CAST5 (CAST-128) Encryption/Decryption
Secure encryption tool based on CAST5 (CAST-128) algorithm. Supports CBC, ECB, CFB, OFB modes for fast and secure data protection.
Key Features
Variable Key Length: Supports keys from 40 to 128 bits, offering flexibility.
Security: Extensively analyzed with no known effective attacks against the full CAST5.
Input Format / Output Format
About CAST5 (CAST-128)
CAST5 (also known as CAST-128) is a symmetric block cipher with a 64-bit block size and a variable key length of 40 to 128 bits. It has been used for years as the default encryption algorithm in many secure applications like GPG and PGP. CAST5 is named after its designers, Carlisle Adams and Stafford Tavares.
| Algorithm | CAST5 (CAST-128) |
| Key Size | 40 - 128 bits (Typically 128 bits) |
| Block Size | 64 bits (8 bytes) |
| Structure | Feistel Network (12 or 16 rounds) |
| Rounds | 12 or 16 (Depending on key size) |
Key Features
Variable Key Length: Supports keys from 40 to 128 bits, offering flexibility.
Widely Used: Long-time default algorithm for GPG (GnuPG) and PGP.
Security: Extensively analyzed with no known effective attacks against the full CAST5.
Performance: Optimized for 32-bit processors, providing fast encryption.
Encryption Modes
CBC (Cipher Block Chaining): Each block of plaintext is XORed with the previous ciphertext block before being encrypted. Requires an IV. Most common and secure mode.
ECB (Electronic Codebook): Each block is encrypted independently. No IV needed. Identical plaintext blocks are encrypted into identical ciphertext blocks, revealing patterns.
CFB (Cipher Feedback): Turns a block cipher into a self-synchronizing stream cipher. Requires an IV. Output is fed back to the shift register.
OFB (Output Feedback): Turns a block cipher into a synchronous stream cipher. Requires an IV. Generates keystream blocks, which are then XORed with the plaintext blocks.
CTR (Counter): Counter mode turns a block cipher into a stream cipher. Requires an IV as the initial counter value. Encryption and decryption use the same operation.
RAW (Direct Block): Direct block encryption mode without any chaining or feedback mechanism. No IV needed. Each block is encrypted independently, similar to ECB but more explicit.
Algorithm Comparison
| Algorithm | Key Length | Block Size | Security | Speed |
|---|---|---|---|---|
| CAST5 (CAST-128) | 40-128 bits | 64 bits | Good | Fast |
| Blowfish | 32-448 bits | 64 bits | Good | Fast |
| AES | 128/192/256 bits | 128 bits | Excellent | Fast |
| Twofish | 128/192/256 bits | 128 bits | Excellent | Fast |
Use Cases
PGP/GPG Compatibility: Handling messages or files encrypted with PGP.
Legacy System Protection: Maintaining legacy systems using CAST5.
General Encryption: Suitable for medium security needs not requiring AES strength.
Education & Research: Classic example of Feistel network structure.
Security Recommendations
Key Length: Always use the maximum 128-bit key for highest security.
Mode Selection: Prefer CBC mode and avoid ECB for sensitive data.
Random IV: Must use a unique random IV (Initialization Vector) for every encryption.
Integrity: CAST5 provides confidentiality only. Use with HMAC for data integrity.