High speed cryptography for network and disk encryption applications

In this thesis, new ideas in cryptography, cryptanalysis and designing high speed secure applications are presented. The Advanced Encryption Standard (AES) is used to demonstrate these ideas. In the eld of cryptography, new encryption models are proposed. In the eld of cryptanalysis, a secure key schedule for AES is presented together with new generalized attacks. These generalized attacks are applied on AES. The proposed encryption models are used to design and develop new network encryption schemes and new modes of operation dedicated to disk encryption applications. Three new encryption models are proposed. All the proposed models share a main idea, which is splitting the encryption key into a primary and a secondary key. The secondary key together with the primary key are used to determine how the plaintext will be encrypted. The main functionality of the secondary key is to change the way the block cipher behaves, in other words by encrypting two identical plaintexts with the same primary key but two di erent secondary keys, the result is two di erent ciphertexts. The guidelines to use these models securely are also presented and the possibility to combine these models with each other is discussed. In order to increase the security of the proposed encryption models, a generalized secure key schedule for block ciphers is proposed. This key schedule uses a secure cipher in the counter mode, and eliminates related-key attacks. It also increases the complexity of the exhaustive key search attack. Additionally, new ideas in cryptanalysis are proposed, which can improve some chosen plaintext, chosen ciphertext, chosen plaintext-adaptive chosen ciphertext and chosen ciphertext-adaptive chosen plaintext attacks. Using these new ideas, attacks on 5and 6-round AES are mounted; to the best of the author's knowledge, these attacks use the least amount of chosen plaintext in the literature to attack 5and 6-round AES. To demonstrate the usage of the proposed encryption models in realistic scenarios, new network encryption schemes and disk encryption modes of operation are developed. These network encryption schemes allow a higher throughput than the current solutions. Furthermore, these schemes require much lower memory, which increases the number of concurrent clients a server can serve. For disk encryption applications, several new encryption modes of operation are developed and some of the current modes of operation are improved. These new modes of operation o er a higher throughput in accessing disks than current solutions.