# The History of NTT Cryptgraphic Algorithms

Cryptographic technology has now become indispensable to our network society as a tool and a fundamental technology. NTT has been engaged in the development of cryptographic algorithms since the 1980's and has played a world pioneering role. Among the cryptographic algorithms developed thus far, we are currently pursuing aggressively the active dissemination of the algorithms below.

- Symmetric key encryption※1(128-bit block cipher)
- Camellia (Developed by NTT and Mitsubishi Electric Corporation)
- Public key encryption※2(key delivery)

Below is a brief introduction to The History of NTT Cryptgraphic Algorithms.

1985 | NTT developed the Fast Data Encipherment Algorithm (FEAL), the first Japanese 64-bit block cipher (symmetric-key encryption algorithm). This encryption algorithm was designed for software use in smart cards with an 8-bit microprocessor and, at the time of its development, had a speed advantage over DES ※3 In 1987, NTT also developed an enhanced variant named FEAL-8. FEAL-8 has been employed in secure facsimile systems. |
---|---|

1990 | NTT continued to improve the security of algorithms and developed FEAL-N(X) based on FEAL-8. FEAL-32X was the most popular version of FEAL-N(X). |

NTT developed the Efficient Digital Signature Scheme (ESIGN), the first Japanese digital signature ※4 scheme with appendix. The security of ESIGN is based on the integer factorization problem ※5 ESIGN has a speed advantage over the RSA ※6 signature scheme and can generate signatures extremely quickly. | |

1998 | The U.S. National Institute of Standards and Technology (NIST) announced a call for public contributions for the new encryption algorithm to replace DES: the Advanced Encryption Standard (AES). NTT developed the Efficient Encryption Algorithm (E2) and submitted it to the AES selection project. E2 was the only candidate from Japan and received high praise worldwide. |

Using ESIGN as the base, ESIGN-TSH was developed to improve the security. | |

NTT developed Efficient Probabilistic Public-Key Encryption (EPOC), the first Japanese domestic public key encryption based on the integer factorization problem, in which the confidence of security was proven mathematically. | |

1999 | NTT developed Provably Secure Elliptic Curve Encryption (PSEC), the first Japanese domestic public key encryption based on the elliptic curve discrete logarithm problem※7, in which the confidence of security was proven mathematically. |

NTT developed the Elliptic Curve Abe-Okamoto Signature (ECAO), a digital signature scheme that provides message recovery based on the elliptic curve discrete logarithm problem, in which the confidence of security was proven mathematically. | |

2000 | In collaboration with Mitsubishi Electric Corporation, NTT developed the 128-bit block cipher called Camellia. Camellia is a multi-platform applicable cipher that is a fusion of the NTT encryption design technology, which is applicable to high-speed software implementation, and the encryption design technology by Mitsubishi Electric Corporation, which is applicable to compact high-speed hardware implementation. <News Release> |

2001 | NTT announced the royalty-free licensing of the essential patents of Camellia, PSEC, EPOC, and ESIGN in order to establish a leadership role toward achieving a low-cost secure advanced telecommunication society through the proliferation and promotion of encryption technologies that contribute to the construction of an environment in which various security products and services can be used widely. <News Release> |

PSEC with a Key Encapsulation Mechanism (PSEC-KEM) was developed based on PSEC as a key delivery scheme. PSEC-KEM has merits such as a higher speed than RSA encryption and the Diffie-Hellman(DH) key exchange schemes. | |

2003 | NTT, Mitsubishi Electric Corporation, and Hitachi, Ltd. collaborated to develop CRESERC, a high-speed implementation technology that is resistant to implementation attacks for the Elliptic Curve Digital Signature Algorithm (ECDSA), a digital signature with appendix based on the elliptic curve discrete logarithm problem. Using the shared advantage in elliptic curve encryption theory as a base, CRESERC was developed by taking advantage of the dominant technology from each company. <News Release> |

※1 Symmetric Key Encryption | This is an encryption scheme that uses the same secret key for data encryption and decryption. Since this scheme achieves high-speed encryption processing, it is mainly used in high-speed encryption of communication messages and files that deal with high-capacity data, mobile terminal authentication, and so on. |
---|---|

※2 Public Key Encryption | In 1976, W. Diffie and M.E. Hellman proposed this new encryption scheme. This encryption scheme uses different keys for encryption and decryption, and since the encryption key can be disclosed publicly, it is suited to sending encrypted communications on a network where an unspecified large number of people exchange information. Currently, this scheme is mainly used as the key delivery scheme in order to share the secret key used in symmetric key encryption. |

※3 DES | The Data Encryption Standard (DES) is a block cipher (a form of shared secret encryption) that was selected by the National Bureau of Standards as an official Federal Information Processing Standards (FIPS) for the United States in 1976. |

※4 Digital Signature | Applying the principle that only the person who has the decryption key can decode encrypted messages in public key encryption, this scheme is used for entity authentication and message integrity verification. There are two types of digital signatures: the digital signature with appendix in which a signature is added, and the digital signature giving message recovery that can restore only the signature to the message. |

※5 Integer factorization problem | When a given composite number comprises two prime numbers, there is not yet an efficient computation method to find the original prime numbers, and this remains an unresolved problem in the field of mathematics. At the present time, if the size of the problem (the key length in terms of cryptology) becomes large, even if supercomputers are used to obtain the solution it is considered to be difficult. |

※6 RSA | RSA (which stands for Rivest, Shamir, and Adleman the developers of the algorithm) is an algorithm for public-key cryptography. It is the first algorithm known to be suitable for digital signature as well as encryption. |

※7 Elliptic Curve Discrete Logarithm Problem | When points P and Q are given on an elliptical curve, there is yet no efficient calculation method to find integer n for Q = nP, and this remains an unresolved problem in the field of mathematics. At the present time, if the size of the problem (the key length in terms of cryptology) becomes large, even if supercomputers are used to obtain the solution it is considered to be difficult. |