eurisko
10-04-2004, 05:05 PM
Since I (and Hundreds of others) are interested in a fix for N2 i wanted to post some info on the actual encryption methods of N2. This will be usefull for cryptanalysis to decypher N2. I take little responsibility for writing these journals, but gathered them from many sources to aid in this project. I know this is a LONG READ but its got some VERY GOOD info in it. I
-----------------------
International Data Encryption Algorithm (IDEA) is a symmetric cypher algorithm used to encrypt and decrypt data. A key (which must be randomly chosen) is used to encrypt the data, and that same secret key is needed for decrypting the data again.
IDEA is the second version of a block cipher designed by Xuejia Lai and James L. Massey of ETH-Zürich. RSA Security [1] describes it this way:
[IDEA] is a 64-bit iterative block cipher with a 128-bit key. The encryption process requires eight complex rounds. Decryption is carried out in the same manner as encryption once the decryption subkeys have been calculated from the encryption subkeys. The cipher structure was designed to be easily implemented in both software and hardware, and the security of IDEA relies on the use of three incompatible types of arithmetic operations on 16-bit words. However some of the arithmetic operations used in IDEA are not that fast in software. As a result the speed of IDEA in software is similar to that of DES. [1]
RSA Security goes on to say that IDEA was analyzed to measure its strength against differential cryptanalysis. The analysis concluded that IDEA is immune to that technique. In fact, (says RSA Security), there are no linear cryptanalytic attacks on IDEA, and there are no known algebraic weaknesses in IDEA. The only weakness of note was discovered by Daemen [DGV94]: using any of a class of 251 weak keys during encryption results in easy detection and recovery of the key. "However, since there are 2128 possible keys, this result has no impact on the practical security of the cipher for encryption provided the encryption keys are chosen at random. IDEA is generally considered to be a very secure cipher and both the cipher development and its theoretical basis have been openly and widely discussed."
IDEA encryption is somewhat faster and generally considered to be more secure than DES encryption. But IDEA is newer and therefore has not been as extensively tested, and it is patented which restricts its commercial use. The patent will expire in 2011.
Further Reading
[LM92] X. Lai, J.L. Massey and S. Murphy, Markov ciphers and differential cryptanalysis, Advances in Cryptology - Eurocrypt '91, Springer-Verlag (1992), 17-38.
[DGV94] J. Daemen, R. Govaerts, and J. Vandewalle, Weak keys for IDEA, Advances in Cryptology - Crypto '93, Springer-Verlag (1994), 224-231.
-----------------------
http://www.pasta.cs.uit.no/thesis/html/ronnya/node16.html
-----------------------
Current speed of IDEA implementation can be as fast as DES, a respectable 2.4 Mbps on a 66MHz 486 machine
Note on Security:
There are two ways you can beef up security on this – increase the length of the key, and devise ever more complex algorithms. Luckily, we do not have to get involved in creating our own algorithms, since there are some perfectly acceptable standards out there, the main ones being DES (Data Encryption Standard), triple DES, IDEA (International Data Encryption Algorithm) and RC4 (an algorithm developed by Ron Rivest of RSA as a stream cipher with a variable key length).
Whereas the original DES algorithm uses 56 bit keys, later and more powerful systems use much longer ones, forcing potential hackers to run through trillions of combinations in any attempt to find the right one by brute force. Triple DES is an enhanced version of the original DES algorithm and encrypts data three times using three different keys (providing an effective key length of 112 bits). IDEA is a 128 bit mechanism developed by the University of Zurich in 1992 and is a favourite of European financial institutions.
Secret Key Cryptography
As you would imagine, the longer the key length, the more secure the encryption. Going back to our simple cipher, if our single digit key is represented by a letter of the alphabet, a potential hacker only has to try 26 possible combinations in order to crack the cipher using brute force. Now, if we increased the length of the key and wrote it beneath our original message (repeating the key over and over until it was equal to the length of the message), each character in the key would represent a different shift for the letter above. Of course, if short keys are used, then repeating patterns may begin to emerge in the message - the most secure method is to use a key the same length as the message itself, but this is impractical in real life situations. Combine long keys with sophisticated algorithms, however (something a little more complex than "shift each letter of the message by the value of the key character beneath") and you are in business.
-----------------------
International Data Encryption Algorithm (IDEA) is a symmetric cypher algorithm used to encrypt and decrypt data. A key (which must be randomly chosen) is used to encrypt the data, and that same secret key is needed for decrypting the data again.
IDEA is the second version of a block cipher designed by Xuejia Lai and James L. Massey of ETH-Zürich. RSA Security [1] describes it this way:
[IDEA] is a 64-bit iterative block cipher with a 128-bit key. The encryption process requires eight complex rounds. Decryption is carried out in the same manner as encryption once the decryption subkeys have been calculated from the encryption subkeys. The cipher structure was designed to be easily implemented in both software and hardware, and the security of IDEA relies on the use of three incompatible types of arithmetic operations on 16-bit words. However some of the arithmetic operations used in IDEA are not that fast in software. As a result the speed of IDEA in software is similar to that of DES. [1]
RSA Security goes on to say that IDEA was analyzed to measure its strength against differential cryptanalysis. The analysis concluded that IDEA is immune to that technique. In fact, (says RSA Security), there are no linear cryptanalytic attacks on IDEA, and there are no known algebraic weaknesses in IDEA. The only weakness of note was discovered by Daemen [DGV94]: using any of a class of 251 weak keys during encryption results in easy detection and recovery of the key. "However, since there are 2128 possible keys, this result has no impact on the practical security of the cipher for encryption provided the encryption keys are chosen at random. IDEA is generally considered to be a very secure cipher and both the cipher development and its theoretical basis have been openly and widely discussed."
IDEA encryption is somewhat faster and generally considered to be more secure than DES encryption. But IDEA is newer and therefore has not been as extensively tested, and it is patented which restricts its commercial use. The patent will expire in 2011.
Further Reading
[LM92] X. Lai, J.L. Massey and S. Murphy, Markov ciphers and differential cryptanalysis, Advances in Cryptology - Eurocrypt '91, Springer-Verlag (1992), 17-38.
[DGV94] J. Daemen, R. Govaerts, and J. Vandewalle, Weak keys for IDEA, Advances in Cryptology - Crypto '93, Springer-Verlag (1994), 224-231.
-----------------------
http://www.pasta.cs.uit.no/thesis/html/ronnya/node16.html
-----------------------
Current speed of IDEA implementation can be as fast as DES, a respectable 2.4 Mbps on a 66MHz 486 machine
Note on Security:
There are two ways you can beef up security on this – increase the length of the key, and devise ever more complex algorithms. Luckily, we do not have to get involved in creating our own algorithms, since there are some perfectly acceptable standards out there, the main ones being DES (Data Encryption Standard), triple DES, IDEA (International Data Encryption Algorithm) and RC4 (an algorithm developed by Ron Rivest of RSA as a stream cipher with a variable key length).
Whereas the original DES algorithm uses 56 bit keys, later and more powerful systems use much longer ones, forcing potential hackers to run through trillions of combinations in any attempt to find the right one by brute force. Triple DES is an enhanced version of the original DES algorithm and encrypts data three times using three different keys (providing an effective key length of 112 bits). IDEA is a 128 bit mechanism developed by the University of Zurich in 1992 and is a favourite of European financial institutions.
Secret Key Cryptography
As you would imagine, the longer the key length, the more secure the encryption. Going back to our simple cipher, if our single digit key is represented by a letter of the alphabet, a potential hacker only has to try 26 possible combinations in order to crack the cipher using brute force. Now, if we increased the length of the key and wrote it beneath our original message (repeating the key over and over until it was equal to the length of the message), each character in the key would represent a different shift for the letter above. Of course, if short keys are used, then repeating patterns may begin to emerge in the message - the most secure method is to use a key the same length as the message itself, but this is impractical in real life situations. Combine long keys with sophisticated algorithms, however (something a little more complex than "shift each letter of the message by the value of the key character beneath") and you are in business.