Mercy: A Fast Large Block Cipher for Disk Sector Encryption

We discuss the special requirements imposed on the underlying cipher of systems which encrypt each sector of a disk partition independently, and demonstrate a certificational weakness in some existing block ciphers including Bellare and Rogaway's 1999 proposal, proposing a new quantitative measure of avalanche. To address these needs, we present Mercy, a new block cipher accepting large (4096-bit) blocks, which uses a key-dependent state machine to build a bijective F function for a Feistel cipher. Mercy achieves 9 cycles/byte on a Pentium compatible processor.

[1]  Dieter Gollmann,et al.  Fast software encryption : Third International Workshop, Cambridge, UK, February 21-23, 1996 : proceedings , 1996, FSE 1996.

[2]  James L. Massey,et al.  SAFER K-64: A Byte-Oriented Block-Ciphering Algorithm , 1993, FSE.

[3]  Rodney Thayer,et al.  A Stream Cipher Encryption Algorithm , 1997 .

[4]  Rodney Thayer,et al.  A Stream Cipher Encryption Algorithm 'Arcfour' , 1999 .

[5]  Stefan Lucks BEAST: A Fast Block Cipher for Arbitrary Blocksizes , 1996, Communications and Multimedia Security.

[6]  Phillip Rogaway,et al.  A Software-Optimised Encryption Algorithm , 1993, FSE.

[7]  Eli Biham,et al.  How to Strengthen DES Using Existing Hardware , 1994, ASIACRYPT.

[8]  Scott R. Fluhrer Cryptanalysis of the Mercy Block Cipher , 2001, FSE.

[9]  David J. Wheeler A Bulk Data Encription Algorithm , 1993, FSE.

[10]  Eli Biham Fast software encryption : 4th International Workshop, FSE '97, Haifa, Israel, January 20-22, 1997 : proceedings , 1997, FSE 1997.

[11]  Joan Daemen,et al.  Fast Hashing and Stream Encryption with PANAMA , 1998, FSE.

[12]  Mihir Bellare,et al.  On the Construction of Variable-Input-Length Ciphers , 1999, FSE.

[13]  B. Preneel Fast Software Encryption: Second International Workshop, Leuven, Belgium, December 14-16, 1994. Proceedings , 1995 .

[14]  Craig S. K. Clapp,et al.  Optimizing a Fast Stream Cipher for VLIW, SIMD, and Superscalar Processors , 1997, FSE.

[15]  Bruce Schneier,et al.  Fast Software Encryption: Designing Encryption Algorithms for Optimal Software Speed on the Intel Pentium Processor , 1997, FSE.

[16]  Mitsuru Matsui,et al.  New Structure of Block Ciphers with Provable Security against Differential and Linear Cryptanalysis , 1996, FSE.

[17]  Eli Biham,et al.  Two Practical and Provably Secure Block Ciphers: BEARS and LION , 1996, FSE.

[18]  Phillip Rogaway,et al.  A Software-Optimized Encryption Algorithm , 1998, Journal of Cryptology.

[19]  Chris J. Mitchell Authenticating Multicast Internet Electronic Mail Messages Using a Bidirectional MAC is Insecure , 1992, IEEE Trans. Computers.

[20]  Joan Daemen,et al.  AES Proposal : Rijndael , 1998 .