Serpent (cipher)

From Wikipedia, the free encyclopedia

General
Serpent
Image:Serpent-linearfunction.png Serpent's linear mixing stage
Designer(s):	Ross Anderson, Eli Biham, Lars Knudsen
First published:	1998-08-21
Derived from:	Square
Certification:	AES finalist
Cipher detail
Key size(s):	128, 192 or 256 bits
Block size(s):	128 bits
Structure:	Substitution-permutation network
Rounds:	32

Serpent is a symmetric key block cipher which was a finalist in the Advanced Encryption Standard contest, where it came second to Rijndael. Serpent was designed by Ross Anderson, Eli Biham, and Lars Knudsen.

Like other AES submissions, Serpent has a block size of 128 bits and supports a key size of 128, 192 or 256 bits. The cipher is a 32-round substitution-permutation network operating on a block of four 32-bit words. Each round applies one of eight 4-bit to 4-bit S-boxes 32 times in parallel. Serpent was designed so that all operations can be executed in parallel, using 32 1-bit slices. This maximizes parallelism, but also allows use of the extensive cryptanalysis work performed on DES.

Serpent was widely viewed as taking a more conservative approach to security than the other AES finalists, opting for a larger security margin: the designers deemed 16 rounds to be sufficient against known types of attack, but specified 32 rounds as insurance against future discoveries in cryptanalysis.

The Serpent cipher has not been patented. It is completely in the public domain and can be freely used by anyone. There are no restrictions or encumberances whatsoever regarding its use. As a result, anyone is free to incorporate Serpent in their software (or hardware implementations) without paying license fees. This algorithm is available by choice in many different encryption packages, some of which have their own Wikipedia entries.

[edit] Security

The XSL attack, if effective, would weaken Serpent (though not as much as it would weaken Rijndael, which became AES). However, many cryptanalysts believe that once implementation considerations are taken into account the XSL attack would be more expensive than a brute force attack.

[edit] See also

Tiger - hash function by the same authors.

[edit] External links

Image:Nuvola apps password.png

This cryptography-related article is a stub. You can help Wikipedia by expanding it.

Block ciphers v • d • e
Common algorithms: AES \| Blowfish \| DES \| 3DES \| Serpent \| Twofish
Other algorithms: 3-Way \| Akelarre \| Anubis \| ARIA \| BaseKing \| C2 \| Camellia \| CAST-128 \| CAST-256 \| CIKS-1 \| CIPHERUNICORN-A \| CIPHERUNICORN-E \| CMEA \| Cobra \| COCONUT98 \| Crab \| CRYPTON \| CS-Cipher \| DEAL \| DES-X \| DFC \| E2 \| FEAL \| FROG \| G-DES \| GOST \| Grand Cru \| Hasty Pudding Cipher \| Hierocrypt \| ICE \| IDEA \| IDEA NXT \| Iraqi \| Intel Cascade Cipher \| KASUMI \| KHAZAD \| Khufu and Khafre \| KN-Cipher \| Ladder-DES \| Libelle \| LOKI89/91 \| LOKI97 \| Lucifer \| M6 \| MacGuffin \| Madryga \| MAGENTA \| MARS \| Mercy \| MESH \| MISTY1 \| MMB \| MULTI2 \| NewDES \| NOEKEON \| NUSH \| Q \| RC2 \| RC5 \| RC6 \| REDOC \| Red Pike \| S-1 \| SAFER \| SC2000 \| SEED \| SHACAL \| SHARK \| Skipjack \| SMS4 \| Square \| TEA \| Treyfer \| Triple DES \| UES \| Xenon \| xmx \| XTEA \| XXTEA \| Zodiac
Design: Feistel network \| Key schedule \| Product cipher \| S-box \| SPN
Attacks: Brute force \| Linear / Differential / Integral cryptanalysis \| Mod n \| Related-key \| Slide \| XSL
Standardization: AES process \| CRYPTREC \| NESSIE
Misc: Avalanche effect \| Block size \| IV \| Key size \| Modes of operation \| Piling-up lemma \| Weak key
Cryptography v • d • e
History of cryptography \| Cryptanalysis \| Cryptography portal \| Topics in cryptography
Symmetric-key algorithm \| Block cipher \| Stream cipher \| Public-key cryptography \| Cryptographic hash function \| Message authentication code \| Random numbers