Intel Cascade Cipher

Intel Cascade Cipher

Infobox block cipher
name = Intel Cascaded Cipher


caption =
designers = Ernie Brickell, Gary Graunke
publish date =
derived from = AES, Serpent
derived to =
related to =
certification =
key size = 128 bits
block size = 128 bits
structure = AES-128 in counter mode supplying key material to Serpent
rounds = 10 rounds of AES, 3 (out of 32) rounds of Serpent
cryptanalysis = Specifications not published

In cryptography, the Intel Cascaded Cipher, is a relatively new, high bandwidth block cipher, used as an optional component of the Output Content Protection DRM scheme of the Microsoft Windows Vista operating system. The cipher is based on Advanced Encryption Standard (AES) operating in counter mode, used for generating keys, and a 3-round version of Serpent for encrypting actual content.

The Cascaded Cipher has not been subject to an open peer review process. A license for using the Cascaded Cipher is required from Intel Corporation.

Description

The Cascaded Cipher specifications are not currently available on the Intel web site or in academic journals. A description of the structure of the cipher appears in a US patent application. In this case, the patent application only describes the inventive steps as claimed by its inventors, and is not a specification of the cipher as it is intended to be used to protect content in Windows Vista.

There are two embodiments of the cipher described in the US patent application.

CTR-ECB mode

In the counter-electronic codebook mode, the Cascaded Cipher uses full strength AES-128 in counter mode to generate a secure key stream and supplies this key-stream to a reduced round Serpent in electronic codebook mode to encrypt each plaintext block. To increase performance, each inner key stream block is reused several times to encrypt multiple blocks.

CTR-CTR mode

In the counter-counter mode, the Cascaded Cipher uses full-strength AES-128 in counter mode to generate a secure key stream and supplies this key-stream to a reduced round Serpent also operating in counter mode to encrypt each plaintext block. To increase performance, each inner key stream block is reused several times to encrypt multiple blocks.

ecurity

In the Microsoft document "Output Content Protection and Windows Vista", it is claimed that: "The security level achieved for typical video data is estimated to be approaching that of regular AES. This assertion is being tested by Intel putting its Cascaded Cipher out to the cryptography community to get their security assessment — that is, to see if they can break it."

The security of the system requires that it is impossible to recover the currently active inner key from the output of the reduced round Serpent encrypted video stream. Furthermore, the security of this method is highly sensitive to the number of rounds used in Serpent, the mode of operation described in the patent application, and the number of times the inner key is reused.

References

*
*


Wikimedia Foundation. 2010.

Игры ⚽ Нужно сделать НИР?

Look at other dictionaries:

  • Cipher security summary — This article summarizes publicly known attacks against ciphers. Note that not all entries may be up to date. Table color key No known successful attacks Theoretical break Attack demonstrated in practice The Best attack column lists the complexity …   Wikipedia

  • Block cipher modes of operation — This article is about cryptography. For method of operating , see modus operandi. In cryptography, modes of operation is the procedure of enabling the repeated and secure use of a block cipher under a single key.[1][2] A block cipher by itself… …   Wikipedia

  • Block cipher — In cryptography, a block cipher is a symmetric key cipher operating on fixed length groups of bits, called blocks, with an unvarying transformation. A block cipher encryption algorithm might take (for example) a 128 bit block of plaintext as… …   Wikipedia

  • Cryptomeria cipher — The Feistel function of the Cryptomeria cipher. General Designers 4C Entity First published …   Wikipedia

  • Mercy (cipher) — This article is about the block cipher. For other uses, see Mercy (disambiguation). Mercy General Designers Paul Crowley First published April 2000[1] Derived from WAKE …   Wikipedia

  • DFC (cipher) — This article is about the block cipher. For other uses, see DFC (disambiguation). DFC General Designers Jacques Stern, Serge Vaudenay, et al. First published 1998 Related to COCONUT98 Cipher detail …   Wikipedia

  • Crab (cipher) — This article is about the block cipher. For other uses, see Crab (disambiguation). Crab General Designers Burt Kaliski, Matt Robshaw First published 1993 Derived from MD5 Related to SHACAL …   Wikipedia

  • Nimbus (cipher) — This article is about the block cipher. For other uses, see Nimbus (disambiguation). Nimbus General Designers Alexis Machado First published 2000 Cipher detail Key sizes 128 bits Block sizes …   Wikipedia

  • NESSIE — For other uses, see Nessie (disambiguation). NESSIE (New European Schemes for Signatures, Integrity and Encryption) was a European research project funded from 2000–2003 to identify secure cryptographic primitives. The project was comparable to… …   Wikipedia

  • Data Encryption Standard — The Feistel function (F function) of DES General Designers IBM First publis …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”