The project's main goal is to put forward a comprehensive ensemble of recommended cryptographic algorithms and suitable modes of use that meet the various security and performance requirements of IBC.
The main aim of the research was to put forward a comprehensive ensemble of recommended cryptographic algorithms and suitable modes of use that meet the various security and performance requirements of integrated broadband communications (IBC). The central issued considered use:
the requirements for integrity algorithms;
the cryptographic strength and efficiency of those algorithms.
The research resulted in the following achievements:
received algorithms were discussed with the original submitters and brought into conformance with requirements;
the original set of basic software tools has been upgraded and adjusted (ie they were generalized and extended to meet new requirements);
several ad hoc tools were implemented, tested and applied for use in the functional evaluation;
taxonomies of integrity primitives have been developed for modes of use;
a survey of hardware and software performance of integrity primitive implementations has been produced.
Rather than developing new algorithms, two successive rounds of calls for algorithms have been made, and the algorithms submitted in response to these calls was evaluated. The cryptographic strength of the algorithms is being evaluated competitively and cooperatively by the partners, using simulation, statistical analysis and analytical methods. The project has liaised with the original submitters of algorithms, to invite them to submit improved versions of their algorithms in a second call.
The final report of the project will include: a list of selected algorithms; precise specifications for these and their recommended modes of use; evaluation of their security; estimates for their performance over a range of hardware and software implementations; leading to further recommendations on their applicability.
- Requirements for integrity algorithms.
- Cryptographic strength and efficiency of algorithms.
- Received algorithms were discussed with the original submitters, and brought into conformance with requirements.
- A second rounds of submissions has been procured (by invitation) to complete the scope of algorithms foreseen.
- The original set of basic tools have been upgraded and adjusted, ie they were generalised, extended and otherwise improved to meet new requirements that emerged.
- Several ad hoc tools were implemented, tested and applied for use in the functional evaluation.
- Submissions were evaluated and classified into three groups (1) rejected during the first screening for major functional flaws (2) those for which sufficient weakness for rejection were uncovered during functional evaluation; and (3) those showing significant potential but requiring modification for further specification
- Updated versions have been procured of those first round submissions that showed significant potential but required modification.
- Taxonomies of integrity primitives have been developed for 'modes of use', and the promising submissions located within them.
- A survey of hardware and software performance of integrity primitive implementations has been produced.
The main impact will come from the availability of a family of recommended security primitives, to projects with specific security needs. These primitives are the essential building blocks used in the implementation of any secured network system.