The main parameters of xmx are variable, including the block size and key size, which are equal, as well as the number of rounds. In addition to the key, it also makes use of an odd modulus n which is small enough to fit in a single block.
The round function is f(m)=(moa)·b mod n, where a and b are subkeys and b is coprime to n. Here moa represents an operation that equals m XOR a, if that is less than n, and otherwise equals m. This is a simple invertible operation: moaoa = m. The xmx cipher consists of an even number of iterations of the round function, followed by a final o with an additional subkey.
The key schedule is very simple, using the same key for all the multipliers, and three different subkeys for the others: the key itself for the first half of the cipher, its multiplicative inverse mod n for the last half, and the XOR of these two for the middle subkey.
The designers defined four specific variants of xmx:
Standard: 512-bit block size, 8 rounds, n=2512-1
High security: 768-bit block size, 12 rounds, n=2768-1
Borisov, et al., using a multiplicative form of differential cryptanalysis, found a complementation property for any variant of xmx, like the first three above, such that n=2k-1, where k is the block size. They also found large weak key classes for the Challenge variant, and for many other moduli.
Referencesedit
David M'Raïhi; David Naccache; Jacques Stern; Serge Vaudenay (January 1997). xmx: A Firmware-Oriented Block Cipher Based on Modular Multiplications(PDF/PostScript). 4th International Workshop on Fast Software Encryption (FSE '97). Haifa: Springer-Verlag. pp. 166–171. Retrieved 3 January 2007.
Nikita Borisov, Monica Chew, Rob Johnson, David Wagner (February 2002). Multiplicative Differentials(PDF/PostScript). 9th International Workshop on Fast Software Encryption (FSE '02). Leuven: Springer-Verlag. pp. 17–33. Retrieved 3 January 2007.{{cite conference}}: CS1 maint: multiple names: authors list (link)
April 11, 2024
other, uses, disambiguation, cryptography, block, cipher, designed, 1997, david, raïhi, david, naccache, jacques, stern, serge, vaudenay, according, designers, uses, public, like, operations, confusion, diffusion, means, cipher, designed, efficiency, only, ope. For other uses see XMX disambiguation In cryptography xmx is a block cipher designed in 1997 by David M Raihi David Naccache Jacques Stern and Serge Vaudenay According to the designers it uses public key like operations as confusion and diffusion means The cipher was designed for efficiency and the only operations it uses are XORs and modular multiplications xmxGeneralDesignersDavid M Raihi David Naccache Jacques Stern Serge VaudenayFirst publishedJanuary 1997Cipher detailKey sizesvariable equal to block sizeBlock sizesvariableRoundsvariable evenBest public cryptanalysisdifferential cryptanalysis complementation property weak keysThe main parameters of xmx are variable including the block size and key size which are equal as well as the number of rounds In addition to the key it also makes use of an odd modulus n which is small enough to fit in a single block The round function is f m moa b mod n where a and b are subkeys and b is coprime to n Here moa represents an operation that equals m XOR a if that is less than n and otherwise equals m This is a simple invertible operation moaoa m The xmx cipher consists of an even number of iterations of the round function followed by a final o with an additional subkey The key schedule is very simple using the same key for all the multipliers and three different subkeys for the others the key itself for the first half of the cipher its multiplicative inverse mod n for the last half and the XOR of these two for the middle subkey The designers defined four specific variants of xmx Standard 512 bit block size 8 rounds n 2512 1 High security 768 bit block size 12 rounds n 2768 1 Very high security 1024 bit block size 16 rounds n 21024 1 Challenge 256 bit block size 8 rounds n 280 1 2176 157Borisov et al using a multiplicative form of differential cryptanalysis found a complementation property for any variant of xmx like the first three above such that n 2k 1 where k is the block size They also found large weak key classes for the Challenge variant and for many other moduli References editDavid M Raihi David Naccache Jacques Stern Serge Vaudenay January 1997 xmx A Firmware Oriented Block Cipher Based on Modular Multiplications PDF PostScript 4th International Workshop on Fast Software Encryption FSE 97 Haifa Springer Verlag pp 166 171 Retrieved 3 January 2007 Nikita Borisov Monica Chew Rob Johnson David Wagner February 2002 Multiplicative Differentials PDF PostScript 9th International Workshop on Fast Software Encryption FSE 02 Leuven Springer Verlag pp 17 33 Retrieved 3 January 2007 a href Template Cite conference html title Template Cite conference cite conference a CS1 maint multiple names authors list link Retrieved from https en wikipedia org w index php title Xmx amp oldid 1161980390, wikipedia, wiki, book, books, library,
