New Data Seal
General | |
---|---|
First published | 1975 |
Derived from | Lucifer |
Cipher detail | |
Key sizes | 2048 bits |
Block sizes | 128 bits |
Structure | Feistel network |
Rounds | 16 |
Best public cryptanalysis | |
Grossman & Tuckerman's slide attack uses at most 212 chosen plaintexts |
In cryptography, New Data Seal (NDS) is a block cipher that was designed at IBM in 1975, based on the Lucifer algorithm that became DES.
The cipher uses a block size of 128 bits, and a very large key size of 2048 bits. Like DES it has a 16-round Feistel network structure. The round function uses two fixed 4×4-bit S-boxes, chosen to be non-affine. The key is also treated as an 8×8-bit lookup table, using the first bit of each of the 8 bytes of the half-block as input. The nth bit of the output of this table determines whether or not the two nibbles of the nth byte are swapped after S-box substitution. All rounds use the same table. Each round function ends with a fixed permutation of all 64 bits, preventing the cipher from being broken down and analyzed as a system of simpler independent subciphers.
In 1977, Edna Grossman and Bryant Tuckerman cryptanalyzed NDS using the first known slide attack. This method uses no more than 4096 chosen plaintexts; in their best trial they recovered the key with only 556 chosen plaintexts.
References
- Henry Beker & Fred Piper (1982). Cipher Systems: The Protection of Communications. John Wiley & Sons. pp. 263–267. ISBN 0-471-89192-4.
- D.C. Hankerson; Gary Hoffman; D.A. Leonard; Charles C. Lindner; K.T. Phelps; Christopher A. Rodger; J.R. Wall (2000). Coding Theory and Cryptography: The Essentials (2nd ed.). CRC Press. pp. 240–242. ISBN 0-8247-0465-7.