Helix: Fast Encryption and Authentication in a Single Cryptographic Primitive

  • Niels Ferguson
  • Doug Whiting
  • Bruce Schneier
  • John Kelsey
  • Stefan Lucks
  • Tadayoshi Kohno
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2887)


Helix is a high-speed stream cipher with a built-in MAC functionality. On a Pentium II CPU it is about twice as fast as Rijndael or Twofish, and comparable in speed to RC4. The overhead per encrypted/authenticated message is low, making it suitable for small messages. It is efficient in both hardware and software, and with some pre-computation can effectively switch keys on a per-message basis without additional overhead.


Stream cipher MAC authentication encryption 


  1. [Arm02]
    Armknecht, F.: A linearization attack on the Bluetooth key stream generator. Cryptology ePrint Archive, Report 2002/191 (2002),
  2. [Cou02]
    Courtois, N.: Higher order correlation attacks, XL algorithm, and cryptanalysis of Toyocrypt. In: Lee, P.J., Lim, C.H. (eds.) ICISC 2002. LNCS, vol. 2587, pp. 182–199. Springer, Heidelberg (2003) (to appear)CrossRefGoogle Scholar
  3. [CP02]
    Courtois, N., Pieprzyk, J.: Cryptanalysis of block ciphers with overdefined systems of equations. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 267–287. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  4. [DGV93]
    Daemen, J., Govaerts, R., Vandewalle, J.: Resynchronisation weaknesses in synchronous stream ciphers. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 159–167. Springer, Heidelberg (1994)Google Scholar
  5. [Gol00]
    Golić, J.D.: Modes of operation of stream ciphers. In: Stinson, D.R., Tavares, S. (eds.) SAC 2000. LNCS, vol. 2012, pp. 233–247. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  6. [Jut01]
    Jutla, C.S.: Encryption modes with almost free message integrity. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 529–544. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  7. [KRRR98]
    Knudsen, L.R., Rijmen, V., Rivest, R.L., Robshaw, M.J.B.: On the design and security of RC2. In: Vaudenay, S. (ed.) FSE 1998. LNCS, vol. 1372, pp. 206–221. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  8. [LM01]
    Lipmaa, H., Moriai, S.: Efficient algorithms for computing differential properties of addition. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, p. 336. Springer, Heidelberg (2002), Available from CrossRefGoogle Scholar
  9. [RBBK01a]
    Rogaway, P., Bellare, M., Black, J., Krovetz, T.: OCB: A block-cipher mode of operation for efficient authenticated encryption (September 2001), Available from
  10. [RBBK01b]
    Rogaway, P., Bellare, M., Black, J., Krovetz, T.: OCB: A block-cipher mode of operation for efficient authenticated encryption. In: Eighth ACM Conference on Computer and Communications Security (CCS-8), pp. 196–205. ACM Press, New York (2001)CrossRefGoogle Scholar
  11. [WHF]
    Whiting, D., Housley, R., Ferguson, N.: Counter with CBC-MAC (CCM), Available from

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Niels Ferguson
    • 1
  • Doug Whiting
    • 2
  • Bruce Schneier
    • 3
  • John Kelsey
    • 3
  • Stefan Lucks
    • 4
  • Tadayoshi Kohno
    • 5
  1. 1.MacFergus 
  2. 2.HiFn 
  3. 3.Counterpane Internet Security 
  4. 4.Universität Mannheim 
  5. 5.UCSD 

Personalised recommendations