See this document in CiteSeerX!

How to Protect DES Against Exhaustive Key Search  (Make Corrections)  
(An Analysis of DESX) Joe Kilian Phillip Rogaway February 2, 2000



  Home/Search   Context   Related

 
View or download:
ucdavis.edu/~rogaway/papers/desx.ps
Cached:  PS.gz  PS  PDF   Image  Update  Help

From:  ucdavis.edu/~rogaway/papers/ (more)
(Enter author homepages)

Rate this article: (best)
  Comment on this article  
(Enter summary)

Abstract: The block cipher DESX is de ned by DESX k:k1:k2 (x) = k2  DES k (k1  x), where  denotes bitwise exclusive-or. This construction was rst suggested by Rivest as a computationallycheap way to protect DES against exhaustive key-search attacks. This paper proves, in a formal model, that the DESX construction is sound. We show that, when F is an idealized block cipher, FX k:k1:k2 (x) = k2  F k (k1  x) is substantially more resistant to key search than is F . (Update)

Similar documents based on text:
0.0:   Unknown -   (Correct)

BibTeX entry:   (Update)

@misc{ of-how,
  author = "An Analysis Of",
  title = "How to Protect DES Against Exhaustive Key Search",
  url = "citeseer.ist.psu.edu/766399.html" }
Citations (may not include all citations):
241   Communication theory of secrecy systems (context) - Shannon - 1949
86   How to protect DES against exhaustive key search - Kilian, Rogaway - 1996
60   erential Cryptanalysis of the Data Encryption Standard (context) - Biham, Shamir - 1993
52   Parallel collision search with cryptanalytic applications - van Oorschot, Wiener - 1999
51   Exhaustive cryptanalysis of the NBS Data Encryption Standard (context) - Diffie, Hellman - 1977
30   A construction of a cipher from a single pseudorandom permut.. - Even, Mansour - 1997
21   Multiple encryption: weighing security and performance (context) - Kaliski, Robshaw - 1996
18   How to strengthen DES using existing hardware - Biham, Biryukov - 1994
14   Limitations of the Even-Mansour construction - Daemen - 1992
13   Cracking DES: Secrets of Encryption Research (context) - Foundation - 1998
13   A proposed mode for triple-DES encryption (context) - Coppersmith, Johnson et al. - 1996
9   The rst experimental cryptanalysis of the data encryption st.. (context) - Matsui - 1994
8   personal communication (context) - Rivest - 1995
5   personal communication (context) - Kaliski - 1996
5   A cryptographic le system for UNIX (context) - Blaze - 1993

[Article contains additional citations not shown here]

Documents on the same site (http://www.cs.ucdavis.edu/~rogaway/papers/):   More
On the Construction of Variable-Input-Length Ciphers - Bellare, Rogaway (1999)   (Correct)
Authenticated Key Exchange Secure Against Dictionary Attacks - Bellare, Pointcheval.. (2000)   (Correct)
Reconciling Two Views of Cryptography (The Computational.. - Abadi, Rogaway (2000)   (Correct)

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC