eSTREAM
From Wikipedia, the free encyclopedia
eSTREAM is a project to identify "new stream ciphers that might become suitable for widespread adoption", organised by the EU ECRYPT network. It was set up as a result of the failure of all six stream ciphers submitted to the NESSIE project. The call for primitives was first issued in November 2004. The project was completed in April 2008. The project was divided into separate phases and the project goal was to find algorithms suitable for different application profiles.
Contents |
[edit] Profiles
The submissions to eSTREAM fall into either or both of two profiles:
- Profile 1: "Stream ciphers for software applications with high throughput requirements"
- Profile 2: "Stream ciphers for hardware applications with restricted resources such as limited storage, gate count, or power consumption."
Both profiles contain an "A" subcategory (1A and 2A) with ciphers that also provide authentication in addition to encryption. In Phase 3 none of the ciphers providing authentication are being considered (The NLS cipher had authentication removed from it to improve its performance).
[edit] Final portfolio
With the conclusion of Selection Phase 3, eight ciphers (four per profile, as above) were selected as the final portfolio of the eSTREAM project. All are patent-free and open for any use except for Rabbit, which is patented and free only for non-commercial use.[1]
| Profile 1 (software) | Profile 2 (hardware) |
|---|---|
| HC-128 [1] | F-FCSR [2] |
| Rabbit [3] | Grain [4] |
| Salsa20/12 [5] | MICKEY [6] |
| SOSEMANUK [7] | Trivium [8] |
[edit] Phases
[edit] Phase 1
Phase 1 included a general analysis of all submissions with the purpose of selecting a subset of the submitted designs for further scrutiny. The designs were scrutinized based on criteria of security, performance (with respect to the block cipher standard AES, as well as the other candidates), simplicity and flexibility, justification and supporting analysis, and clarity and completeness of the documentation. Submissions in Profile 1 were only accepted if they demonstrated software performance superior to AES-128 in counter mode.
The Phase 1 activities included a large amount of analysis and presentations of analysis results as well as discussion. Also the project developed a framework for testing the performance of the candidates. The framework was then used to benchmark the candidates on a wide variety of systems.
[edit] Phase 2
On 27 March 2006 the eSTREAM project officially announced the end of Phase 1. On 1 August 2006 Phase 2 was officially started. For each of the profiles a number of algorithms has been selected to be Focus Phase 2 algorithms. These are designs that eSTREAM finds of particular interest and encourages more cryptanalysis and performance evaluation on these algorithms. Additionally a number of algorithms for each profile are accepted as Phase 2 algorithms, meaning that they are still valid as eSTREAM candidates. The Focus 2 candidates will be re-classified every six months.
[edit] Phase 3
Phase 3 started in April 2007. Candidates for Profile 1 (Software) are CryptMT (Version 3), Dragon, HC (HC-128 and HC-256), LEX (LEX-128, LEX-192 and LEX-256), NLS (NLSv2, encryption only not authentication), Rabbit, Salsa20/12 and SOSEMANUK. Candidates for Profile 2 (Hardware) are DECIM (DECIM v2 and DECIM-128), Edon80, F-FCSR (F-FCSR-H v2 and F-FCSR-16), Grain (Grain v1 and Grain-128), MICKEY (MICKEY 2.0 and MICKEY-128 2.0), Moustique, Pomaranch (Version 3) and Trivium.
Phase 3 ended April 15, 2008 with the announcement of the candidates that had been selected for the final eSTREAM portfolio. The selected Profile 1 algorithms were: HC-128, Rabbit, Salsa20/12, and SOSEMANUK. The selected Profile 2 algorithms were: F-FCSR-H v2, Grain v1, Mickey v2 and Trivium.
[edit] Submissions
| Key | |
|---|---|
| 3 | A "Phase 3" cipher |
| F | a "Focus Phase 2" cipher |
| 2 | A "Phase 2" cipher |
| A | An "archived" cipher |
| M | Includes a MAC |
| P | Patented |
[edit] Selected as Phase 3 candidates
| Cipher | eSTREAM webpage |
Profile 1 (software) |
Profile 2 (hardware) |
Properties | Submitters |
|---|---|---|---|---|---|
| CryptMT (Version 3) | [9] | 3 | P | Makoto Matsumoto, Hagita Mariko, Takuji Nishimura and Matsuo Saito |
|
| DECIM (DECIM v2, DECIM-128) | [10] | 3 | P | Come Berbain, Olivier Billet, Anne Canteaut, Nicolas Courtois, Blandine Debraize, Henri Gilbert, Louis Goubin, Aline Gouget, Louis Granboulan, Cédric Lauradoux, Marine Minier, Thomas Pornin and Hervé Sibert |
|
| Dragon | [11] | 3F | Ed Dawson, Kevin Chen, Matt Henricksen, William Millan, Leonie Simpson, HoonJae Lee, SangJae Moon |
||
| Edon80 | [12] | 3 | Danilo Gligoroski, Smile Markovski, Ljupco Kocarev and Marjan Gusev |
||
| F-FCSR (F-FCSR-H v2, F-FCSR-16) | [13] | 3 | Thierry Berger, François Arnault and Cédric Lauradoux | ||
| Grain | [14] | 3F | Martin Hell, Thomas Johansson and Willi Meier | ||
| HC-256 (HC-128, HC-256) | [15] | 3F | Hongjun Wu | ||
| LEX | [16] | 3F | 2 | Alex Biryukov | |
| MICKEY (MICKEY 2.0, MICKEY-128 2.0) | [17] | 3F | Steve Babbage and Matthew Dodd | ||
| MOSQUITO (aka Moustique) | [18] | 3 | Joan Daemen and Paris Kitsos | ||
| NLS (NLSv2, encryption-only) | [19] | 3 | Gregory Rose, Philip Hawkes, Michael Paddon and Miriam Wiggers de Vries |
||
| Pomaranch (Version 3) | [20] | 3 | Cees Jansen and Alexander Kolosha | ||
| Rabbit | [21] | 3 | 2 | P | Martin Boesgaard, Mette Vesterager, Thomas Christensen and Erik Zenner |
| Salsa20 | [22] | 3F | 2 | Daniel Bernstein | |
| SOSEMANUK | [23] | 3 | Come Berbain, Olivier Billet, Anne Canteaut, Nicolas Courtois, Henri Gilbert, Louis Goubin, Aline Gouget, Louis Granboulan, Cédric Lauradoux, Marine Minier, Thomas Pornin and Hervé Sibert |
||
| Trivium | [24] | 3F | Christophe De Cannière and Bart Preneel |
[edit] Selected as Phase 2 focus candidates but not as Phase 3 candidates
| Cipher | eSTREAM webpage |
Profile 1 (software) |
Profile 2 (hardware) |
Properties | Submitters |
|---|---|---|---|---|---|
| Phelix | [25] | F | F | M | Doug Whiting, Bruce Schneier, Stefan Lucks and Frédéric Muller |
| Py | [26] | F | Eli Biham and Jennifer Seberry |
[edit] Selected as Phase 2 candidates but not as focus or Phase 3 candidates
| Cipher | eSTREAM webpage |
Profile 1 (software) |
Profile 2 (hardware) |
Properties | Submitters |
|---|---|---|---|---|---|
| ABC | [27] | 2 | Vladimir Anashin, Andrey Bogdanov, Ilya Kizhvatov and Sandeep Kumar |
||
| Achterbahn | [28] | 2 | Berndt Gammel, Rainer Göttfert and Oliver Kniffler | ||
| DICING | [29] | 2 | Li An-Ping | ||
| Hermes8 | [30] | A | 2 | Ulrich Kaiser | |
| NLS | [31] | 2 | 2 | Gregory Rose, Philip Hawkes, Michael Paddon and Miriam Wiggers de Vries |
|
| Polar Bear | [32] | 2 | 2 | Johan Håstad and Mats Näslund | |
| Pomaranch | [33] | A | 2 | Cees Jansen and Alexander Kolosha | |
| SFINKS | [34] | 2 | M | An Braeken, Joseph Lano, Nele Mentens, Bart Preneel and Ingrid Verbauwhede |
|
| TSC-3 | [35] | 2 | Jin Hong, Dong Hoon Lee, Yongjin Yeom, Daewan Han and Seongtaek Chee |
||
| VEST | [36] | 2 | MP | Sean O'Neil, Benjamin Gittins and Howard Landman | |
| WG | [37] | 2 | Guang Gong and Yassir Nawaz | ||
| Yamb | [38] | 2 | 2 | LAN Crypto | |
| ZK-Crypt | [39] | 2 | MP | Carmi Gressel, Ran Granot and Gabi Vago |
[edit] Not selected as focus or Phase 2 candidates
| Cipher | eSTREAM webpage |
Profile 1 (software) |
Profile 2 (hardware) |
Properties | Submitters |
|---|---|---|---|---|---|
| Frogbit | [40] | A | MP | Thierry Moreau | |
| Fubuki | [41] | A | P | Makoto Matsumoto, Hagita Mariko, Takuji Nishimura and Matsuo Saito |
|
| MAG | [42] | A | A | Rade Vuckovac | |
| Mir-1 | [43] | A | Alexander Maximov | ||
| SSS | [44] | A | A | M | Gregory Rose, Philip Hawkes, Michael Paddon and Miriam Wiggers de Vries |
| TRBDK3 YAEA | [45] | A | A | Timothy Brigham |
[edit] See also
[edit] External links
- Homepage for the project
- Discussion forum
- The eSTREAM testing framework [46]
- Update 1: (PDF)
- End of phase 1 announcement [47]
- Notes on the ECRYPT Stream Cipher project by Daniel Bernstein
- estreamJ - Java implementations of eSTREAM ciphers, plus a live performance test
[edit] References
|
||||||||||||||||||||||||||
