	MCSoft Security Solutions

Products Overview

Software

MCCrypt Pro

Algorithms

MCSoft MCCrypt Pro

Algorithms

Overview

Algorithm	Blocksize	Keylength	Ciphermode	Remark
Rijndael	16-32 Byte	128-256 Bit*	ECB,CBC,CFB,OFB,CTR,CCM,OCB**,COA	Keysetup
RC6**	16 Byte	128-256 Bit*	ECB,CBC,CFB,OFB,CTR,CCM,OCB**,COA	Keysetup
Serpent	16 Byte	128-256 Bit*	ECB,CBC,CFB,OFB,CTR,CCM,OCB**,COA	Keysetup
Twofish	16 Byte	128-256 Bit*	ECB,CBC,CFB,OFB,CTR,CCM,OCB**,COA	Keysetup
Blowfish	8 Byte	8-448 Bit	ECB,CBC,CFB,OFB,CTR,CCM	Keysetup
XORBlock	16-52 Byte	8-2048 Bit	ECB,CBC,CFB,OFB	Keysetup
XORStream	-	8-2048 Bit	(stream)	Keysetup

* informationen to the exact keylength on request.
** look at the product comparsion table

Table 1: Algorithms implemented in MCCrypt Pro

In many applications it wouldn't be a very good idea anymore to use the Data Encryption Standard (DES). The reason for that is the too small key length of 56 bits. Data that is encrypted with DES is not secure. The problem of the key length was solved by the use of Triple DES (3DES). However, because DES was developed primarily for encryption hardware the algorithm is relatively inefficient in the implementation in software. Triple DES is in addition, through the triple useuse of the DES algorithm an extremely slow encryption method. The block size used by DES (and some other known algorithm) is 64 bits. This facilitates additional attacks, if larger amounts of data are encrypted.
Therefore the U.S. National Institute of Standards and Technology (NIST) called for a successor algorithm, that was named Advanced Encryption Standard (AES). The requirements for AES were, that it should be faster and at least equally secure as Triple DES. AES should use 128 bits (16 bytes) blocks and support a key length of 256 bits (at which 128 bits and 192 bits must also be supported). Rijndael, Serpent, Twofish, RC6 and MARS belong to the finalists of the AES selection process. Rijndael was selected by the NIST after a careful inspection of the algorithm for the AES. Rijndael will replace the DES - late Triple DES - in many cryptographic applications in the next years.

In MCCrypt Pro is among other algorithms also the Rijndael algorithm implemented.

MCCrypt Pro offers some further algorithms that provide a compareable security to the Rijndael (Exception Serpent, XOR...). Serpent surpasses the security of Rijndael but it is slower and therefore it got by the NIST in the AES selection process only place 2. Serpent was implemented for AES with a block size of 16 bytes (128 bits) and a key length of 128 to 256 bits. RC6 is the fastest algorithm. The implementation which was done for the AES selection is slightly weaker than Rijndael.

The AES candidates which are implemented in MCCrypt Pro and which reached the the final selection round are Rijndael, Serpent, Twofish, RC6. Algorithms in this round were expected to be secure, that means no weaknesses were found. There are currently no attacks that are applicable on these algorithms that are more effective than a Bruthforce Attack to break them. All AES algorithms were defined for key lengths of 128 to 256 bits. Twofish surpasses the security of Rijndael temporarily (shorter key lengths than 256 bits) and reached in the AES selection process place 3.

There are also no known attacks against Blowfish. Blowfish did not become a AES candidate because beside other characteristics of the algorithm it's block size is only 8 bytes. This is regarded as too small if one encrypts great amounts of data. The security of Blowfish is not compared officially with AES. Blowfish has a high security level and it also became an alternative to the use of DES. Blowfish does not achieve, however, the security level of the five of AES finalists. But it keeps up and can be compared with the other AES candidates. (AES candidate became his successor Twofish)

The XOR algorithms are weak at short key lengths. The strength of the XORBlock algorithm can be adjusted with two parameters: InternalRounds and ExternalRounds. The XORStream algorithm has one parameter, the InternalRounds. It is recommended at both of them to use at least the value 4. The security of these algorithms was not examined yet.The key length should be maximized in order to provide an acceptable security level.

Specific information to the encryption algorithms

Rijndael
Developed by :	Joan Daemen, Vincent Rijmen (Banksys/Katholieke Universiteit Leuven, Belgium)
Description:	For AES Rijndael is defined as a 10 to 14 rounds iterative cipher. The round transformation in Rijndael does not have the Feistel structure. Instead of this the round transformation consists of three unambiguously invertible transformations (Layer of linear mixes, non-linear layer and the key addition layer). This is supposed to increase the resistance to linear and differential cryptoanalysis. Every round uses four functions: • Byte Substitution with S-Box values: non-linearity • Shift Row: Inter-column-diffusion • Mix Columns: Inter-byte-diffusion with columns • Add the round key An initial and a final addition of the key is applied. Rijndael was developed from the SQUARE cipher.
Cipher Mode:	ECB,CBC,CFB,OFB,CTR,CCM,OCB,COA
Blocksize:	16, 24 und 32 Byte
KeySize:	16, 24, 32 Byte (corresponds to 128 to 256 Bit)*
Homepage:	http://csrc.nist.gov/archive/aes/rijndael/

Serpent
Developed by :	Ross Anderson (Cambridge, UK), Eli Biham (Technion, Israel), Lars Knudsen (U. Bergen, Norway)
Description:	Serpent is a 32-rounds Feistel Cipher. In each round it mixes the key by using XOR operations and rotations, further it substitutes 8 key-dependent 4-bit S-boxes, and a linear transformation is used. Originally Serpent (Serpent-0) is developed from and inspired by the analysis done on DES. After that the design was reworked in order to strengthen the algorithm and to increase the efficiency by optimizing its structure. New, stronger, S-Boxes were implemented, as well as a slightly changed key schedule. In this way the resistance to linear and differential cryptoanalysis is increased. Serpent uses bitslice operations for the efficient block encryption. Serpent encrypts 128 bit blocks of plaintext in 32 rounds under the control of 33 128 bits subkeys. The user key length in the design is variable (but fixed for the AES selection process to 128, 192 and 256 bits). Short key lengths are expanded in the key-scheduler to full length keys of 256 bits. Serpent uses a initial and a final permutation function (whitening) in the encryption operation.
Cipher Mode:	ECB,CBC,CFB,OFB,CTR,CCM,OCB,COA
Blocksize:	16 Byte
KeySize:	16, 24, 32 Byte (corresponds to 128 to 256 Bit)*
Homepage:	http://www.cl.cam.ac.uk/~rja14/serpent.html

Twofish
Developed by :	Bruce Schneier, Kelsey, Whiting, Wagner, Hall, Ferguson (Counterpane Systems, USA)
Description:	Twofish is 16-rounds Feistel Cipher with additional whitening of the input and output data. Whitening describes the XORing of the key material before the first round and afterafter the last round. It increases substantially the resistance of the algorithm to key search attacks. Twofish uses in the individual rounds rotations and 4 key-dependent 8-bit S-Boxes, followed by a linear mixing function based on a Maximum Distance Separable (MDS) matrix, combined through the Pseudo-Hadamard Transformation and the addition of two keywords. Results of the function are combined with XOR. A part of Twofish is based on Blowfish.
Cipher Mode:	ECB,CBC,CFB,OFB,CTR,CCM,OCB,COA
Blocksize:	16 Byte
KeySize:	16, 24, 32 Byte (corresponds to 128 to 256 Bit)*
Homepage:	http://www.schneier.com/twofish.html

RC6
Developed by :	Ron Rivest, Robshaw, Sidney, Yin (RSA Labs/MIT, USA)
Description:	For AES RC6 was defined as a 20-rounds (encryption Depth 3) iterative Cipher. It was developed from RC5 (and fully parameterized). RC6 uses six basic 32-bit operations to mix the data in every round. These operations are addition, subtraction, bitwise XOR, integer multiplications as well as left and right rotations of 32 bit words.
Cipher Mode:	ECB,CBC,CFB,OFB,CTR,CCM,OCB,COA
Blocksize:	16 Byte
KeySize:	16, 24, 32 Byte (corresponds to 128 to 256 Bit)*
Depth:	Defines the encryption-deep. For AES a depth of 3 was defined, this corresponds to 20 encryption rounds. The depth can be adjusted continuously from 3 to 64.
Homepage:	http://www.rsasecurity.com/rsalabs/rc6/

Blowfish
Developed by :	B. Schneier, 1994
Description:	Blowfish is a 64 bit block, 16 rounds Feistel Blockcipher with a variable key length. It is optimized for data encryption which needs no key change, since the key change operation is slow. Blowfish uses four very large 8* 32 bit key-dependend lookup tables for the data substitution. Every round consists of a key-dependent permutation and a key and data-dependent substitution. The output function uses additions and XOR operations. Blowfish uses a great number of subkeys (4168 bytes) Particular keys can lead in Blowfish to the generation of weak S-Boxes, which can lead to attacks in a reduced round version. However, this attack is completely inefficient in the defined 16 rounds version. Through that no successful attacks are known on Blowfish up to now .
Cipher Mode:	ECB,CBC,CFB,OFB,CTR,CCM
Blocksize:	8 Byte
KeySize:	Actual Password length until a maximum of 448 Bit.
Homepage:	http://www.schneier.com/blowfish.html

XORBlock
Cipher Mode:	ECB,CBC,CFB,OFB
Blocksize:	16, 20, 24, 28, 32, 36, 40, 44, 48 and 52 Byte
KeySize:	Actual Password length until a maximum ofl 2048 Bit.
ExternalRounds:	3 to 64 rounds
InternalRounds:	3 to 64 rounds

XORStream
Cipher Mode:	Cipher Mode are only used by Blockciphers.
KeySize:	Actual Password length until a maximum of 2048 Bit.
InternalRounds:	3 to 64 rounds