Spectr-H64

Block cipher

Spectr-H64
General
Designers	N.D. Goots, A.A. Moldovyan and N.A. Moldovyan
First published	2001
Successors	CIKS-1
Cipher detail
Key sizes	256 bits
Block sizes	64 bits
Structure	Feistel-like network
Rounds	12
Best public cryptanalysis
Slide attack using 2¹⁷ chosen plaintexts

In cryptography, Spectr-H64 is a block cipher designed in 2001 by N. D. Goots, A. A. Moldovyan and N. A. Moldovyan. It relies heavily on the permutation of individual bits, so is much better suited to implementation in hardware than in software.

The algorithm has a block size of 64 bits and key size of 256 bits. It uses a 12-round structure in which half of the block determines the transformation of the other half in each round, similar to a Feistel cipher or RC5. This same basic design was repeated in its successor, CIKS-1.

Cryptanalysis

An analysis of Spectr-H64 was presented in 2002 by Selçuk Kavut and Melek D Yücel of the Middle East Technical University, showing a method of using a differential attack to retrieve half of the key bits when a single round is used. Using this method, they then presented a slide attack that requires 2¹⁷ chosen plaintexts to return all key bits on the full 12 rounds.

References

Selçuk Kavut and Melek D. Yücel (2002). Slide Attack on Spectr-H64 (PDF). 3rd International Conference on Cryptology in India (Indocrypt 2002). Springer. doi:10.1007/3-540-36231-2_4. ISBN 9783540002635.

Youngdai Ko; Deukjo Hong; Seokhie Hong; Sangjin Lee & Jongin Lim (2003). "Linear Cryptanalysis on SPECTR-H64 with Higher Order Differential Property". Computer Network Security. Springer. pp. 298–307. doi:10.1007/b12005. ISBN 978-3-540-40797-3. S2CID 40014063.
Youngdai Ko; Changhoon Lee; Seokhie Hong & Sangjin Lee (2004). "Related Key Differential Cryptanalysis of Full-Round SPECTR-H64 and CIKS-1". Information Security and Privacy. Springer. pp. 137–148. doi:10.1007/b98755. ISBN 978-3-540-22379-5. S2CID 33167926.

v t e Block ciphers (security summary)
Common algorithms	AES Blowfish DES (internal mechanics, Triple DES) Serpent SM4 Twofish
Less common algorithms	ARIA Camellia CAST-128 GOST IDEA LEA RC5 RC6 SEED Skipjack TEA XTEA
Other algorithms	3-Way Adiantum Akelarre Anubis Ascon BaseKing BassOmatic BATON BEAR and LION CAST-256 Chiasmus CIKS-1 CIPHERUNICORN-A CIPHERUNICORN-E CLEFIA CMEA Cobra COCONUT98 Crab Cryptomeria/C2 CRYPTON CS-Cipher DEAL DES-X DFC E2 FEAL FEA-M FROG G-DES Grand Cru Hasty Pudding cipher Hierocrypt ICE IDEA NXT Intel Cascade Cipher Iraqi Kalyna KASUMI KeeLoq KHAZAD Khufu and Khafre KN-Cipher Kuznyechik Ladder-DES LOKI (97, 89/91) Lucifer M6 M8 MacGuffin Madryga MAGENTA MARS Mercy MESH MISTY1 MMB MULTI2 MultiSwap New Data Seal NewDES Nimbus NOEKEON NUSH PRESENT Prince Q RC2 REDOC Red Pike S-1 SAFER SAVILLE SC2000 SHACAL SHARK Simon Speck Spectr-H64 Square SXAL/MBAL Threefish Treyfer UES xmx XXTEA Zodiac
Design	Feistel network Key schedule Lai–Massey scheme Product cipher S-box P-box SPN Confusion and diffusion Round Avalanche effect Block size Key size Key whitening (Whitening transformation)
Attack (cryptanalysis)	Brute-force (EFF DES cracker) MITM Biclique attack 3-subset MITM attack Linear (Piling-up lemma) Differential Impossible Truncated Higher-order Differential-linear Distinguishing (Known-key) Integral/Square Boomerang Mod n Related-key Slide Rotational Side-channel Timing Power-monitoring Electromagnetic Acoustic Differential-fault XSL Interpolation Partitioning Rubber-hose Black-bag Davies Rebound Weak key Tau Chi-square Time/memory/data tradeoff
Standardization	AES process CRYPTREC NESSIE
Utilization	Initialization vector Mode of operation Padding

v t e Cryptography
General	History of cryptography Outline of cryptography Cryptographic protocol Authentication protocol Cryptographic primitive Cryptanalysis Cryptocurrency Cryptosystem Cryptographic nonce Cryptovirology Hash function Cryptographic hash function Key derivation function Digital signature Kleptography Key (cryptography) Key exchange Key generator Key schedule Key stretching Keygen Cryptojacking malware Ransomware Random number generation Cryptographically secure pseudorandom number generator (CSPRNG) Pseudorandom noise (PRN) Secure channel Insecure channel Subliminal channel Encryption Decryption End-to-end encryption Harvest now, decrypt later Information-theoretic security Plaintext Codetext Ciphertext Shared secret Trapdoor function Trusted timestamping Key-based routing Onion routing Garlic routing Kademlia Mix network
Mathematics	Cryptographic hash function Block cipher Stream cipher Symmetric-key algorithm Authenticated encryption Public-key cryptography Quantum key distribution Quantum cryptography Post-quantum cryptography Message authentication code Random numbers Steganography
Category