A message authenticator algorithm suitable for a mainframe computer
Proceedings of CRYPTO 84 on Advances in cryptology
Cycle structure of the DES with weak and semi-weak keys
Proceedings on Advances in cryptology---CRYPTO '86
Is the data encryption standard a group? (Results of cycling experiments on DES)
Journal of Cryptology
LOKI—a cryptographic primitive for authentication and secrecy applications
AUSCRYPT '90 Proceedings of the international conference on cryptology on Advances in cryptology
A fast software one-way hash function
Journal of Cryptology
Nonlinearity criteria for cryptographic functions
EUROCRYPT '89 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
Constructions of bent functions and difference sets
EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
Propagation characteristics of Boolean functions
EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
A proposal for a new block encryption standard
EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
On immunity against Biham and Shamir's “differential cryptanalysis”
Information Processing Letters
A formal and practical design procedure for substitution-permutation network cryptosystems
A formal and practical design procedure for substitution-permutation network cryptosystems
Differential cryptanalysis of the data encryption standard
Differential cryptanalysis of the data encryption standard
Systematic generation of cryptographically robust S-boxes
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
The Data Encryption Standard (DES) and its strength against attacks
IBM Journal of Research and Development
Linear cryptanalysis method for DES cipher
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
New types of cryptanalytic attacks using related keys
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
The Real Reason for Rivest's Phenomenon
CRYPTO '85 Advances in Cryptology
CRYPTO '85 Advances in Cryptology
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Fast Software Encryption Functions
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
On the Design of SP Networks From an Information Theoretic Point of View
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Provable Security Against Differential Cryptanalysis
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Iterative Characteristics of DES and s²-DES
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Improving Resistance to Differential Cryptanalysis and the Redesign of LOKI
ASIACRYPT '91 Proceedings of the International Conference on the Theory and Applications of Cryptology: Advances in Cryptology
ASIACRYPT '92 Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
SAFER K-64: A Byte-Oriented Block-Ciphering Algorithm
Fast Software Encryption, Cambridge Security Workshop
A generalization of linear cryptanalysis and the applicability of Matsui's piling-up lemma
EUROCRYPT'95 Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques
IPDPS '02 Proceedings of the 16th International Parallel and Distributed Processing Symposium
Key-Dependent S-Box Manipulations
SAC '98 Proceedings of the Selected Areas in Cryptography
Higher Order Differential Attack Using Chosen Higher Order Differences
SAC '98 Proceedings of the Selected Areas in Cryptography
Fast Multimedia Encryption in JAVA: Using Unbalanced Luby/Rackoff Ciphers
ECMAST '99 Proceedings of the 4th European Conference on Multimedia Applications, Services and Techniques
Recent Developments in the Design of Conventional Cryptographic Algorithms
State of the Art in Applied Cryptography, Course on Computer Security and Industrial Cryptography - Revised Lectures
Higher Order Differential Attak of CAST Cipher
FSE '98 Proceedings of the 5th International Workshop on Fast Software Encryption
Note: Generalized hyper-bent functions over GF(p)
Discrete Applied Mathematics
JEA K-128: a novel encryption algorithm using VHDL
WSEAS Transactions on Computers
Security analysis of the GF-NLFSR structure and four-cell block cipher
ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
The stream cipher core of the 3GPP encryption standard 128-EEA3: timing attacks and countermeasures
Inscrypt'11 Proceedings of the 7th international conference on Information Security and Cryptology
| Hi-index | 0.00 |
This paper describes the CAST design procedure for constructinga family of DES-like Substitution-Permutation Network (SPN) cryptosystemswhich appear to have good resistance to differential cryptanalysis,linear cryptanalysis, and related-key cryptanalysis, along witha number of other desirable cryptographic properties. Detailsof the design choices in the procedure are given, including thoseregarding the component substitution boxes (s-boxes), the overallframework, the key schedule, and the round function. An exampleCAST cipher, an output of this design procedure, is presentedas an aid to understanding the concepts and to encourage detailedanalysis by the cryptologic community.