IDEA - International Data Encryption Algorithm



IDEA stands for International Data Encryption Algorithm. IDEA is a block cipher developed by James Massey and Xuejia Lai and initially specified in 1991. It has a 128-bit key length and works with 64-bit blocks.

Overview of IDEA 

IDEA is a block cipher; it operates on 64-bit plaintext blocks. The key is 128 bits long. The same algorithm is used for both encryption and decryption. As with all the other block ciphers we’ve seen, IDEA uses both confusion and diffusion. The design philosophy behind the algorithm is one of “mixing operations from different algebraic groups.” Three algebraic groups are being mixed, and they are all easily implemented in both hardware and software: 
          — XOR (denoted with a blue circled plus    )        
         — Addition modulo $2^{16}$ (denoted with a green boxed plus  )       
         — Multiplication modulo $2^{16}$ + 1. (This operation can be viewed as IDEA’s S-box.) 
                (denoted by a red circled dot ).
All these operations (and these are the only operations in the algorithm—there are no bit-level permutations) operate on 16-bit sub-blocks. This algorithm is even efficient on 16-bit processors.

How IDEA Works?

IDEA is a block cipher that operates on 64-bit plaintext and a 128-bit key. IDEA, like DES, is reversible, which means that the comparable technique can be used for both encryption and decryption. IDEA requires both diffusion and confusion for encryption.

The 64-bit plaintext is broken into four 16-bit sub blocks sections (X1-PX4). These are inputs for the first round. There are eight such rounds. The key contains 128 bits. 

In each round the four sub-blocks are XORed, added, and multiplied with one another and with six 16-bit subkeys. Between rounds, the second and third sub-blocks are swapped. Finally, the four sub-blocks are combined with four subkeys in an output transformation.




Rounds in IDEA

There are eight rounds in the IDEA. Each round consists of a series of operations on the four data blocks with six keys. The first round can include keys K1 to K6, the second round can have keys K7 to K12, and the last round can have keys K13 to K18. The final stage involves an output modification that requires four subkeys (K49 to K52).

The final output is the result of the output transformation stage. The final output is formed by linking the blocks C1-C4. Each round has 14 steps, as follows 

(1) Multiply X1 and the first subkey. 
(2) Add X2 and the second subkey. 
(3) Add X3 and the third subkey. 
(4) Multiply X4 and the fourth subkey. 
(5) XOR the results of steps (1) and (3). 
(6) XOR the results of steps (2) and (4). 
(7) Multiply the results of step (5) with the fifth subkey. 
(8) Add the results of steps (6) and (7). 
(9) Multiply the results of step (8) with the sixth subkey. 
(10) Add the results of steps (7) and (9).
(11) XOR the results of steps (1) and (9). 
(12) XOR the results of steps (3) and (9). 
(13) XOR the results of steps (2) and (10). 
(14) XOR the results of steps (4) and (10).

The output of the round is the four sub-blocks that are the results of steps (11), (12), (13), and (14). Swap the two inner blocks (except for the last round) and that’s the input to the next round.


After the eighth round, there is a final output transformation: 
(1) Multiply X1 and the first subkey. 
(2) Add X2 and the second subkey. 
(3) Add X3 and the third subkey. 
(4) Multiply X4 and the fourth subkey. 

Finally, the four sub-blocks are reattached to produce the ciphertext.

Creating the subkeys is also easy. The algorithm uses 52 of them (six for each of the eight rounds and four more for the output transformation). First, the 128-bit key is divided into eight 16-bit subkeys. These are the first eight subkeys for the algorithm (the six for the first round, and the first two for the second round). Then, the key is rotated 25 bits to the left and again divided into eight subkeys. The first four are used in round 2; the last four are used in round 3. The key is rotated another 25 bits to the left for the next eight subkeys, and so on until the end of the algorithm. 

Decryption is exactly the same, except that the subkeys are reversed and slightly different. The decryption subkeys are either the additive or multiplicative inverses of the encryption subkeys. (For the purposes of IDEA, the all-zero sub-block is considered to represent $2^{16} = –1$ for multiplication modulo $2^{16} + 1;$ thus the multiplicative inverse of 0 is 0.) Calculating these takes some doing, but you only have to do it once for each decryption key.

Security of IDEA

The IDEA encryption method was thought to be very strong against certain types of attacks, like differential cryptanalysis. Until 2007, no one had successfully found weaknesses in its design. Even the best known attack by that time could only break a simplified version of IDEA with 6 rounds, while the full version uses 8.5 rounds.

Bruce Schneier, a respected cryptographer, praised IDEA in 1996, saying it was the best and most secure encryption method available. However, by 1999, he stopped recommending it because newer, faster methods were developed, some weaknesses were found in IDEA, and there were patent issues.

In 2011, a method called "meet-in-the-middle" was used to break the full 8.5-round IDEA encryption. Then, in 2012, another attack called "narrow-bicliques" was used to weaken IDEA slightly, but it still remains secure for practical use.

Comments

Post a Comment

Popular posts from this blog

Cryptographic Algorithms CST 393 KTU CS Honour Notes Semester V -Dr Binu V P

About Me About the Course and Scheme Syllabus Model Question Paper University Question Papers ******************************************************** Module-1 (Introduction to the Concepts of Security) Introduction CIA Triad  OSI Security Architecture Security Attacks Security Services Security Mechanisms Model for Network Security Classical Encryption Techniques     Symmetric Cipher Model     Cryptography -  Crypt Analysis Substitution Ciphers-Caesar Cipher     Mono-alphabetic Ciphers     Playfair Cipher     Hill Cipher Poly Alphabetic Ciphers- Vigenere Cipher     Vernam Cipher- One Time Pad Transposition Ciphers Module-2 (Symmetric Key Crypto Systems) Stream Cipher Vs Block Cipher Traditional Block Cipher Structure- Fiestel Structure Data Encryption Standard - DES Algorithm Differential and Linear Cryptanalysis Double DES and Triple DES International Data Encryption Algorithm ( IDEA) Advanced Encryption Standard ( AES) Block Cipher Modes of Operation Stream Cipher and RC4 Module-3
Read more

Syllabus CST 393 Cryptographic Algorithms

Syllabus Module-1 (Introduction to the Concepts of Security) Need for security, Security approaches, Principles of security, Types of attacks, OSI Security Architecture, Classical encryption techniques - Substitution techniques, Transposition techniques. Stream cipher, Block cipher, Public key cryptosystems vs. Symmetric key cryptosystems, Encrypting communication channels. Module-2 (Symmetric Key Cryptosystems) Overview of symmetric key cryptography, Block cipher principles, Data Encryption Standard (DES), Differential and Linear cryptanalysis, Double DES, Triple DES, International Data Encryption Algorithm (IDEA), Advanced Encryption Algorithm (AES),Block cipher modes of operation, Stream cipher, RC4. Module-3 (Public Key Cryptosystems) Principles of public key cryptosystems, RSA algorithm, RSA illustration, Attacks, ElGamal cryptographic system, Knapsack algorithm, Diffie-Hellman key exchange algorithm, Elliptic curve cryptosystems. Module-4 (Key Management) Symmetric key distributi
Read more

Computer Security Concept- CIA Triad

Image
Definition of Computer Security The NIST Computer Security Handbook [NIST95] defines the term computer security as follows: Computer Security: The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability,and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications).   This definition introduces three key objectives that are at the heart of computer  security: Confidentiality: This term covers two related concepts:             Data confidentiality: Assures that private or confidential information is not made available or disclosed to unauthorized individuals.      Privacy: Assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed.   Integrity: This term covers two related concepts:      Data integrity: Assures that information
Read more