Comparing Encryption Algorithms

Comparing Encryption Algorithms

1- MARS

1-1-Philosophy

Design of Mars was based on highest security and robustness goals. In addition, being fast and flexible cipher were other major considerations, when it was designed. According to the report of IBM team, its design was based on the following three criteria:

Ð'*no trust in any single component of the cipher, not even the components that are believed to be strong.

Ð'*It should be easy to be analysed. In other words, one of its important gaols was to be an easy-to-analyse cipher.

Ð'*It should be a fast cipher

1-2- Security

Mars is a 16 rounds block cipher, which can handle many types of attacks. In addition, its modular structure can provide bounds on several classes of attacks. These specifications of MARS provide it a large security margin.

1-3- Performance

In general, performance of MARS is acceptable, but because of its wide variety of operations, including the techniques of rotating digits, it perform particularly better on platforms with rotation and multiplication operations support. Finally, it should be mentioned that in some environments, MARS is more expensive than other finalists.

1-4- Comments and Claims

The designers of MARS claim that: "is not only secure by today's standards, but is extremely unlikely ever to be broken." On the other hand, the following claims were made regarding its flexibility (even though IBM team consider them as misconceptions):

 It is not suitable for hardware implementation

 It is not suitable for low-end smart cards

 It is not key-agile

 It is not suitable for FPGA implementation

According to NIST report, its advantages and disadvantages can be summarized as below:

Advantages Disadvantages

Good performance on 32-bit platforms; excellent performance on platforms providing strong support for 32-bit variable rotations and multiplications Performance drops off on platforms not providing the support needed

Large security margin Complexity makes analysis difficult in a restricted timeframe

Supports key sizes much higher than 256 bits Original version is not well suited to smart card implementation

2- Rijndael

2-1- Philosophy

While designing Rijndael, it was tried to make it as simple as possible (e.g. its key schedule). In some cases of attacks, necessary complexity was added. Another feature of Rijndael is that from the beginning it was designed to support 128 bit block lengths. Moreover, being extendable to other key and block lengths was considered. Some simplicity features of Rijndael can be summarized as:

Ð'*Symmetry in the round transformation and across the round

Ð'*Orthogonality of components

Ð'*Absence of arithmetic operations

2-2- Security

Rijndael demonstrates the same security as other finalists. In other words, there was no attack that Rijndael shows a weakness inherent in the design. In addition, Rijndael has the ability to be implemented securely in software (e.g. on smart cards). Also, the increasing number of rounds for increasing key lengths in Rijndael is another security feature, which provides a high security margin for it. But it should be considered that Rijndael is vulnerable to power analysis attack when it comes to smart card implementation.

2-3- Performance

Rijndael is a fast, flexible and elegant cipher. Its performance is considered to be excellent across different platforms. This is because of its fast key setup and low memory requirements (very low RAM and ROM requirements). However, its ROM requirements will increase if both encryption and decryption are implemented simultaneously, although it appears to remain suitable for these environments. It is easy to analyse, because of its straightforward design and conservative choice of operations. It also has the potential to benefit from computer processors parallel processing.

2-4- Comments and Claims

IBM team claims that: "The main worry about Rijndael is that it may not be conservative enough." But according to NIST report, just in case of smart card implementation, it is very vulnerable in one attack and slightly vulnerable in another. Also, in NIST report the following advantages were outlined (No significant disadvantages were mentioned beside above ones regarding smart card implementation):

 Excellent performance across platforms

 Good security margin

 Well-suited to smart cards due to low RAM and ROM requirements

 Operations employed are easiest to defend against attacks on smart card implementations

 Fast key setup

 Good support for instruction-level parallelism

 Supports other key and block sizes in increments of 32 bits

3- RC6

3-1- Philosophy

The main goal in design of RC6 was to keep it simple, while achieving the other goals. Other goals include a well-understood level of security, goof performance and a versatility of design. This feature makes it adaptable to future demands.

3-2- Security

Data-dependent rotations are the basis of RC6's cryptographic strength. In other words, the principal engine for its security is the technique of rotating digits by a varying number of places that is determined by the data. The key scheduling is identical to RC5, which has been open to public analysis for nearly 6 years. It uses 20 rounds,

...