Dragon is a stream cipher developed at the Information Security Institute by William Millan with some help from Ed Dawson, Kevin Chen, Matt Henricksen, Leonie Simpson, HoonJae Lee, and SangJae Moon.
Dragon is the first published stream cipher to employ a nonlinear feedback for the state update function and a nonlinear function for output, where the long minimum cycle is guaranteed by a clock-like structure. The feedback and output are generated together by a permutation that takes as input data from state words according to a full-positive difference set. These design choices make it difficult to employ standard analysis methods. The permutation uses S-boxes designed using evolutionary search heuristics.
The cipher was a Phase 3 Focus candidate for the eSTREAM project, and satisfied all the requirements for speed and security. The cipher is targeted for fast software implementations and versions with different key lengths exists. The version selected for Phase 3 is Dragon-128. It is not Patented.
Dragon has not been successfully attacked to date, but Cho and Pieprzyk found biases within the primary non-linear component of the cipher.[1] Some have suggested that the security of the cipher is weaker than intended by its designers. However, the methods to detect the biases require such a large amount of data, which would not be generated by any actual use of the algorithm, that an alternative interpretation exists: the published analysis shows that the cipher is quite secure.