html5-img
1 / 21

Proposal of MISTY1 as a Block Cipher of Cipher Suites in TLS

Proposal of MISTY1 as a Block Cipher of Cipher Suites in TLS. Hirosato Tsuji Toshio Tokita Mitsubishi Electric Corporation. Presentation Agenda. Current Status and Next Steps of MISTY1 to support TLS. Block Cipher “MISTY1” . --- by Toshio Tokita.

angie
Download Presentation

Proposal of MISTY1 as a Block Cipher of Cipher Suites in TLS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Proposal of MISTY1 as a Block Cipher of Cipher Suites in TLS Hirosato Tsuji Toshio Tokita Mitsubishi Electric Corporation

  2. Presentation Agenda • Current Status and Next Steps of MISTY1 to support TLS • Block Cipher “MISTY1” --- by Toshio Tokita --- by Hirosato Tsuji 48th IETF, Pittsburgh, PA, USA

  3. Block Cipher MISTY1 Toshio Tokita Mitsubishi Electric Corporation MISTY@isl.melco.co.jp

  4. Overview 64-bit block, 128-bit key, a variable number of rounds (8-round recommended) • Secret-key block cipher proposed by M.Matsui (Mitsubishi) in 1996 at Fast Software Encryption Workshop “FSE4” • Widely used in many applications: Governmental applications: Public transportation systems, Secure network systems, etc,etc Commercial products: S/MIME E-mail software, VPN(Routers/Hubs), Encryption LSI, PKI Software & services, etc, etc 48th IETF, Pittsburgh, PA, USA

  5. Recent News • “KASUMI” has been adopted as a mandatory algorithm for data confidentiality and data integrity in W-CDMA by 3GPP. (March, 2000) • KASUMI will be also used in current GSM systems as an alternative for A5. • KASUMI is a variant of MISTY1 designed for W-CDMA systems. “KASUMI”=“MIST” 3GPP: 3rd Generation Partnership Project 48th IETF, Pittsburgh, PA, USA

  6. Pointers • ISO9979 No.13 (algorithm registration) • URL for Internet-Draft : http://www.ietf.org/internet-drafts/draft-ohta-misty1desc-02.txt • Specifications http://www.mitsubishi.com/ghp_japan/misty/misty_e_b.pdf • Royalty Free License http://www.mitsubishi.com/ghp_japan/misty/licensee.htm MISTY1 essential patent is licensed under royalty free conditions. 48th IETF, Pittsburgh, PA, USA

  7. Design Criteria • High security: • Provable security against differential and linear cryptanalysis • Multi platform: • High speed in both software and hardware implementations • Compact: • Low gate count and low power consumption in hardware 48th IETF, Pittsburgh, PA, USA

  8. High security • MISTY1 is designed to be highly secure as a 64-bit block cipher; particularly to be provably secure against differential and linear cryptanalysis. Powerful Cryptographic Attacks • Differential Cryptanalysis (Biham, Shamir 1990) • First DES attack faster than an exhaustive key search • Linear Cryptanalysis (Matsui 1993) • First successful computer experiment for breaking DES 48th IETF, Pittsburgh, PA, USA

  9. Multi Platform • MISTY1 is designed to be sufficiently fast in both software and hardware implementations. Ex1) Pentium III (800MHz) (Assembly Language Program) Encryption speed 230Mbps Ex2) ASIC H/W (Mitsubishi 0.35 micron CMOS Design Library) Encryption speed 800Mbps Gate size 50Kgates 48th IETF, Pittsburgh, PA, USA

  10. Compact • Encryption/decryption logics of MISTY1 can be realized in very compact size. Ex) ASIC (Mitsubishi 0.35 micron CMOS Design Library) Gate size 7.6Kgates Encryption speed 72Mbps Note: A requirement for W-CDMA encryption algorithm: “gate size must be smaller than 10Kgates” 48th IETF, Pittsburgh, PA, USA

  11. Structure of MISTY 48th IETF, Pittsburgh, PA, USA

  12. Hardware Memory M16C(CPU) MISTY1 core M16C Core RSA core Rnd. Num. Gen. 48th IETF, Pittsburgh, PA, USA

  13. Current Status and Next Steps of MISTY1 to support TLS Hirosato Tsuji Mitsubishi Electric Corporation <hirosato@iss.isl.melco.co.jp>

  14. Summary • What is MISTY1? • High security, Multi platform, Compact, Block cipher • In this presentation • Actual Application of MISTY1 • Proposal of MISTY1 • Current Status to support TLS • Next Steps to support TLS 48th IETF, Pittsburgh, PA, USA

  15. Actual Application of MISTY1 (1) Secure E-mail Systems • S/MIME-based e-mail application • Extended S/MIME V2 specification • Implemented by Mitsubishi and other Japanese venders • Interoperability had been confirmed between these venders 48th IETF, Pittsburgh, PA, USA

  16. Actual Application of MISTY1 (2) Secure Web Access Systems • Secure Web Access Systems • provide authentication, access control, integrity and confidentiality • Implemented on the HTTP and TCP ( sorry, not on TLS ) • Contents is encrypted by MISTY1 48th IETF, Pittsburgh, PA, USA

  17. Actual Application of MISTY1 (3) Other Apps based on MISTY Toolkit • MISTY Cryptographic / PKI Toolkit • Content Encryption Algorithm in PKCS #7 • Encryption Scheme ( Symmetric Cipher ) for PKCS #5 Password-based Encryption • Other Apps implemented on Toolkit • Secure Contents Distribution Systems • Governmental Services 48th IETF, Pittsburgh, PA, USA

  18. Proposal of MISTY1 • As ONE of block ciphers of Cipher Suites for TLS 1.0 • Reason to use MISTY1 • Suitable Block Cipher • Royalty Free License • Applied to Actual Internet Applications 48th IETF, Pittsburgh, PA, USA

  19. Current Status to support TLS • Submit Internet Draft of Description of MISTY1 • posted. • Make a presentation of MISTY1 at 48th IETF, Pittsburgh, PA • now. 48th IETF, Pittsburgh, PA, USA

  20. Next Steps to support TLS • Proceed Internet Draft of Description of MISTY1 to Informational RFC • Submit Internet Draft of MISTY1-based Cipher Suites for TLS 1.0 • Request TLS WG to assign the Register Number of these Cipher Suites 48th IETF, Pittsburgh, PA, USA

  21. Next Steps to support TLS (continued) • Implementing TLS 1.0 with MISTY1 • processing now with OpenSSL 48th IETF, Pittsburgh, PA, USA

More Related