This preview shows page 1. Sign up to view the full content.
Unformatted text preview: erent security properties. Lai says it would be difficult to make it work [926]. While IDEA appears to be significantly more secure than DES, it isn’t always easy to substitute one for the other in an existing application. If your database and message templates are hardwired to accept a 64bit key, it may be impossible to implement IDEA’s 128bit key. For those applications, generate a 128bit key by concatenating the 64bit key with itself. Remember that IDEA is weakened considerably by this modification. If you are more concerned with speed than security, you might consider a variant of IDEA with fewer rounds. Currently the best attack against IDEA is faster than brute force only for 2.5 rounds or less [1050]; 4 round IDEA would be twice as fast and, as far as I know, just as secure. Caveat Emptor
IDEA is a relatively new algorithm, and many questions remain. Is IDEA a group? (Lai thinks not [926].) Are there any stillundiscovered ways of breaking this cipher? IDEA has a firm theoretical basis, but time and time again securelooking algorithms have fallen to new forms of cryptanalysis. Several academic and military groups have cryptanalyzed IDEA. None of them has gone public about any successes they might have had. One might—someday. Patents and Licenses
IDEA is patented in Europe and the United States [1012, 1013]. The patent is held by AscomTech AG. No license fee is required for noncommercial use. Commercial users interested in licensing the algorithm should contact Ascom Systec AG, Dept CMVV, Gewerbepark, CH5506, Mägenwil, Switzerland; +41 64 56 59 83; Fax:+41 64 56 59 90; idea@ascom.ch. 13.10 MMB
A complaint against IDEA, that it uses a 64bit encryption block, was addressed by Joan Daemen in an algorithm called MMB (Modular Multiplicationbased Block cipher) [385, 405, 406]. MMB is based on the same basic theory as IDEA: mixing operations of different algebraic groups. MMB is an iterative algorithm that mainly consists of linear steps (XOR and key applications) and the parallel applications of four large nonlinear invertible substitutions. These substitutions a...
View
Full
Document
This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.
 Fall '10
 ALIULGER
 Cryptography

Click to edit the document details