Rambutan (cryptography)
Encyclopedia
Rambutan is a family of encryption
technologies designed by the Communications-Electronics Security Group (CESG), the technical division of the United Kingdom government's secret communications agency, GCHQ
.
It includes a range of encryption products designed by CESG for use in handling confidential (not secret) communications between parts of the British government, government agencies, and related bodies such as NHS Trust
s. Unlike CESG's Red Pike system, Rambutan is not available as software: it is distributed only as a self-contained electronic device (an ASIC
) which implements the entire cryptosystem and handles the related key distribution and storage tasks. Rambutan is not sold outside the government sector.
Technical details of the Rambutan algorithm are secret. Security researcher Bruce Schneier
describes it as being a stream cipher
(linear feedback shift register
) based cryptosystem with 5 shift register
s each of around 80 bits, and a key size
of 112 bits. RAMBUTAN-I communications chips (which implement a secure X.25
based communications system) are made by approved contractors Racal
and Baltimore Technologies/Zergo Ltd. CESG later specified RAMBUTAN-II, an enhanced system with backward compatibility with existing RAMBUTAN-I infrastructure. The RAMBUTAN-II chip is a 64-pin quad ceramic pack
chip, which implements the electronic codebook, cipher block chaining, and output feedback operating modes
(each in 64 bits) and the cipher feedback mode in 1 or 8 bits. Schneier suggests that these modes may indicate Rambutan is a block cipher
rather than a stream. The three 64 bit modes operate at 88 megabits/second.
Encryption
In cryptography, encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information...
technologies designed by the Communications-Electronics Security Group (CESG), the technical division of the United Kingdom government's secret communications agency, GCHQ
Government Communications Headquarters
The Government Communications Headquarters is a British intelligence agency responsible for providing signals intelligence and information assurance to the UK government and armed forces...
.
It includes a range of encryption products designed by CESG for use in handling confidential (not secret) communications between parts of the British government, government agencies, and related bodies such as NHS Trust
NHS Trust
A National Health Service trust provides services on behalf of the National Health Service in England and NHS Wales.The trusts are not trusts in the legal sense but are in effect public sector corporations. Each trust is headed by a board consisting of executive and non-executive directors, and is...
s. Unlike CESG's Red Pike system, Rambutan is not available as software: it is distributed only as a self-contained electronic device (an ASIC
Application-specific integrated circuit
An application-specific integrated circuit is an integrated circuit customized for a particular use, rather than intended for general-purpose use. For example, a chip designed solely to run a cell phone is an ASIC...
) which implements the entire cryptosystem and handles the related key distribution and storage tasks. Rambutan is not sold outside the government sector.
Technical details of the Rambutan algorithm are secret. Security researcher Bruce Schneier
Bruce Schneier
Bruce Schneier is an American cryptographer, computer security specialist, and writer. He is the author of several books on general security topics, computer security and cryptography, and is the founder and chief technology officer of BT Managed Security Solutions, formerly Counterpane Internet...
describes it as being a stream cipher
Stream cipher
In cryptography, a stream cipher is a symmetric key cipher where plaintext digits are combined with a pseudorandom cipher digit stream . In a stream cipher the plaintext digits are encrypted one at a time, and the transformation of successive digits varies during the encryption...
(linear feedback shift register
Linear feedback shift register
A linear feedback shift register is a shift register whose input bit is a linear function of its previous state.The most commonly used linear function of single bits is XOR...
) based cryptosystem with 5 shift register
Shift register
In digital circuits, a shift register is a cascade of flip flops, sharing the same clock, which has the output of any one but the last flip-flop connected to the "data" input of the next one in the chain, resulting in a circuit that shifts by one position the one-dimensional "bit array" stored in...
s each of around 80 bits, and a key size
Key size
In cryptography, key size or key length is the size measured in bits of the key used in a cryptographic algorithm . An algorithm's key length is distinct from its cryptographic security, which is a logarithmic measure of the fastest known computational attack on the algorithm, also measured in bits...
of 112 bits. RAMBUTAN-I communications chips (which implement a secure X.25
X.25
X.25 is an ITU-T standard protocol suite for packet switched wide area network communication. An X.25 WAN consists of packet-switching exchange nodes as the networking hardware, and leased lines, Plain old telephone service connections or ISDN connections as physical links...
based communications system) are made by approved contractors Racal
Racal
Racal Electronics plc was once the third-largest British electronics firm. Listed on the London Stock Exchange and once a constituent of the FTSE 100 Index, Racal was a diversified company, offering products including: as voice and data recorders; point of sale terminals; laboratory instruments;...
and Baltimore Technologies/Zergo Ltd. CESG later specified RAMBUTAN-II, an enhanced system with backward compatibility with existing RAMBUTAN-I infrastructure. The RAMBUTAN-II chip is a 64-pin quad ceramic pack
QFP
A QFP or Quad Flat Package is a surface mount integrated circuit package with leads extending from each of the four sides. Socketing such packages is rare and hole mounting is not possible. Versions ranging from 32 to 304 pins with a pitch ranging from 0.4 to 1.0 mm are common...
chip, which implements the electronic codebook, cipher block chaining, and output feedback operating modes
Block cipher modes of operation
In cryptography, modes of operation is the procedure of enabling the repeated and secure use of a block cipher under a single key.A block cipher by itself allows encryption only of a single data block of the cipher's block length. When targeting a variable-length message, the data must first be...
(each in 64 bits) and the cipher feedback mode in 1 or 8 bits. Schneier suggests that these modes may indicate Rambutan is a block cipher
Block cipher
In cryptography, a block cipher is a symmetric key cipher operating on fixed-length groups of bits, called blocks, with an unvarying transformation. A block cipher encryption algorithm might take a 128-bit block of plaintext as input, and output a corresponding 128-bit block of ciphertext...
rather than a stream. The three 64 bit modes operate at 88 megabits/second.