General | |
---|---|
Designers | BSI |
First published | Leaked 2013 |
Cipher detail | |
Key sizes | 128 bits + 32 bits checksum |
Block sizes | 64 bits |
Structure | Substitution–permutation network |
Rounds | 12 |
Best public cryptanalysis | |
Secure against linear and differential cryptanalysis. |
Chiasmus is a secret German government block cipher that was leaked by reverse engineering. It became notorious for its dilettant use in the BSI's software GSTOOL, which used it in insecure Electronic Codebook (ECB) mode and generated the key with a pseudo random number generator initialized to the current system time, which means an effective key length that can easily be broken by brute force. The BSI tried to prevent the publication of these findings with legal threats.
Chiasmus seems to be resistant against the most common cryptographic attacks (linear and differential cryptanalysis), but a lot slower than the openly available state of the art ciphers such as AES.[1][2]