CAST-256
| CAST-256 | |
|---|---|
| developer | Carlisle Adams , Stafford Tavares , Howard Heys , Michael Wiener |
| Released | 1998 |
| Derived from | CAST-128 |
| Key length | 128, 160, 192, 224, or 256 bits |
| Block size | 128 bit |
| structure | Feistel cipher |
| Round | 48 |
| Best known cryptanalysis | |
| As of 2009, no efficient cryptanalysis is publicly known | |
CAST-256 is a block cipher published in 1998 . It represents an extension and improvement of the block cipher CAST-128 . Both are based on the design methods of "CAST" which were developed by Carlisle Adams and Stafford Tavares. CAST-256 is specified in RFC 2612 .
CAST-256 was in the selection process for the Advanced Encryption Standard (AES) and, compared to the winner Rijndael, shows a lower data throughput in implementations both in hardware and in software . CAST-256 was not among the finalists itself.
Like CAST-128, CAST-256 is a Feistel cipher and uses the same round function, in which, among other things, four S-boxes are used. However, it has a different block size of four words of 32 bits each and a number of 48 rounds. In each round, another word is calculated from a data word and 37 key bits, which with another data word XORed is. Valid key lengths are 128, 160, 192, 224 or 256 bits. According to RFC 2612 , CAST-256 can be used worldwide free of charge and license-free in all commercial and non-commercial applications.
Individual evidence
- ↑ NIST Announces Encryption Standard Finalists (PDF file; 24 kB)
Web links
- CAST-256 (engl.)