Code Deprecation Doesn’t Mean Method Deletion

Meet RC2, RC6, IDEA, TEA, ARIA, Camellia, Blowfish, CAST5 and CAST6

Code Deprecation Doesn’t Mean Method Deletion

Meet RC2, RC6, IDEA, TEA, ARIA, Camellia, Blowfish, CAST5 and CAST6

I remember when I first read about the term “deprecation”, and it surprised me that code could be marked as being ready for future deletion. This marker allows developers to know that they need to move away from a method, and replace it with a new one, or find a new way of doing something.

And, so, in the world of ciphers, we generally have agreed on the best methods around, and have deprecated the old ones. Thus, for symmetric key, the choice is whether you trust NIST or not — with AES or ChaCha20. With public key encryption, we either use RSA and ECIES, and for public key signing, we focus on RSA, ECDSA or EdDSA. With key exchange, it is typically always ECDH.

But, what happened to all those symmetric key methods that existed before NSIT adopted Rijndael as the AES standard? Well, there were DES and 3DES, and they were based on the Fiestel cipher. In fact, 3DES is still alive and kicking and still used in credit card security. And, for CAST5, well, that’s still alive in GPG encryption, and IDEA is still alive in PGP encryption of email. And, so, to celeberate those ciphers who have been pushed off the stage, here they are in all their glory:

  • 3DES and Bouncy Castle (with C#). 3DES and Bouncy Castle (with C#). With DES and 3DES we have a 56-bit or 112-bit encryption key, respectively. Both are block ciphers and based on the Feistel ciphers, with a 64-bit block size.
  • ARIA and Bouncy Castle (with C#). ARIA and Bouncy Castle (with C#). ARIA was designed in 2003 is a block cipher. It uses substitution (S-box) and permutation (P-box) network structure based on AES. As with AES it uses a 128-bit block size, and key sizes of 128 (12 rounds), 192 (14 rounds), or 256 bits (16 rounds). It differs from AES in that it uses two 8×8-bit S-boxes and their inverses for each of the alternate rounds (whereas AES only uses one set of S-boxes).
  • Blowfish and Bouncy Castle (with C#). Blowfish and Bouncy Castle (with C#). Bruce Schneier is a legend in Cybersecurity … possibly one of the most influential people in the industry. He mainly writes books and lectures these days, but at one time he created symmetric key encryption methods. The most famous of these is the Blowfish method. Like DES and 3DES, it uses a 64-bit block size (8 bytes), but unlike DES, it is unpatented [1]. Overall it uses 16 Feistel-like iterations, and where the data input from the 64-bit block is split into two 32-bit words. An important strength of the method is that it can support key sizes up to 448 bits (56 bytes).
  • Camellia and Bouncy Castle (with C#). Camellia and Bouncy Castle (with C#). Camellia is a block cipher created by Mitsubishi and NTT. Overall, it is named after Camellia japonica — which is a Japanese flower that has undulating petals. Like AES, Camellia has a block size of 128 bits (16 bytes), and can use 128-, 192-, and 256-bit encryption keys. It was created by Mitsubishi and NTT and has been approved by the ISO/IEC. Camellia is also efficient for both hardware and software implementations, and is part of the TLS stack.
  • CAST5 and Bouncy Castle (with C#). CAST5 and Bouncy Castle (with C#). CAST5 (or CAST-128) was created by Carlisle Adams and Stafford Tavares in 1996. It defines a symmetric key method that has a 64-bit block size, and key sizes from 40 bits up to 128 bits (in jumps of 8 bits). Typically any key less than 80 bits would be seen as being insecure. It uses a 12- or 16-round Feistel cipher. The 16-round version is used for keys for 80 bits and above. It has been standardized in RFC2612.
  • CAST6 and Bouncy Castle (with C#). CAST6 and Bouncy Castle (with C#). This is an enhancement to CAST6.
  • DES and Bouncy Castle (with C#). DES and Bouncy Castle (with C#). With DES and 3DES we have a 56-bit or 112-bit encryption key, respectively. Both are block ciphers and based on the Feistel ciphers, with a 64-bit block size.
  • IDEA and Bouncy Castle (with C#). IDEA and Bouncy Castle (with C#). Phil Zimmerman used the IDEA (International Data Encryption Algorithm) cipher to build PGP v2.0, and it is still used as an option for the method.
  • RC2 and Bouncy Castle (with C#). RC2 and Bouncy Castle (with C#). With RC2 encryption, we use a 128-bit key and a 64-bit IV value. The two modes supported are ECB (without salt) and CBC (with salt). The block size is 64 bits (eight bytes), and thus the output cipher will be in multiples of eight bytes. In this case we will use PKCS7 padding, and which fills the input data with a value that is equal to the number of padding bytes.
  • RC6 and Bouncy Castle (with C#). RC6 and Bouncy Castle (with C#). RC6 (Rivest Cipher 6) is derived from RC5, and is a symmetric key block cipher [paper]. It was submitted to the NIST Advanced Encryption Standard (AES) competition. it is patented by RSA Security. It uses a block size of 128 bits and has keys sizes of 128, 192, and 256 bits, and then up to 2040-bits.
  • TEA and Bouncy Castle (with C#). TEA and Bouncy Castle (with C#). The Tiny Encryption Algorithm (TEA) is a block cipher and was created by David Wheeler and Roger Needhyam of the Cambridge Computer Laboratory. It has a simple implementation, and with fairly code.