Английская Википедия:Camellia (cipher)

Шаблон:Short description Шаблон:Infobox block cipher

In cryptography, Camellia is a symmetric key block cipher with a block size of 128 bits and key sizes of 128, 192 and 256 bits. It was jointly developed by Mitsubishi Electric and NTT of Japan. The cipher has been approved for use by the ISO/IEC, the European Union's NESSIE project and the Japanese CRYPTREC project. The cipher has security levels and processing abilities comparable to the Advanced Encryption Standard.^[1]

The cipher was designed to be suitable for both software and hardware implementations, from low-cost smart cards to high-speed network systems. It is part of the Transport Layer Security (TLS)^[2] cryptographic protocol designed to provide communications security over a computer network such as the Internet.

The cipher was named for the flower Camellia japonica, which is known for being long-lived as well as because the cipher was developed in Japan.

Design

Camellia is a Feistel cipher with either 18 rounds (when using 128-bit keys) or 24 rounds (when using 192- or 256-bit keys). Every six rounds, a logical transformation layer is applied: the so-called "FL-function" or its inverse. Camellia uses four 8×8-bit S-boxes with input and output affine transformations and logical operations. The cipher also uses input and output key whitening. The diffusion layer uses a linear transformation based on a matrix with a branch number of 5.Шаблон:Citation needed

Security analysis

Camellia is considered a modern, safe cipher. Even using the smaller key size option (128 bits), it's considered infeasible to break it by brute-force attack on the keys with current technology. There are no known successful attacks that weaken the cipher considerably. The cipher has been approved for use by the ISO/IEC, the European Union's NESSIE project and the Japanese CRYPTREC project. The Japanese cipher has security levels and processing abilities comparable to the AES/Rijndael cipher.^[1]

Camellia is a block cipher which can be completely defined by minimal systems of multivariate polynomials:Шаблон:Vague^[3]

• The Camellia (as well as AES) S-boxes can be described by a system of 23 quadratic equations in 80 terms.^[4]
• The key schedule can be described by 1120 equations in 768 variables using 3328 linear and quadratic terms.^[3]
• The entire block cipher can be described by 5104 equations in 2816 variables using 14 592 linear and quadratic terms.^[3]
• In total, 6224 equations in 3584 variables using 17 920 linear and quadratic terms are required.^[3]
• The number of free terms is 11 696, which is approximately the same number as for AES.

Theoretically, such properties might make it possible to break Camellia (and AES) using an algebraic attack, such as extended sparse linearisation, in the future, provided that the attack becomes feasible.

Patent status

Although Camellia is patented, it is available under a royalty-free license.^[5] This has allowed the Camellia cipher to become part of the OpenSSL Project, under an open-source license, since November 2006.^[6] It has also allowed it to become part of the Mozilla's NSS (Network Security Services) module.^[7]

Adoption

Support for Camellia was added to the final release of Mozilla Firefox 3 in 2008^[7] (disabled by default as of Firefox 33 in 2014^[8] in spirit of the "Proposal to Change the Default TLS Ciphersuites Offered by Browsers",^[9] and has been dropped from version 37 in 2015^[10]). Pale Moon, a fork of Mozilla/Firefox, continues to offer Camellia and had extended its support to include Galois/Counter mode (GCM) suites with the cipher,^[11] but has removed the GCM modes again with release 27.2.0, citing the apparent lack of interest in them.

Later in 2008, the FreeBSD Release Engineering Team announced that the cipher had also been included in the FreeBSD 6.4-RELEASE. Also, support for the Camellia cipher was added to the disk encryption storage class geli of FreeBSD by Yoshisato Yanagisawa.^[12]

In September 2009, GNU Privacy Guard added support for Camellia in version 1.4.10.^[13]

VeraCrypt (a fork of TrueCrypt) included Camellia as one of its supported encryption algorithms.^[14]

Moreover, various popular security libraries, such as Crypto++, GnuTLS, mbed TLS and OpenSSL also include support for Camellia.

Thales and Bloombase support Camellia encryption cipher with their data cryptography offerings.^[15]

On March 26, 2013, Camellia was announced as having been selected again for adoption in Japan's new e-Government Recommended Ciphers List as the only 128-bit block cipher encryption algorithm developed in Japan. This coincides with the CRYPTREC list being updated for the first time in 10 years. The selection was based on Camellia's high reputation for ease of procurement, and security and performance features comparable to those of the Advanced Encryption Standard (AES). Camellia remains unbroken in its full implementation.^[16] An impossible differential attack on 12-round Camellia without FL/FL⁻¹ layers does exist.^[17]

Performance

The S-boxes used by Camellia share a similar structure to AES's S-box. As a result, it is possible to accelerate Camellia software implementations using CPU instruction sets designed for AES, such as x86 AES-NI or x86 GFNI, by affine isomorphism.^[18][19]

Standardization

Camellia has been certified as a standard cipher by several standardization organizations:^[20]

• CRYPTREC
• NESSIE
• IETF
  • Algorithm
    • Шаблон:IETF RFC: A Description of the Camellia Encryption Algorithm
  • Block cipher mode
    • Шаблон:IETF RFC: Camellia Counter Mode and Camellia Counter with CBC-MAC Mode Algorithms
  • S/MIME
    • Шаблон:IETF RFC: Use of the Camellia Encryption Algorithm in Cryptographic Message Syntax (CMS)
  • XML Encryption
    • Шаблон:IETF RFC: Additional XML Security Uniform Resource Identifiers (URIs)
  • TLS/SSL
    • Шаблон:IETF RFC: Addition of Camellia Cipher Suites to Transport Layer Security (TLS)
    • Шаблон:IETF RFC: Camellia Cipher Suites for TLS
    • Шаблон:IETF RFC: Addition of the Camellia Cipher Suites to Transport Layer Security (TLS)
  • IPsec
    • Шаблон:IETF RFC: The Camellia Cipher Algorithm and Its Use With IPsec
    • Шаблон:IETF RFC: Modes of Operation for Camellia for Use with IPsec
  • Kerberos
    • Шаблон:IETF RFC: Camellia Encryption for Kerberos 5
  • OpenPGP
    • Шаблон:IETF RFC: The Camellia Cipher in OpenPGP
  • RSA-KEM in CMS
    • Шаблон:IETF RFC: Use of the RSA-KEM Key Transport Algorithm in the Cryptographic Message Syntax (CMS)
  • PSKC
    • Шаблон:IETF RFC: Portable Symmetric Key Container (PSKC)
  • Smart grid
    • Шаблон:IETF RFC: Internet Protocols for the Smart Grid
• ISO/IEC
  • ISO/IEC 18033-3:2010 Information technology—Security techniques—Encryption algorithms—Part 3: Block ciphers
• ITU-T
  • Security mechanisms and procedures for NGN (Y.2704)
• RSA Laboratories
  • Approved cipher in the PKCS#11
• TV-Anytime Forum
  • Approved cipher in TV-Anytime Rights Management and Protection Information for Broadcast Applications
  • Approved cipher in Bi-directional Metadata Delivery Protection

References

Шаблон:Reflist

General

• Шаблон:Cite web

• Шаблон:Cite web

• Шаблон:Cite web

External links

• Camellia's English home page by NTT
• 256 bit ciphers – CAMELLIA reference implementation and derived code
• Шаблон:IETF RFC Use of the Camellia Encryption Algorithm in Cryptographic Message Syntax (CMS)
• Шаблон:IETF RFC A Description of the Camellia Encryption Algorithm
• Шаблон:IETF RFC Additional XML Security Uniform Resource Identifiers (URIs)
• Шаблон:IETF RFC Addition of Camellia Cipher Suites to Transport Layer Security (TLS)
• Шаблон:IETF RFC The Camellia Cipher Algorithm and Its Use With IPsec
• Шаблон:IETF RFC Camellia Counter Mode and Camellia Counter with CBC-MAC Mode Algorithms
• Шаблон:IETF RFC Modes of Operation for Camellia for Use with IPsec
• Шаблон:IETF RFC Certification of Camellia Cipher as IETF standard for OpenPGP
• Шаблон:IETF RFC Camellia Cipher Suites for TLS
• Шаблон:IETF RFC Use of the RSA-KEM Key Transport Algorithm in the Cryptographic Message Syntax (CMS)
• Шаблон:IETF RFC Portable Symmetric Key Container (PSKC)
• Шаблон:IETF RFC Internet Protocols for the Smart Grid
• Шаблон:IETF RFC Addition of the Camellia Cipher Suites to Transport Layer Security (TLS)
• ISO/IEC 18033-3:2010 Information technology—Security techniques—Encryption algorithms—Part 3: Block ciphers

Шаблон:Cryptography navbox Шаблон:Mitsubishi Electric

Партнерские ресурсы
Криптовалюты	Обмен криптовалют - www.bestchange.ru Криптовалютная биржа CoinEx Криптовалютная биржа Binance HIVE OS - операционная система для майнинга e4pool - Мультивалютный пул для майнинга.
Магазины	AliExpress — глобальная виртуальная (в Интернете) торговая площадка, предоставляющая возможность покупать товары производителей из КНР; computeruniverse.net - Интернет-магазин компьютеров(Промо код 5 Евро на первую покупку:FWWC3ZKQ);
Хостинг	DigitalOcean - американский провайдер облачных инфраструктур, с главным офисом в Нью-Йорке и с центрами обработки данных по всему миру;
Разное	Викиум - Онлайн-тренажер для мозга Like Центр - Центр поддержки и развития предпринимательства. Gamersbay - лучший магазин по бустингу для World of Warcraft. Ноотропы OmniMind N°1 - Усиливает мозговую активность. Повышает мотивацию. Улучшает память. Санкт-Петербургская школа телевидения - это федеральная сеть образовательных центров, которая имеет филиалы в 37 городах России. Lingualeo.com — интерактивный онлайн-сервис для изучения и практики английского языка в увлекательной игровой форме. Junyschool (Джунискул) – международная школа программирования и дизайна для детей и подростков от 5 до 17 лет, где ученики осваивают компьютерную грамотность, развивают алгоритмическое и креативное мышление, изучают основы программирования и компьютерной графики, создают собственные проекты: игры, сайты, программы, приложения, анимации, 3D-модели, монтируют видео. Умназия - Интерактивные онлайн-курсы и тренажеры для развития мышления детей 6-13 лет SkillBox - это один из лидеров российского рынка онлайн-образования. Среди партнеров Skillbox ведущий разработчик сервисного дизайна AIC, медиа-компания Yoola, первое и самое крупное русскоязычное аналитическое агентство Tagline, онлайн-школа дизайна и иллюстрации Bang! Bang! Education, оператор PR-рынка PACO, студия рисования Draw&Go, агентство performance-маркетинга Ingate, scrum-студия Sibirix, имидж-лаборатория Персона. «Нетология» — это университет по подготовке и дополнительному обучению специалистов в области интернет-маркетинга, управления проектами и продуктами, дизайна, Data Science и разработки. В рамках Нетологии студенты получают ценные теоретические знания от лучших экспертов Рунета, выполняют практические задания на отработку полученных навыков, общаются с экспертами и единомышленниками. Познакомиться со всеми продуктами подробнее можно на сайте https://netology.ru, линейка курсов и профессий постоянно обновляется. StudyBay Brazil – это онлайн биржа для португалоговорящих студентов и авторов! Студент получает уникальную работу любого уровня сложности и больше свободного времени, в то время как у автора появляется дополнительный заработок и бесценный опыт. Автор24 — самая большая в России площадка по написанию учебных работ: контрольные и курсовые работы, дипломы, рефераты, решение задач, отчеты по практике, а так же любой другой вид работы. Сервис сотрудничает с более 70 000 авторов. Более 1 000 000 работ уже выполнено. StudyBay – это онлайн биржа для англоязычных студентов и авторов! Студент получает уникальную работу любого уровня сложности и больше свободного времени, в то время как у автора появляется дополнительный заработок и бесценный опыт.