HOME

TheInfoList



Click Here for Items Related To - DESX
OR:
DESX on:   [Wikipedia]   [Google]   [Amazon]

In cryptography, DES-X (or DESX) is a variant on the DES (Data Encryption Standard) symmetric-key
block cipher In cryptography, a block cipher is a deterministic algorithm operating on fixed-length groups of bits, called ''blocks''. Block ciphers are specified cryptographic primitive, elementary components in the design of many cryptographic protocols and ...
intended to increase the complexity of a brute-force attack using a technique called '' key whitening''. The original DES algorithm was specified in 1976 with a 56-bit key size: 256 possibilities for the key. There was criticism that an exhaustive search might be within the capabilities of large governments, particularly the United States' National Security Agency (NSA). One scheme to increase the key size of DES without substantially altering the algorithm was DES-X, proposed by Ron Rivest in May 1984. The algorithm has been included in RSA Security's BSAFE cryptographic library since the late 1980s. DES-X augments DES by
XOR Exclusive or or exclusive disjunction is a logical operation that is true if and only if its arguments differ (one is true, the other is false). It is symbolized by the prefix operator J and by the infix operators XOR ( or ), EOR, EXOR, , ...
ing an extra 64 bits of key (K1) to the plaintext ''before'' applying DES, and then XORing another 64 bits of key (K2) ''after'' the encryption: \mbox(M) = K_2 \oplus \mbox_K(M \oplus K_1) The key size is thereby increased to 56 + (2 × 64) = 184 bits. However, the effective key size (security) is only increased to 56+64−1−''lb(M)'' = 119 − ''lb(M)'' = ~119 bits, where ''M'' is the number of chosen plaintext/ciphertext pairs the adversary can obtain, and ''lb'' denotes the
binary logarithm In mathematics, the binary logarithm () is the power to which the number must be raised to obtain the value . That is, for any real number , :x=\log_2 n \quad\Longleftrightarrow\quad 2^x=n. For example, the binary logarithm of is , the b ...
. Moreover, key size drops to 88 bits given 232.5 known plaintext and using advanced slide attack. DES-X also increases the strength of DES against
differential cryptanalysis Differential cryptanalysis is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions. In the broadest sense, it is the study of how differences in information input can aff ...
and linear cryptanalysis, although the improvement is much smaller than in the case of brute force attacks. It is estimated that differential cryptanalysis would require 261 chosen plaintexts (vs. 247 for DES), while linear cryptanalysis would require 260 known plaintexts (vs. 243 for DES or 261 for DES with independent subkeys.) Note that with 264 plaintexts (known or chosen being the same in this case), DES (or indeed any other
block cipher In cryptography, a block cipher is a deterministic algorithm operating on fixed-length groups of bits, called ''blocks''. Block ciphers are specified cryptographic primitive, elementary components in the design of many cryptographic protocols and ...
with a 64 bit block size) is totally broken as the whole cipher's codebook becomes available. Although the differential and linear attacks, currently best attack on DES-X is a known-plaintext slide attack discovered by Biryukov-Wagner which has complexity of 232.5 known plaintexts and 287.5 time of analysis. Moreover the attack is easily converted into a ciphertext-only attack with the same data complexity and 295 offline time complexity.


See also

* G-DES * Meet-in-the-middle attack * Triple DES * Xor–encrypt–xor


References

* Joe Kilian and Phillip Rogaway
How to protect DES against exhaustive key search
PDF), Advances in Cryptology - Crypto '96, Springer-Verlag (1996), pp. 252–267. * P. Rogaway
The security of DESX
(PostScript), CryptoBytes 2(2) (Summer 1996).


External links


RSA FAQ Entry
{{Cryptography navbox , block Broken block ciphers Data Encryption Standard