The Twofish Encryption Algorithm: A 128-Bit Block Cipher The Twofish Encryption Algorithm: A 128-Bit Block Cipher
by Bruce Schneier ; John Kelsey ; Doug Whiting ; David Wagner ; Chris Hall ; Niels Ferguson
Wiley Computer Publishing, John Wiley & Sons, Inc.
ISBN: 0471353817   Pub Date: 03/01/99
  

Previous Table of Contents Next


Index

F-function 2, 9-11, 17, 18, 37, 47, 58-60, 63, 64, 72,73, 81-83, 85, 87, 91, 92, 95, 103, 143
F´-function 11, 64, 65, 143
g-function 7, 9-12, 15, 16, 18, 21, 37, 41, 48, 59-61, 65, 71, 72, 76, 83, 85, 88, 104, 125, 143
h-function 14-16, 18, 30-32, 37, 41, 48, 66, 70, 114, 144
q-box 14-16, 21, 22, 29, 31, 48-51, 69, 72, 73, 91, 114, 115, 122, 126, 130, 144, 145
16-bit CPU 3, 33, 34
3-Way 104
32-bit CPU 3, 19, 33, 34, 125
64-bit CPU 3
8-bit CPU 2-4, 19, 26, 33-35, 76, 125
6502 26
6805 2, 26, 28, 157
68040 20
Advanced Encryption Standard see AES
AES 1, 24, 34, 42, 43, 116, 129
candidate 74, 80, 121
design criteria 3, 42
process 1, 117, 130
standard 30
Akelarre 36
algebraic degree 103
Alpha CPU 29
assembly 19, 20, 22-25, 121, 157
attack
brute-force 42, 98
chosen ciphertext 38
chosen key 79
partial 109
chosen plaintext 4, 38, 104
adaptive 104
chosen-key 108, 119
collision-finding 119
differential 40, 52, 60, 75, 79, 90, 97, 99, 100, 104, 105, 112, 114, 115, 121, 130
differential-linear 103
higher-order differential 35, 40
interpolation 35, 103
keysearch 6
known plaintext 104
linear 40, 60, 76, 101, 102, 121, 130
meet-in-the-middle 79-82
non-related-key 61
non-surjective round function 40
partial key guessing 104, 126
partitioning 102
related-key 4, 36, 37, 40, 41, 48, 51, 52, 67, 76, 79, 104-108, 112, 119, 122-124, 126
differential 41, 56, 105-108, 110
slide 105
slide 40, 63, 104, 105, 112, 113, 125
statistical 36, 39, 60, 129
truncated differential 90
unknown 33, 35, 36, 100, 115
weak-key 36, 126
Bear/Lion 5
Biham, Eli 88, 105, 113
Biham-DES 39
birthday paradox 73, 113
block size 1, 7, 44, 46, 119, 120
Blowfish 5, 22, 34, 36-42, 47, 114, 121, 125, 126, 129
Borland C 19, 20, 22, 24
cache 22, 23, 25
CAST 35, 36, 38, 41
CAST-128 5, 35, 121
CBC mode 119
CBC-MAC 120
CFB mode 119, 129
characteristic
differential 48, 49, 52, 75, 76, 83, 90-93, 95-100, 103, 114, 143
2-round 115
2-round iterative 114, 115
iterative 115
trivial 115
truncated 90
iterative 60
key-dependent 75, 76
linear 48, 76, 101-103, 144
cipher
iterated 43, 104
product 5, 43
stream 1, 3, 4, 46, 121, 129
clock cycle 19, 20, 22, 24, 25, 30-32,34, 35, 57, 60
key setup 2, 21-23, 26, 28, 130
per block 2, 19, 23, 24, 26, 28, 34,
130
per byte 2, 21, 24, 34, 121
CMEA 38
code size 2, 19, 22-23, 25, 26, 28-29
complementation property 42, 75
confusion 43, 44, 103
counter mode 31, 119
CRISP 37
cryptanalysis
differential 35, 38, 39, 52, 76, 82-90, 100, 103, 115
differential-linear 103
higher-order differential 39, 90
linear 35, 52, 101-103, 116
generalised 102
non-linear 102
partitioning 102
related-key 35, 79, 104-108
differential 104
side-channel 111
power 111
timing 111
CS-Cipher 39, 41
cycle 5, 61
data-dependent rotation 34, 36
Davies-Meyer 119
Declaration of Independence 38
DES 1, 5-7, 22, 24, 26, 30, 33, 34, 37-43, 47, 61, 102, 103, 105, 116, 121
DES-X 5
DESV 58
difference sequence 52, 71
differential power analysis 111
diffusion 7, 35, 36, 43, 44, 54, 59, 125
global 129
discrete logarithm problem 116
dynamic swapping 58
ECB mode 31, 34
EEPROM 26-28
electronic emanation 111
EPIC 29
equivalent keys 40, 42, 74
factoring 116
family key 4, 38, 122-124
fault analysis Ill
FEAL 5, 33, 36, 39
FEAL-32 121
Feistel
cipher 5, 64, 113
function 113, 114, 143
half 126
network 2, 5, 34, 36, 44-48, 125
balanced 5
generalized 36
incomplete 46-47
source-heavy 46-47
target-heavy 46-47
unbalanced 5, 36
round 6, 34
structure 9, 40, 47, 54, 60, 125
two-dimensional 125
xor 31, 59, 61
Feistel, Horst 5, 44
Fields Medal 116
fixed point 49, 51
gate count 2, 4, 19, 30-32, 58, 76
GF(28) 7, 12, 13, 35, 48, 54-57, 67, 72, 145
GOST 5, 38, 104
Hamming weight 56, 71, 83, 85, 107
hardware 2-4, 6, 19, 26, 30, 35, 125,
129
hash function 1, 3, 4, 23, 41, 42, 79, 119, 120, 130
HAVAL 58
ICE 41
IDEA 33, 36, 37, 39, 41, 42, 46, 61, 75,121
interleave 31, 32, 34
Java 25
Jeroboam 33
key agility 4, 23, 28-29, 42
key schedule 2, 4, 7, 12, 21, 33, 36, 37, 40-42, 61, 63-77, 104, 125, 129
keysetup 19, 20, 22, 23, 28, 30, 40, 42
time 2, 3, 21, 22, 25, 27, 28, 35, 126
key stretching 42
keying
compiled 22-24, 57
full 21-24
minimal 21, 24
option 19, 21, 22
partial 21-24
zero 21, 22, 24
Khafre 5, 33, 38, 39, 46
Khufu 5, 33, 38, 39, 42, 46, 126
Kiefer 35
KN-cipher 35
Latin square 58
LEA opcode 22, 57, 125
little-endian convention 9, 11, 122
LOKI 5, 39, 41
LOK189 33, 39
LOK191 33, 39
LOK197 39
Lucifer 5, 6, 44, 75
MAC see message authentication code
MacGuffin 5, 46
Madryga 36
magic constant 115, 116
Manta 7
master-key cryptosystem 116
Matsui, Mitsuru 48
maximum distance separable see MDS
MD4 46, 58
MD5 46, 58
MDS code 6
MDS matrix 2, 6, 7, 9, 10, 12, 13, 15, 18, 21-23, 27, 28, 31, 32, 34-37, 41, 54-61, 66-68, 70, 72, 83, 90, 91, 93-95, 103, 115, 125, 126, 130, 143, 145
Merced 3, 29
Merkle, Ralph 5
message authentication code 1, 3, 4, 120
Microsoft Visual C 19, 20, 23, 24
MISTY 35
MMB 36
multiple linear approximations 102
NewDES 38
NIST 1, 3, 34, 74 NMR scanning 111
non-bijective S-box 114
nonce 120
NSA 32, 42
OFB mode 119, 129
Panama 37
Pentium 3, 20, 22-25, 30, 34, 35, 49, 60, 67, 73, 74, 121, 125, 130, 157
Pentium family 7, 29, 35, 57, 58, 61
Pentium II 3, 19, 20, 23-25, 29, 30, 130, 157
Pentium MMX 22, 23, 25
Pentium Pro 2, 3, 19, 20, 22-25, 29, 30, 34, 60, 130, 157
Philips 30
PHT 7, 9-11, 16, 18, 22, 31, 32, 36, 37, 54, 55, 57-59, 61, 65, 71, 72, 75, 83, 85, 88, 91, 93, 95, 101, 103, 113, 125, 126
pipeline 31, 32, 59, 61
Power PC 19, 20
primitive polynomial 12, 13, 55, 76
PRNG 1, 4, 41, 120, 130
pseudo-Hadamaxd transform see PHT
public-key
algorithm 116
cryptosystem 116
quasi-weak keys 42
RAM 4, 21, 22, 26-31, 39, 73, 74, 77
RAND tables 38
RC2 33, 46
RC4 34, 37
RC5 5, 34, 36, 41, 121
REDOC-II 33, 36, 39
Reed-Solomon see RS
RIPE-MD 58
RIPEMD-160 58
Rivest, Ron 5
ROM 26-29, 31, 39, 76
rotor machine 44, 49
round function 2, 7, 10, 17, 18, 30, 31, 33-37, 41, 43, 46, 54, 55, 59, 60, 65, 72, 74, 76, 92, 96, 101-104, 114, 125, 126,129, 144
non-surjective 114
RS code 6, 13, 37, 41, 56, 106, 115
RS matrix 13, 26, 49, 76-77, 105-107, 111, 122, 145
S-1 40, 104
SAFER 5, 7, 36, 37, 39, 41, 44, 60, 121, 125
SAFER-K64 121
SEAL 33, 34, 39, 42, 126
self-inverse keys 40, 74
semi-weak keys 42, 75
Serpent 30, 34, 37, 38, 41, 121
session key 120
Seuss, Dr. 127
SHA 39, 58
SHA-1 46
Shannon, C. 44
Shark 5, 6, 41, 44
Skipjack 5, 40, 42, 46, 61
smart card 2, 19, 26-29, 34, 35, 58, 60, 125, 129
SNAKE 35
sn DES 38
SOBER 33
SP network 5, 7, 44, 46-48
SPEED 33, 121
Square 6, 36, 37, 39, 44, 54, 60, 121,125
subkey
permuting the 105
subkey difference
chosen 106
swapping key halves 105
symbols, overview 143
symmetric algorithm 1, 116
TEA 36
TEMPEST 111
test vectors 147
throughput 21, 28, 29, 31, 32, 43
Tiger 38, 46
trap door 115
Travois 104
Triple-DES 1, 121
twist 126
Twofish
definition 9
history 125
name 126
overview 10
performance 19
simplified 112
with non-bijective S-boxes 114
without round keys 112
Twofish-FK 122
Ultra-SPARC 19, 20
uniform transformation structure 5
Vaudenay, Serge 6, 114
VLIW 30
WAKE 38, 39
weak keys 3, 40, 42, 48, 74, 75
web site 157
whitening 4-6, 9-11, 60, 63, 66, 79-82, 87-89, 109, 116, 119, 123, 144
post- 81, 122, 144
pre- 81, 82, 122, 144
YLCY 39
YTH 37
Zhu-Guo 33


Previous Table of Contents Next