Cryptology ePrint Archive: Report 2010/426
Parallelizing the Camellia and SMS4 Block Ciphers - Extended version
Huihui Yap and Khoongming Khoo and Axel Poschmann
Abstract: The n-cell GF-NLFSR (Generalized Feistel-NonLinear Feedback Shift Register) structure  is a generalized unbalanced Feistel network that can be considered as a generalization of the outer function FO of the KASUMI block cipher. An advantage of this cipher over other n-cell generalized Feistel networks, e.g. SMS4  and Camellia , is that it is parallelizable for up to n rounds. In hardware implementations, the benefits translate to speeding up encryption by up to n times while consuming similar area and significantly less power. At the same time n-cell GF-NLFSR structures offer similar proofs of security against differential cryptanalysis as conventional n-cell Feistel structures. We also ensure that parallelized versions of Camellia and SMS4 are resistant against other block cipher attacks such as linear, boomerang, integral, impossible differential, higher order differential,interpolation, slide, XSL and related-key differential attacks.
Category / Keywords: secret-key cryptography / Generalized Unbalanced Feistel Network, GF-NLFSR, Camellia, SMS4
Publication Info: Extended version of paper in Africacrypt 2010
Date: received 1 Aug 2010, last revised 2 Aug 2010
Contact author: yhuihui at dso org sg
Available formats: PDF | BibTeX Citation
Note: 1. We added an explanation of the duality between differential and linear cryptanalysis for the p-Camellia and p-SMS4 structures.
2. We corrected a slight notational error in the proof of protection against linear cryptanalysis for p-Camellia in the conference paper.
3. We added a proof for protection against linear cryptanalysis for p-SMS4, which was not presented in the conference paper.
4. We did a hardware implementation of p-Camellia and p-SMS4 and presented the speed-up over Camellia, SMS4 in this extended paper.
5. We added test vectors for p-Camellia and p-SMS4.
Version: 20100803:005216 (All versions of this report)
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]