both encryption and authentication. This
is (almost) always done using a symmetric cipher--public-key systems are only
used to set up symmetric keys--and a Message Authentication Code (MAC).
The AES process provided a number of very good block cipher designs, as
well as a new block cipher standard. The cryptographic community learned a
lot during the selection process about the engineering criteria for a good cipher.
AES candidates were compared in performance and cost in many different
implementation settings. We learned more about the importance of fast re-keying
and tiny-memory implementations, the cost of S-boxes and circuit-depth
for hardware implementations, the slowness of multiplication on some
platforms, and other performance considerations.
The community also learned about the difference of cryptanalysis in theory
versus cryptanalysis in practice. Many block cipher modes restrict the types
of attack that can be performed on the underlying block cipher. Yet the gener-ally
accepted attack model for block ciphers is very liberal. Any method that
distinguishes the block cipher from a random permutation is considered an attack. Each block cipher operation must protect against all types of attack.
The resulting over-engineering leads to inefficiencies.
Computer network properties like synchronization and error correction
...
...