Revisiting the IDEA Philosophy

Since almost two decades, the block cipher IDEA has resisted an exceptional number of cryptanalysis attempts. At the time of writing, the best published attack works against 6 out of the 8.5 rounds (in the non-related-key attacks model), employs almost the whole codebook, and improves the complexity of an exhaustive key search by a factor of only two. In a parallel way, Lipmaa demonstrated that IDEA can benefit from SIMD (Single Instruction, Multiple Data) instructions on high-end CPUs, resulting in very fast implementations. The aim of this paper is two-fold: first, we describe a parallel, time-constant implementation of eight instances of IDEA able to encrypt in counter mode at a speed of 5.42 cycles/byte on an Intel Core2 processor. This is comparable to the fastest stream ciphers and notably faster than the best known implementations of most block ciphers on the same processor. Second, we propose the design of a new block cipher, named WIDEA, leveraging on IDEA's outstanding security-performance ratio. We furthermore propose a new key-schedule algorithm in replacement of completely linear IDEA's one, and we show that it is possible to build a compression function able to process data at a speed of 5.98 cycles/byte. A significant property of WIDEA is that it closely follows the security rationales defined by Lai and Massey in 1990, hence inheriting all the cryptanalysis done the past 15 years in a very natural way.

[1]  Marc Joye,et al.  Cryptographic Hardware and Embedded Systems - CHES 2004 , 2004, Lecture Notes in Computer Science.

[2]  Christophe Clavier,et al.  Fault Analysis Study of IDEA , 2008, CT-RSA.

[3]  Gerhard Goos,et al.  Fast Software Encryption , 2001, Lecture Notes in Computer Science.

[4]  Anne Canteaut,et al.  Progress in Cryptology - INDOCRYPT 2004, 5th International Conference on Cryptology in India, Chennai, India, December 20-22, 2004, Proceedings , 2004, INDOCRYPT.

[5]  Alfredo De Santis,et al.  Advances in Cryptology — EUROCRYPT'94 , 1994, Lecture Notes in Computer Science.

[6]  Hüseyin Demirci Square-like Attacks on Reduced Rounds of IDEA , 2002, Selected Areas in Cryptography.

[7]  Paulo S. L. M. Barreto,et al.  SQUARE Attacks on Reduced-Round PES and IDEA Block Ciphers , 2001, IACR Cryptol. ePrint Arch..

[8]  Daniel J. Bernstein,et al.  Cache-timing attacks on AES , 2005 .

[9]  Vincent Rijmen,et al.  The MESH Block Ciphers , 2003, WISA.

[10]  Walter Fumy,et al.  Advances in Cryptology — EUROCRYPT ’97 , 2001, Lecture Notes in Computer Science.

[11]  Eli Biham,et al.  Related-Key Boomerang and Rectangle Attacks , 2005, EUROCRYPT.

[12]  Bruce Schneier,et al.  Side Channel Cryptanalysis of Product Ciphers , 1998, J. Comput. Secur..

[13]  Peter Schwabe,et al.  New AES Software Speed Records , 2008, INDOCRYPT.

[14]  Jürgen Pulkus,et al.  Switching Blindings with a View Towards IDEA , 2004, CHES.

[15]  Joos Vandewalle,et al.  The Biryukov-Demirci Attack on Reduced-Round Versions of IDEA and MESH Ciphers , 2004, ACISP.

[16]  Vincent Rijmen,et al.  The Block Cipher Square , 1997, FSE.

[17]  Håvard Raddum Cryptanalysis of IDEA-X/2 , 2003, FSE.

[18]  Tal Malkin Topics in Cryptology - CT-RSA 2008, The Cryptographers' Track at the RSA Conference 2008, San Francisco, CA, USA, April 8-11, 2008. Proceedings , 2008, CT-RSA.

[19]  Eli Biham,et al.  Miss in the Middle Attacks on IDEA and Khufu , 1999, FSE.

[20]  David Wagner,et al.  Integral Cryptanalysis (Extended abstract) , 2002, FSE 2002.

[21]  Vincent Rijmen,et al.  Two Attacks on Reduced IDEA (Extended Abstract) , 1997 .

[22]  Xuejia Lai,et al.  On the design and security of block ciphers , 1992 .

[23]  Eli Biham,et al.  Differential cryptanalysis of DES-like cryptosystems , 1990, Journal of Cryptology.

[24]  Vincent Rijmen,et al.  The Design of Rijndael , 2002, Information Security and Cryptography.

[25]  Ivan Bjerre Damgård,et al.  Advances in Cryptology — EUROCRYPT ’90 , 2001, Lecture Notes in Computer Science.

[26]  Willi Meier,et al.  On the Security of the IDEA Block Cipher , 1994, EUROCRYPT.

[27]  Jorge Nakahara Faster Variants of the MESH Block Ciphers , 2004, INDOCRYPT.

[28]  Vincent Rijmen,et al.  Progress in Cryptology - INDOCRYPT 2008, 9th International Conference on Cryptology in India, Kharagpur, India, December 14-17, 2008. Proceedings , 2008, INDOCRYPT.

[29]  Peter Schwabe,et al.  Faster and Timing-Attack Resistant AES-GCM , 2009, CHES.

[30]  Serge Vaudenay,et al.  Black Box Cryptanalysis of Hash Networks Based on Multipermutations , 1994, EUROCRYPT.

[31]  Joos Vandewalle,et al.  The Biryukov-Demirci Attack on IDEA and MESH Ciphers , 2003 .

[32]  Ali Aydin Selçuk,et al.  A New Meet-in-the-Middle Attack on the IDEA Block Cipher , 2003, Selected Areas in Cryptography.

[33]  Adi Shamir,et al.  Cache Attacks and Countermeasures: The Case of AES , 2006, CT-RSA.

[34]  Michael E. Kounavis,et al.  Vortex: A New Family of One Way Hash Functions based on Rijndael Rounds and Carry-less Multiplication , 2008, IACR Cryptol. ePrint Arch..

[35]  Aggelos Kiayias,et al.  Polynomial Reconstruction Based Cryptography , 2001, Selected Areas in Cryptography.

[36]  David A. Wagner,et al.  Multiplicative Differentials , 2002, FSE.

[37]  David Pointcheval Topics in Cryptology - CT-RSA 2006, The Cryptographers' Track at the RSA Conference 2006, San Jose, CA, USA, February 13-17, 2006, Proceedings , 2006, CT-RSA.

[38]  Xuejia Lai,et al.  A Proposal for a New Block Encryption Standard , 1991, EUROCRYPT.

[39]  Ingrid Verbauwhede,et al.  Cryptographic hardware and embedded systems : CHES 2007 : 9th International Workshop, Vienna, Austria, September 10-13, 2007 : proceedings , 2007 .

[40]  Vincent Rijmen,et al.  Two Attacks on Reduced IDEA , 1997, EUROCRYPT.

[41]  Information Security and Privacy , 1996, Lecture Notes in Computer Science.

[42]  Eli Biham,et al.  A New Attack on 6-Round IDEA , 2007, FSE.

[43]  Ronald Cramer,et al.  Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings , 2005, EUROCRYPT.

[44]  Kefei Chen,et al.  Advances in Cryptology - ASIACRYPT 2006, 12th International Conference on the Theory and Application of Cryptology and Information Security, Shanghai, China, December 3-7, 2006, Proceedings , 2006, ASIACRYPT.

[45]  Eli Biham,et al.  A Fast New DES Implementation in Software , 1997, FSE.

[46]  Tor Helleseth,et al.  Advances in Cryptology — EUROCRYPT ’93 , 2001, Lecture Notes in Computer Science.

[47]  Pascal Junod,et al.  New Attacks Against Reduced-Round Versions of IDEA , 2005, FSE.

[48]  Jorge Nakahara Júnior Faster variants of the MESH block ciphers , 2004 .

[49]  Mitsuru Matsui,et al.  On the Power of Bitslice Implementation on Intel Core2 Processor , 2007, CHES.

[50]  Christof Paar,et al.  DPA on n-Bit Sized Boolean and Arithmetic Operations and Its Application to IDEA, RC6, and the HMAC-Construction , 2004, CHES.

[51]  Eli Biham,et al.  A Unified Approach to Related-Key Attacks , 2008, FSE.

[52]  Helger Lipmaa,et al.  IDEA: A Cipher For Multimedia Architectures? , 1998, Selected Areas in Cryptography.