last updated: April 14, 2003


japanese cryptrec.png (6153 bytes)

Prompt Report on Submitted Cryptographic Algorithms FY2001
(Provisional Translation)

Addition of "cryptographic algorithms considered to be evaluated"

November 5, 2001
CRYPTREC Evaluation Committee

Regarding the submissions in response to the call for cryptographic techniques in this fiscal year, we announce that these submissions are decided as follows.

Category Name Status
Asymmetric Key Techniques Confidential ECIES (Elliptic Curve Integrated Encryption Scheme) in SEC1 under evaluation
http://www.labs.fujitsu.com/theme/crypto/public_key2001.html
EPOC-2 under evaluation
http://info.isl.ntt.co.jp/
HIME(R)
(High Performance Modular Squaring Based Public Key Encryption (Revised version))
under screening evaluation
http://www.sdl.hitachi.co.jp/crypto/
NTRU public key cryptosystem under screening evaluation
http://www.ntru.co.jp
http://www.ntru.com
RSA Public-Key Cryptosystem with Optimal Asymmetric Encryption Padding
(RSA-OAEP)
under evaluation
http://www.rsasecurity.com/rsalabs/submissions/index.html
Signature ECDSA (Elliptic Curve Digital Signature Algorithm) in SEC1 under evaluation
http://www.labs.fujitsu.com/en/techinfo/crypto/ecc/index.html
ESIGN under evaluation
http://info.isl.ntt.co.jp/
OK-ECDSA under screening evaluation
http://www.sdl.hitachi.co.jp/crypto/ok-ecdsa/index-j.html
RSA Public-Key Cryptosystem with Probabilistic Signature Scheme (RSA-PSS) under evaluation
http://www.rsasecurity.com/rsalabs/submissions/index.html
Key Agreement Common private Complex Key System Because of the following reasons, this submission was considered that to achieve interoperability and to implement it on various platforms are difficult and do not realize the function of key agreement under reasonable security. Thus, we decided not to continue evaluating it.
  • Infinite bit length is required for representing data, because of the treatment of real numbers.
  • Public information and communicated information easily reveal the secret information and shared key.
ECDH (Elliptic Curve Diffie-Hellman Scheme) in SEC1 under evaluation
http://www.labs.fujitsu.com/en/techinfo/crypto/ecc/index.html
OK-ECDH under screening evaluation
http://www.sdl.hitachi.co.jp/crypto/ok-ecdh/index-j.html
PSEC-KEM Key agreement under screening evaluation
http://info.isl.ntt.co.jp/
Others The Security System for Information Telecommunication using the unconditional secrecy technology Because of the following reasons, we decided not to do more evaluation.
  • Since the submission documents only describe a development plan for required specification and lack detailed technique, we basically cannot evaluate it.
  • The reason why the random compression seems "onewayness" is that the information needed to recover preimage from the image collapses. For example, there is no reason that the submission is superior than collision resistant hash functions. Moreover, there is no reasonable reason that the 24x24 matrix is proper.
  • There is no information how to efficiently construct the disturbance signal. Moreover, there is no reason that the disturbance is effective.
Security-up for Kana Kanji System Applied Mathematics Using Magic Squares Because of the following reasons, we decided not to do more evaluation.
  • The submission basically cannot be evaluated, because the submission documents only explain the act and function of submitted program and no description of principle of function and algorithm exist.
  • The basis of security described in the submission documents is not reasonable.
  • To begin with, we cannot recognize that the submission is an asymmetric cryptographic technique.
Symmetric Key Techniques 64-bit CIPHERUNICORN-E under evaluation
http://www.hnes.co.jp/products/security/index.html
Hierocrypt-L1 under evaluation
http://www.toshiba.co.jp/rdc/security/hierocrypt
MISTY1 under evaluation
http://www.security.melco.co.jp/misty
128-bit Camellia under evaluation
http://info.isl.ntt.co.jp/camellia/
CIPHERUNICORN-A under evaluation
http://www.hnes.co.jp/products/security/index.html
Hierocrypt-3 under evaluation
http://www.toshiba.co.jp/rdc/security/hierocrypt
RC6 Block Cipher under evaluation
http://www.rsasecurity.com/rsalabs/submissions/index.html
SC2000 under evaluation
http://www.labs.fujitsu.com/en/techinfo/crypto/sc2000/index.html
Stream C4-1 Because of the following reasons, we decided not to do more evaluation.
  • The submission documents do not describe the information that can make a third person implement your cryptographic technique.
  • The body of submitted cryptographic technique does not exist in the reference program. Thus, we decided that you do not provided enough documents for our evaluation.
FSAngo Because of the following reasons, we decided not to do more evaluation.
  • The submission documents do not include the text file (source program) of the reference program, and test vector generation program which is indispensable for our evaluation.
MUGI under screening evaluation
http://www.sdl.hitachi.co.jp/crypto/mugi/
MULTI-S01 under evaluation
http://www.sdl.hitachi.co.jp/crypto/s01/index-j.html
Pseudorandom Number Generator Creation of intrinsic random numbers with Clutter Box Because of the following reasons, we decided not to do more evaluation.
  • It is difficult to evaluate the submission based on the submission documents, because the submission requires a special hardware device.
  • The submission documents do not include enough algorithm information for random number generation.
FSRansu Because of the following reasons, we decided not to do more evaluation.
  • The submission documents do not include the text file (source program) of the reference program, and test vector generation program which is indispensable for our evaluation.
High security ultra mini random number generator Because of the following reasons, we decided not to do more evaluation.
  • It is difficult to evaluate the submission based on the submission documents, because the submission requires a special hardware device.
  • Because the reference program only observes series of random numbers, the submission documents do not satisfy the condition of our evaluation.
TAO TIME Cognition Algorithm under screening evaluation
http://www.jcn9000.co.jp

Cryptographic algorithms considered to be evaluated

Category Name References
Asymmetric Key Techniques Signature RSA PKCS#1 RSA Cryptography Standard (Ver.2.0)
http://www.rsasecurity.com/rsalabs/pkcs/pkcs-1/index.html
ECDSA defined in ANSI X9.62 (can be obtained from http://www.x9.org/)
DSA defined in ANSI X9.30 Part 1 (can be obtained from http://www.x9.org/) or
http://csrc.nist.gov/encryption/tkdigsigs.html
Key Agreement DH W. Diffie and M. E. Hellman, "New Directions in Cryptography,"
IEEE Transactions on Information Theory, vol. IT-22, pp. 644-654, Nov. 1976
or refer Section 4.4.18 DH in CRYPTREC Report 2000
Symmetric Key Techniques 64-bit block cipher Triple DES http://csrc.nist.gov/encryption/tkencryption.html
RC2 http://www.ietf.org/rfc/rfc2268.txt
128-bit block cipher AES http://csrc.nist.gov/encryption/aes/
SEED http://www.kisa.or.kr/seed/index.html
Stream RC4 (*) RC4 is defined in the following reference:
S. Fluhrer, I. Mantin, and A. Shamir, "Weaknesses in the Key Scheduling Algorithm of RC4," Lecture Notes in Computer Science 2259, pp.1-24, Springer-Verlag, 2001
Hash Function RIPEMD-160 http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html
SHA-1 http://csrc.nist.gov/encryption/tkhash.html
draft SHA-256
draft SHA-384
draft SHA-512
http://csrc.nist.gov/encryption/tkhash.html
Pseudorandom Number Generator PRNG based on SHA-1 http://csrc.nist.gov/encryption/tkrng.html
Surveys SSL/TLS SSL3.0
http://home.netscape.com/eng/ssl3
TLS 1.0
http://www.ietf.org/html.charters/tls-charter.html
(*): The RC4 evaluation by CRYPTREC was already confirmed by RSA Security Inc.