M8 (cipher)
General | |
---|---|
Designers | Hitachi |
First published | 1999 |
Derived from | M6 |
Cipher detail | |
Block sizes | 64 bits |
Structure | Feistel network |
Rounds | 10 |
In cryptography, M8 is a block cipher designed by Hitachi in 1999. It is a modification of Hitachi's earlier M6 algorithm, designed for greater security and high performance in both hardware and 32-bit software implementations. M8 was registered under ISO/IEC 9979 with the registration number 20.[1]
Like M6, M8 is a 10-round Feistel cipher with a block size of 64 bits. The round function can include bit rotations, XORs, and modular addition, but the structure of each round function used is determined by the key. Making these variations key-dependent is intended to make cryptanalysis more difficult (see FROG for a similar design philosophy).
Cryptanalysis
The key-dependent behaviour of the cipher results in a large class of weak keys which expose the cipher to a range of attacks, including differential cryptanalysis, linear cryptanalysis and mod n cryptanalysis[2].
References
- ^ "ISO/IEC9979-0020 Register Entry" (PDF). Professor Chris Mitchell, Information Security Group, Royal Holloway, University of London. ISO/IEC 9979 Register of Cryptographic Algorithms.
- ^ Toshio Tokita; Tsutomu Matsumoto. "On Applicability of Differential Cryptanalysis, Linear Cryptanalysis and Mod n Cryptanalysis to an Encryption Algorithm M8 (ISO9979-20)". Ipsj Journal. 42 (8).