Cryptography Reference
In-Depth Information
C achieves a throughput of about 60 Mbit/s at a frequency of 1 GHz. However, it
performs quite well on small microprocessors, which are common in inexpensive
consumer products.
PRESENT-80 can be implemented in hardware with area requirements of ap-
proximately 1600 gate equivalences [147], where the encryption of one 64-bit plain-
text block requires 32 clock cycles. As an example, at a clock rate of 1 MHz, which
is quite typical on low-cost devices, a throughput of 2 Mbit/s is achieved, which is
sufficient for most such applications. It is possible to realize the cipher with as few
as approximately 1000 gate equivalences, where the encryption of one 64-bit plain-
text requires 547 clock cycles. A fully pipelined implementation of PRESENT with
31 encryption stages achieves a throughput of 64 bit per clock cycle, which can be
tranlsated into encryption throughputs of more than 50 Gbit/s.
Even though no attacks against PRESENT are known at the time of writing, it
should be noted that it is a relatively new block cipher.
3.8 Discussion and Further Reading
DES History and Attacks
Even though plain DES (i.e., non-3DES) is today
mainly used in legacy applications, its history helps us understand the evolution
of cryptography since the mid-1970s from an obscure discipline almost solely stud-
ied in government organizations towards an open discipline with many players in
industry and academia. A summary of the DES history can be found in [165]. The
two main analytical attacks developed against DES, differential and linear crypt-
analysis, are today among the most powerful general methods for breaking block
ciphers. Readers interested in the theory of block ciphers are encouraged to study
these attacks. Good descriptions are given in [21, 114].
As we have seen in this chapter, DES should no longer be used since a brute-force
attack can be accomplished at low cost in little time with cryptanalytical hardware.
The two machines built outside governments, Deep Crack and COPACOBANA, are
instructive examples of how to build low-cost “supercomputers” for very narrowly
defined computational tasks. More information about Deep Crack can be found on
the Internet [78] and about COPACOBANA in the articles [105, 88] and online
at [47]. Readers interested in the fascinating area of cryptanalytical computers in
general should take a look at the SHARCS (Special-purpose Hardware for Attacking
Cryptographic Systems) workshop series, which started in 2005 and has information
online [170].
DES Alternatives
It should be noted that hundreds of block ciphers have been
proposed over the last three decades, especially in the late 1980s and in the 1990s.
DES has influenced the design of many other encryption algorithms. It is probably
fair to say that the majority of today's successful block ciphers have borrowed ideas
from DES. Some of the popular block ciphers are also based on Feistel networks
as is DES. Examples of Feistel ciphers include Blowfish, CAST, KASUMI, Mars,
