HC-256 is a stream cipher designed to provide bulk encryption in software at high speeds while permitting strong confidence in its security.[1] A 128-bit variant was submitted as an eSTREAM cipher candidate and has been selected as one of the four final contestants in the software profile.[2][3]
The algorithm is designed by Hongjun Wu, and was first published in 2004. It is not patented.
Function
editHC-256 has a 256 bit key and an initialization vector (nonce) of 256 bits.[1]
Internally, it consists of two secret tables (P and Q). Each table contains 1024 32-bit words. For each state update one 32-bit word in each table is updated using a non-linear update function. After 2048 steps all elements of the tables have been updated.
It generates one 32-bit word for each update step using a 32-bit to 32-bit mapping function similar to the output function of the Blowfish cipher. Finally a linear bit-masking function is applied to generate an output word. It uses the two message schedule functions in the hash function SHA-256 internally, but with the tables P and Q as S-boxes.
HC-128 is similar in function, and reduces each of key length, nonce, number of words in the tables P and Q, and number of table updating steps by half.[2]
Performance
editThe performance of HC-256 is estimated by its author to be about 4 cycles per byte on a Pentium 4 processor. However the initialization phase of the cipher includes expanding the 256-bit key into the tables P, Q and then running the cipher for 4096 steps. The author of HC-256 estimates this process to take around 74,000 cycles.
For HC-128 an encryption speed of about 3 cycles per byte on a Pentium M processor are cited.
The implementation of HC-128 on various computing structures is studied in detail, with significant performance gains compared to naive SW implementation.[4][5]
References
edit- ^ a b Wu, Hongjun (2004). "A New Stream Cipher HC-256" (PDF). Fast Software Encryption – FSE 2004, LNCS 3017: 226–244.226-244&rft.date=2004&rft.aulast=Wu&rft.aufirst=Hongjun&rft_id=http://eprint.iacr.org/2004/092.pdf&rfr_id=info:sid/en.wikipedia.org:HC-256" class="Z3988">
- ^ a b Wu, Hongjun (2004). "The Stream Cipher HC-128" (PDF). Archived from the original (PDF) on 2008-07-24. Retrieved 2010-11-15.
{{cite journal}}
: Cite journal requires|journal=
(help) - ^ "The eSTREAM Project". Archived from the original on 2017-02-13. Retrieved 2010-11-15.
- ^ Chattopadhyay, Anupam; Khalid, Ayesha; Maitra, Subhamoy; Raizada, Shashwat (2012). "Designing high-throughput hardware accelerator for stream cipher HC-128". 2012 IEEE International Symposium on Circuits and Systems. pp. 1448–1451. doi:10.1109/ISCAS.2012.6271518. ISBN 978-1-4673-0219-7. S2CID 5520516.1448-1451&rft.date=2012&rft_id=https://api.semanticscholar.org/CorpusID:5520516#id-name=S2CID&rft_id=info:doi/10.1109/ISCAS.2012.6271518&rft.isbn=978-1-4673-0219-7&rft.aulast=Chattopadhyay&rft.aufirst=Anupam&rft.au=Khalid, Ayesha&rft.au=Maitra, Subhamoy&rft.au=Raizada, Shashwat&rfr_id=info:sid/en.wikipedia.org:HC-256" class="Z3988">
- ^ Khalid, Ayesha; Bagchi, Deblin; Paul, Goutam; Chattopadhyay, Anupam (2013). "Optimized GPU Implementation and Performance Analysis of HC Series of Stream Ciphers". Information Security and Cryptology – ICISC 2012. Lecture Notes in Computer Science. Vol. 7839. pp. 293–308. doi:10.1007/978-3-642-37682-5_21. ISBN 978-3-642-37681-8.293-308&rft.date=2013&rft_id=info:doi/10.1007/978-3-642-37682-5_21&rft.isbn=978-3-642-37681-8&rft.aulast=Khalid&rft.aufirst=Ayesha&rft.au=Bagchi, Deblin&rft.au=Paul, Goutam&rft.au=Chattopadhyay, Anupam&rfr_id=info:sid/en.wikipedia.org:HC-256" class="Z3988">
External links
edit- eSTREAM page on HC-256 Archived 2006-06-23 at the Wayback Machine