KHAZAD
From Wikipedia, the free encyclopedia
| Designer(s): | Vincent Rijmen and Paulo S. L. M. Barreto |
|---|---|
| First published: | 2000 |
| Derived from: | SHARK |
| Key size(s): | 128 bits |
| Block size(s): | 64 bits |
| Structure: | substitution-permutation network |
| Rounds: | 8 |
| Best public cryptanalysis: | |
| No attack better than on the first five rounds is known. | |
In cryptography, KHAZAD is a block cipher designed by Paulo S. L. M. Barreto together with Vincent Rijmen, one of the designers of the Advanced Encryption Standard (Rijndael). KHAZAD is named after Khazad-dûm, the fictional dwarven realm in the writings of J. R. R. Tolkien (see also Khazad). KHAZAD was presented at the first NESSIE workshop in 2000, and, after some small changes, was selected as a finalist in the project.
KHAZAD has an eight-round substitution-permutation network structure similar to that of SHARK, a forerunner to Rijndael. The design is classed as a "legacy-level" algorithm, with a 64-bit block size (in common with older ciphers such as DES and IDEA) and a 128-bit key. KHAZAD makes heavy use of involutions as subcomponents; this minimises the difference between the algorithms for encryption and decryption.
The authors have stated that, "KHAZAD is not (and will never be) patented. It may be used free of charge for any purpose."
Frédérik Muller has discovered an attack which can break five of KHAZAD's eight rounds. No attacks better than this are known as of November 2005.
[edit] References
- P. Barreto, V. Rijmen, "The Khazad legacy-level block cipher," First open NESSIE Workshop, Leuven, 13-14 November 2000, 15 pages.
- Frédérik Muller, "A New Attack against Khazad", ASIACRYPT 2003 347-358
