Noekeon
Encyclopedia
NOEKEON ˈnuːki.ɒn is a family of two block cipher
s designed by Joan Daemen
, Michaël Peeters, Gilles Van Assche and Vincent Rijmen
and submitted to the NESSIE
project in September 2000. The two ciphers are "direct mode" NOEKEON, to be used for maximum efficiency where related-key attack
s are not possible, and "indirect mode" NOEKEON where they are.
NOEKEON has a 128-bit block and key size. Each round of NOEKEON employs a sequence of self-inverse transformations which can be implemented easily in hardware or software, even where differential power analysis is a concern. It is designed according to a variant of the wide-trail strategy.
Cryptanalysis by Lars Knudsen
and Håvard Raddum in April 2001 showed that "indirect mode" NOEKEON was still vulnerable to certain peculiar kinds of related-key cryptanalysis, and showed weaknesses in NOEKEON-variant ciphers which cast doubt on the design strategy behind NOEKEON and thus on its security. As a result it was not a NESSIE selected algorithm.
The authors of NOEKEON contend ("On NOEKEON, no!") that the related-key attacks required to break "indirect mode" NOEKEON are not a practical concern, and that it is as a result of deliberate design that NOEKEON is not vulnerable to the attacks that break the variant ciphers; they assert that NOEKEON is still a good and useful cipher.
Block cipher
In cryptography, a block cipher is a symmetric key cipher operating on fixed-length groups of bits, called blocks, with an unvarying transformation. A block cipher encryption algorithm might take a 128-bit block of plaintext as input, and output a corresponding 128-bit block of ciphertext...
s designed by Joan Daemen
Joan Daemen
Joan Daemen |Limburg]], Belgium) is a Belgian cryptographer and one of the designers of Rijndael, the Advanced Encryption Standard , together with Vincent Rijmen. He has also designed or co-designed the MMB, Square, SHARK, NOEKEON, 3-Way, and BaseKing block ciphers...
, Michaël Peeters, Gilles Van Assche and Vincent Rijmen
Vincent Rijmen
Vincent Rijmen is a Belgian cryptographer and one of the two designers of the Rijndael, the Advanced Encryption Standard. Rijmen is also the co-designer of the WHIRLPOOL cryptographic hash function, and the block ciphers Anubis, KHAZAD, Square, NOEKEON and SHARK.In 1993, Rijmen obtained a degree...
and submitted to the NESSIE
NESSIE
NESSIE was a European research project funded from 2000–2003 to identify secure cryptographic primitives. The project was comparable to the NIST AES process and the Japanese Government-sponsored CRYPTREC project, but with notable differences from both...
project in September 2000. The two ciphers are "direct mode" NOEKEON, to be used for maximum efficiency where related-key attack
Related-key attack
In cryptography, a related-key attack is any form of cryptanalysis where the attacker can observe the operation of a cipher under several different keys whose values are initially unknown, but where some mathematical relationship connecting the keys is known to the attacker...
s are not possible, and "indirect mode" NOEKEON where they are.
NOEKEON has a 128-bit block and key size. Each round of NOEKEON employs a sequence of self-inverse transformations which can be implemented easily in hardware or software, even where differential power analysis is a concern. It is designed according to a variant of the wide-trail strategy.
Cryptanalysis by Lars Knudsen
Lars Knudsen
Lars Ramkilde Knudsen is a Danish researcher in cryptography, particularly interested in the design and analysis of block ciphers, hash functions and message authentication codes .-Academic:...
and Håvard Raddum in April 2001 showed that "indirect mode" NOEKEON was still vulnerable to certain peculiar kinds of related-key cryptanalysis, and showed weaknesses in NOEKEON-variant ciphers which cast doubt on the design strategy behind NOEKEON and thus on its security. As a result it was not a NESSIE selected algorithm.
The authors of NOEKEON contend ("On NOEKEON, no!") that the related-key attacks required to break "indirect mode" NOEKEON are not a practical concern, and that it is as a result of deliberate design that NOEKEON is not vulnerable to the attacks that break the variant ciphers; they assert that NOEKEON is still a good and useful cipher.
External links
- The NOEKEON Page
- Lars KnudsenLars KnudsenLars Ramkilde Knudsen is a Danish researcher in cryptography, particularly interested in the design and analysis of block ciphers, hash functions and message authentication codes .-Academic:...
and Håvard Raddum On NOEKEON