📄 12-15.html
字号:
<html><head><TITLE>APPLIED CRYPTOGRAPHY, SECOND EDITION: Protocols, Algorithms, and Source Code in C:Data Encryption Standard (DES)</TITLE>
<!-- BEGIN HEADER --><META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW"><SCRIPT><!--function displayWindow(url, width, height) { var Win = window.open(url,"displayWindow",'width=' + width +',height=' + height + ',resizable=1,scrollbars=yes');}//--></SCRIPT></HEAD><body bgcolor="ffffff" link="#006666" alink="#006666" vlink="#006666"><P>
<CENTER><B>Applied Cryptography, Second Edition: Protocols, Algorthms, and Source Code in C (cloth)</B>
<FONT SIZE="-2">
<BR>
<I>(Publisher: John Wiley & Sons, Inc.)</I>
<BR>
Author(s): Bruce Schneier
<BR>
ISBN: 0471128457
<BR>
Publication Date: 01/01/96
</FONT></CENTER>
<P>
<!-- Empty Reference Subhead -->
<!--ISBN=0471128457//-->
<!--TITLE=APPLIED CRYPTOGRAPHY, SECOND EDITION: Protocols, Algorithms, and Source Code in C//-->
<!--AUTHOR=Bruce Schneier//-->
<!--PUBLISHER=Wiley Computer Publishing//-->
<!--CHAPTER=12//-->
<!--PAGES=297-299//-->
<!--UNASSIGNED1//-->
<!--UNASSIGNED2//-->
<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="12-14.html">Previous</A></TD>
<TD><A HREF="../ewtoc.html">Table of Contents</A></TD>
<TD><A HREF="12-16.html">Next</A></TD>
</TR>
</TABLE>
</CENTER>
<P><BR></P>
<P><FONT SIZE="+1"><B><I>RDES</I></B></FONT></P>
<P>RDES is a variant that replaces swapping the left and right halves at the end of each round with a key-dependent swap [893]. The swappings are fixed, depending solely on the key. This means that the 15 key-dependent swaps occur with 2<SUP>15</SUP> possible instances, and that the variant is not resistant to differential cryptanalysis [816,894,112]. RDES has a large number of weak keys. In fact, almost every key is weaker than a typical DES key. This variant should not be used.</P>
<P>A better idea is to swap only within the right half, at the beginning of each round. Another better idea is to make the swapping dependent on the input data and not a static function of the key. There are a number of possible variants [813,815]. In RDES-1, there is a data-dependent swap of the 16-bit words at the beginning of each round. In RDES-2, there is a data-dependent swap of the bytes at the beginning of each round after the 16-bit swappings as in RDES-1. And so on through RDES-4. RDES-1 is secure against both differential cryptanalysis [815] and linear cryptanalysis [1136]. Presumably RDES-2 and greater are as well.</P>
<TABLE WIDTH="70%"><TR>
<TH CAPTION COLSPAN="12" ALIGN="CENTER">Table 12.15<BR>Differential Cryptanalysis Attacks against DES Variants
<TR>
<TD COLSPAN="2"><HR>
<TR>
<TH WIDTH="45%" VALIGN="TOP" ALIGN="CENTER">Modified Operation
<TH WIDTH="25%" VALIGN="TOP" ALIGN="CENTER">Chosen Plaintexts
<TR>
<TD COLSPAN="2"><HR>
<TR>
<TD VALIGN="TOP" ALIGN="LEFT">Full DES (no modification)
<TD VALIGN="TOP" ALIGN="CENTER">2<SUP>47</SUP>
<TR>
<TD VALIGN="TOP" ALIGN="LEFT">P permutation
<TD VALIGN="TOP" ALIGN="CENTER">Cannot strengthen
<TR>
<TD VALIGN="TOP" ALIGN="LEFT"> Identity permutation
<TD VALIGN="TOP" ALIGN="CENTER">2<SUP>19</SUP>
<TR>
<TD VALIGN="TOP" ALIGN="LEFT">Order of S-boxes
<TD VALIGN="TOP" ALIGN="CENTER">2<SUP>38</SUP>
<TR>
<TD VALIGN="TOP" ALIGN="LEFT">Replace XORs by additions
<TD VALIGN="TOP" ALIGN="CENTER">2<SUP>39,</SUP> 2<SUP>31</SUP>
<TR>
<TD VALIGN="TOP" ALIGN="LEFT">S-boxes:
<TR>
<TD VALIGN="TOP" ALIGN="LEFT"> Random
<TD VALIGN="TOP" ALIGN="CENTER">2<SUP>18</SUP>–2<SUP>20</SUP>
<TR>
<TD VALIGN="TOP" ALIGN="LEFT"> Random permutations
<TD VALIGN="TOP" ALIGN="CENTER">2<SUP>33</SUP>–2<SUP>41</SUP>
<TR>
<TD VALIGN="TOP" ALIGN="LEFT"> One entry
<TD VALIGN="TOP" ALIGN="CENTER">2<SUP>33</SUP>
<TR>
<TD VALIGN="TOP" ALIGN="LEFT"> Uniform tables
<TD VALIGN="TOP" ALIGN="CENTER">2<SUP>26</SUP>
<TR>
<TD VALIGN="TOP" ALIGN="LEFT">Elimination of the E Expansion
<TD VALIGN="TOP" ALIGN="CENTER">2<SUP>26</SUP>
<TR>
<TD VALIGN="TOP" ALIGN="LEFT">Order of E and subkey XOR
<TD VALIGN="TOP" ALIGN="CENTER">2<SUP>44</SUP>
<TR>
<TD VALIGN="TOP" ALIGN="LEFT">GDES (width q = 8):
<TR>
<TD VALIGN="TOP" ALIGN="LEFT"> 16 rounds
<TD VALIGN="TOP" ALIGN="CENTER">6, 16
<TR>
<TD VALIGN="TOP" ALIGN="LEFT"> 64 rounds
<TD VALIGN="TOP" ALIGN="CENTER">2<SUP>49</SUP> (independent key)
<TR>
<TD COLSPAN="2"><HR>
<TR>
</TABLE>
<P><B><I>s<SUP>n</SUP> DES</I></B></P>
<P>A group of Korean researchers, led by Kwangjo Kim, has attempted to find a set of S-boxes that are optimally secure against both linear and differential cryptanalysis. Their first attempt, known as <I>s</I><SUP>2</SUP>DES, was presented in [834] and shown to be worse than DES against differential cryptanalysis in [855,858]. Their next attempt, <I>s</I><SUP>3</SUP>DES, was presented in [839] and shown to be worse than DES against linear cryptanalysis [856,1491,1527,858,838]. Biham suggested a minor change to make <I>s</I><SUP>3</SUP>DES secure against both linear and differential cryptanalysis [165]. The group went back to their computers and developed better techniques for S-box design [835,837]. They proposed <I>s</I><SUP>4</SUP>DES [836] and then <I>s</I><SUP>5</SUP>DES [838,944].</P>
<P>Table 12.16 gives the <I>s</I><SUP>3</SUP>DES S-boxes with S-box 1 and S-box 2 reversed, which are secure against both differential and linear cryptanalysis. Sticking this variant in a triple-DES mix is sure to irritate cryptanalysts.</P>
<P><FONT SIZE="+1"><B><I>DES with Key-Dependent S-Boxes</I></B></FONT></P>
<P>Linear and differential cryptanalysis work only if the analyst knows the composition of the S-boxes. If the S-boxes are key-dependent and chosen by a cryptographically strong method, then linear and differential cryptanalysis are much more difficult. Remember though, that randomly generated S-boxes have very poor differential and linear characteristics; even if they are secret.
</P>
<TABLE WIDTH="100%"><TR>
<TH CAPTION COLSPAN="16" ALIGN="CENTER">Table 12.16<BR><I>s</I><SUP>3</SUP>DES S-Boxes (with S-box 1 and S-box 2 reversed)
<TR>
<TD COLSPAN="16"><HR>
<TR>
<TH VALIGN="TOP" ALIGN="RIGHT" COLSPAN="3"><I>S-box 1:</I>
<TR>
<TD VALIGN="TOP" ALIGN="RIGHT">13
<TD VALIGN="TOP" ALIGN="RIGHT">14
<TD VALIGN="TOP" ALIGN="RIGHT">0
<TD VALIGN="TOP" ALIGN="RIGHT">3
<TD VALIGN="TOP" ALIGN="RIGHT">10
<TD VALIGN="TOP" ALIGN="RIGHT">4
<TD VALIGN="TOP" ALIGN="RIGHT">7
<TD VALIGN="TOP" ALIGN="RIGHT">9
<TD VALIGN="TOP" ALIGN="RIGHT">11
<TD VALIGN="TOP" ALIGN="RIGHT">8
<TD VALIGN="TOP" ALIGN="RIGHT">12
<TD VALIGN="TOP" ALIGN="RIGHT">6
<TD VALIGN="TOP" ALIGN="RIGHT">1
<TD VALIGN="TOP" ALIGN="RIGHT">15
<TD VALIGN="TOP" ALIGN="RIGHT">2
<TD VALIGN="TOP" ALIGN="RIGHT">5
<TR>
<TD VALIGN="TOP" ALIGN="RIGHT">8
<TD VALIGN="TOP" ALIGN="RIGHT">2
<TD VALIGN="TOP" ALIGN="RIGHT">11
<TD VALIGN="TOP" ALIGN="RIGHT">13
<TD VALIGN="TOP" ALIGN="RIGHT">4
<TD VALIGN="TOP" ALIGN="RIGHT">1
<TD VALIGN="TOP" ALIGN="RIGHT">14
<TD VALIGN="TOP" ALIGN="RIGHT">7
<TD VALIGN="TOP" ALIGN="RIGHT">5
<TD VALIGN="TOP" ALIGN="RIGHT">15
<TD VALIGN="TOP" ALIGN="RIGHT">0
<TD VALIGN="TOP" ALIGN="RIGHT">3
<TD VALIGN="TOP" ALIGN="RIGHT">10
<TD VALIGN="TOP" ALIGN="RIGHT">6
<TD VALIGN="TOP" ALIGN="RIGHT">9
<TD VALIGN="TOP" ALIGN="RIGHT">12
<TR>
<TD VALIGN="TOP" ALIGN="RIGHT">14
<TD VALIGN="TOP" ALIGN="RIGHT">9
<TD VALIGN="TOP" ALIGN="RIGHT">3
<TD VALIGN="TOP" ALIGN="RIGHT">10
<TD VALIGN="TOP" ALIGN="RIGHT">0
<TD VALIGN="TOP" ALIGN="RIGHT">7
<TD VALIGN="TOP" ALIGN="RIGHT">13
<TD VALIGN="TOP" ALIGN="RIGHT">4
<TD VALIGN="TOP" ALIGN="RIGHT">8
<TD VALIGN="TOP" ALIGN="RIGHT">5
<TD VALIGN="TOP" ALIGN="RIGHT">6
<TD VALIGN="TOP" ALIGN="RIGHT">15
<TD VALIGN="TOP" ALIGN="RIGHT">11
<TD VALIGN="TOP" ALIGN="RIGHT">12
<TD VALIGN="TOP" ALIGN="RIGHT">1
<TD VALIGN="TOP" ALIGN="RIGHT">2
<TR>
<TD VALIGN="TOP" ALIGN="RIGHT">1
<TD VALIGN="TOP" ALIGN="RIGHT">4
<TD VALIGN="TOP" ALIGN="RIGHT">14
<TD VALIGN="TOP" ALIGN="RIGHT">7
<TD VALIGN="TOP" ALIGN="RIGHT">11
<TD VALIGN="TOP" ALIGN="RIGHT">13
<TD VALIGN="TOP" ALIGN="RIGHT">8
<TD VALIGN="TOP" ALIGN="RIGHT">2
<TD VALIGN="TOP" ALIGN="RIGHT">6
<TD VALIGN="TOP" ALIGN="RIGHT">3
<TD VALIGN="TOP" ALIGN="RIGHT">5
<TD VALIGN="TOP" ALIGN="RIGHT">10
<TD VALIGN="TOP" ALIGN="RIGHT">12
<TD VALIGN="TOP" ALIGN="RIGHT">0
<TD VALIGN="TOP" ALIGN="RIGHT">15
<TD VALIGN="TOP" ALIGN="RIGHT">9
<TR>
<TH VALIGN="TOP" ALIGN="RIGHT" COLSPAN="3"><I>S-box 2:</I>
<TR>
<TD VALIGN="TOP" ALIGN="RIGHT">15
<TD VALIGN="TOP" ALIGN="RIGHT">8
<TD VALIGN="TOP" ALIGN="RIGHT">3
<TD VALIGN="TOP" ALIGN="RIGHT">14
<TD VALIGN="TOP" ALIGN="RIGHT">4
<TD VALIGN="TOP" ALIGN="RIGHT">2
<TD VALIGN="TOP" ALIGN="RIGHT">9
<TD VALIGN="TOP" ALIGN="RIGHT">5
<TD VALIGN="TOP" ALIGN="RIGHT">0
<TD VALIGN="TOP" ALIGN="RIGHT">11
<TD VALIGN="TOP" ALIGN="RIGHT">10
<TD VALIGN="TOP" ALIGN="RIGHT">1
<TD VALIGN="TOP" ALIGN="RIGHT">13
<TD VALIGN="TOP" ALIGN="RIGHT">7
<TD VALIGN="TOP" ALIGN="RIGHT">6
<TD VALIGN="TOP" ALIGN="RIGHT">12
<TR>
<TD VALIGN="TOP" ALIGN="RIGHT">6
<TD VALIGN="TOP" ALIGN="RIGHT">15
<TD VALIGN="TOP" ALIGN="RIGHT">9
<TD VALIGN="TOP" ALIGN="RIGHT">5
<TD VALIGN="TOP" ALIGN="RIGHT">3
<TD VALIGN="TOP" ALIGN="RIGHT">12
<TD VALIGN="TOP" ALIGN="RIGHT">10
<TD VALIGN="TOP" ALIGN="RIGHT">0
<TD VALIGN="TOP" ALIGN="RIGHT">13
<TD VALIGN="TOP" ALIGN="RIGHT">8
<TD VALIGN="TOP" ALIGN="RIGHT">4
<TD VALIGN="TOP" ALIGN="RIGHT">11
<TD VALIGN="TOP" ALIGN="RIGHT">14
<TD VALIGN="TOP" ALIGN="RIGHT">2
<TD VALIGN="TOP" ALIGN="RIGHT">1
<TD VALIGN="TOP" ALIGN="RIGHT">7
<TR>
<TD VALIGN="TOP" ALIGN="RIGHT">9
<TD VALIGN="TOP" ALIGN="RIGHT">14
<TD VALIGN="TOP" ALIGN="RIGHT">5
<TD VALIGN="TOP" ALIGN="RIGHT">8
<TD VALIGN="TOP" ALIGN="RIGHT">2
<TD VALIGN="TOP" ALIGN="RIGHT">4
<TD VALIGN="TOP" ALIGN="RIGHT">15
<TD VALIGN="TOP" ALIGN="RIGHT">3
<TD VALIGN="TOP" ALIGN="RIGHT">10
<TD VALIGN="TOP" ALIGN="RIGHT">7
<TD VALIGN="TOP" ALIGN="RIGHT">6
<TD VALIGN="TOP" ALIGN="RIGHT">13
<TD VALIGN="TOP" ALIGN="RIGHT">1
<TD VALIGN="TOP" ALIGN="RIGHT">11
<TD VALIGN="TOP" ALIGN="RIGHT">12
<TD VALIGN="TOP" ALIGN="RIGHT">0
<TR>
<TD VALIGN="TOP" ALIGN="RIGHT">10
<TD VALIGN="TOP" ALIGN="RIGHT">5
<TD VALIGN="TOP" ALIGN="RIGHT">3
<TD VALIGN="TOP" ALIGN="RIGHT">15
<TD VALIGN="TOP" ALIGN="RIGHT">12
<TD VALIGN="TOP" ALIGN="RIGHT">9
<TD VALIGN="TOP" ALIGN="RIGHT">0
<TD VALIGN="TOP" ALIGN="RIGHT">6
<TD VALIGN="TOP" ALIGN="RIGHT">1
<TD VALIGN="TOP" ALIGN="RIGHT">2
<TD VALIGN="TOP" ALIGN="RIGHT">8
<TD VALIGN="TOP" ALIGN="RIGHT">4
<TD VALIGN="TOP" ALIGN="RIGHT">11
<TD VALIGN="TOP" ALIGN="RIGHT">14
<TD VALIGN="TOP" ALIGN="RIGHT">7
<TD VALIGN="TOP" ALIGN="RIGHT">13
<TR>
<TH VALIGN="TOP" ALIGN="RIGHT" COLSPAN="3"><I>S-box 3:</I>
<TR>
<TD VALIGN="TOP" ALIGN="RIGHT">13
<TD VALIGN="TOP" ALIGN="RIGHT">3
<TD VALIGN="TOP" ALIGN="RIGHT">11
<TD VALIGN="TOP" ALIGN="RIGHT">5
<TD VALIGN="TOP" ALIGN="RIGHT">14
<TD VALIGN="TOP" ALIGN="RIGHT">8
<TD VALIGN="TOP" ALIGN="RIGHT">0
<TD VALIGN="TOP" ALIGN="RIGHT">6
<TD VALIGN="TOP" ALIGN="RIGHT">4
<TD VALIGN="TOP" ALIGN="RIGHT">15
<TD VALIGN="TOP" ALIGN="RIGHT">1
<TD VALIGN="TOP" ALIGN="RIGHT">12
<TD VALIGN="TOP" ALIGN="RIGHT">7
<TD VALIGN="TOP" ALIGN="RIGHT">2
<TD VALIGN="TOP" ALIGN="RIGHT">10
<TD VALIGN="TOP" ALIGN="RIGHT">9
<TR>
<TD VALIGN="TOP" ALIGN="RIGHT">4
<TD VALIGN="TOP" ALIGN="RIGHT">13
<TD VALIGN="TOP" ALIGN="RIGHT">1
<TD VALIGN="TOP" ALIGN="RIGHT">8
<TD VALIGN="TOP" ALIGN="RIGHT">7
<TD VALIGN="TOP" ALIGN="RIGHT">2
<TD VALIGN="TOP" ALIGN="RIGHT">14
<TD VALIGN="TOP" ALIGN="RIGHT">11
<TD VALIGN="TOP" ALIGN="RIGHT">15
<TD VALIGN="TOP" ALIGN="RIGHT">10
<TD VALIGN="TOP" ALIGN="RIGHT">12
<TD VALIGN="TOP" ALIGN="RIGHT">3
<TD VALIGN="TOP" ALIGN="RIGHT">9
<TD VALIGN="TOP" ALIGN="RIGHT">5
<TD VALIGN="TOP" ALIGN="RIGHT">0
<TD VALIGN="TOP" ALIGN="RIGHT">6
<TR>
<TD VALIGN="TOP" ALIGN="RIGHT">6
<TD VALIGN="TOP" ALIGN="RIGHT">5
<TD VALIGN="TOP" ALIGN="RIGHT">8
<TD VALIGN="TOP" ALIGN="RIGHT">11
<TD VALIGN="TOP" ALIGN="RIGHT">13
<TD VALIGN="TOP" ALIGN="RIGHT">14
<TD VALIGN="TOP" ALIGN="RIGHT">3
<TD VALIGN="TOP" ALIGN="RIGHT">0
<TD VALIGN="TOP" ALIGN="RIGHT">9
<TD VALIGN="TOP" ALIGN="RIGHT">2
<TD VALIGN="TOP" ALIGN="RIGHT">4
<TD VALIGN="TOP" ALIGN="RIGHT">1
<TD VALIGN="TOP" ALIGN="RIGHT">10
<TD VALIGN="TOP" ALIGN="RIGHT">7
<TD VALIGN="TOP" ALIGN="RIGHT">15
<TD VALIGN="TOP" ALIGN="RIGHT">12
<TR>
<TD VALIGN="TOP" ALIGN="RIGHT">1
<TD VALIGN="TOP" ALIGN="RIGHT">11
<TD VALIGN="TOP" ALIGN="RIGHT">7
<TD VALIGN="TOP" ALIGN="RIGHT">2
<TD VALIGN="TOP" ALIGN="RIGHT">8
<TD VALIGN="TOP" ALIGN="RIGHT">13
<TD VALIGN="TOP" ALIGN="RIGHT">4
<TD VALIGN="TOP" ALIGN="RIGHT">14
<TD VALIGN="TOP" ALIGN="RIGHT">6
<TD VALIGN="TOP" ALIGN="RIGHT">12
<TD VALIGN="TOP" ALIGN="RIGHT">10
<TD VALIGN="TOP" ALIGN="RIGHT">15
<TD VALIGN="TOP" ALIGN="RIGHT">3
<TD VALIGN="TOP" ALIGN="RIGHT">0
<TD VALIGN="TOP" ALIGN="RIGHT">9
<TD VALIGN="TOP" ALIGN="RIGHT">5
<TR>
<TH VALIGN="TOP" ALIGN="RIGHT" COLSPAN="3"><I>S-box 4:</I>
<TR>
<TD VALIGN="TOP" ALIGN="RIGHT">9
<TD VALIGN="TOP" ALIGN="RIGHT">0
<TD VALIGN="TOP" ALIGN="RIGHT">7
<TD VALIGN="TOP" ALIGN="RIGHT">11
<TD VALIGN="TOP" ALIGN="RIGHT">12
<TD VALIGN="TOP" ALIGN="RIGHT">5
<TD VALIGN="TOP" ALIGN="RIGHT">10
<TD VALIGN="TOP" ALIGN="RIGHT">6
<TD VALIGN="TOP" ALIGN="RIGHT">15
<TD VALIGN="TOP" ALIGN="RIGHT">3
<TD VALIGN="TOP" ALIGN="RIGHT">1
<TD VALIGN="TOP" ALIGN="RIGHT">14
<TD VALIGN="TOP" ALIGN="RIGHT">2
<TD VALIGN="TOP" ALIGN="RIGHT">8
<TD VALIGN="TOP" ALIGN="RIGHT">4
<TD VALIGN="TOP" ALIGN="RIGHT">13
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -