ICEBERG : An Involutional Cipher Efficient for Block Encryption in Reconfigurable Hardware

  • Francois-Xavier Standaert
  • Gilles Piret
  • Gael Rouvroy
  • Jean-Jacques Quisquater
  • Jean-Didier Legat
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3017)


We present a fast involutional block cipher optimized for reconfigurable hardware implementations. ICEBERG uses 64-bit text blocks and 128-bit keys. All components are involutional and allow very efficient combinations of encryption/decryption. Hardware implementations of ICEBERG allow to change the key at every clock cycle without any performance loss and its round keys are derived “on-the-fly” in encryption and decryption modes (no storage of round keys is needed). The resulting design offers better hardware efficiency than other recent 128-key-bit block ciphers. Resistance against side-channel cryptanalysis was also considered as a design criteria for ICEBERG.


block cipher design efficient implementations reconfigurable hardware side-channel resistance 


  1. 1.
  2. 2.
    Daemen, J., Rijmen, V.: The Block Cipher Rijndael. In: Schneier, B., Quisquater, J.-J. (eds.) CARDIS 1998. LNCS, vol. 1820, pp. 288–296. Springer, Heidelberg (2000)Google Scholar
  3. 3.
    Barreto, P., Rijmen, V.: The KHAZAD Legacy-Level Block Cipher, Submission to NESSIE project, available from
  4. 4.
    Matsui, M.: Supporting Document of MISTY1, Submission to NESSIE project, available from
  5. 5.
    Xilinx: Virtex 2 FPGAs Data Sheet,
  6. 6.
    Altera: Stratix 1.5V FPGAs Data Sheet,
  7. 7.
    McLoone, M., McCanny, J.V.: High Performance Single Ship FPGA Rijndael Algorithm Implementations. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 65–76. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  8. 8.
    Fischer, V., Drutarovsky, M.: Two Methods of Rijndael Implementation in Reconfigurable Hardware. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 65–76. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  9. 9.
    Satoh, A., et al.: A Compact Rijndael Hardware Architecture with S-Box Optimization. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 239–254. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  10. 10.
    Helion Technology. High Performance AES (Rijndael) Cores for XILINX FPGA,
  11. 11.
    Standaert, F.X., Rouvroy, G., Quisquater, J.J., Legat, J.D.: Efficient FPGA Implementations of Block Ciphers KHAZAD and MISTY1. In: The proceedings of the Third NESSIE Workshop, Munich, Germany, November 6-7 (2002)Google Scholar
  12. 12.
    Standaert, F.X., Rouvroy, G., Quisquater, J.J., Legat, J.D.: A Methodology to Implement Block Ciphers in Reconfigurable Hardware and its Application to Fast and Compact AES Rijndael. In: The proceedings of FPGA 2003: the Field Programmable Logic Array Conference, Monterey, California, February 23-25 (2003)Google Scholar
  13. 13.
    Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems (Extended abstract). In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 2–21. Springer, Heidelberg (1990)Google Scholar
  14. 14.
    Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1993)Google Scholar
  15. 15.
    Wagner, D.: The Boomerang Attack. In: Knudsen, L.R. (ed.) FSE 1999. LNCS, vol. 1636, pp. 156–170. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  16. 16.
    Biham, E., Dunkelman, O., Keller, N.: The rectangle Attack - Rectangling the Serpent. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 340–357. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  17. 17.
    Kaliski, B.S., Robshaw, M.J.B.: Linear Cryptanalysis using Multiple Approximations. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 26–39. Springer, Heidelberg (1994)Google Scholar
  18. 18.
    Knudsen, L., Robshaw, M.J.B.: Non-Linear Approximations in Linear Cryptanalysis. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 224–236. Springer, Heidelberg (1996)Google Scholar
  19. 19.
    Daemen, J., Knudsen, L., Rijmen, V.: The Block Cipher SQUARE. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 149–165. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  20. 20.
    Ferguson, N., Kelsey, J., Lucks, S., et al.: Improved Cryptanalysis of Rijndael. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 213–230. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  21. 21.
    Knudsen, L.: Truncated and Higher Order Differentials. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 196–211. Springer, Heidelberg (1995)Google Scholar
  22. 22.
    Biham, E., Biryukov, A., Shamir, A.: Cryptanalysis of Skipjack Reduced to 31 Rounds Using Impossible Differentials. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 12–23. Springer, Heidelberg (1999)Google Scholar
  23. 23.
    Biham, E., Biryukov, A., Shamir, A.: Miss in the Middle Attacks on IDEA, Khufu, and Khafre. In: Knudsen, L.R. (ed.) FSE 1999. LNCS, vol. 1636, pp. 124–138. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  24. 24.
    Jakobsen, T., Knudsen, L.: The Interpolation Attack on Block Ciphers. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 28–40. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  25. 25.
    Biryukov, A., Wagner, D.: Slide Attacks. In: Knudsen, L.R. (ed.) FSE 1999. LNCS, vol. 1636, pp. 245–259. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  26. 26.
    Biryukov, A., Wagner, D.: Advanced Slide Attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 589–606. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  27. 27.
    Biham, E.: New Type of Cryptanalytic Attacks Using Related Key. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 229–246. Springer, Heidelberg (1994)Google Scholar
  28. 28.
    Kelsey, J., Schneier, B., Wagner, D.: Related-Key Cryptanalysis of 3-WAY, Biham- DES, CAST, DES-X, NewDES, RC2, and TEA. In: Zheng, Y., Seberry, J. (eds.) AUSCRYPT 1992. LNCS, vol. 718, pp. 196–208. Springer, Heidelberg (1993)Google Scholar
  29. 29.
    Biryukov, A.: Analysis of Involutional Ciphers: Khazad and Anubis. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 45–53. Springer, Heidelberg (2003) (to appear)CrossRefGoogle Scholar
  30. 30.
    Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999)Google Scholar
  31. 31.
    Goubin, L., Patarin, J.: DES and Differential Power Analysis: The Duplication Method. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 158–172. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  32. 32.
    Chari, S., et al.: Towards Sound Approaches to Counteract Power-Analysis Attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999)Google Scholar
  33. 33.
    Chari, S., Rao, J., Rohatgi, P.: Template Attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13–28. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  34. 34.
    Pfitzmann, A., Aβmann, R.: More Efficient Software Implementations of (Generalized) DES, Institut fur Rechnerent und Fehlertoleranz, Univ. Karlsruhe, Interner Bericht 18/90Google Scholar
  35. 35.
    Biham, E.: A Fast New DES Implementation in Software, Technion - Computer Science Department, Technical Report CS0891 - (1997)Google Scholar
  36. 36.
    Youssef, A.M., Tavares, S.E., Heys, H.: A New Class of Substitution-Permutation Networks. In: Proceedings of Selected Areas in Cryptography (SAC 1996), pp. 132-147 (1996)Google Scholar
  37. 37.
    Heys, H.M., Tavares, S.E.: Known Plaintext Cryptanalysis of Tree-Structured Block Ciphers. Electronics Letters 31, 784–785 (1995)CrossRefGoogle Scholar
  38. 38.
    Knudsen, L.: Block Ciphers - Analysis, Design and Applications. Doctoral Dissertation, DAIMI PB 485, Aarhus University, Denmark (1994)Google Scholar
  39. 39.
    Daemen, J.: Cipher and Hash Function Design. Doctoral Dissertation, KULeuven (March 1995)Google Scholar
  40. 40.
    Rijmen, V.: Cryptanalysis and Design of Iterated Block Ciphers. Doctoral Dissertation, KULeuven (October 1997)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Francois-Xavier Standaert
    • 1
  • Gilles Piret
    • 1
  • Gael Rouvroy
    • 1
  • Jean-Jacques Quisquater
    • 1
  • Jean-Didier Legat
    • 1
  1. 1.UCL Crypto Group, Laboratoire de Microelectronique, Universite Catholique de LouvainLouvain-La-NeuveBelgium

Personalised recommendations