NTT Encryption Archive List

ESIGN
FEAL
ECAO
OEF
FSU
SXY
E2
EPOC

Introduction to ESIGN

In 1990, NTT developed the first Japanese domestic digital signature scheme called ESIGN (Efficient digital SIGNature) based on the prime factorization problem. Compared to conventional schemes, the processing time (especially signature generation time) is drastically curtailed, and it can be installed into devices such as IC cards without a dedicated coprocessor. Aside from ISO/IEC14888-2 standardized by the International Organization for Standardization, The Institute of Electrical and Electronics Engineers (IEEE) public key encryption standard, P1363a, supports ESIGN.

Furthermore, ESIGN-TSH was developed in 1998. As a result of the progress in the research related to the security of digital signatures, ESIGN-PSS can strictly prove the confidence of security under the assumptions that the output of hash functions is random and that the p²q-type prime factorization problem is difficult.

NTT grants royalty-free licenses of the essential patents for ESIGN under reciprocal principles in order to establish a leadership role toward achieving a low-cost secure advanced telecommunication society through the proliferation and promotion of encryption technologies that contribute to the construction of an environment in which various security products and services can be used widely.

Standardization Related Info: Standardization Related Info for ESIGN
Specifications: Specification for ESIGN-TSH
[English] nttdoc-esigntsh-en.pdf (2002-05-24, Draft 1.0, 154KB)
Related Reference List: Related reference list for ESIGN
Information Related to the Royalty-free Licensing of the Essential Patents

Introduction to FEAL

In 1987, NTT developed the first Japanese domestic 64-bit block cipher called FEAL (Fast data Encipherment ALgorithm). This encryption algorithm was designed as software for 8-bit microprocessors in IC cards, and the merit of the initially developed FEAL-8 was that it was faster than DES. Furthermore, since the algorithm was developed at the dawn of encryption technology, it greatly contributed to the advancement of later cryptographic research.

In 1990, using FEAL-8 as the base, FEAL-N/NX was developed to improve the security(N: number of rounds, N using 64-bit keys, NX using 128-bit keys). The most recently used version is FEAL-32X.

[Notice] NTT strongly recommends using Camellia for security products in terms of security and efficiency.

Standardization Related Info: Standardization Related Info for FEAL
Specifications: Specifications for FEAL
Related Reference List: Related reference list for FEAL

Introduction to ECAO

In 1999, NTT developed ECAO (Elliptic Curve Abe-Okamoto signature), a digital signature giving message recovery based on the elliptic curve discrete logarithm problem, in which the confidence of security was proven mathematically. ECAO can mathematically prove the confidence of security under the assumptions that the output of hash functions is random and that the elliptic curve discrete logarithm problem is difficult.

ECAO is standardized as ISO/IEC15946-4.

ECAOS (Elliptic Curve Abe-Okamoto-Suzuki signature) is message recovery signature scheme with variable recovable message length, that is provably secure under discrete logarithm assumption and random oracle model.

Working Draft of the specification of ECAOS (This specification is Working Draft and would be changed.)
[English]nttdoc-ecaos-en-20080825.pdf (2008-08-25, 124KB)

Introduction to OEF

OEF (Optimal Extension Field) is a special class of elliptic curve parameter, that is suitable for software implementation of elliptic curve.

Working Draft of the specification of OEF parameter generation (This specification is Working Draft and would be changed.)
[English] nttdoc-oef1-en-20090302.pdf (2009-03-02, Version 0.6, 103KB)
[English] nttdoc-oef1-en-20090508.pdf (2009-05-08, Version 0.7, 111KB)
[English] nttdoc-oef2-en-20080806.pdf (2008-08-06, Version 0.6, 110KB)

Introduction to FSU

FSU (Fujioka-Suzuki-Ustaoglu) is an provably secure ID-based authenticated key exchange.

[English] FSU.pdf (2015-03-02, Version 1.0, 43KB)
[English] FSU_data_conv.pdf (2015-03-02, Version 1.0, 78KB)

Introduction to SXY

SXY (Saito-Xagawa-Yamakawa) is an IND-CCA-secure key-encapsulation mechanism scheme in the quantum random oracle model.

[English] Tightly-Secure Key-Encapsulation Mechanism in the Quantum Random Oracle Model (2017-10-15)
[English] SXY_implementation.zip (2017-12-20, 55KB)

Introduction to E2

In 1998, NTT developed the first Japanese domestic 128-bit block cipher called E2 (Efficient Encryption algorithm), E2 was developed to be a more secure and efficient encryption algorithm than Triple DES, and achieved at the time the world's highest-level software processing performance in 128-bit block ciphers.

From 1997 when the project began for the selection for the US Government encryption standard AES, E2 was the only applicant from Japan. Cryptographic researchers from around the world gave E2 detailed and thorough security and processing performance evaluations, and showed that E2 was designed with an extremely high security level. As a result, E2 received a high reputation worldwide on the design principles, security evaluation method, and other factors. However, although the design had a high security level, in terms of processing performance and implementation diversity, the current US Government encryption standard AES (called Rijndael at that time) was judged to be superior.

In 2000, NTT designed the new block cipher Camelliain cooperation with Mitsubishi Electric Corporation, which takes the parts of the E2 design that received worldwide recognition and leaves behind the problems with the processing performance and implementation diversity.

Introduction to EPOC

In 1998, NTT developed the first Japanese domestic public key encryption called EPOC (Efficient PrObabilistiC public-key encryption) based on the prime factorization problem, in which the confidence of security was proven mathematically.

EPOC can mathematically prove the confidence of security under the assumptions that the output of hash functions is random and that the prime factorization problem is difficult. It also has a high level of practicality. The Institute of Electrical and Electronics Engineers (IEEE) public key encryption standard, P1363a, supports EPOC.

NTT grants royalty-free licenses for the essential patents of EPOC under reciprocal principles in order to establish a leadership role toward achieving a low-cost secure advanced telecommunication society through the proliferation and promotion of encryption technologies that contribute to the construction of an environment in which various security products and services can be used widely.
For details, please contact the NTT Intellectual Property Center.

Standardization Related Info

Year	Standardization Organization	Notes Regarding Standardization
2002	IEEE(Institute of Electrical and Electronic Engineers)	EPOC was selected as the encryption algorithm in IEEE P1363a.

Page Top