General | |
---|---|
Designers | Fujitsu |
First published | 2000 |
Certification | CRYPTREC (Candidate) |
Cipher detail | |
Key sizes | 128, 192, or 256 bits |
Block sizes | 128 bits |
Structure | combination SPN and Feistel network |
Rounds | 6.5 or 7.5 |
Best public cryptanalysis | |
Differential and linear attacks exist against SC2000 reduced to 4.5 rounds |
In cryptography, SC2000 is a block cipher invented by a research group at Fujitsu Labs. It was submitted to the NESSIE project, but was not selected. It was among the cryptographic techniques recommended for Japanese government use by CRYPTREC in 2003, however, has been dropped to "candidate" by CRYPTREC revision in 2013.
The algorithm uses a key size of 128, 192, or 256 bits. It operates on blocks of 128 bits using 6.5 or 7.5 rounds of encryption. Each round consists of S-box lookups, key additions, and an unkeyed two-round Feistel network. There are 3 S-boxes: a 4×4-bit one used at the beginning of each round, and a 5×5-bit one and 6×6-bit one used in the Feistel network.
No analysis of the full SC2000 has been announced, but a reduced version of 4.5 rounds is susceptible to linear cryptanalysis, and a reduced version of 5 rounds is susceptible to differential cryptanalysis.
In 2014 Alex Biryukov and Ivica Nikolić found a weakness in the key schedule of SC2000 which allows an attacker to find colliding keys which result in identical encryptions in just 239 time for 256 bit keys. They proved that there are 268 colliding key pairs and the whole set can be found in 258 time.