denture-cast

CAST-128

The following article is about the block cipher. For the axion observatory in Switzerland, see CERN Axion Solar Telescope.

In cryptography, CAST-128 (alternatively CAST5) is a block cipher used in a number of products, notably as the default cipher in some versions of GPG and PGP. It has also been approved for Canadian government use by the Communications Security Establishment. The algorithm was created in 1996 by Carlisle Adams and Stafford Tavares using the CAST design procedure; another member of the CAST family of ciphers, CAST-256 (a former AES candidate) was derived from CAST-128. According to some sources, the "CAST" name is based on the initials of its inventors, though Bruce Schneier reports the authors' claim that "the name should conjure up images of randomness" (Schneier, 1996).

CAST-128 is a 12- or 16-round Feistel network with a 64-bit block size and a key size of between 40 to 128 bits (but only in 8-bit increments). The full 16 rounds are used when the key size is longer than 80 bits. Components include large 8×32-bit S-boxes based on bent functions, key-dependent rotations, modular addition and subtraction, and XOR operations. There are three alternating types of round function, but they are similar in structure and differ only in the choice of the exact operation (addition, subtraction or XOR) at various points.

Although Entrust holds a patent on the CAST design procedure, CAST-128 is available worldwide on a royalty-free basis for commercial and non-commercial uses.

References

C.M. Adams. (1997). "Constructing Symmetric Ciphers Using the CAST Design Procedure", Designs, Codes, and Cryptography, 12(3), pp. 283–316.
C.M. Adams, "CAST Design Procedure Addendum".
Bruce Schneier, 1996, Applied Cryptography, 2nd edition. John Wiley & Sons. pp334–335. ISBN 0-471-11709-9