FACTOID # 8: Bookworms: Vermont has the highest number of high school teachers per capita and third highest number of librarians per capita.

 Home Encyclopedia Statistics States A-Z Flags Maps FAQ About

 WHAT'S NEW RELATED ARTICLES People who viewed "FEAL" also viewed:

SEARCH ALL

Search encyclopedia, statistics and forums:

(* = Graphable)

Encyclopedia > FEAL
FEAL
 The FEAL Feistel function
General
Designer(s) Akihiro Shimizu and Shoji Miyaguchi (NTT)
First published FEAL-4 in 1987; FEAL-N/NX in 1990
Derived from -
Cipher(s) based on this design -
Algorithm detail
Block size(s) 64 bits
Key size(s) 64 bits (128 bits for FEAL-NX)
Structure Feistel network
Number of rounds Originally 4, then 8, then N (recommended 32)
Best cryptanalysis
Linear cryptanalysis can break FEAL-4 with 5 known plaintexts (Matsui and Yamagishi, 1992). A differential attack breaks FEAL-N/NX with fewer than 31 rounds (Biham and Shamir, 1991).

In cryptography, FEAL (the Fast Data Encipherment Algorithm) is a block cipher proposed as an alternative to the Data Encryption Standard (DES), and designed to be much faster in software. The Feistel based algorithm was first published in 1987 by Akihiro Shimizu and Shoji Miyaguchi from NTT. The cipher is susceptible to various forms of cryptanalysis, and has acted as a catalyst in the discovery of differential and linear cryptanalysis. Image File history File links FEAL_InfoBox_Diagram. ... 1987 (MCMLXXXVII) is a common year starting on Thursday of the Gregorian calendar. ... This article is about the year. ... In modern cryptography, symmetric key ciphers are generally divided into stream ciphers and block ciphers. ... In cryptography, the key size (alternatively key length) is a measure of the number of possible keys which can be used in a cipher. ... In cryptography, a Feistel cipher is a block cipher with a particular structure, named after IBM cryptographer Horst Feistel; it is also commonly known as a Feistel network. ... Cryptanalysis (from the Greek kryptÃ³s, hidden, and analÃ½ein, to loosen or to untie) is the study of methods for obtaining the meaning of encrypted information, without access to the secret information which is normally required to do so. ... In cryptography, linear cryptanalysis is a general form of cryptanalysis based on finding affine approximations to the action of a cipher. ... The known-plaintext attack is a cryptanalytic attack in which the attacker has samples of both the plaintext and its encrypted version (ciphertext) and is at liberty to make use of them to reveal further secret information; typically this is the secret key. ... Differential cryptanalysis is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions. ... Cryptography has had a long and colourful history. ... In cryptography, a block cipher is a symmetric key cipher which operates on fixed-length groups of bits, termed blocks, with an unvarying transformation. ... General Designer(s) IBM First published 1975 (January 1977 as the standard) Derived from Lucifer (cipher) Cipher(s) based on this design Triple DES, G-DES, DES-X, LOKI89, ICE Algorithm detail Block size(s) 64 bits Key size(s) 56 bits Structure Feistel network Number of rounds 16 Best... Feistel cipher - Wikipedia /**/ @import /skins-1. ... 1987 (MCMLXXXVII) is a common year starting on Thursday of the Gregorian calendar. ... Nippon Telegraph and Telephone (æ—¥æœ¬é›»ä¿¡é›»è©± Nippon Denshin Denwa) is a telephone company that dominates the telecommunication market in Japan. ... Cryptanalysis (from the Greek kryptÃ³s, hidden, and analÃ½ein, to loosen or to untie) is the study of methods for obtaining the meaning of encrypted information, without access to the secret information which is normally required to do so. ... Differential cryptanalysis is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions. ... In cryptography, linear cryptanalysis is a general form of cryptanalysis based on finding affine approximations to the action of a cipher. ...

There have been several different revisions of FEAL, though all are Feistel ciphers, and make use of the same basic round function and operate on a 64-bit block. One of the earliest designs is now termed FEAL-4, which has four rounds and a 64-bit key. Feistel cipher - Wikipedia /**/ @import /skins-1. ... In modern cryptography, symmetric key ciphers are generally divided into stream ciphers and block ciphers. ... A key is a piece of information that controls the operation of a cryptography algorithm. ...

Unfortunately, problems were found with FEAL-4 from the start: Bert den Boer related a weakness in an unpublished rump session at the same conference where the cipher was first presented. A later paper (den Boer, 1988) describes an attack requiring 100–10000 chosen plaintexts, and Sean Murphy (1990) found an improvement that needs only 20 chosen plaintexts. Murphy and den Boer's methods contain elements similar to those used in differential cryptanalysis. A chosen plaintext attack is any form of cryptanalysis which presumes that the attacker has the capability to choose arbitrary plaintexts to be encrypted and obtain the corresponding ciphertexts. ... Differential cryptanalysis is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions. ...

The designers countered by doubling the number of rounds, FEAL-8 (Shimizu and Miyaguchi, 1988). However, eight rounds also proved to be insufficient — in 1989, at the Securicom conference, Eli Biham and Adi Shamir described a differential attack on the cipher, mentioned in (Miyaguchi, 1989). Gilbert and Chassé (1990) subsequently published a statistical attack similar to differential cryptanalysis which requires 10000 pairs of chosen plaintexts. 1989 (MCMLXXXIX) is a common year starting on Sunday of the Gregorian calendar. ... Eli Biham is an Israeli cryptographer and cryptanalyst, currently a professor at the Technion Israeli Institute of Technology Computer Science department. ... Adi Shamir at the CRYPTO 2003 conference. ...

In response, the designers introduced a variable-round cipher, FEAL-N (Miyaguchi, 1990), where "N" was chosen by the user, together with FEAL-NX, which had a larger 128-bit key. Biham and Shamir's differential cryptanalysis (1991) showed that both FEAL-N and FEAL-NX could be broken faster than exhaustive search for N ≤ 31. Later attacks, precursors to linear cryptanalysis, could break versions under the known plaintext assumption, first (Tardy-Corfdir and Gilbert, 1991) and then (Matsui and Yamagishi, 1992), the latter breaking FEAL-4 with 5 known plaintexts, FEAL-6 with 100, and FEAL-8 with 215. The known-plaintext attack is a cryptanalytic attack in which the attacker has samples of both the plaintext and its encrypted version (ciphertext) and is at liberty to make use of them to reveal further secret information; typically this is the secret key. ...

• N-Hash

In cryptography, N-Hash is a cryptographic hash function based on the FEAL round function, and is now considered insecure. ...

## References

• Eli Biham, Adi Shamir: Differential Cryptanalysis of Feal and N-Hash. EUROCRYPT 1991: 1–16
• Bert den Boer, Cryptanalysis of F.E.A.L., EUROCRYPT 1988: 293–299
• Henri Gilbert, Guy Chassé: A Statistical Attack of the FEAL-8 Cryptosystem. CRYPTO 1990: 22–33.
• Shoji Miyaguchi: The FEAL Cipher Family. CRYPTO 1990: 627–638
• Shoji Miyaguchi: The FEAL-8 Cryptosystem and a Call for Attack. CRYPTO 1989: 624–627
• Mitsuru Matsui, Atsuhiro Yamagishi: A New Method for Known Plaintext Attack of FEAL Cipher. EUROCRYPT 1992: 81–91
• Sean Murphy, The Cryptanalysis of FEAL-4 with 20 Chosen Plaintexts. J. Cryptology 2(3): 145–154 (1990)
• A. Shimizu and S. Miyaguchi, Fast data encipherment algorithm FEAL, Advances in Cryptology — Eurocrypt '87, Springer-Verlag (1988), 267–280.
• Anne Tardy-Corfdir, Henri Gilbert: A Known Plaintext Attack of FEAL-4 and FEAL-6. CRYPTO 1991: 172–181

Results from FactBites:

 Feal d.o.o. Siroki Brijeg - Home page (438 words) On July 31st 2006 in FEAL factory in Široki Brijeg, the 1630 tons press started to work. It is the second press that has started the operation in FEAL Široki Brijeg, and the third will be started by the end of this year in the new factory being... FEAL has got the production lines for aluminum pressing, electrolytic color covering, plastifying, composing the profiles with interrupted thermal bridges and the line for machine processing of the aluminum profiles.
 April 4, 2002-Vol33n23: Feal believes teaching is "a privilege" (902 words) Rosemary Feal is the quintessential erudite scholar, who still calls teaching an "honor and a privilege." And after talking with her, it's unlikely anyone would question the importance of studying modern languages and obtaining a liberal arts education. Feal's active involvement with the MLA began in 1988 when she was appointed to the association's delegate assembly. Feal believes strongly in the importance of a liberal arts education and the significance of knowing a second language.
More results at FactBites »

Share your thoughts, questions and commentary here