Ralph C. Merkle
Martin E. Hellman
Abstract
Double encryption has been suggested to strengthen the Federal Data Encryption Standard (DES). A recent proposal suggests that using two 56-bit keys but enciphering 3 times (encrypt with a first key, decrypt with a second key, then encrypt with the first key again) increases security over simple double encryption. This paper shows that although either technique significantly improves security over single encryption, the new technique does not significantly increase security over simple double encryption. Cryptanalysis of the 112-bit key requires about 256 operations and words of memory, using a chosen plaintext attack. While DES is used as an example, the technique is applicable to any similar cipher.
- 1 Branstad, D.K., Gait, J., and Katzke, S. Report of the workshop on cryptography in support of computer security, National Bureau of Standards Rep. NBSIR 77-1291 (Sept. 21-22, 1976).Google Scholar
- 2 Dime, W., and Hellman, M. Exhaustive cryptanalysis of the NBS data encryption standard. Computer (June 1977), 74-84.Google Scholar
- 3 Diffie, W., and Hellman, M.E. New directions in cryptography. IEEE Trans. Info. IT-22, 6 (Nov. 1976), 644-654.Google ScholarDigital Library
- 4 Hellman, M.E., An extension of the Shannon theory approach to cryptography, IEEE Trans. Info. IT-23, 3 (May 1977), 289-294.Google ScholarDigital Library
- 5 Hellman, M., Merkle, R., Schroeppel, R., Washington, L., Diffie, W., Pohlig, S., and Schweitzer, P. Results of an initial attempt to cryptanalyze the NBS data encryption standard. Information Systems Laboratory SEL 76-042 (Sept. 9, 1976).Google Scholar
- 6 Kahn, D. The Codebreakers. Macmillan, New York, 1976.Google Scholar
- 7 Kolata, G.B, Computer encryption and the National Security Agency. Science 197 (July 29, 1977) 438--440.Google Scholar
- 8 Morris, R., Sloane, N.J.A., and Wyner, A.D. Assessment of the National Bureau of Standards proposed federal data encryption standard. Cryptologia 1 (July 1977), 281-291.Google ScholarCross Ref
- 9 National Bureau of Standards. Federal Information Processing Standards Publication No. 46, Jan 1977.Google Scholar
- 10 Senate Select Committee on Intelligence. Involvement of the NSA in the development of the data encryption standard. News release (Apr. 12, 1978).Google Scholar
- 11 Shannon, C.E. Communication theory of secrecy systems. Bell. Syst. Tech. J. 28 (Oct. 1949), 656-715.Google ScholarCross Ref
- 12 Tuchman, W.L. Talk presented at the Nat. Computer Conf., Anaheim, CA., June 1978.Google Scholar
- 13 Yasaki, E.K. Encryption algorithm: Key size is the thing. Datamation 22, 3 (Mar. 1976), 164-166.Google Scholar
Index Terms
- On the security of multiple encryption
Recommendations
The First 10 Years of Advanced Encryption
This article looks at the design and history of the Advanced Encryption Standard, which is based on the block cipher Rijndael.
Security of sequential multiple encryption
LATINCRYPT'10: Proceedings of the First international conference on Progress in cryptology: cryptology and information security in Latin AmericaThis paper analyzes the security of sequential multiple encryptions based on asymmetric key encryptions, and shows that a sequential construction of secure multiple encryptions exists.
The sequential multiple encryption can be proved to be ...
Breaking an ID-based encryption based on discrete logarithm and factorization problems
We cryptanalyse the new ID-based encryption scheme proposed by Meshram.We find a method to factorize N, where N is the parameter proposed by Meshram.We also give a method to recover the secret master key of Meshram's ID-based encryption scheme.We also ...
Comments