Phelix

Phelix
General
DesignersDoug Whiting, Bruce Schneier, Stefan Lucks, and Frédéric Muller
First published2004
Cipher detail
Key sizes256 bits
Speed8 cycles per byte on modern x86-based processors (claimed)
Best public cryptanalysis
All known attacks are computationally infeasible when the cipher is used properly. If nonces are reused, a differential attack breaks the cipher with about 237 operations, 234 chosen nonces and 238.2 chosen plaintext words.

Phelix is a high-speed stream cipher with a built-in single-pass message authentication code (MAC) functionality, submitted in 2004 to the eSTREAM contest by Doug Whiting, Bruce Schneier, Stefan Lucks, and Frédéric Muller. The cipher uses only the operations of addition modulo 232, exclusive or, and rotation by a fixed number of bits. Phelix uses a 256-bit key and a 128-bit nonce, claiming a design strength of 128 bits. Concerns have been raised over the ability to recover the secret key if the cipher is used incorrectly.