Jump to content

M8 (cipher)

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Nneonneo (talk | contribs) at 02:57, 6 December 2021 (fix ISO number). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

M8
General
DesignersHitachi
First published1999
Derived fromM6
Cipher detail
Block sizes64 bits
StructureFeistel network
Rounds10

In cryptography, M8 is a block cipher designed by Hitachi in 1999. It is a modification of Hitachi's earlier M6 algorithm, designed for greater security and high performance in both hardware and 32-bit software implementations. M8 was registered under ISO/IEC 9979 with the registration number 20.[1]

Like M6, M8 is a 10-round Feistel cipher with a block size of 64 bits. The round function can include bit rotations, XORs, and modular addition, but the structure of each round function used is determined by the key. Making these variations key-dependent is intended to make cryptanalysis more difficult (see FROG for a similar design philosophy).

Cryptanalysis

The key-dependent behaviour of the cipher results in a large class of weak keys which expose the cipher to a range of attacks, including differential cryptanalysis, linear cryptanalysis and mod n cryptanalysis[2].

References

  1. ^ "ISO/IEC9979-0020 Register Entry" (PDF). Professor Chris Mitchell, Information Security Group, Royal Holloway, University of London. ISO/IEC 9979 Register of Cryptographic Algorithms.
  2. ^ Toshio Tokita; Tsutomu Matsumoto. "On Applicability of Differential Cryptanalysis, Linear Cryptanalysis and Mod n Cryptanalysis to an Encryption Algorithm M8 (ISO9979-20)". Ipsj Journal. 42 (8).