MARS is a
block cipher
In cryptography, a block cipher is a deterministic algorithm operating on fixed-length groups of bits, called ''blocks''. Block ciphers are specified cryptographic primitive, elementary components in the design of many cryptographic protocols and ...
that was
IBM's submission to the
Advanced Encryption Standard process
The Advanced Encryption Standard (AES), the symmetric block cipher ratified as a standard by National Institute of Standards and Technology of the United States (NIST), was chosen using a process lasting from 1997 to 2000 that was markedly more ...
. MARS was selected as an AES finalist in August 1999, after the AES2 conference in March 1999, where it was voted as the fifth and last finalist algorithm.
The MARS design team included
Don Coppersmith
Don Coppersmith (born 1950) is a cryptographer and mathematician. He was involved in the design of the Data Encryption Standard block cipher at IBM, particularly the design of the S-boxes, strengthening them against differential cryptanalysis ...
, who had been involved in the creation of the previous
Data Encryption Standard
The Data Encryption Standard (DES ) is a symmetric-key algorithm for the encryption of digital data. Although its short key length of 56 bits makes it too insecure for modern applications, it has been highly influential in the advancement of cry ...
(DES) twenty years earlier. The project was specifically designed to resist future advances in cryptography by adopting a layered, compartmentalized approach.
IBM's official report stated that MARS and
Serpent
Serpent or The Serpent may refer to:
* Snake, a carnivorous reptile of the suborder Serpentes
Mythology and religion
* Sea serpent, a monstrous ocean creature
* Serpent (symbolism), the snake in religious rites and mythological contexts
* Serp ...
were the only two finalists to implement any form of safety net with regard to would-be advances in cryptographic mathematics. The
Twofish
In cryptography, Twofish is a symmetric key block cipher with a block size of 128 bits and key sizes up to 256 bits. It was one of the five finalists of the Advanced Encryption Standard contest, but it was not selected for standardization. Twof ...
team made a similar statement about its cipher.
MARS has a 128-bit
block size and a variable
key size
In cryptography, key size, key length, or key space refer to the number of bits in a key used by a cryptographic algorithm (such as a cipher).
Key length defines the upper-bound on an algorithm's security (i.e. a logarithmic measure of the fastest ...
of between 128 and 448 bits (in 32-bit increments). Unlike most block ciphers, MARS has a heterogeneous structure: several rounds of a cryptographic core are "jacketed" by unkeyed mixing rounds, together with
key whitening
In cryptography, key whitening is a technique intended to increase the security of an iterated block cipher. It consists of steps that combine the data with portions of the key.
Details
The most common form of key whitening is xor-encrypt-xor - ...
.
Security analysis
Subkeys with long runs of ones or zeroes may lead to efficient attacks on MARS.
The two least significant bits of round keys used in multiplication are
always set to the value 1. Thus, there are always two inputs that are unchanged through the multiplication process regardless of the subkey, and two others which have fixed output regardless of the subkey.
A
meet-in-the-middle attack published in 2004 by
John Kelsey and
Bruce Schneier
Bruce Schneier (; born January 15, 1963) is an American cryptographer, computer security professional, privacy specialist, and writer. Schneier is a Lecturer in Public Policy at the Harvard Kennedy School and a Fellow at the Berkman Klein Cente ...
can break 21 out of 32 rounds of MARS.
''MARS Attacks! Preliminary Cryptanalysis of Reduced-Round MARS Variants''
John Kelsey, Bruce Schneier, 2004
Notes and references
External links
* ttp://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.35.5887&rep=rep1&type=pdf Specification of MARS
IBM's page on MARS
{{DEFAULTSORT:Mars (Cryptography)
Block ciphers