CAST is a design procedure for symmetric cryptosystems developed by C. Adams and S. Tavares in 1993 [1, 2]. In accordance with this procedure, a series of DES-like block ciphers was produced (see Data Encryption Standard (DES)), the most widespread being the 64-bit block cipher CAST-128. The latest member of the family, the 128-bit block cipher CAST-256, was designed in 1998 and submitted as a candidate for the Advanced Encryption Standard (see Rijndael/AES).
All CAST algorithms are based on a Feistel cipher (a generalized Feistel network in the case of CAST-256). A distinguishing feature of the CAST ciphers is the particular construction of the f-function used in each Feistel round. The general structure of this function is depicted in Figure 1. The data entering the f-function is first combined with a subkey and then split into a number of pieces. Each piece is fed into a separate expanding S-box based on bent functions (see nonlinearity of Boolean functions). Finally, the output...
This is a preview of subscription content, log in via an institution.
References
Adams C.M. (1997). “Constructing symmetric ciphers using the CAST design procedure.” Designs, Codes and Cryptography, 12 (3), 283–316.
Adams, C.M. and Tavares S.E. (1993). “Designing S-boxes for ciphers resistant to differential cryptanalysis.” Proceedings of the 3rd Symposium on State and Progress of Research in Cryptography, ed. W. Wolfowicz. Fondazione Ugo Bordoni, 181–190.
Kelsey, J., B. Schneier, and D. Wagner (1997). “Related-key cryptanalysis of 3-WAY, Biham-DES, CAST, DES-X, NewDES, RC2, and TEA.” International Conference on Information and Communications Security, ICICS'97, Lecture Notes in Computer Science, vol. 1334, eds. Y. Han, T. Okamoto, and S. Qing. Springer-Verlag, Berlin, 233–246.
Moriai, S., T. Shimoyama, and T. Kaneko (1998). “Higher order differential attack of CAST cipher.” Fast Software Encryption, FSE'98, Lecture Notes in Computer Science, vol. 1372, ed. S. Vaudenay. Springer-Verlag, Berlin, 17–31.
Rijmen, V., B. Preneel, and E. De Win (1997). “On weaknesses of non-surjective round functions.” Designs, Codes, and Cryptography, 12 (3), 253–266.
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 International Federation for Information Processing
About this entry
Cite this entry
De Cannière, C. (2005). CAST. In: van Tilborg, H.C.A. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA . https://doi.org/10.1007/0-387-23483-7_45
Download citation
DOI: https://doi.org/10.1007/0-387-23483-7_45
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-23473-1
Online ISBN: 978-0-387-23483-0
eBook Packages: Computer ScienceReference Module Computer Science and Engineering