HOME

TheInfoList



Click Here for Items Related To - DESX
OR:
DESX on:   [Wikipedia]   [Google]   [Amazon]

In
cryptography Cryptography, or cryptology (from grc, , translit=kryptós "hidden, secret"; and ''graphein'', "to write", or ''-logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of adver ...
, DES-X (or DESX) is a variant on the
DES Des is a masculine given name, mostly a short form (hypocorism) of Desmond. People named Des include: People * Des Buckingham, English football manager * Des Corcoran, (1928–2004), Australian politician * Des Dillon (disambiguation), sever ...
(Data Encryption Standard) symmetric-key block cipher intended to increase the complexity of a
brute-force attack In cryptography, a brute-force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly. The attacker systematically checks all possible passwords and passphrases until the correc ...
using a technique called ''
key whitening In cryptography, key whitening is a technique intended to increase the security of an iterated block cipher. It consists of steps that combine the data with portions of the key. Details The most common form of key whitening is xor-encrypt-xor - ...
''. The original DES algorithm was specified in 1976 with a 56-bit
key size In cryptography, key size, key length, or key space refer to the number of bits in a key used by a cryptographic algorithm (such as a cipher). Key length defines the upper-bound on an algorithm's security (i.e. a logarithmic measure of the faste ...
: 256 possibilities for the key. There was criticism that an exhaustive search might be within the capabilities of large governments, particularly the United States'
National Security Agency The National Security Agency (NSA) is a national-level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence (DNI). The NSA is responsible for global monitoring, collect ...
(NSA). One scheme to increase the key size of DES without substantially altering the algorithm was DES-X, proposed by
Ron Rivest Ronald Linn Rivest (; born May 6, 1947) is a cryptographer and an Institute Professor at MIT. He is a member of MIT's Department of Electrical Engineering and Computer Science (EECS) and a member of MIT's Computer Science and Artificial In ...
in May 1984. The algorithm has been included in
RSA Security RSA Security LLC, formerly RSA Security, Inc. and doing business as RSA, is an American computer and network security company with a focus on encryption and encryption standards. RSA was named after the initials of its co-founders, Ron Rive ...
's
BSAFE Dell BSAFE, formerly known as RSA BSAFE, is a FIPS 140-2 validated cryptography library, available in both C and Java. BSAFE was initially created by RSA Security, which was purchased by EMC and then, in turn, by Dell. When Dell sold the RSA ...
cryptographic library since the late 1980s. DES-X augments DES by XORing an extra 64 bits of key (K1) to the
plaintext In cryptography, plaintext usually means unencrypted information pending input into cryptographic algorithms, usually encryption algorithms. This usually refers to data that is transmitted or stored unencrypted. Overview With the advent of com ...
''before'' applying DES, and then XORing another 64 bits of key (K2) ''after'' the encryption: \mbox(M) = K_2 \oplus \mbox_K(M \oplus K_1) The key size is thereby increased to 56 + (2 × 64) = 184 bits. However, the effective key size (security) is only increased to 56+64−1−''lb(M)'' = 119 − ''lb(M)'' = ~119 bits, where ''M'' is the number of chosen plaintext/ciphertext pairs the adversary can obtain, and ''lb'' denotes the binary logarithm. Moreover, key size drops to 88 bits given 232.5 known plaintext and using advanced slide attack. DES-X also increases the strength of DES against differential cryptanalysis and
linear cryptanalysis In cryptography, linear cryptanalysis is a general form of cryptanalysis based on finding affine approximations to the action of a cipher. Attacks have been developed for block ciphers and stream ciphers. Linear cryptanalysis is one of the two mos ...
, although the improvement is much smaller than in the case of brute force attacks. It is estimated that differential cryptanalysis would require 261 chosen plaintexts (vs. 247 for DES), while linear cryptanalysis would require 260 known plaintexts (vs. 243 for DES or 261 for DES with independent subkeys.) Note that with 264 plaintexts (known or chosen being the same in this case), DES (or indeed any other block cipher with a 64 bit block size) is totally broken as the whole cipher's codebook becomes available. Although the differential and linear attacks, currently best attack on DES-X is a known-plaintext slide attack discovered by Biryukov-Wagner which has complexity of 232.5 known plaintexts and 287.5 time of analysis. Moreover the attack is easily converted into a ciphertext-only attack with the same data complexity and 295 offline time complexity.


See also

*
G-DES In cryptography, the Generalized DES Scheme (GDES or G-DES) is a variant of the DES symmetric-key block cipher designed with the intention of speeding up the encryption process while improving its security. The scheme was proposed by Ingrid Scha ...
* Meet-in-the-middle attack *
Triple DES In cryptography, Triple DES (3DES or TDES), officially the Triple Data Encryption Algorithm (TDEA or Triple DEA), is a symmetric-key block cipher, which applies the DES cipher algorithm three times to each data block. The Data Encryption Standa ...
*
Xor–encrypt–xor The xor–encrypt–xor (XEX) is a (tweakable) mode of operation of a block cipher. In tweaked-codebook mode with ciphertext stealing (XTS mode), it is one of the more popular modes of operation for whole-disk encryption. XEX is also a common form ...


References

* Joe Kilian and Phillip Rogaway
How to protect DES against exhaustive key search
PDF), Advances in Cryptology - Crypto '96, Springer-Verlag (1996), pp. 252–267. * P. Rogaway
The security of DESX
(PostScript), CryptoBytes 2(2) (Summer 1996).


External links


RSA FAQ Entry
{{Cryptography navbox , block Broken block ciphers Data Encryption Standard