Serpent (cipher)
Serpent is a symmetric encryption algorithm that was developed by cryptographers Ross Anderson, Eli Biham and Lars Knudsen. It is a block cipher with a block size of 128 bits and a variable key size to 256 bits.
Serpent was a candidate for the Advanced Encryption Standard (AES ), and was using Twofish, Rijndael, MARS and RC6 of the five finalists of the AES precipitate method.
Serpent appears to have a more secure architecture as Rijndael. MARS, Twofish and Serpent were classified as highly - secure while Rijndael and RC6 were "only" considered sufficiently safe. Rijndael was mainly due to its mathematical structure that could potentially lead to attacks, criticized. In contrast to the other two as a highly - secure classified candidates of the last lap, MARS and Twofish, Serpent has not been criticized with regard to its security, and it was assumed that this was the safest of the five finalists.
Serpent also has when implemented in hardware, which can be done as a pipeline, the largest rate among the finalists. However, it is the case of software implementations, the slowest, while Rijndael is relatively fast in both hardware and in software. Above all, this speed advantage is likely in deciding Rijndael to tell AES, were decisive.
Operation
33 subkey up with 128 -bit length key from the first formed, and the data is divided into blocks of four 32- bit words. These blocks are then encoded independently of each other in 32 consecutive rounds.
In each of the rounds to successive operations are performed:
An alternative implementation of the method operates with the substitution of one data word is always four in successive bits. Thus, the substitution can be realized more easily than table access: The four index bits are already together, and they only have possibly pushed to the right and the higher bits are masked out. Before the first round of the 128 data bits are permuted so that the least significant bits in the four data words come to positions 0-3 of the first word, the next- higher value of positions 4-7, etc. This permutation is reversed after the last round made. The 33 part keys must be permuted accordingly. The linear transformation is more complex, however, in this implementation, because in this case, the different arrangement of the bits to be taken into account.
The first implementation (so-called bit slice technology) has the advantage that with bitwise operations, all 32 substitutions can be performed in parallel in one round. With a correspondingly optimized software implementation, the substitution is faster than by table access. In addition, the developer of the method were able to present a simple and effective at the same time be mixed linear transformation: If a data word rotated, for example, are thus divided all 32 substitution blocks and reassembled.
License
Serpent is not patented and has been released as public domain software. It is thus to use any freely available. Optimized versions of the code were licensed under the GNU General Public License.
Sample Applications
The Serpent algorithm is implemented, among others, the following open source software packages:
- TrueCrypt - Disk Encryption, encryption of partitions and container files
- Dm -crypt - disk encryption
Attack
2002 Courtois and Pieprzyk published a work in which a potential attack against Serpent ( and Rijndael) was presented with the name XSL. The attack is only theoretical and can not be actually tested because of its complexity. It is unknown whether the attack could be carried out in practice.
The cryptographers T. Moh and Don Coppersmith are of the opinion that the attack on Serpent currently can not be performed.