CoderTools

SEED Encryption/Decryption

Korean Standard 128-bit Block Cipher (KISA)

Algorithm Information

Note: SEED uses fixed 128-bit key (unlike AES which supports 128/192/256)
Note: Supports ECB, CBC, CFB, and OFB modes

Mode & Padding
Input Format

About SEED Cipher

SEED is a 128-bit block symmetric cipher developed jointly by the Korea Information Security Agency (KISA) and Electronics and Telecommunications Research Institute (ETRI) in 1998. It was adopted as a Korean national standard (KS X 1213, 2003), the Telecommunications Technology Association standard (TTAS.KO-12.0004), and standardized internationally via RFC 4269 (SEED algorithm, January 2006) and RFC 5469 (TLS cipher suites for SEED, February 2009). SEED uses a 16-round Feistel network with a single 128-bit key. It was designed as the mandatory cipher for Korean government information systems and financial-sector encryption, replacing the earlier DES-based solutions used in Korean public-key infrastructure.

Algorithm SEED
Standard KISA / ISO 18033-3 / RFC 4269
Key Size 128 bits (fixed)
Block Size 128 bits
Rounds 16
Mode ECB / CBC / CFB / OFB
Padding PKCS7 / Zero / ISO10126 / ANSI X.923 / None
Origin Korea (KISA)
Year 1998

Key Features

  • 128-bit block, 128-bit key only: SEED operates on 128-bit blocks (eliminating the Sweet32 birthday-bound vulnerability present in 64-bit block ciphers like DES, 3DES, and Blowfish). A single 128-bit key is supported; there is no 192- or 256-bit SEED variant.
  • 16-round Feistel with G-function and S-boxes: each round uses an F-function with a G-function composed of four 8-bit S-box substitutions (S01 and S02 lookup tables) and 32-bit arithmetic operations, providing both confusion and diffusion. The key schedule generates 32 round-key words (two per round) from the four 32-bit initial key words.
  • Korean national standard + RFC standardization: KS X 1213 (2003) makes SEED mandatory for Korean e-government (G4C) and financial-sector compliance. RFC 4269 documents the algorithm; RFC 5469 defines IANA TLS cipher suites (0x0096 TLS_RSA_WITH_SEED_CBC_SHA, 0x0099 TLS_DHE_RSA_WITH_SEED_CBC_SHA) for TLS integration.
  • KCMVP (Korea Cryptographic Module Validation Program) certification: SEED is the baseline cipher for KCMVP-certified modules required by Korean government procurement; alongside ARIA (2004), both are mandatory options for domestic-market information security products.
  • Supported cipher modes: ECB, CBC, CFB, OFB, CTR; for authenticated encryption, combine SEED-CBC with HMAC-SHA-256 or use a separate MAC layer, as SEED has no built-in AEAD mode defined in official Korean standards.

Common Use Cases

Korean government e-government systems: SEED is mandatory for G4C (Korea Government for Citizen) portal, e-government document encryption, electronic certificates, and public-key infrastructure under the Korea Information Security Act and National Cybersecurity Framework (KNCF).
Korean financial industry: payment processing, online banking (Korea Financial Telecommunications and Clearings Institute, KFTC), securities trading platforms, and POS terminal encryption; Financial Supervisory Service (FSS) security requirements mandate SEED or ARIA.
TLS legacy compatibility (RFC 5469): Korean enterprise environments using legacy Korean middleware (ActiveX-based, NPKI PKI) require TLS SEED-CBC cipher suites for backward compatibility; supported in OpenSSL (SEED-CBC), GnuTLS, and Korean security middleware.
Document and file encryption: Korean government-issued encrypted document formats, secure PDF containers, and archive formats requiring SEED compliance for classified and restricted information handling in domestic Korean deployments.
KCMVP-certified product deployment: VPN appliances, HSMs, cloud service providers, and communication security products requiring Korea Cryptographic Module Validation Program certification for the Korean domestic market must support SEED.

Security Considerations

  • Resistance to classical cryptanalysis: SEED was designed with explicit resistance to differential cryptanalysis (Biham-Shamir) and linear cryptanalysis (Matsui). The S-box design (S01 and S02) ensures high nonlinearity; the F-function provides full avalanche effect across the 128-bit block.
  • Best published cryptanalytic result: Hermelin and Nyberg's related-key attack (2010) achieves complexity of approximately 2^125 against SEED full rounds. This offers marginal reduction below the 2^128 brute-force bound and is not practically exploitable. SEED remains secure against all known attacks as of 2025.
  • No 256-bit key variant: SEED provides only a 128-bit key. While 2^128 security margin exceeds current classical computing threats, post-quantum security recommendations suggest 256-bit keys for long-term confidentiality. For post-quantum migration in Korean systems, ARIA-256 (RFC 5794) is the designated successor.
  • CBC mode and authenticated encryption requirements: SEED-CBC is vulnerable to padding oracle attacks (analogous to POODLE for TLS) and requires authentication. Always combine SEED-CBC with HMAC-SHA-256 or a GCM-equivalent mode for data integrity. The TLS SEED suites in RFC 5469 use SHA-1 MAC, which is a legacy combination since SHA-1 collision resistance was broken (SHAttered, 2017).
  • ARIA (RFC 5794, 2010) is the modern successor: developed by the National Security Research Institute (NSRI) in 2003, ARIA supports 128/192/256-bit keys and AES-like SPN structure; RFC 5794 + RFC 6209 (TLS ARIA suites). For new Korean system deployments, prefer ARIA-256-GCM over SEED-CBC.

Related Tools

AES Encryption/Decryption

Securely encrypt and decrypt text using AES algorithm

Camellia Encryption

Japanese/European standard block cipher (ISO/IEC 18033-3) with 128/192/256-bit keys and multiple modes

SM Cryptography Tools

Chinese national standard cryptography tools supporting SM2 public key cipher, SM3 hash, and SM4 block cipher

Twofish Encryption/Decryption

AES finalist symmetric cipher with 128-bit blocks and 128/192/256-bit keys, designed by Bruce Schneier

Quick Menu

No recent tools