From Wikipedia, the free encyclopedia
Jump to navigationJump to search

Anubis - это блочный шифр, разработанный Винсентом Рейменом и Пауло SLM Баррето в качестве участника проекта NESSIE , бывшей исследовательской программы, инициированной Европейской комиссией в 2000 году для идентификации новых криптографических алгоритмов. [1] Хотя шифр не был включен в окончательный портфель NESSIE, его конструкция считается очень надежной, и к 2004 году после завершения проекта не было обнаружено никаких атак. [2] Шифр не запатентован и выпущен разработчиками для бесплатного публичного использования. [3]

Anubis operates on data blocks of 128 bits, accepting keys of length 32N bits (N = 4, ..., 10). It is designed as a substitution–permutation network, which bears large similarity to Rijndael.[2] Like KHAZAD, designed by the same authors and also submitted to NESSIE, it uses involutions for the various operations.[2] An involution is an operation whose inverse is the same as the forward operation. In other words, when an involution is run twice, it is the same as performing no operation. This allows low-cost hardware and compact software implementations to use the same operations for both encryption and decryption. Both the S-box and the mix columns operations are involutions.[1] Although many involutional components can make a cipher more susceptible to distinguishing attacks exploiting the cycle structure of permutations within the cipher, no attack strategy for the Anubis cipher has been presented.[4]

There are two versions of the Anubis cipher; the original implementation uses a pseudo-random S-box. Subsequently, the S-box was modified to be more efficient to implement in hardware; the newer version of Anubis is called the "tweaked" version.[2]

The authors claim the algorithm to be secure against a number of attacks, including four-round differential and linear analysis, as well as related-key, interpolation, boomerang, truncated differential, impossible differential, and saturation attacks.[1] Nonetheless, because of the cipher's similarity with Rijndael it was not considered to offer any convincing advantages and thus was not included in the second evaluation phase of the NESSIE project.

Anubis is named after the Egyptian god of entombing and embalming, which the designers interpreted to include encryption. They claim that violators of the cipher will be cursed.[1]

References[edit]

  1. ^ a b c d Barreto, Paulo S.L.M.; Rijmen, Vincent (September 2000). The ANUBIS Block Cipher (Submission to NESSIE).
  2. ^ a b c d B. Preneel; A. Biryukov; C. De Cannière; S. B. Örs; E. Oswald; B. van Rompay; L. Granboulan; E. Dottax; G. Martinet; S. Murphy; A. Dent; R. Shipsey; C. Swart; J. White; M. Dichtl; S. Pyka; M. Schafheutle; P. Serf; E. Biham; E. Barkan; Y. Braziler; O. Dunkelman; V. Furman; D. Kenigsberg; J. Stolin; J.-J. Quisquater; M. Ciet; F. Sica; H. Raddum; L. Knudsen & M. Parker (April 19, 2004). New European Schemes for Signatures, Integrity, and Encryption (PDF) (Final report of European project number IST-1999-12324).
  3. ^ Barreto & Rijmen 2000, accompanied Intellectual Property Statement
  4. ^ Biryukov, Alex (February 2003). "Analysis of Involutional Ciphers: Khazad And Anubis". 10th International Workshop on Fast Software Encryption (FSE '03). Lund: Springer-Verlag. pp. 45–53. CiteSeerX 10.1.1.57.6336.

External links[edit]

  • The ANUBIS Block Cipher by Paulo S. L. M. Barreto
  • 256bit Ciphers - ANUBIS Reference implementation and derived code