Login
Login

ESTREAM

{{Short description|Project to identify new stream ciphers for widespread adoption}}

{{Multiple issues|

{{primary sources|date=April 2015}}

{{technical|date=June 2023}}

{{Notability|date=June 2023}}

}}

{{lowercase title|title=eSTREAM}}

eSTREAM is a project to "identify new stream ciphers suitable for widespread adoption",{{cite web |url=http://www.ecrypt.eu.org/stream/call/ |title=ECRYPT Call for Stream Cipher Primitives |edition=version 1.3 |date=12 April 2005 |access-date=2 April 2014 |archive-date=17 July 2012 |archive-url=https://web.archive.org/web/20120717061847/http://www.ecrypt.eu.org/stream/call/ |url-status=dead }}{{cite web |author1=Vincent Rijmen |date=2010-01-01 |title=Stream Ciphers and the eSTREAM Project |url=https://www.isecure-journal.com/article_39173_a7fab575ea1ea7b6dffe12d5a226ced8.pdf }} organised by the EU ECRYPT network. It was set up as a result of the failure of all six stream ciphers submitted to the NESSIE project. The call for primitives was first issued in November 2004. The project was completed in April 2008. The project was divided into separate phases and the project goal was to find algorithms suitable for different application profiles.

Profiles

The submissions to eSTREAM fall into either or both of two profiles:

  • Profile 1: "Stream ciphers for software applications with high throughput requirements"
  • Profile 2: "Stream ciphers for hardware applications with restricted resources such as limited storage, gate count, or power consumption."

Both profiles contain an "A" subcategory (1A and 2A) with ciphers that also provide authentication in addition to encryption. In Phase 3 none of the ciphers providing authentication are being considered (The NLS cipher had authentication removed from it to improve its performance).

eSTREAM portfolio

{{As of|2011|09}} the following ciphers make up the eSTREAM portfolio:{{Cite web|url=http://www.ecrypt.eu.org/stream/portfolio_revision1.pdf|title=The eSTREAM Portfolio (rev. 1)|access-date=2008-10-01|archive-date=2012-08-13|archive-url=https://web.archive.org/web/20120813111955/http://www.ecrypt.eu.org/stream/portfolio_revision1.pdf|url-status=dead}}

class="wikitable"

! Profile 1 (software)

! Profile 2 (hardware)

HC-128 [http://www.ecrypt.eu.org/stream/hcpf.html] {{Webarchive|url=https://web.archive.org/web/20120701140440/http://www.ecrypt.eu.org/stream/hcpf.html |date=2012-07-01 }}

| Grain [http://www.ecrypt.eu.org/stream/grainpf.html] {{Webarchive|url=https://web.archive.org/web/20081006130843/http://www.ecrypt.eu.org/stream/grainpf.html |date=2008-10-06 }}

Rabbit [http://www.ecrypt.eu.org/stream/rabbitpf.html] {{Webarchive|url=https://web.archive.org/web/20120613193629/http://www.ecrypt.eu.org/stream/rabbitpf.html |date=2012-06-13 }}

| MICKEY [http://www.ecrypt.eu.org/stream/mickeypf.html] {{Webarchive|url=https://web.archive.org/web/20120701140451/http://www.ecrypt.eu.org/stream/mickeypf.html |date=2012-07-01 }}

Salsa20/12 [http://www.ecrypt.eu.org/stream/salsa20pf.html] {{Webarchive|url=https://web.archive.org/web/20160405085821/http://www.ecrypt.eu.org/stream/salsa20pf.html |date=2016-04-05 }}

| Trivium [http://www.ecrypt.eu.org/stream/triviumpf.html] {{Webarchive|url=https://web.archive.org/web/20150923233518/http://www.ecrypt.eu.org/stream/triviumpf.html |date=2015-09-23 }}

SOSEMANUK [http://www.ecrypt.eu.org/stream/sosemanukpf.html] {{Webarchive|url=https://web.archive.org/web/20120414020956/http://www.ecrypt.eu.org/stream/sosemanukpf.html |date=2012-04-14 }}

|

These are all free for any use. Rabbit was the only one that had a patent pending during the eStream competition, but it was released into the public domain in October 2008.

The original portfolio, published at the end of Phase 3, consisted of the above ciphers plus F-FCSR which was in Profile 2.{{Cite web|url=https://www.ecrypt.eu.org/stream/phase3ip.html|title=The eSTREAM Project - eSTREAM Phase 3|website=www.ecrypt.eu.org}} However, cryptanalysis of F-FCSR M. Hell and T. Johansson. Breaking the F-FCSR-H stream cipher in Real Time.

In J. Pieprzyk, editor, Proceedings of Asiacrypt 2008, Lecture Notes in Computer

Science, to appear. led to a revision of the portfolio in September 2008 which removed that cipher.

Phases

=Phase 1=

Phase 1 included a general analysis of all submissions with the purpose of selecting a subset of the submitted designs for further scrutiny. The designs were scrutinized based on criteria of security, performance (with respect to the block cipher AES—a US Government approved standard, as well as the other candidates), simplicity and flexibility, justification and supporting analysis, and clarity and completeness of the documentation. Submissions in Profile 1 were only accepted if they demonstrated software performance superior to AES-128 in counter mode.

Activities in Phase 1 included a large amount of analysis and presentations of analysis results as well as discussion. The project also developed a framework for testing the performance of the candidates. The framework was then used to benchmark the candidates on a wide variety of systems.

On 27 March 2006, the eSTREAM project officially announced the end of Phase 1.

=Phase 2=

On 1 August 2006, Phase 2 was officially started. For each of the profiles, a number of algorithms has been selected to be Focus Phase 2 algorithms. These are designs that eSTREAM finds of particular interest and encourages more cryptanalysis and performance evaluation on these algorithms. Additionally a number of algorithms for each profile are accepted as Phase 2 algorithms, meaning that they are still valid as eSTREAM candidates. The Focus 2 candidates will be re-classified every six months.

=Phase 3=

Phase 3 started in April 2007. Candidates for Profile 1 (software) were:

{{div col|colwidth=20em}}

{{div col end}}

Candidates for Profile 2 (hardware) were:

{{div col|colwidth=20em}}

{{div col end}}

Phase 3 ended on 15 April 2008, with the announcement of the candidates that had been selected for the final eSTREAM portfolio. The selected algorithms were:

  • For Profile 1: HC-128, Rabbit, Salsa20/12, and SOSEMANUK.
  • For Profile 2: F-FCSR-H v2, Grain v1, Mickey v2, and Trivium.

Submissions

class="wikitable"

! Key

!

P

| In the eSTREAM profile

P

| Formerly in the eSTREAM profile

3

| A "Phase 3" cipher

F

| a "Focus Phase 2" cipher

2

| A "Phase 2" cipher

A

| An "archived" cipher

M

| Includes a MAC

pat

| Patented or patent pending; some uses require a license

pat

| Was pat, now free for any use

=In eSTREAM portfolio=

The eSTREAM portfolio ciphers are, {{As of|2012|01|lc=on}}:{{cite web |url=http://www.ecrypt.eu.org/documents/D.SYM.10-v1.pdf |title=ECRYPT II |access-date=23 March 2013 |url-status=dead |archive-url=https://web.archive.org/web/20121018114400/http://www.ecrypt.eu.org/documents/D.SYM.10-v1.pdf |archive-date=18 October 2012 }}

class="wikitable"
Profile 1
(software)		Profile 2
(hardware)
128-bit key80-bit key
HC-128Grain v1
RabbitMICKEY 2.0
Salsa20/12Trivium
SOSEMANUK-

Versions of the eSTREAM portfolio ciphers that support extended key lengths:

class="wikitable"
Profile 1
(software)		Profile 2
(hardware)
256-bit key128-bit key
HC-256-
-MICKEY-128 2.0
Salsa20/12-
--

Note that the 128-bit version of Grain v1 is no longer supported by its designers and has been replaced by Grain-128a. Grain-128a is not considered to be part of the eSTREAM portfolio.

{{As of|2008|12}}:

class="wikitable"

! Cipher

! eSTREAM
webpage

! Profile 1
(software)

! Profile 2
(hardware)

! Properties

! Submitters

Grain

| [http://www.ecrypt.eu.org/stream/grainp3.html] {{Webarchive|url=https://web.archive.org/web/20120701140433/http://www.ecrypt.eu.org/stream/grainp3.html |date=2012-07-01 }}

|

| PF

|

| Martin Hell, Thomas Johansson and Willi Meier

HC-256 (HC-128, HC-256)

| [http://www.ecrypt.eu.org/stream/hcp3.html] {{Webarchive|url=https://web.archive.org/web/20120701135853/http://www.ecrypt.eu.org/stream/hcp3.html |date=2012-07-01 }}

| PF

|

|

| Hongjun Wu

MICKEY (MICKEY 2.0, MICKEY-128 2.0)

| [http://www.ecrypt.eu.org/stream/mickeyp3.html] {{Webarchive|url=https://web.archive.org/web/20120701135340/http://www.ecrypt.eu.org/stream/mickeyp3.html |date=2012-07-01 }}

|

| PF

|

| Steve Babbage and Matthew Dodd

Rabbit

| [http://www.ecrypt.eu.org/stream/rabbitp3.html] {{Webarchive|url=https://web.archive.org/web/20120701140030/http://www.ecrypt.eu.org/stream/rabbitp3.html |date=2012-07-01 }}

| P

| 2

| pat[http://www.ecrypt.eu.org/stream/phorum/read.php?1,1244 Archived copy] {{Webarchive|url=https://web.archive.org/web/20090630021733/http://www.ecrypt.eu.org/stream/phorum/read.php?1,1244 |date=2009-06-30 }}

| Martin Boesgaard, Mette Vesterager, Thomas Christensen and Erik Zenner

Salsa20

| [http://www.ecrypt.eu.org/stream/salsa20p3.html] {{Webarchive|url=https://web.archive.org/web/20120701135350/http://www.ecrypt.eu.org/stream/salsa20p3.html |date=2012-07-01 }}

| PF

| 2

|

| Daniel J. Bernstein

SOSEMANUK

| [http://www.ecrypt.eu.org/stream/sosemanukp3.html] {{Webarchive|url=https://web.archive.org/web/20120701135600/http://www.ecrypt.eu.org/stream/sosemanukp3.html |date=2012-07-01 }}

| P

|

|

| Come Berbain, Olivier Billet, Anne Canteaut,
Nicolas Courtois, Henri Gilbert, Louis Goubin,
Aline Gouget, Louis Granboulan, Cédric Lauradoux,
Marine Minier, Thomas Pornin and Hervé Sibert

Trivium

| [http://www.ecrypt.eu.org/stream/triviump3.html] {{Webarchive|url=https://web.archive.org/web/20120626221741/http://www.ecrypt.eu.org/stream/triviump3.html |date=2012-06-26 }}

|

| PF

|

| Christophe De Cannière and Bart Preneel

=No longer in eSTREAM portfolio=

This cipher was in the original portfolio but was removed in revision 1, published in September 2008.

class="wikitable"

! Cipher

! eSTREAM
webpage

! Profile 1
(software)

! Profile 2
(hardware)

! Properties

! Submitters

F-FCSR (F-FCSR-H v2, F-FCSR-16)

| [http://www.ecrypt.eu.org/stream/ffcsrp3.html] {{Webarchive|url=https://web.archive.org/web/20120701135335/http://www.ecrypt.eu.org/stream/ffcsrp3.html |date=2012-07-01 }}

|

| P

|

| Thierry Berger, François Arnault and Cédric Lauradoux

=Selected as Phase 3 candidates but not for the portfolio=

class="wikitable"

! Cipher

! eSTREAM
webpage

! Profile 1
(software)

! Profile 2
(hardware)

! Properties

! Submitters

CryptMT (version 3)

| [http://www.ecrypt.eu.org/stream/cryptmtp3.html] {{Webarchive|url=https://web.archive.org/web/20120618143122/http://www.ecrypt.eu.org/stream/cryptmtp3.html |date=2012-06-18 }}

| 3

|

| pat

| Makoto Matsumoto, Hagita Mariko, Takuji Nishimura
and Matsuo Saito

DECIM (DECIM v2, DECIM-128)

| [http://www.ecrypt.eu.org/stream/decimp3.html] {{Webarchive|url=https://web.archive.org/web/20120701135843/http://www.ecrypt.eu.org/stream/decimp3.html |date=2012-07-01 }}

|

| 3

| pat

| Come Berbain, Olivier Billet, Anne Canteaut,
Nicolas Courtois, Blandine Debraize, Henri Gilbert,
Louis Goubin, Aline Gouget, Louis Granboulan,
Cédric Lauradoux, Marine Minier, Thomas Pornin
and Hervé Sibert

Dragon

| [http://www.ecrypt.eu.org/stream/dragonp3.html] {{Webarchive|url=https://web.archive.org/web/20120701140428/http://www.ecrypt.eu.org/stream/dragonp3.html |date=2012-07-01 }}

| 3F

|

|

| Ed Dawson, Kevin Chen, Matt Henricksen,
William Millan, Leonie Simpson, HoonJae Lee,
SangJae Moon

Edon80

| [http://www.ecrypt.eu.org/stream/edon80p3.html] {{Webarchive|url=https://web.archive.org/web/20120904120421/http://www.ecrypt.eu.org/stream/edon80p3.html |date=2012-09-04 }}

|

| 3

|

| Danilo Gligoroski, Smile Markovski, Ljupco Kocarev
and Marjan Gusev

LEX

| [http://www.ecrypt.eu.org/stream/lexp3.html] {{Webarchive|url=https://web.archive.org/web/20120701135905/http://www.ecrypt.eu.org/stream/lexp3.html |date=2012-07-01 }}

| 3F

| 2

|

| Alex Biryukov

MOSQUITO (aka Moustique)

| [http://www.ecrypt.eu.org/stream/mosquitop3.html] {{Webarchive|url=https://web.archive.org/web/20120701135550/http://www.ecrypt.eu.org/stream/mosquitop3.html |date=2012-07-01 }}

|

| 3

|

| Joan Daemen and Paris Kitsos

NLS (NLSv2, encryption-only)

| [http://www.ecrypt.eu.org/stream/nlsp3.html] {{Webarchive|url=https://web.archive.org/web/20120701135345/http://www.ecrypt.eu.org/stream/nlsp3.html |date=2012-07-01 }}

| 3

|

|

| Gregory Rose, Philip Hawkes, Michael Paddon
and Miriam Wiggers de Vries

Pomaranch (version 3)

| [http://www.ecrypt.eu.org/stream/pomaranchp3.html] {{Webarchive|url=https://web.archive.org/web/20120701135555/http://www.ecrypt.eu.org/stream/pomaranchp3.html |date=2012-07-01 }}

|

| 3

|

| Tor Helleseth, Cees Jansen and Alexander Kolosha

=Selected as Phase 2 focus candidates but not as Phase 3 candidates=

class="wikitable"

! Cipher

! eSTREAM
webpage

! Profile 1
(software)

! Profile 2
(hardware)

! Properties

! Submitters

Phelix

| [http://www.ecrypt.eu.org/stream/phelixp2.html] {{Webarchive|url=https://web.archive.org/web/20120701140501/http://www.ecrypt.eu.org/stream/phelixp2.html |date=2012-07-01 }}

| F

| F

| M

| Doug Whiting, Bruce Schneier, Stefan Lucks
and Frédéric Muller

Py

| [http://www.ecrypt.eu.org/stream/pyp2.html] {{Webarchive|url=https://web.archive.org/web/20120701140025/http://www.ecrypt.eu.org/stream/pyp2.html |date=2012-07-01 }}

| F

|

|

| Eli Biham and Jennifer Seberry

=Selected as Phase 2 candidates but not as focus or Phase 3 candidates=

class="wikitable"

! Cipher

! eSTREAM
webpage

! Profile 1
(software)

! Profile 2
(hardware)

! Properties

! Submitters

ABC

| [http://www.ecrypt.eu.org/stream/abcp2.html] {{Webarchive|url=https://web.archive.org/web/20120701140423/http://www.ecrypt.eu.org/stream/abcp2.html |date=2012-07-01 }}

| 2

|

|

| Vladimir Anashin, Andrey Bogdanov, Ilya Kizhvatov
and Sandeep Kumar

Achterbahn

| [http://www.ecrypt.eu.org/stream/achterbahnp2.html] {{Webarchive|url=https://web.archive.org/web/20120701135837/http://www.ecrypt.eu.org/stream/achterbahnp2.html |date=2012-07-01 }}

|

| 2

|

| Berndt Gammel, Rainer Göttfert and Oliver Kniffler

DICING

| [http://www.ecrypt.eu.org/stream/dicingp2.html] {{Webarchive|url=https://web.archive.org/web/20120701135533/http://www.ecrypt.eu.org/stream/dicingp2.html |date=2012-07-01 }}

| 2

|

|

| Li An-Ping

Hermes8

| [http://www.ecrypt.eu.org/stream/hermes8p2.html] {{Webarchive|url=https://web.archive.org/web/20120701135858/http://www.ecrypt.eu.org/stream/hermes8p2.html |date=2012-07-01 }}

| A

| 2

|

| Ulrich Kaiser

NLS

| [http://www.ecrypt.eu.org/stream/nlsp2.html] {{Webarchive|url=https://web.archive.org/web/20120701135910/http://www.ecrypt.eu.org/stream/nlsp2.html |date=2012-07-01 }}

| 2

| 2

|

| Gregory Rose, Philip Hawkes, Michael Paddon
and Miriam Wiggers de Vries

Polar Bear

| [http://www.ecrypt.eu.org/stream/polarbearp2.html] {{Webarchive|url=https://web.archive.org/web/20120701135915/http://www.ecrypt.eu.org/stream/polarbearp2.html |date=2012-07-01 }}

| 2

| 2

|

| Johan Håstad and Mats Näslund

Pomaranch

| [http://www.ecrypt.eu.org/stream/pomaranchp2.html] {{Webarchive|url=https://web.archive.org/web/20120701140506/http://www.ecrypt.eu.org/stream/pomaranchp2.html |date=2012-07-01 }}

| A

| 2

|

| Cees Jansen and Alexander Kolosha

SFINKS

| [http://www.ecrypt.eu.org/stream/sfinksp2.html]{{dead link|date=September 2017 |bot=InternetArchiveBot |fix-attempted=yes }}

|

| 2

| M

| An Braeken, Joseph Lano, Nele Mentens,
Bart Preneel and Ingrid Verbauwhede

TSC-3

| [http://www.ecrypt.eu.org/stream/tsc3p2.html] {{Webarchive|url=https://web.archive.org/web/20120701135454/http://www.ecrypt.eu.org/stream/tsc3p2.html |date=2012-07-01 }}

|

| 2

|

| Jin Hong, Dong Hoon Lee, Yongjin Yeom,
Daewan Han and Seongtaek Chee

VEST

| [http://www.ecrypt.eu.org/stream/vestp2.html] {{Webarchive|url=https://web.archive.org/web/20160304113803/http://www.ecrypt.eu.org/stream/vestp2.html |date=2016-03-04 }}

|

| 2

| M pat

| Sean O'Neil, Benjamin Gittins and Howard Landman

WG

| [https://archive.today/20120724184029/http://www.ecrypt.eu.org/stream/wgp2.html]

|

| 2

|

| Guang Gong and Yassir Nawaz

Yamb

| [http://www.ecrypt.eu.org/stream/yambp2.html]{{dead link|date=September 2017 |bot=InternetArchiveBot |fix-attempted=yes }}

| 2

| 2

|

| LAN Crypto

ZK-Crypt

| [http://www.ecrypt.eu.org/stream/zkcryptp2.htm]{{dead link|date=September 2017 |bot=InternetArchiveBot |fix-attempted=yes }}

|

| 2

| M pat

| Carmi Gressel, Ran Granot and Gabi Vago

=Not selected as focus or Phase 2 candidates=

class="wikitable"

! Cipher

! eSTREAM
webpage

! Profile 1
(software)

! Profile 2
(hardware)

! Properties

! Submitters

Frogbit

| [http://www.ecrypt.eu.org/stream/frogbit.html] {{Webarchive|url=https://web.archive.org/web/20120701135543/http://www.ecrypt.eu.org/stream/frogbit.html |date=2012-07-01 }}

| A

|

| M pat

| Thierry Moreau

Fubuki

| [http://www.ecrypt.eu.org/stream/cryptmtfubuki.html] {{Webarchive|url=https://web.archive.org/web/20120701135329/http://www.ecrypt.eu.org/stream/cryptmtfubuki.html |date=2012-07-01 }}

| A

|

| pat

| Makoto Matsumoto, Hagita Mariko, Takuji Nishimura
and Matsuo Saito

MAG

| [http://www.ecrypt.eu.org/stream/mag.html] {{Webarchive|url=https://web.archive.org/web/20120701140445/http://www.ecrypt.eu.org/stream/mag.html |date=2012-07-01 }}

| A

| A

|

| Rade Vuckovac

Mir-1

| [http://www.ecrypt.eu.org/stream/mir1.html] {{Webarchive|url=https://web.archive.org/web/20120701140456/http://www.ecrypt.eu.org/stream/mir1.html |date=2012-07-01 }}

| A

|

|

| Alexander Maximov

SSS

| [http://www.ecrypt.eu.org/stream/sss.html] {{Webarchive|url=https://web.archive.org/web/20120701135419/http://www.ecrypt.eu.org/stream/sss.html |date=2012-07-01 }}

| A

| A

| M

| Gregory Rose, Philip Hawkes, Michael Paddon
and Miriam Wiggers de Vries

TRBDK3 YAEA

| [http://www.ecrypt.eu.org/stream/trbdk3.html] {{Webarchive|url=https://web.archive.org/web/20120701135610/http://www.ecrypt.eu.org/stream/trbdk3.html |date=2012-07-01 }}

| A

| A

|

| Timothy Brigham

See also

References

{{reflist}}

External links

  • [http://www.ecrypt.eu.org/stream/ Homepage for the project] {{Webarchive|url=https://web.archive.org/web/20120415032728/http://www.ecrypt.eu.org/stream/ |date=2012-04-15 }}
  • [http://www.ecrypt.eu.org/stream/phorum/list.php?1 Discussion forum] {{Webarchive|url=https://web.archive.org/web/20120422152217/http://www.ecrypt.eu.org/stream/phorum/list.php?1 |date=2012-04-22 }}
  • The eSTREAM testing framework [http://www.ecrypt.eu.org/stream/perf/ eSTREAM Optimized Code HOWTO] {{Webarchive|url=https://web.archive.org/web/20120615144620/http://www.ecrypt.eu.org/stream/perf/ |date=2012-06-15 }}
  • Update 1: [http://www.ecrypt.eu.org/stream/papersdir/057.pdf (PDF)] {{Webarchive|url=https://web.archive.org/web/20120717061527/http://www.ecrypt.eu.org/stream/papersdir/057.pdf |date=2012-07-17 }}
  • [http://cr.yp.to/streamciphers.html Notes on the ECRYPT Stream Cipher project] by Daniel J. Bernstein

{{Cryptography navbox | stream}}

Category:Cryptography contests

Category:Information technology organizations based in Europe

Category:Internet and the European Union

Category:Research projects

Category:Stream ciphers

de:Stromverschlüsselung#eSTREAM