|Cryptome DVDs. Donate
$25 for two DVDs of the Cryptome collection of 47,000 files from June 1996
to January 2009 (~6.9 GB). Click Paypal or mail check/MO made out to John
Young, 251 West 89th Street, New York, NY 10024. The collection includes
all files of cryptome.org, cryptome.info, jya.com, cartome.org,
eyeball-series.org and iraq-kill-maim.org, and
pages of counter-intelligence dossiers declassified by the US Army Information
and Security Command, dating from 1945 to 1985.The DVDs will be sent anywhere
worldwide without extra cost.
Subject: AES Candidate: Serpent
Date: Mon, 15 Jun 1998 18:42:26 +0000
From: Markus Kuhn <Markus.Kuhn@cl.cam.ac.uk>
Ross Anderson, Eli Biham, and Lars Knudsen have designed the Serpent
algorithm as a contribution to the AES contest. The paper is available
An Ada95 reference implementation can be downloaded from
and the full AES submission package with all the NIST required material
is available from
Serpent is a very conservative design heavily based on the experience
with attacking DES in order to make an analysis and review easier.
Serpent has been especially designed to be implementable in the
bit-slice mode that was used in some of the recent DES key-searches.
In case you have seen the old Serpent paper submitted to the 1998 Fast
Software Encryption workshop (Bruce Schneier quoted that one in his
Twofish paper): The final version submitted to NIST has been slightly
modified. The final Serpent version is not using the DES s-boxes any more,
but newly generated ones for which the algorithm that generated them
has been published (to kill NSA DES backdoor theories and give better
safety margins against linear cryptanalysis). The final version also
replaced the interleaved s-box application in the key schedule by a
sequential one to reduce the gate count in hardware implementations.
Serpent uses 32-rounds for a very paranoid level of security, although
the authors consider a (twice as fast) 16 round version to be resistant
against all known attack techniques.
Happy cryptanalysing ...
Markus G. Kuhn, Security Group, Computer Lab, Cambridge University, UK
email: mkuhn at acm.org, home page: <http://www.cl.cam.ac.uk/~mgk25/>