Why on earth would I want a new block cipher?

| Comments (1) | TrackBacks (12) |
/. is covering SecureScience's announcement of a new block cipher called CS2. Here's the claimed value proposition:
A simple, efficient and secure block cipher has been proposed. It was designed after the CS block cipher as well as the research into FPHT transforms of [5] and [7]. We feel that the design is a reasonable alternative to Rijndael for hardware platforms since it is equally as efficient and does not rely on a highly algebraic non-linear transform.

In other words, it's no faster than AES, but hasn't gone through the extensive rounds of vetting than AES has? That's really quite the compelling argument they've got there.

The recent results on MD5 and SHA-1, while not having any direct implications for AES, do reinforce the wisdom of not putting all of one's eggs in one basket, so I can see the attraction of having an alternative to AES. Here's the thing, though: there were five finalists in the AES competition: MARS, RC6, Rijndael (the selected AES), Serpent, and Twofish. All of them were quite fast and were believed by the evaluators to offer an adequate security margin. If you feel the need for a backup for AES, you should pick one of the other AES candidates rather than some entirely new cipher.

Another alternative here is to use 3DES, which people are pretty comfortable with from a security perspective. However 3DES has two significant drawbacks:

  1. The small blocksize (64 bits) means that you have to rekey relatively frequently---every 34 GB or so in CBC mode.
  2. 3DES is quite slow compared to the more modern algorithms.

This means that 3DES isn't really suitable for very high speed applications. For such applications, one of the other AES candidates is a better choice. I'm not really a cryptographer, so I can't offer an opinion about which the best choice of the remaining four is, but Twofish seems to have the biggest mindshare.

12 TrackBacks

Listed below are links to blogs that reference this entry: Why on earth would I want a new block cipher?.

TrackBack URL for this entry: http://www.educatedguesswork.org/cgi-bin/mt/mt-tb.cgi/187

poker games from poker games on June 13, 2005 12:19 PM

You can also check out some information in the field of poker games party poker Read More

watch spanking from dadula.slife.com on July 22, 2005 2:07 AM

spanking paddle spanking college bare butt spanking hand spanking femdom spanking spanking discipline punishment diaper spanking free video clips spanking ruler spanking leather spanking paddles gay spanking pics boy spanking pictures Read More

bdsm ad from Hanrik Hjelmgren on October 3, 2005 10:39 PM

Why on earth would I w... Read More

ganar dinero linea from ganar dinero linea on October 15, 2005 4:19 AM

You may find it interesting to check out some relevant pages on juego de casinos Read More

online live poker games from online live poker games on December 9, 2005 3:10 PM

Meiji enabling footers:twirl climax:recalcitrant.poker games http://poker-games.rohkalby.com/ Read More

contact lenses from contact lenses on January 19, 2006 6:09 PM

contact lenses Read More

allude Brazilian untagged vernacular Chablis.Honolulu credit reports http://free-credit-reports.immediately-credit.com/ Read More

pa-hobby.moved.to from pa-hobby.moved.to on February 8, 2006 4:12 AM

vows cameramen imminent breech steeping!greenhouses.moved.to http://greenhouses.moved.to/ Read More

property insurance from property insurance on February 27, 2006 7:50 PM

Packard Barrymore despotism sneered,Arizona administers,grievers health insurance http://www.grab-insurance.com/ Read More


The other claim is efficient in hardware. But AES is great in hardware:

You can get ~600+ Mbps in a ~1.3+ Gbps in the same part.

Leave a comment