HOME

TheInfoList



Click Here for Items Related To - Seed (other)
OR:
Seed (other) on:   [Wikipedia]   [Google]   [Amazon]

SEED is a
block cipher In cryptography, a block cipher is a deterministic algorithm operating on fixed-length groups of bits, called ''blocks''. Block ciphers are specified cryptographic primitive, elementary components in the design of many cryptographic protocols and ...
developed by the
Korea Internet & Security Agency The Korea Internet & Security Agency (, KISA) is the Ministry of Science and ICT's sub-organization dealing with the allocation and maintenance of South Korea's IPv4/IPv6 address space (and the related WHOIS information), Autonomous System Numbers, ...
(KISA). It is used broadly throughout
South Korea South Korea, officially the Republic of Korea (ROK), is a country in East Asia, constituting the southern part of the Korea, Korean Peninsula and sharing a Korean Demilitarized Zone, land border with North Korea. Its western border is formed ...
n industry, but seldom found elsewhere. It gained popularity in Korea because
40-bit encryption 40-bit encryption refers to a (now broken) key size of forty bits, or five bytes, for symmetric encryption; this represents a relatively low level of security. A forty bit length corresponds to a total of 240 possible keys. Although this is a larg ...
was not considered strong enough, so the Korea Information Security Agency developed its own standard. However, this decision has historically limited the competition of
web browser A web browser is application software for accessing websites. When a user requests a web page from a particular website, the browser retrieves its files from a web server and then displays the page on the user's screen. Browsers are used on ...
s in Korea, as no major SSL libraries or web browsers supported the SEED algorithm, requiring users to use an ActiveX control in
Internet Explorer Internet Explorer (formerly Microsoft Internet Explorer and Windows Internet Explorer, commonly abbreviated IE or MSIE) is a series of graphical user interface, graphical web browsers developed by Microsoft which was used in the Microsoft Wind ...
for secure web sites. On April 1, 2015 the
Ministry of Science, ICT and Future Planning The Ministry of Science, ICT and Future Planning (MSIP, ) was a ministry of the Government of South Korea. Its purpose is to set, manage, and evaluate science and technology policy, support scientific research and development, develop human resour ...
(MSIP) announced its plan to remove the ActiveX dependency from at least 90 percent of the country's top 100 websites by 2017. Instead,
HTML5 HTML5 is a markup language used for structuring and presenting content on the World Wide Web. It is the fifth and final major HTML version that is a World Wide Web Consortium (W3C) recommendation. The current specification is known as the HTML ...
-based technologies will be employed as they operate on many platforms, including mobile devices. Starting with the private sector, the ministry plans to expand this further to ultimately remove this dependency from public websites as well.


Design

SEED is a 16-round
Feistel network In cryptography, a Feistel cipher (also known as Luby–Rackoff block cipher) is a symmetric structure used in the construction of block ciphers, named after the German-born physicist and cryptographer Horst Feistel, who did pioneering research whi ...
with 128-bit blocks and a 128-bit key. It uses two 8 × 8
S-box In cryptography, an S-box (substitution-box) is a basic component of symmetric key algorithms which performs substitution. In block ciphers, they are typically used to obscure the relationship between the key and the ciphertext, thus ensuring Sha ...
es which, like those of
SAFER In cryptography, SAFER (Secure And Fast Encryption Routine) is the name of a family of block ciphers designed primarily by James Massey (one of the designers of IDEA) on behalf of Cylink Corporation. The early SAFER K and SAFER SK designs share ...
, are derived from discrete
exponentiation Exponentiation is a mathematical operation, written as , involving two numbers, the '' base'' and the ''exponent'' or ''power'' , and pronounced as " (raised) to the (power of) ". When is a positive integer, exponentiation corresponds to re ...
(in this case, x247 and x251 – plus some "incompatible operations"). It also has some resemblance to
MISTY1 In cryptography, MISTY1 (or MISTY-1) is a block cipher designed in 1995 by Mitsuru Matsui and others for Mitsubishi Electric. MISTY1 is one of the selected algorithms in the European NESSIE project, and has been among the cryptographic techniq ...
in the recursiveness of its structure: the 128-bit full cipher is a Feistel network with an F-function operating on 64-bit halves, while the F-function itself is a Feistel network composed of a G-function operating on 32-bit halves. However the recursion does not extend further because the G-function is not a Feistel network. In the G-function, the 32-bit word is considered as four 8-bit bytes, each of which is passed through one or the other of the S-boxes, then combined in a moderately complex set of boolean functions such that each output bit depends on 3 of the 4 input bytes. SEED has a fairly complex
key schedule In cryptography, the so-called product ciphers are a certain kind of cipher, where the (de-)ciphering of data is typically done as an iteration of ''rounds''. The setup for each round is generally the same, except for round-specific fixed valu ...
, generating its thirty-two 32-bit subkeys through application of its G-function on a series of rotations of the raw key, combined with round constants derived (as in
TEA Tea is an aromatic beverage prepared by pouring hot or boiling water over cured or fresh leaves of '' Camellia sinensis'', an evergreen shrub native to East Asia which probably originated in the borderlands of southwestern China and northe ...
) from the
Golden ratio In mathematics, two quantities are in the golden ratio if their ratio is the same as the ratio of their sum to the larger of the two quantities. Expressed algebraically, for quantities a and b with a > b > 0, where the Greek letter phi ( ...
.


Use and adoption

SEED has been adopted by several standard protocols:
S/MIME S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public key encryption and signing of MIME data. S/MIME is on an IETF standards track and defined in a number of documents, most importantly . It was originally developed by R ...
(RFC 4010),
TLS/SSL Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securi ...
(RFC 4162),
IPSec In computing, Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in ...
(RFC 4196), and ISO/IEC 18033-3:2010. NSS software security library in Mozilla's Gecko platform has implemented support for SEED, and
Mozilla Firefox Mozilla Firefox, or simply Firefox, is a free and open-source web browser developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation. It uses the Gecko rendering engine to display web pages, which implements current and a ...
as of 3.5.4 supports SEED as a TLS cipher; however, Mozilla decided to drop the support of SEED by default in Firefox 27 and above because support for SEED has not had any practical positive effect in terms of helping South Korea migrate away from ActiveX-based e-commerce, and other browsers are not offering any SEED-based cipher suites. NSS still supports SEED-based cipher suites. The
Linux kernel The Linux kernel is a free and open-source, monolithic, modular, multitasking, Unix-like operating system kernel. It was originally authored in 1991 by Linus Torvalds for his i386-based PC, and it was soon adopted as the kernel for the GNU ope ...
has supported SEED since 2007.
Bloombase
supports SEED in their full suite of data cryptography solutions.


References


External links


SEED - KISA
(Official Site, in Korean)
SEED official specification document
(English) * : The SEED encryption algorithm (obsoletes ) * : Use of the SEED Encryption Algorithm in Cryptographic Message Syntax (CMS) * : Addition of SEED Cipher Suites to Transport Layer Security (TLS) * : The SEED Cipher Algorithm and Its Use with IPsec

{{DEFAULTSORT:Seed Feistel ciphers Internet in South Korea Standards of South Korea