# Serpent: A Proposal for the Advanced Encryption Standard

@inproceedings{Anderson1998SerpentAP, title={Serpent: A Proposal for the Advanced Encryption Standard}, author={Ross J. Anderson and Eli Biham and Lars Ramkilde Knudsen}, year={1998} }

We propose a new block cipher as a candidate for the Advanced Encryption Standard. Its design is highly conservative, yet still allows a very efficient implementation. It uses S-boxes similar to those of DES in a new structure that simultaneously allows a more rapid avalanche, a more efficient bitslice implementation, and an easy analysis that enables us to demonstrate its security against all known types of attack. With a 128-bit block size and a 256-bit key, it is as fast as DES on the market… Expand

#### Tables and Topics from this paper

#### 436 Citations

Serpent and Smartcards

- Computer Science
- CARDIS
- 1998

A new block cipher, Serpent, is proposed as a candidate for the Advanced Encryption Standard, using a new structure that simultaneously allows a more rapid avalanche, a more efficient bitslice implementation, and an easy analysis that enables its security against all known types of attack. Expand

Implentation of a Novel and SecuredEncryption Algorithm

- Computer Science
- 2014

FPSKEA provides a very high level of security, combined with much better performance than other existing ciphers, and is designed to meet and exceed the requirements for a standard for shared-key encryption in the next few decades. Expand

Structural Cryptanalysis of SASAS

- Computer Science
- Journal of Cryptology
- 2010

It is shown that a five-layer scheme with 128-bit plaintexts and 8-bit S-boxes is surprisingly weak against what is called a multiset attack, even when all the S- boxes and affine mappings are key dependent (and thus completely unknown to the attacker). Expand

100 Gbit/s authenticated encryption based on quantum key distribution

- 2012 IEEE/IFIP 20th International Conference on VLSI and System-on-Chip (VLSI-SoC)
- 2012

We propose a block-cipher-based hardware architecture for authenticated encryption (AE) applications supporting the Ethernet standard IEEE 802.3ba. Our main design goal was to achieve high throughput… Expand

100 Gbit/s authenticated encryption based on quantum key distribution

- Computer Science
- 2012 IEEE/IFIP 20th International Conference on VLSI and System-on-Chip (VLSI-SoC)
- 2012

This work proposes a block-cipher-based hardware architecture for authenticated encryption applications supporting the Ethernet standard IEEE 802.3ba, and achieves a throughput of 133 Gbit/s on an Altera Stratix IV FPGA, which represents, to the best of the knowledge, the fastest full implementation of an AE scheme on FPGAs to date. Expand

A NEW APPROACH INTO CONSTRUCTING S-BOXES FOR LIGHTWEIGHT BLOCK CIPHERS

- 2014

In this paper we can give an overview of some of the popular block ciphers, rather a strong focus is put on the construction of their S-boxes. While we were studding S-boxes we saw that there is a… Expand

5 A NOVEL 256-BIT BLOCK CIPHER

- 2004

Tornado is a novel 256-bit block cipher that accepts a variablelength key up to 256 bits. The proposed cipher was built on an idea which gives it a dynamic nature. This nature means that the cipher… Expand

A NEW BLOCK CIPHER (NAHRAINFISH) BASED ON SOME AES FINALISTS

- 2007

In this work, we present some deeper insights in the state-of-the-art in block cipher design. This is mainly achieved by assessment of the evaluation process of the AES (Advanced Encryption… Expand

On Algebraic Relations of Serpent S-Boxes

- Computer Science
- IACR Cryptol. ePrint Arch.
- 2009

It is observed that the nonlinear order of all output bits of serpent S-boxes are not 3 as it is claimed by the designers, and the designers of Serpent claim that Serpent is more secure than Rijndael. Expand

Analysis of Advanced Encryption Standards

- Computer Science
- CGAMES 2010
- 2010

This paper compares performance of the five AES finalist on a verity of common software platform: 32-bit CPU( both large and smaller microprocessors, smart cards, embedded micro Processors) and high end 64-bits CPUs. Expand

#### References

SHOWING 1-10 OF 49 REFERENCES

Serpent: A New Block Cipher Proposal

- Computer Science
- FSE
- 1998

A new block cipher is proposed that is almost as fast as DES on a wide range of platforms, yet conjectured to be at least as secure as three-key triple-DES. Expand

An experiment on DES statistical cryptanalysis

- Computer Science
- CCS '96
- 1996

A new heuristic method has found an attack against DES absolutely equivalent to M. Matsui's (1994) one by following a distinct path and appears to be roughly as efficient as both differential and linear cryptanalysis. Expand

Differential Cryptanalysis of the Data Encryption Standard

- Mathematics, Computer Science
- Springer New York
- 1993

This book introduces a new cryptographic method, called differential cryptanalysis, which can be applied to analyze cryptosystems, and describes the cryptanalysis of DES, deals with the influence of its building blocks on security, and analyzes modified variants. Expand

Linear Cryptanalysis Method for DES Cipher

- Computer Science
- EUROCRYPT
- 1993

A new method is introduced for cryptanalysis of DES cipher, which is essentially a known-plaintext attack, that is applicable to an only-ciphertext attack in certain situations. Expand

Partitioning Cryptanalysis

- Computer Science
- FSE
- 1997

The last-round attack by Matsui's linear cryptanalysis for iterated block ciphers is formalized and requirements for it to be successful are stated. Expand

Fast software encryption : 4th International Workshop, FSE '97, Haifa, Israel, January 20-22, 1997 : proceedings

- Computer Science
- FSE 1997
- 1997

This paper focuses on improving linear cryptanalysis of LOKI91 by probabilistic counting method and Optimizing a fast stream cipher for VLIW, SIMD, and superscalar processors. Expand

How to Forge DES-Encrypted Messages in $2^{28}$ Steps

- Computer Science
- 1996

It is shown that the theoretic strength of a cipher cannot exceed the square root of the size of the key space, and some DES keys can be recovered while they are still in use, and these keys can then be used to forge messages. Expand

Differential Fault Analysis of Secret Key Cryptosystems

- Computer Science
- CRYPTO
- 1997

This work states that this attack is applicable only to public key cryptosystems such as RSA, and not to secret key algorithms such as the Data Encryption Standard (DES). Expand

Joint Hardware / Software Design of a Fast Stream Cipher

- Computer Science
- FSE
- 1998

It is shown that a keystream generator built as a word-wide non-linear-feedback shift register can offer both a high degree of parallelism and the hardware simplicity and flexible security of an iterated design. Expand

A Fast New DES Implementation in Software

- Computer Science
- FSE
- 1997

A new optimized standard implementation of DES on 64-bit processors is described, which is about twice faster than the fastest known standard DES implementation on the same processor. Expand