Unformatted text preview: of operations required to determine the key from a sample of plaintext and ciphertext should be statistically equal to the product of the operations in an encryption times the number of possible keys. (This means that no plaintext attack should be better than brute force.) 3. Knowledge of the algorithm should not defeat the strength of the cipher. (All the security should rest in the key.) 4. A onebit change of the key should produce a radical change in the ciphertext using the same plaintext, and a 1bit change of the plaintext should produce a radical change in the ciphertext using the same key. (This is the avalanche effect.) 5. The algorithm should contain a noncommutative combination of substitution and permutation. 6. The algorithm should include substitutions and permutations under the control of both the input data and the key. 7. Redundant bit groups in the plaintext should be totally obscured in the ciphertext. 8. The length of the ciphertext should be the same length as the plaintext. 9. There should be no simple relationships between any possible keys and ciphertext effects. 10. Any possible key should produce a strong cipher. (There should be no weak keys.) 11. The length of the key and the text should be adjustable to meet varying security requirements. 12. The algorithm should be efficiently implementable in software on large mainframes, minicomputers, and microcomputers, and in discrete logic. (In fact, the functions used in the algorithm are limited to XOR and bitshifting.) DES had already met objectives one through nine, but the next three were new. Assuming that the best way to break the algorithm was through brute force, a variablelength key would surely silence those who thought 56 bits was too low. They could implement this algorithm with any key length they desired. And, for anyone who has ever attempted to implement DES in software, an algorithm that took software implementations into account would be welcomed. Description of Madryga
Madryga consists of two nested cycles. T...
View
Full
Document
This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.
 Fall '10
 ALIULGER
 Cryptography

Click to edit the document details