Parallelizing the Camellia and SMS4 Block Ciphers

  • Huihui Yap
  • Khoongming Khoo
  • Axel Poschmann
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6055)


The n-cell GF-NLFSR (Generalized Feistel-NonLinear Feedback Shift Register) structure [8] is a generalized unbalanced Feistel network that can be considered as a generalization of the outer function FO of the KASUMI block cipher. An advantage of this cipher over other n-cell generalized Feistel networks, e.g. SMS4 [11] and Camellia [5], is that it is parallelizable for up to n rounds. In hardware implementations, the benefits translate to speeding up encryption by up to n times while consuming less area and power. At the same time n-cell GF-NLFSR structures offer similar proofs of security against differential cryptanalysis as conventional n-cell Feistel structures. We also ensure that parallelized versions of Camellia and SMS4 are resistant against other block cipher attacks such as linear, boomerang, integral, impossible differential, higher order differential, interpolation, slide, XSL and related-key differential attacks.


Generalized Unbalanced Feistel Network GF-NLFSR Camellia SMS4 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    National Bureau of Standards, Data Encryption Standard, FIPS-Pub.46. National Bureau of Standards, U.S. Department of Commerce, Washington D.C. (January 1977)Google Scholar
  2. 2.
  3. 3.
    Universal Mobile Telecommunications System (UMTS); Specification of the 3GPP confidentiality and integrity algorithms; Document 2: Kasumi specification,
  4. 4.
    Aoki, K., Ichikawa, T., Kanda, M., Matsui, M., Moriai, S., Nakajima, J., Tokita, T.: Specification of Camellia - A 128-Bit Block Cipher (2000),
  5. 5.
    Aoki, K., Ichikawa, T., Kanda, M., Matsui, M., Moriai, S., Nakajima, J., Tokita, T.: Camellia: A 128-Bit Block Cipher Suitable for Multiple Platforms, Design and Analysis. In: Stinson, D.R., Tavares, S. (eds.) SAC 2000. LNCS, vol. 2012, pp. 39–56. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  6. 6.
    Biryukov, A., Khovratovich, D.: Related-Key Cryptanalysis of the Full AES-192 and AES-256, IACR eprint server, 2009/317 (June 2009),
  7. 7.
    Biryukov, A., Khovratovich, D., Nikolic, I.: Distinguisher and Related-Key Attack on the Full AES-256 (Extended Version), IACR eprint server, 2009/241 (June 2009),
  8. 8.
    Choy, J., Chew, G., Khoo, K., Yap, H.: Cryptographic Properties and Application of a Generalized Unbalanced Feistel Network Structure (Revised Version), Cryptology Eprint Archive, Report 2009/178 (July 2009) (Revision of [9])Google Scholar
  9. 9.
    Choy, J., Chew, G., Khoo, K., Yap, H.: Cryptographic Properties and Application of a Generalized Unbalanced Feistel Network Structure. In: Boyd, C., González Nieto, J. (eds.) ACISP 2009. LNCS, vol. 5594, pp. 73–89. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  10. 10.
    Choy, J., Yap, H., Khoo, K.: An Analysis of the Compact XSL Attack on BES and Embedded SMS4. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds.) CANS 2009, pp. 103–118. Springer, Heidelberg (2009)Google Scholar
  11. 11.
    Diffe, W., Ledin, G.: SMS4 Encryption Algorithm for Wireless Networks, Cryptology ePrint Archive: Report 2008/329 (2008)Google Scholar
  12. 12.
    Hwang, K., Lee, W., Lee, S., Lee, S., Lim, J.: Saturation Attacks on Reduced Round Skipjack. In: Daemen, J., Rijmen, V. (eds.) FSE 2002. LNCS, vol. 2365, pp. 100–111. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  13. 13.
    Jakobsen, T., Knudsen, L.R.: The Interpolation Attack on Block Ciphers. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 28–40. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  14. 14.
    Jakobsen, T., Knudsen, L.R.: Attacks on Block Ciphers of Low Algebraic Degree. Journal of Cryptology 14, 197–210 (2001)zbMATHMathSciNetGoogle Scholar
  15. 15.
    Ji, W., Hu, L.: New Description of SMS4 by an Embedding over GF(28). In: Srinathan, K., Rangan, C.P., Yung, M. (eds.) INDOCRYPT 2007. LNCS, vol. 4859, pp. 238–251. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  16. 16.
    Kanda, M.: Practical Security Evaluation against Differential and Linear Cryptanalysis for Feistel Ciphers with SPN Round Function. In: Stinson, D.R., Tavares, S. (eds.) SAC 2000. LNCS, vol. 2012, pp. 324–338. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  17. 17.
    Knudsen, L.R.: Truncated and Higher Order Differentials. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 196–211. Springer, Heidelberg (1995)Google Scholar
  18. 18.
    Su, B., Wu, W., Zhang, W.: Differential Cryptanalysis of SMS4 Block Cipher, Cryptology Eprint Archive, Report 2010/062 (February 2010)Google Scholar
  19. 19.
    Li, R., Sun, B., Li, C.: Distinguishing Attack on a Kind of Generalized Unbalanced Feistel Network, Cryptology Eprint Archive, Report 2009/360 (July 2009)Google Scholar
  20. 20.
    Park, S., Sung, S., Lee, S., Lim, J.: Improving the Upper Bound on the Maximum Differential and the Maximum Linear Hull Probability for SPN Structures and AES. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 247–260. Springer, Heidelberg (2003)Google Scholar
  21. 21.
    Shirai, T., Shibutani, K., Akishita, T., Moriai, S., Iwata, T.: The 128-Bit Blockcipher CLEFIA (Extended Abstract). In: Biryukov, A. (ed.) FSE 2007. LNCS, vol. 4593, pp. 181–195. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  22. 22.
    Wu, W., Zhang, L., Zhang, L., Zhang, W.: Security Analysis of the GF-NLFSR Structure and Four-Cell Block Cipher, Cryptology Eprint Archive, Report 2009/346 (July 2009)Google Scholar
  23. 23.
    Rijmen, V., Daemon, J., Preneel, B., Bosselaers, A., Win, E.D.: The cipher SHARK. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol. 1039, pp. 99–111. Springer, Heidelberg (1996)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Huihui Yap
    • 1
    • 2
  • Khoongming Khoo
    • 1
    • 2
  • Axel Poschmann
    • 2
  1. 1.DSO National LaboratoriesSingapore
  2. 2.Division of Mathematical Sciences, School of Physical and Mathematical SciencesNanyang Technological UniversitySingapore

Personalised recommendations