VEST est un système de chiffrement à flot avec authentification et matériel-dédié et une fonction hachée collision-résistante. La conception de VEST est basée sur un registre à décalage à rétroaction non linéaire bijectif parallèle (PNLFSR) aidé par un compteur non linéaire basé sur un système de nombre à résidu (RNS). Les cinq arbres de famille de VEST sont VEST-4-80, VEST-8-128, VEST-16-160, VEST-32-256 et VEST-64-256. Les systèmes de chiffrement VEST supportent des clefs et IVs de tailles variables et de changement de clé instantané. Tous les systèmes de chiffrement de VEST émettent à chaque tour, et chaque tour prend un cycle d’horloge pour s'exécuter et cela à des fréquences d'horloge très élevées. Les systèmes de chiffrement de VEST sont conçus de sorte que chaque famille produite en utilisant une clef statique de famille puisse être efficacement synthétisée dans le matériel.
High-Level Diagram of VEST's structure
(La traduction en Français de cette page est actuellement en cours de réalisation.)
Structure and operation:
VEST ciphers include four main components: a non-linear counter, a linear counter diffusor, a bijective non-linearly updated core accumulator and a linear output combiner. Authenticated encryption mode also includes ciphertext feedback. The RNS counter consists of sixteen NLFSRs with prime period lengths. The counter diffusor is a set of 5-to-1 linear combiners with feedback compressing outputs of the 16 counters into 10 bits. The core accumulator is a PNLFSR accepting 10 bits of the counter diffusor as input, and the output combiner is a set of 6-to-1 linear combiners.
The core accumulator in VEST ciphers can be seen as a bijective substitution-permutation network constructed using non-linear 6-to-1 feedback functions, one for each bit, all of which are updated simultaneously. It accepts 10 counter bits and in the authenticated encryption mode, the previous-round ciphertext bits as its input. The five least significant bits of the accumulator state are updated by a bijective 5x5 substitution box and are linearly combined with the first five input bits on each round. The next five accumulator bits are linearly combined with the next five input bits and with a non-linear function of four of the next least significant accumulator bits. All other bits in the VEST accumulator state are linearly combined with non-linear functions of five next least significant bits stored in the accumulator state on each round. This substitution operation is followed by a carefully selected permutation of all the bits in the state.
VEST ciphers load keys and IVs gradually unlike most ciphers. Keys are loaded 16 bits per round, taking as many rounds as there are bits in the key. IVs are loaded 8 bits per round, in as many rounds as there are bytes in the IV. Both keying and IV loading processes are further secured with 32 sealing rounds.
During hashing, data is loaded one byte at a time, each bit into one of 8 separate counters, thus feeding the input linearly directly into the core accumulator, as well as into each of the counters and into the counter diffusor, where input bits are linearly and non-linearly combined with all the previous bits by different feedback functions.
In authenticated encryption mode, the ciphertext is fed back into the core accumulator. Independent counters ensure guaranteed minimal period length even under complex adaptive chosen plaintext attacks.
Prior to producing MAC or HASH output, VEST cipher state is again secured by 32 sealing rounds and the MAC or HASH values are returned gradually as cipher output, 4 to 64 bits per round, not revealing any information about the cipher state and not requiring any additional logic.
Performance:
VEST ciphers show high speeds in FPGA and up to 20 Gigabit/s in 130nm ASIC geometries. Our bitslice software implementation performs at speeds comparable to the DES or IDEA in server applications, which is about 3-4 times slower than the AES.
Click here for the complete technical information on the performance of VEST compared to AES in FPGA and ASIC hardware.
