Welcome to Citizendium - the Citizens' Compendium!

See something needing your input? Click here to Join us in providing quality, expert-guided information to the public for free! Wed., May 15: Monthly donation day for May 2013.. Help keep Citizendium online. - Donate here — Special thanks to April 2013 donors: Monthly Donor Honor Roll — Thanks, also, to April 2013 wiki-workers: Monthly Honor Roll of Users Editing the Wiki

From Citizendium, the Citizens' Compendium

DFC or De-correlated Fast Cipher ^{[1] [2] [3]} is a block cipher developed by a French team as a candidate for the AES competition; it did not make it into the finals. Like all AES candidates, it uses 128-bit blocks and supports key sizes of 128, 192 or 256 bits. It is a six-round Feistel cipher using a single 6 by 32 S-box.

This cipher was based on Serge Vaudenay's theoretical work on decorrelation theory. That theory gives methods of constructing ciphers which are provably immune to differential cryptanalysis, linear cryptanalysis, and any other attacks that meet some fairly broad assumptions.

However, some attacks on DFC were found by going outside those assumptions, timing attacks on some implementations ^[4] and a more general attack using a variant of differential analysis ^[5].

References

1. ↑ DFC home page
2. ↑ Decorrelated Fast Cipher: an AES candidate (May 1998), H. Gilbert, M. Girault, P. Hoogvorst, F. Noilhan, T. Pornin, G. Poupard, J. Stern, S. Vaudenay
3. ↑ Louis Granboulan, Phong Q. Nguyen, Fabrice Noilhan, Serge Vaudenay (2000), DFCv2, Springer-Verlag, at 57-71
4. ↑ Ian Harvey (March 1999), The DFC Cipher: An Attack on Careless Implementations, DOI:10.1.1.42.3196
5. ↑ Lars Knudsen & Vincent Rijmen, On the Decorrelated Fast Cipher (DFC) and Its Theory, Springer-Verlag, at pp.81–94