Jump to content

CAST-256: Difference between revisions

From Wikipedia, the free encyclopedia
Content deleted Content added
Citation bot (talk | contribs)
Alter: title. Add: series. Removed parameters. | Use this bot. Report bugs. | Suggested by Headbomb | #UCB_toolbar
10.1007/978-3-642-34961-4_16
Line 22: Line 22:
In [[Request for Comments|RFC]] 2612, the authors state that, "The CAST-256 cipher described in this document is available worldwide on a royalty-free and licence-free basis for commercial and non-commercial uses."
In [[Request for Comments|RFC]] 2612, the authors state that, "The CAST-256 cipher described in this document is available worldwide on a royalty-free and licence-free basis for commercial and non-commercial uses."


Currently, the best public cryptanalysis of CAST-256 in the standard single secret key setting that works for all keys is the zero-correlation cryptanalysis breaking 28 rounds with 2<sup>246.9</sup> time and 2<sup>98.8</sup> data.<ref name="blnw12">{{cite book | first = Andrey | last = Bogdanov |author2=Leander, Gregor |author3=Nyberg, Kaisa |author4=Wang, Meiqin | title = Advances in Cryptology – ASIACRYPT 2012 | series = Lecture Notes in Computer Science | volume = 7658 | pages =244–261 | year = 2012 | url = http://www2.compute.dtu.dk/~anbog/ac12-zerocorrelation.pdf | doi = 10.1007/978-3-642-34961-4| isbn = 978-3-642-34960-7 | s2cid = 26601027 }}</ref>
Currently, the best public cryptanalysis of CAST-256 in the standard single secret key setting that works for all keys is the zero-correlation cryptanalysis breaking 28 rounds with 2<sup>246.9</sup> time and 2<sup>98.8</sup> data.<ref name="blnw12">{{cite book | first = Andrey | last = Bogdanov |author2=Leander, Gregor |author3=Nyberg, Kaisa |author4=Wang, Meiqin | title = Advances in Cryptology – ASIACRYPT 2012 | series = Lecture Notes in Computer Science | volume = 7658 | pages =244–261 | year = 2012 | url = http://www2.compute.dtu.dk/~anbog/ac12-zerocorrelation.pdf | doi = 10.1007/978-3-642-34961-4_16| isbn = 978-3-642-34960-7 | s2cid = 26601027 }}</ref>


==See also==
==See also==

Revision as of 13:20, 22 August 2023

CAST-256
General
DesignersCarlisle Adams, Stafford Tavares, Howard Heys, Michael Wiener
First published1998
Derived fromCAST-128
Cipher detail
Key sizes128, 160, 192, 224, or 256 bits
Block sizes128 bits
Structuregeneralised Feistel network (Type 1)[1]
Rounds48

In cryptography, CAST-256 (or CAST6) is a symmetric-key block cipher published in June 1998. It was submitted as a candidate for the Advanced Encryption Standard (AES); however, it was not among the five AES finalists. It is an extension of an earlier cipher, CAST-128; both were designed according to the "CAST" design methodology invented by Carlisle Adams and Stafford Tavares. Howard Heys and Michael Wiener also contributed to the design.

CAST-256 uses the same elements as CAST-128, including S-boxes, but is adapted for a block size of 128 bits – twice the size of its 64-bit predecessor. (A similar construction occurred in the evolution of RC5 into RC6). Acceptable key sizes are 128, 160, 192, 224 or 256 bits. CAST-256 is composed of 48 rounds, sometimes described as 12 "quad-rounds", arranged in a generalized Feistel network.

In RFC 2612, the authors state that, "The CAST-256 cipher described in this document is available worldwide on a royalty-free and licence-free basis for commercial and non-commercial uses."

Currently, the best public cryptanalysis of CAST-256 in the standard single secret key setting that works for all keys is the zero-correlation cryptanalysis breaking 28 rounds with 2246.9 time and 298.8 data.[2]

See also

References

  1. ^ Hoang, Viet Tung; Rogaway, Phillip (2010). "On Generalized Feistel Networks". LNCS 6223. CRYPTO 2010. USA: Springer. pp. 613–630. doi:10.1007/978-3-642-14623-7_33.
  2. ^ Bogdanov, Andrey; Leander, Gregor; Nyberg, Kaisa; Wang, Meiqin (2012). Advances in Cryptology – ASIACRYPT 2012 (PDF). Lecture Notes in Computer Science. Vol. 7658. pp. 244–261. doi:10.1007/978-3-642-34961-4_16. ISBN 978-3-642-34960-7. S2CID 26601027.

External links