One of the widely used data encryption algorithms is the one based on the data encryption standard (DES) adopted by the National Bureau of Standards (NBS). The DES is used for carrying out block encryption using a 56-bit secret key. According to the DES, each of plaintext blocks has a length of 64 bits; and its ciphertext block also has the same bit length as that of each plaintext block. Transmission of the ciphertext blocks is effected via a public network.
Since, however, the DES employs the smaller number of bits in a secret key to encrypt the 64-bit blocks, it may not be able to provide a data encryption scheme with a high security. Further, since the secret key is not uniformly assigned to all of the 64-bit blocks, it is relatively easy to decrypt a ciphertext block encrypted by employing the conventional cryptanalysis techniques such as the differential cryptanalysis (DC) or the linear cryptanalysis (LC).
To ameliorate the problems inherent in the DES and develop a more powerful encryption scheme, various candidate algorithms have been proposed to establish the advanced encryption standard (AES) emerged from the National Institute of Standards and Technology (NIST). Among the candidate algorithms, an optimum algorithm will be adopted as the AES in the near future. However, hitherto, there are no known devices and methods implemented on the basis of the algorithms or the proposal requirements of the NIST.