iPedia Free Information Center

Information about Xmx

xmx
General
David M'Raïhi, David Naccache, Jacques Stern, Serge Vaudenay
January 1997
Cipher detail
Key size(s):| variable, equal to block size
Block size(s):| variable
variable, even
Best public cryptanalysis|-| colspan=2 | differential cryptanalysis, complementation property, weak keys
In cryptography, xmx is a block cipher designed in 1997 by David M'Raïhi, David Naccache, Jacques Stern, and Serge Vaudenay. According to the designers it "uses public-key-like operations as confusion and diffusion means." The cipher was designed for efficiency, and the only operations it uses are XORs and modular multiplications.

The main parameters of xmx are variable, including the block size and key size, which are equal, as well as the number of rounds. In addition to the key, it also makes use of an odd modulus n which is small enough to fit in a single block.

The round function is f(m)=(moa)·b mod n, where a and b are subkeys and b is coprime to n. Here moa represents an operation that equals m XOR a if that is less than n, and otherwise equals m. This is a simple invertible operation: moaoa = m. The xmx cipher consists of an even number of iterations of the round function, followed by a final o with an additional subkey.

The key schedule is very simple, using the same key for all the multipliers, and three different subkeys for the others: the key itself for the first half of the cipher, its multiplicative inverse mod n for the last half, and the XOR of these two for the middle subkey.

The designers defined four specific variants of xmx:
  • Standard: 512-bit block size, 8 rounds, n=2512-1
  • High security: 768-bit block size, 12 rounds, n=2768-1
  • Very-high security: 1024-bit block size, 16 rounds, n=21024-1
  • Challenge: 256-bit block size, 8 rounds, n=(280-1)·2176+157
Borisov, et al, using a multiplicative form of differential cryptanalysis, found a complementation property for any variant of xmx, like the first three above, such that n=2k-1, where k is the block size. They also found large weak key classes for the Challenge variant, and for many other moduli.

References

Block ciphers
    [ e]
Algorithms: 3-Way | AES | Akelarre | Anubis | ARIA | BaseKing | Blowfish | C2 | Camellia | CAST-128 | CAST-256 | CIKS-1 | CIPHERUNICORN-A | CIPHERUNICORN-E | CMEA | Cobra | COCONUT98 | Crab | CRYPTON | CS-Cipher | DEAL | DES | DES-X | DFC | E2 | FEAL | FROG | G-DES | GOST | Grand Cru | Hasty Pudding Cipher | Hierocrypt | ICE | IDEA | IDEA NXT | Iraqi | Intel Cascade Cipher | KASUMI | KHAZAD | Khufu and Khafre | KN-Cipher | Libelle | LOKI89/91 | LOKI97 | Lucifer | M6 | MacGuffin | Madryga | MAGENTA | MARS | Mercy | MESH | MISTY1 | MMB | MWA | MULTI2 | NewDES | NOEKEON | NUSH | Q | RC2 | RC5 | RC6 | REDOC | Red Pike | S-1 | SAFER | SC2000 | SEED | Serpent | SHACAL | SHARK | Skipjack | SMS4 | Square | TEA | Triple DES | Twofish | UES | Xenon | xmx | XTEA | XXTEA | Zodiac
Design: Feistel network | Key schedule | Product cipher | S-box | SPN Attacks: Brute force | Linear / Differential / Integral cryptanalysis | Mod n | Related-key | Slide | XSL
Standardization: AES process | CRYPTREC | NESSIE Misc: Avalanche effect | Block size | IV | Key size | Modes of operation | Piling-up lemma | Weak key
Cryptography
    [ e]
History of cryptography | Cryptanalysis | | Topics in cryptography
Symmetric-key algorithm | Block cipher | Stream cipher | Public-key cryptography | Cryptographic hash function | Message authentication code | Random numbers
David Naccache is a cryptographer, currently a professor at the University of Paris II and member of the École normale supérieure's Computer Laboratory. He is also a visiting professor at Royal Holloway University of London's Information Security Group. He received his Ph.D.
..... Click the link for more information.
Jacques Stern (born 1949) is a cryptographer, currently a professor at the École Normale Supérieure, where he is Director of the Computer Science Laboratory. He received the 2006 CNRS Gold Medal.
..... Click the link for more information.
Serge Vaudenay (5 April 1968-) is a well-known French cryptographer.

Serge Vaudenay entered the École Normale Supérieure in Paris as a normalien student in 1989. In 1992, he passed the agrégation in mathematics.
..... Click the link for more information.
In cryptography, the key size (alternatively key length) is the size of the digits used to create an encrypted text; it is therefore also a measure of the number of possible keys which can be used in a cipher, and the number of keys which must be tested to 'break' the
..... Click the link for more information.
block size. Both the input (plaintext) and output (ciphertext) are the same length; the output cannot be shorter than the input — this is logically required by the Pigeonhole principle and the fact that the cipher must be invertible — and it is simply undesirable for
..... Click the link for more information.
Cryptanalysis (from the Greek kryptós, "hidden", and analýein, "to loosen" or "to untie") is the study of methods for obtaining the meaning of encrypted information, without access to the secret information which is normally required to do so.
..... Click the link for more information.
Differential cryptanalysis is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions. In the broadest sense, it is the study of how differences in an input can affect the resultant difference at the output.
..... Click the link for more information.
In cryptography, a weak key is a key which when used with a specific cipher, makes the cipher behave in some undesirable way. Weak keys usually represent a very small fraction of the overall keyspace, which usually means that if one generates a random key to encrypt a message weak
..... Click the link for more information.
Cryptography (or cryptology; derived from Greek κρυπτός kryptós "hidden," and the verb γράφω gráfo "write" or λεγειν legein
..... Click the link for more information.
block cipher is a symmetric key cipher which operates on fixed-length groups of bits, termed blocks, with an unvarying transformation. When encrypting, a block cipher might take a (for example) 128-bit block of plaintext as input, and output a corresponding 128-bit block
..... Click the link for more information.
David Naccache is a cryptographer, currently a professor at the University of Paris II and member of the École normale supérieure's Computer Laboratory. He is also a visiting professor at Royal Holloway University of London's Information Security Group. He received his Ph.D.
..... Click the link for more information.
Jacques Stern (born 1949) is a cryptographer, currently a professor at the École Normale Supérieure, where he is Director of the Computer Science Laboratory. He received the 2006 CNRS Gold Medal.
..... Click the link for more information.
Serge Vaudenay (5 April 1968-) is a well-known French cryptographer.

Serge Vaudenay entered the École Normale Supérieure in Paris as a normalien student in 1989. In 1992, he passed the agrégation in mathematics.
..... Click the link for more information.
Public-key cryptography, also known as asymmetric cryptography, is a form of cryptography in which a user has a pair of cryptographic keys - a public key and a private key. The private key is kept secret, while the public key may be widely distributed.
..... Click the link for more information.
In cryptography, confusion and diffusion are two properties of the operation of a secure cipher which were identified by Shannon in his paper, "Communication Theory of Secrecy Systems" published in 1949.
..... Click the link for more information.
exclusive disjunction, also called exclusive or, (symbolized XOR or EOR), is a type of logical disjunction on two operands that results in a value of "true" if and only if exactly one of the operands has a value of "true.
..... Click the link for more information.
Modular arithmetic (sometimes called modulo arithmetic, or clock arithmetic) is a system of arithmetic for integers, where numbers "wrap around" after they reach a certain value — the modulus.
..... Click the link for more information.
block size. Both the input (plaintext) and output (ciphertext) are the same length; the output cannot be shorter than the input — this is logically required by the Pigeonhole principle and the fact that the cipher must be invertible — and it is simply undesirable for
..... Click the link for more information.
In cryptography, the key size (alternatively key length) is the size of the digits used to create an encrypted text; it is therefore also a measure of the number of possible keys which can be used in a cipher, and the number of keys which must be tested to 'break' the
..... Click the link for more information.
key is a piece of information (a parameter) that controls the operation of a cryptographic algorithm. In encryption, a key specifies the particular transformation of plaintext into ciphertext, or vice versa during decryption.
..... Click the link for more information.
In mathematics, the integers a and b are said to be coprime or relatively prime if they have no common factor other than 1 and −1, or equivalently, if their greatest common divisor is 1.
..... Click the link for more information.
key schedule is an algorithm that, given the key, calculates the subkeys for these rounds.

Some types of key schedules

  • Some ciphers have simple key schedules.

..... Click the link for more information.
multiplicative inverse for a number x, denoted by 1x or x −1, is a number which when multiplied by x yields the multiplicative identity, 1.
..... Click the link for more information.
Differential cryptanalysis is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions. In the broadest sense, it is the study of how differences in an input can affect the resultant difference at the output.
..... Click the link for more information.
In cryptography, a weak key is a key which when used with a specific cipher, makes the cipher behave in some undesirable way. Weak keys usually represent a very small fraction of the overall keyspace, which usually means that if one generates a random key to encrypt a message weak
..... Click the link for more information.
Portable Document Format (PDF)

Adobe Reader displaying a PDF in Microsoft Windows Vista
File extension: .pdf
MIME type: application/pdf
Type code: 'PDF ' (including a single space)
..... Click the link for more information.
For the page description language, see .


A postscript (from post scriptum, a Latin expression meaning "after writing" and abbreviated P.S.
..... Click the link for more information.
Fast Software Encryption, often abbreviated FSE, is a workshop for cryptography research, focussed on symmetric-key cryptography with an emphasis on fast, practical techniques, as opposed to theory.
..... Click the link for more information.
Haifa (Hebrew: חֵיפָהḤefa; Arabic: حَيْفَا
..... Click the link for more information.
Springer Science+Business Media or Springer (IPA: [ˈʃpʁɪŋɐ]) is a worldwide publishing company based in Germany with major offices in Berlin, Heidelberg, Dordrecht (Netherlands) and New York,
..... Click the link for more information.


This article is copied from an article on Wikipedia.org - the free encyclopedia created and edited by online user community. The text was not checked or edited by anyone on our staff. Although the vast majority of the wikipedia encyclopedia articles provide accurate and timely information please do not assume the accuracy of any particular article. This article is distributed under the terms of GNU Free Documentation License.
Herod_Archelaus


page counter