The Salsa20 Family of Stream Ciphers

Bernstein, Daniel J.

doi:10.1007/978-3-540-68351-3_8

Cited by 327 publications

(255 citation statements)

References 9 publications

Supporting

Mentioning

209

Contrasting

Unclassified

Order By: Relevance

“…During signature generation we need to generate two polynomials with random coefficients uniformly distributed in [−k, k]. To obtain these polynomials, we first generate 4 · (n + 16) = 2112 random bytes using the Salsa20 stream cipher [2] and a seed from the Linux kernel random-number generator /dev/urandom. We interprete these bytes as an array of n+16 unsigned 32-bit integers.…”

Section: High-level Optimizationmentioning

confidence: 99%

Software Speed Records for Lattice-Based Signatures

Güneysu

Oder

Pöppelmann

et al. 2013

Post-Quantum Cryptography

View full text Add to dashboard Cite

Abstract. Novel public-key cryptosystems beyond RSA and ECC are urgently required to ensure long-term security in the era of quantum computing. The most critical issue on the construction of such cryptosystems is to achieve security and practicability at the same time. Recently, lattice-based constructions were proposed that combine both properties, such as the lattice-based digital signature scheme presented at CHES 2012. In this work, we present a first highly-optimized SIMD-based software implementation of that signature scheme targeting Intel's Sandy Bridge and Ivy Bridge microarchitectures. This software computes a signature in only 634988 cycles on average on an Intel Core i5-3210M (Ivy Bridge) processor. Signature verification takes only 45036 cycles. This performance is achieved with full protection against timing attacks.

show abstract

Section: High-level Optimizationmentioning

confidence: 99%

Software Speed Records for Lattice-Based Signatures

Güneysu

Oder

Pöppelmann

et al. 2013

Post-Quantum Cryptography

View full text Add to dashboard Cite

show abstract

“…It utilizes the PBKDF2 and the stream cipher Salsa [30] and uses arbitrarily large amounts of memory. scrypt is the most resistant widely-used scheme.…”

Section: Password Hashing Competitionmentioning

confidence: 99%

Lightweight Password Hashing Scheme for Embedded Systems

Hatzivasilis

Papaefstathiou

Manifavas

et al. 2015

Information Security Theory and Practice

View full text Add to dashboard Cite

Abstract. Passwords constitute the main mean for authentication in computer systems. In order to maintain the user-related information at the service provider end, password hashing schemes (PHS) are utilized. The limited and old-fashioned solutions led the international cryptographic community to conduct the Password Hashing Competition (PHC). The competition will propose a small portfolio of schemes suitable for widespread usage until 2015. Embedded systems form a special application domain, utilizing devices with inherent computational limitations. Lightweight cryptography focuses in designing schemes for such devices and targets moderate levels of security. In this paper, a lightweight poly PHS suitable for lightweight cryptography is presented. At first, we design two lightweight versions of the PHC schemes Catena and PolyPassHash. Then, we integrate them and implement the proposed scheme -called LightPolyPHS. The schemes are applied on a MANET with BeagleBone embedded devices and a fair comparison with similar proposals on mainstream computer is presented.

show abstract

“…The quarter-round function of Salsa20 is also an example of a non-linear recursive diffusion layer [1].…”

Section: Definitionmentioning

confidence: 99%

Recursive Diffusion Layers for Block Ciphers and Hash Functions

Sajadieh

Dakhilalian

Mala

et al. 2012

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Many modern block ciphers use maximum distance separable (MDS) matrices as the main part of their diffusion layers. In this paper, we propose a new class of diffusion layers constructed from several rounds of Feistel-like structures whose round functions are linear. We investigate the requirements of the underlying linear functions to achieve the maximal branch number for the proposed 4 × 4 words diffusion layer. The proposed diffusion layers only require word-level XORs, rotations, and they have simple inverses. They can be replaced in the diffusion layer of the block ciphers MMB and Hierocrypt to increase their security and performance, respectively. Finally, we try to extend our results for up to 8 × 8 words diffusion layers.

show abstract

The Salsa20 Family of Stream Ciphers

Cited by 327 publications

References 9 publications

Software Speed Records for Lattice-Based Signatures

Software Speed Records for Lattice-Based Signatures

Lightweight Password Hashing Scheme for Embedded Systems

Recursive Diffusion Layers for Block Ciphers and Hash Functions

Contact Info

Product

Resources

About