CRYPTREC is the Cryptography Research and Evaluation Committees set up by the
Japanese Government
The Government of Japan is the central government of Japan. It consists of legislative, executive and judiciary branches and functions under the framework established by the Constitution of Japan. Japan is a unitary state, containing forty- ...
to evaluate and recommend
cryptographic
Cryptography, or cryptology (from "hidden, secret"; and ''graphein'', "to write", or '' -logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of adversarial behavior. More gen ...
techniques for government and industrial use. It is comparable in many respects to the
European Union
The European Union (EU) is a supranational union, supranational political union, political and economic union of Member state of the European Union, member states that are Geography of the European Union, located primarily in Europe. The u ...
's
NESSIE project and to the
Advanced Encryption Standard process
The Advanced Encryption Standard (AES), the symmetric block cipher ratified as a standard by National Institute of Standards and Technology of the United States (NIST), was chosen using a process lasting from 1997 to 2000 that was markedly more ...
run by
National Institute of Standards and Technology
The National Institute of Standards and Technology (NIST) is an agency of the United States Department of Commerce whose mission is to promote American innovation and industrial competitiveness. NIST's activities are organized into Outline of p ...
in the
U.S.
The United States of America (USA), also known as the United States (U.S.) or America, is a country primarily located in North America. It is a federal republic of 50 states and a federal capital district, Washington, D.C. The 48 contiguous ...
Comparison with NESSIE
There is some overlap, and some conflict, between the NESSIE selections and the CRYPTREC draft recommendations. Both efforts include some of the best cryptographers in the world therefore conflicts in their selections and recommendations should be examined with care. For instance, CRYPTREC recommends several 64 bit block ciphers while NESSIE selected none, but CRYPTREC was obliged by its terms of reference to take into account existing standards and practices, while NESSIE was not. Similar differences in terms of reference account for CRYPTREC recommending at least one
stream cipher
stream cipher is a symmetric key cipher where plaintext digits are combined with a pseudorandom cipher digit stream ( keystream). In a stream cipher, each plaintext digit is encrypted one at a time with the corresponding digit of the keystrea ...
,
RC4, while the NESSIE report specifically said that it was ''notable'' that they had not selected any of those considered. RC4 is widely used in the
SSL/TLS protocols; nevertheless, CRYPTREC recommended that it only be used with 128-bit keys. Essentially the same consideration led to CRYPTREC's inclusion of 160-bit message digest algorithms, despite their suggestion that they be avoided in new system designs. Also, CRYPTREC was unusually careful to examine variants and modifications of the techniques, or at least to discuss their care in doing so; this resulted in particularly detailed recommendations regarding them.
Background and sponsors
CRYPTREC includes members from Japanese
academia
An academy (Attic Greek: Ἀκαδήμεια; Koine Greek Ἀκαδημία) is an institution of tertiary education. The name traces back to Plato's school of philosophy, founded approximately 386 BC at Akademia, a sanctuary of Athena, the go ...
,
industry
Industry may refer to:
Economics
* Industry (economics), a generally categorized branch of economic activity
* Industry (manufacturing), a specific branch of economic activity, typically in factories with machinery
* The wider industrial sector ...
, and
government
A government is the system or group of people governing an organized community, generally a State (polity), state.
In the case of its broad associative definition, government normally consists of legislature, executive (government), execu ...
. It was started in May 2000 by combining efforts from several agencies who were investigating methods and techniques for implementing 'e-Government' in Japan. Presently, it is sponsored by
*the Ministry of Economy Trade and Industry,
*the Ministry of Public Management, Home Affairs and Post and Telecommunications,
*the Telecommunications Advancement Organization, and
*the Information-Technology Promotion Agency.
Responsibilities
It is also the organization that provides technical evaluation and recommendations concerning regulations that implement Japanese laws. Examples include the Electronic Signatures and Certification Services (Law 102 of FY2000, taking effect as from April 2001), the Basic Law on the Formulation of an Advanced Information and Telecommunications Network Society of 2000 (Law 144 of FY2000), and the Public Individual Certification Law of December 2002. Furthermore, CRYPTEC has responsibilities with regard to the Japanese contribution to the
ISO
The International Organization for Standardization (ISO ; ; ) is an independent, non-governmental, international standard development organization composed of representatives from the national standards organizations of member countries.
Me ...
/
IEC JTC 1/SC27 standardization effort.
Selection
In the first release in 2003, many Japanese ciphers were selected for the "e-Government Recommended Ciphers List":
CIPHERUNICORN-E (
NEC
is a Japanese multinational information technology and electronics corporation, headquartered at the NEC Supertower in Minato, Tokyo, Japan. It provides IT and network solutions, including cloud computing, artificial intelligence (AI), Inte ...
),
Hierocrypt-L1 (
Toshiba
is a Japanese multinational electronics company headquartered in Minato, Tokyo. Its diversified products and services include power, industrial and social infrastructure systems, elevators and escalators, electronic components, semiconductors ...
), and
MISTY1 (
Mitsubishi Electric
is a Japanese Multinational corporation, multinational electronics and electrical equipment manufacturing company headquartered in Tokyo, Japan. The company was established in 1921 as a spin-off from the electrical machinery manufacturing d ...
) as 64 bit block ciphers,
Camellia
''Camellia'' (pronounced or ) is a genus of flowering plants in the family Theaceae. They are found in tropical and subtropical areas in East Asia, eastern and South Asia, southern Asia, from the Himalayas east to Japan and Indonesia. There are ...
(
Nippon Telegraph and Telephone
(NTT) is a Japanese telecommunications holding company headquartered in Tokyo, Japan. Ranked 55th in ''Fortune'' Global 500, NTT is the fourth largest telecommunications company in the world in terms of revenue, as well as the third largest pu ...
,
Mitsubishi Electric
is a Japanese Multinational corporation, multinational electronics and electrical equipment manufacturing company headquartered in Tokyo, Japan. The company was established in 1921 as a spin-off from the electrical machinery manufacturing d ...
),
CIPHERUNICORN-A (NEC),
Hierocrypt-3 (Toshiba), and
SC2000 (
Fujitsu) as 128 bit block ciphers, and finally
MUGI and
MULTI-S01 (
Hitachi
() is a Japanese Multinational corporation, multinational Conglomerate (company), conglomerate founded in 1910 and headquartered in Chiyoda, Tokyo. The company is active in various industries, including digital systems, power and renewable ener ...
) as stream ciphers.
In the revised release of 2013,
the list was divided into three: "e-Government Recommended Ciphers List", "Candidate Recommended Ciphers List", and "Monitored Ciphers List". Most of the Japanese ciphers listed in the previous list (except for Camellia) have moved from the "Recommended Ciphers List" to the "Candidate Recommended Ciphers List". There were several new proposals, such as
CLEFIA (
Sony
is a Japanese multinational conglomerate (company), conglomerate headquartered at Sony City in Minato, Tokyo, Japan. The Sony Group encompasses various businesses, including Sony Corporation (electronics), Sony Semiconductor Solutions (i ...
) as a 128 bit block cipher as well as
KCipher-2 (
KDDI
() is a Japanese telecommunications operator. It was established in 2000 through the merger of , , and . In 2001, it merged with a subsidiary named Au, which was formed through the merger of seven automotive and mobile phone companies from t ...
) and
Enocoro-128v2 (Hitachi) as stream ciphers. However, only KCipher-2 has been listed on the "e-Government Recommended Ciphers List". The reason why most Japanese ciphers have not been selected as "Recommended Ciphers" is not that these ciphers are necessarily unsafe, but that these ciphers are not widely used in commercial products, open-source projects, governmental systems, or international standards. There is the possibility that ciphers listed on "Candidate Recommended Ciphers List" will be moved to the "e-Government Recommended Ciphers List" when they are utilized more widely.
In addition, 128 bit
RC4 and
SHA-1
In cryptography, SHA-1 (Secure Hash Algorithm 1) is a hash function which takes an input and produces a 160-bit (20-byte) hash value known as a message digest – typically rendered as 40 hexadecimal digits. It was designed by the United States ...
are listed on "Monitored Ciphers List". These are unsafe and only permitted to remain compatible with old systems.
After the revision in 2013, there are several updates such as addition of
ChaCha20-
Poly1305
Poly1305 is a universal hash family designed by Daniel J. Bernstein in 2002 for use in cryptography.
As with any universal hash family, Poly1305 can be used as a one-time message authentication code to authenticate a single message using a sec ...
,
EdDSA and
SHA-3
SHA-3 (Secure Hash Algorithm 3) is the latest member of the Secure Hash Algorithm family of standards, released by NIST on August 5, 2015. Although part of the same series of standards, SHA-3 is internally different from the MD5-like stru ...
, move of
Triple DES
In cryptography, Triple DES (3DES or TDES), officially the Triple Data Encryption Algorithm (TDEA or Triple DEA), is a symmetric-key block cipher, which applies the DES cipher algorithm three times to each data block. The 56-bit key of the Dat ...
to Monitored list, and deletion of
RC4, etc.
CRYPTREC Ciphers List
e-Government Recommended Ciphers List
*Public key ciphers
**Signature
***
DSA
***
ECDSA
***
EdDSA
***
RSA-PSS
***
RSASSA-PKCS1-v1_5
**Confidentiality
***
RSA-OAEP
**Key exchange
***
DH
***
ECDH
*Symmetric key ciphers
**64-bit block ciphers
***N/A
**128-bit block ciphers
***
AES
***
Camellia
''Camellia'' (pronounced or ) is a genus of flowering plants in the family Theaceae. They are found in tropical and subtropical areas in East Asia, eastern and South Asia, southern Asia, from the Himalayas east to Japan and Indonesia. There are ...
**Stream ciphers
***
KCipher-2
*Hash functions
**
SHA-256
SHA-2 (Secure Hash Algorithm 2) is a set of cryptographic hash functions designed by the United States National Security Agency (NSA) and first published in 2001. They are built using the Merkle–Damgård construction, from a one-way compressi ...
**SHA-384
**SHA-512
**SHA-512/256
**
SHA3-256
**SHA3-384
**SHA3-512
**SHAKE128
**SHAKE256
*Modes of operation
**Encryption modes
***
CBC CBC may refer to:
Media
* Cadena Baja California or Grupo Cadena, a radio and television broadcaster in Mexico
* Canadian Broadcasting Corporation, Canada's radio and television public broadcaster
** CBC Television
** CBC Radio One
** CBC Music
** ...
***
CFB
***
CTR
***
OFB
***
XTS
**Authenticated encryption modes
***
CCM
***
GCM
*Message authentication codes
**
CMAC
**
HMAC
In cryptography, an HMAC (sometimes expanded as either keyed-hash message authentication code or hash-based message authentication code) is a specific type of message authentication code (MAC) involving a cryptographic hash function and a se ...
*Authenticated encryption
**
ChaCha20-
Poly1305
Poly1305 is a universal hash family designed by Daniel J. Bernstein in 2002 for use in cryptography.
As with any universal hash family, Poly1305 can be used as a one-time message authentication code to authenticate a single message using a sec ...
*Entity authentication
**ISO/IEC 9798-2
**ISO/IEC 9798-3
**ISO/IEC 9798-4
Candidate Recommended Ciphers List
*Public key ciphers
**Signature
***N/A
**Confidentiality
***N/A
**Key exchange
***
PSEC-KEM
*Symmetric key ciphers
**64-bit block ciphers
***
CIPHERUNICORN-E
***
Hierocrypt-L1
***
MISTY1
**128-bit block ciphers
***
CIPHERUNICORN-A
***
CLEFIA
***
Hierocrypt-3
**Stream ciphers
***
Enocoro-128v2
***
MUGI
***
MULTI-S01
*Hash functions
**N/A
*Modes of operation
**Encryption modes
***N/A
**Authenticated encryption modes
***N/A
*Message authentication codes
**
PC-MAC-AES
*Authenticated encryption
**N/A
*Entity authentication
**N/A
Monitored Ciphers List
*Public key ciphers
**Signature
***N/A
**Confidentiality
***
RSAES-PKCS1-v1_5
**Key exchange
***N/A
*Symmetric key ciphers
**64-bit block ciphers
***
3-key Triple DES
**128-bit block ciphers
***N/A
**Stream ciphers
***N/A
*Hash functions
**
RIPEMD-160
**
SHA-1
In cryptography, SHA-1 (Secure Hash Algorithm 1) is a hash function which takes an input and produces a 160-bit (20-byte) hash value known as a message digest – typically rendered as 40 hexadecimal digits. It was designed by the United States ...
*Modes of operation
**Encryption modes
***N/A
**Authenticated encryption modes
***N/A
*Message authentication codes
**
CBC-MAC
In cryptography, a cipher block chaining message authentication code (CBC-MAC) is a technique for constructing a message authentication code (MAC) from a block cipher. The message is encrypted with some block cipher algorithm in cipher block ch ...
*Authenticated encryption
**N/A
*Entity authentication
**N/A
References
External links
*
The list of ciphers that should be referred to in the procurement for the e-Government system (CRYPTREC Ciphers List)(in Japanese)
{{Cryptography navbox , public-key , block , hash
Cryptography standards
Government research
Standards of Japan