NewDES

From Wikipedia, the free encyclopedia

NewDES
General
Designers	Robert Scott
First published	1985
Cipher detail
Key sizes	120 bits
Block sizes	64 bits
Rounds	17
Best public cryptanalysis
A related-key attack succeeds with 2³² known plaintexts

In cryptography, NewDES is a symmetric key block cipher. It was created in 1984–1985 by Robert Scott as a potential DES replacement. Despite its name, it is not derived from DES and has a quite different structure. Its intended niche as a DES replacement has now mostly been filled by AES. The algorithm was revised with a modified key schedule in 1996 to counter a related-key attack; this version is sometimes referred to as NewDES-96.

In 2004, Scott posted some comments on sci.crypt reflecting on the motivation behind NewDES's design and what he might have done differently to make the cipher more secure.^[1]

The algorithm

NewDES, unlike DES, has no bit-level permutations, making it easy to implement in software. All operations are performed on whole bytes. It is a product cipher, consisting of 17 rounds performed on a 64-bit data block and makes use of a 120-bit key. In each round, subkey material is XORed with the 1-byte sub-blocks of data, then fed through an S-box, the output of which is then XORed with another sub-block of data. In total, 8 XORs are performed in each round. The S-box is derived from the United States Declaration of Independence (to show that Scott had nothing up his sleeve).

Each set of two rounds uses seven 1-byte subkeys, which are derived by splitting 56 bits of the key into bytes. The key is then rotated 56 bits for use in the next two rounds.

Cryptanalysis of NewDES

Only a small amount of cryptanalysis has been published on NewDES. The designer showed that NewDES exhibits the full avalanche effect after seven rounds: every ciphertext bit depends on every plaintext bit and key bit.

NewDES has the same complementation property that DES has: namely, that if

$E_{K}(P)=C,$

then

$E_{{\overline {K}}}(\overline {P})=\overline {C},$

where

$\overline {x}$

is the bitwise complement of x. This means that the work factor for a brute force attack is reduced by a factor of 2. Eli Biham also noticed that changing a full byte in all the key and data bytes leads to another complementation property. This reduces the work factor by 2⁸.

Biham's related-key attack can break NewDES with 2³³ chosen-key chosen plaintexts, meaning that NewDES is not as secure as DES.

John Kelsey, Bruce Schneier, and David Wagner used related-key cryptanalysis to develop another attack on NewDES; it requires 2³² known plaintexts and one related key.^[2]

References

↑
↑ John Kelsey, Bruce Schneier, and David Wagner. Related-key cryptanalysis of 3-WAY, Biham-DES, CAST, DES-X, NewDES, RC2, and TEA. Lecture Notes in Computer Science 1334, pp233–246, 1997 (PS or PDF).

R. Scott, "Wide Open Encryption Design Offers Flexible Implementations," Cryptologia, v. 9, n. 1, Jan 1985, pp. 75–90.
Schneier, Bruce (1996). Applied Cryptography, Second Edition. John Wiley & Sons. pp. 306–308. ISBN 0-471-11709-9.

External links

v t e Block ciphers (security summary)

Common algorithms	AES Blowfish DES Triple DES Serpent Twofish

Less common algorithms	Camellia CAST-128 IDEA RC2 RC5 SEED Skipjack TEA XTEA

Other algorithms	3-Way Akelarre Anubis ARIA BaseKing BassOmatic BATON BEAR and LION CAST-256 Chiasmus CIKS-1 CIPHERUNICORN-A CIPHERUNICORN-E CLEFIA CMEA Cobra COCONUT98 Crab Cryptomeria/C2 CRYPTON CS-Cipher DEAL DES-X DFC E2 FEAL FEA-M FROG G-DES GOST Grand Cru Hasty Pudding cipher Hierocrypt ICE IDEA NXT Intel Cascade Cipher Iraqi KASUMI KeeLoq KHAZAD Khufu and Khafre KN-Cipher Ladder-DES Libelle LOKI97 LOKI89/91 Lucifer M6 M8 MacGuffin Madryga MAGENTA MARS Mercy MESH MISTY1 MMB MULTI2 MultiSwap New Data Seal NewDES Nimbus NOEKEON NUSH PRESENT Q RC6 REDOC Red Pike S-1 SAFER SAVILLE SC2000 SHACAL SHARK Simon SMS4 Speck Spectr-H64 Square SXAL/MBAL Threefish Treyfer UES Xenon xmx XXTEA Zodiac

Design	Feistel network Key schedule Lai-Massey scheme Product cipher S-box P-box SPN Avalanche effect Block size Key size Key whitening No weak keys

Attack (cryptanalysis)	Brute-force (EFF DES cracker) MITM Linear (Piling-up lemma) Differential (Impossible Truncated Higher-order) Differential-linear Integral (aka Square) Boomerang Mod n Related-key Slide Rotational Timing XSL Interpolation Partitioning Davies' Rebound

Standardization	AES process CRYPTREC NESSIE

Utilization	Initialization vector Mode of operation Padding

v t e Cryptography

History of cryptography Cryptanalysis Cryptography portal Outline of cryptography

Symmetric-key algorithm Block cipher Stream cipher Public-key cryptography Cryptographic hash function Message authentication code Random numbers Steganography

This article is issued from Wikipedia. The text is available under the Creative Commons Attribution/Share Alike; additional terms may apply for the media files.