M8 (cipher): Difference between revisions
Content deleted Content added
Revert to a (much) older revision to remove poorly-written material by good-faith editor 93.175.28.*. The material was mostly basic introductions to cryptanalytical techniques, along with an incomprehensible algorithm description. |
+ a short (stub) section on cryptanalytical results, move ISO registration and ref to main text |
||
| Line 12: | Line 12: | ||
| cryptanalysis = |
| cryptanalysis = |
||
}} |
}} |
||
In [[cryptography]], '''M8''' is a [[block cipher]] designed by [[Hitachi, Ltd.|Hitachi]] in 1999. It is a modification of Hitachi's earlier [[M6 (cipher)|M6]] algorithm, designed for greater security and high performance in both hardware and 32-bit software implementations. |
In [[cryptography]], '''M8''' is a [[block cipher]] designed by [[Hitachi, Ltd.|Hitachi]] in 1999. It is a modification of Hitachi's earlier [[M6 (cipher)|M6]] algorithm, designed for greater security and high performance in both hardware and 32-bit software implementations. M8 was registered under ISO/IEC 9799 with the registration number 20<ref>{{cite web |
||
| ⚫ | Like M6, M8 is a 10-round [[Feistel cipher]] with a [[block size (cryptography)|block size]] of 64 bits. The round function can include [[bit rotation]]s, [[XOR]]s, and [[modular arithmetic|modular addition]], but the structure of each round function used is determined by the [[key (cryptography)|key]]. Making these variations key-dependent is intended to make [[cryptanalysis]] more difficult (see [[FROG]] for a similar design philosophy). |
||
| ⚫ | |||
* {{cite web |
|||
|url=http://www.chrismitchell.net/ISO-register/0020.pdf |
|url=http://www.chrismitchell.net/ISO-register/0020.pdf |
||
|title=ISO/IEC9979-0020 Register Entry |
|title=ISO/IEC9979-0020 Register Entry |
||
|publisher=ISO/IEC 9979 Register of Cryptographic Algorithms |
|publisher=ISO/IEC 9979 Register of Cryptographic Algorithms |
||
|website=Professor Chris Mitchell, Information Security Group, [[Royal Holloway, University of London]] |
|website=Professor Chris Mitchell, Information Security Group, [[Royal Holloway, University of London]] |
||
}} |
}} </ref> |
||
| ⚫ | Like M6, M8 is a 10-round [[Feistel cipher]] with a [[block size (cryptography)|block size]] of 64 bits. The round function can include [[bit rotation]]s, [[XOR]]s, and [[modular arithmetic|modular addition]], but the structure of each round function used is determined by the [[key (cryptography)|key]]. Making these variations key-dependent is intended to make [[cryptanalysis]] more difficult (see [[FROG]] for a similar design philosophy). |
||
==Cryptanalysis== |
|||
The key-dependent behaviour of the cipher results in a large class of [[weak key]]s which expose the cipher to a range of attacks, including [[differential cryptanalysis]], [[linear cryptanalysis]] and [[mod n cryptanalysis]]<ref>{{cite journal |
|||
|author1=Toshio Tokita |author2=Tsutomu Matsumoto | title = On Applicability of Differential Cryptanalysis, Linear Cryptanalysis and Mod n Cryptanalysis to an Encryption Algorithm [[M8 (cipher)|M8]] (ISO9979-20) |
|||
| journal = Ipsj Journal |
|||
| volume = 42 |
|||
| issue = 8 }}</ref>. |
|||
| ⚫ | |||
{{reflist}} |
|||
{{Hitachi}} |
{{Hitachi}} |
||
Revision as of 02:55, 6 December 2021
| General | |
|---|---|
| Designers | Hitachi |
| First published | 1999 |
| Derived from | M6 |
| Cipher detail | |
| Block sizes | 64 bits |
| Structure | Feistel network |
| Rounds | 10 |
In cryptography, M8 is a block cipher designed by Hitachi in 1999. It is a modification of Hitachi's earlier M6 algorithm, designed for greater security and high performance in both hardware and 32-bit software implementations. M8 was registered under ISO/IEC 9799 with the registration number 20[1]
Like M6, M8 is a 10-round Feistel cipher with a block size of 64 bits. The round function can include bit rotations, XORs, and modular addition, but the structure of each round function used is determined by the key. Making these variations key-dependent is intended to make cryptanalysis more difficult (see FROG for a similar design philosophy).
Cryptanalysis
The key-dependent behaviour of the cipher results in a large class of weak keys which expose the cipher to a range of attacks, including differential cryptanalysis, linear cryptanalysis and mod n cryptanalysis[2].
References
- ^ "ISO/IEC9979-0020 Register Entry" (PDF). Professor Chris Mitchell, Information Security Group, Royal Holloway, University of London. ISO/IEC 9979 Register of Cryptographic Algorithms.
- ^ Toshio Tokita; Tsutomu Matsumoto. "On Applicability of Differential Cryptanalysis, Linear Cryptanalysis and Mod n Cryptanalysis to an Encryption Algorithm M8 (ISO9979-20)". Ipsj Journal. 42 (8).
| Divisions and subsidiaries |
|  | ||||
|---|---|---|---|---|---|---|
| Joint ventures and shareholdings |
| |||||
| Products, services and standards |
| |||||
| People | ||||||
| Places | ||||||
| Other | ||||||
| ||||||
 | This cryptography-related article is a stub. You can help Wikipedia by expanding it. |