Unformatted text preview: 5 12 6 2 11 1 7 1 8 9 10 5 3 15 0 12 3 7 14 1 15 6 12 8 5 11 8 13 2 10 12 3 5 6 15 0 12 2 9 1 6 11 5 0 3 7 14 13 8 0 5 3 12 9 1 8 11 13 14 4 7 2 6 15 10 4 1 5 11 3 0 8 7 14 13 9 0 5 10 15 2 13 4 14 7 11 1 8 7 1 0 14 3 9 14 4 2 15 12 1 5 6 11 8 4 14 11 8 15 12 6 10 9 5 0 3 9 3 7 10 1 8 2 11 15 5 12 6 2 4 13 1 6 5 9 0 12 15 3 10 Previous Table of Contents Next Products  Contact Us  About Us  Privacy  Ad Info  Home Use of this site is subject to certain Terms & Conditions, Copyright © 19962000 EarthWeb Inc. All rights reserved. Reproduction whole or in part in any form or medium without express written permission of EarthWeb is prohibited. Read EarthWeb's privacy statement. To access the contents, click the chapter and section titles. Applied Cryptography, Second Edition: Protocols, Algorthms, and Source Code in C (cloth)
Go!
Keyword
Brief Full Advanced Search Search Tips (Publisher: John Wiley & Sons, Inc.) Author(s): Bruce Schneier ISBN: 0471128457 Publication Date: 01/01/96 Search this book:
Go! Previous Table of Contents Next
 Here is a method to use 48 additional key bits to generate Sboxes that are resistant to both linear and differential cryptanalysis [165]. (1) Rearrange the DES Sboxes: 24673158. (2) Select 16 of the remaining key bits. If the first bit is 1, swap the first two rows of Sbox 1 with the last two rows of Sbox 1. If the second bit is a 1, swap the first eight columns of Sbox 1 with the second eight columns of Sbox 1. Do the same to Sbox 2 with the third and fourth key bits. Do the same with Sboxes 3 through 8. (3) Take the remaining 32 key bits. XOR the first four with every entry of Sbox 1, the second four with every entry of Sbox 2 and so on. The complexity of a differential cryptanalysis attack against this system is 251; the complexity of a linear cryptanalysis attack is 253. The complexity of exhaustive search is 2102. What is neat about this DES variant is that it can be implemented in existing hardware. Several DES chip vendors sell DES chips with loadable Sboxes. This Sbox generation method can be do...
View
Full
Document
This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.
 Fall '10
 ALIULGER
 Cryptography

Click to edit the document details