Key schedule

From Wikipedia, the free encyclopedia

(Redirected from Key scheduling)
Jump to: navigation, search
The key schedule of DES ("<<<" denotes a left rotation)
The key schedule of DES ("<<<" denotes a left rotation)

In cryptography, the so-called product ciphers are a certain kind of ciphers, where the (de-)ciphering of data is done in "rounds". The general setup of each round is the same, except for some hard-coded parameters and a part of the cipher key, called a subkey. A key schedule is an algorithm that, given the key, calculates the subkeys for these rounds.

Contents

  • Some ciphers have simple key schedules. For example, the block cipher TEA simply splits the 128-bit key into four 32-bit pieces and uses them repeatedly in successive rounds.
  • DES uses a key schedule where the 56 bit key is divided into two 28-bit halves; each half is thereafter treated separately. In successive rounds, both halves are rotated left by one or two bits (specified for each round), and then 48 subkey bits are selected by Permuted Choice 2 (PC-2) — 24 bits from the left half, and 24 from the right. The rotations mean that a different set of bits is used in each subkey; each bit is used in approximately 14 out of the 16 subkeys.
  • In an effort to avoid simple relationships between the cipher key and the subkeys, many modern ciphers use much more elaborate key schedules, algorithms that use a one-way function to generate an "expanded key" from which subkeys are drawn. Some ciphers, such as Rijndael (AES) and Blowfish, use parts of the cipher algorithm itself for this key expansion, sometimes initialized with some "nothing up my sleeve numbers". Other ciphers, such as RC5, expand keys with functions that are somewhat or completely different from the encryption functions.

Knudsen and Mathiassen (2004) give some experimental evidence that indicate that the key schedule plays a part in providing strength against linear and differential cryptanalysis. For toy Feistel ciphers, it was observed that those with complex and well-designed key schedules can reach a uniform distribution for the probabilities of differentials and linear hulls faster than those with poorly-designed key schedules.

  • Lars R. Knudsen and John Erik Mathiassen, On the Role of Key Schedules in Attacks on Iterated Ciphers, ESORICS 2004, pp322–334.


Block ciphers
v  d  e
Common algorithms: AES | Blowfish | DES | 3DES | Serpent | Twofish
Other algorithms: 3-Way | Akelarre | Anubis | ARIA | BaseKing | C2 | Camellia | CAST-128 | CAST-256 | CIKS-1 | CIPHERUNICORN-A | CIPHERUNICORN-E | CMEA | Cobra | COCONUT98 | Crab | CRYPTON | CS-Cipher | DEAL | DES-X | DFC | E2 | FEAL | FROG | G-DES | GOST | Grand Cru | Hasty Pudding Cipher | Hierocrypt | ICE | IDEA | IDEA NXT | Iraqi | Intel Cascade Cipher | KASUMI | KHAZAD | Khufu and Khafre | KN-Cipher | Libelle | LOKI89/91 | LOKI97 | Lucifer | M6 | MacGuffin | Madryga | MAGENTA | MARS | Mercy | MESH | MISTY1 | MMB | MULTI2 | NewDES | NOEKEON | NUSH | Q | RC2 | RC5 | RC6 | REDOC | Red Pike | S-1 | SAFER | SC2000 | SEED | SHACAL | SHARK | Skipjack | SMS4 | Square | TEA | Treyfer | Triple DES | UES | Xenon | xmx | XTEA | XXTEA | Zodiac
Design: Feistel network | Key schedule | Product cipher | S-box | SPN
Attacks: Brute force | Linear / Differential / Integral cryptanalysis | Mod n | Related-key | Slide | XSL
Standardization: AES process | CRYPTREC | NESSIE
Misc: Avalanche effect | Block size | IV | Key size | Modes of operation | Piling-up lemma | Weak key
Cryptography
v  d  e
History of cryptography | Cryptanalysis | Cryptography portal | Topics in cryptography
Symmetric-key algorithm | Block cipher | Stream cipher | Public-key cryptography | Cryptographic hash function | Message authentication code | Random numbers
Retrieved from "http://en.wikipedia.org/wiki/Key_schedule"
Advanced Search
Included Web Search Engines


Safe Search

close

Top Matching Results

Occasionally Search.com will highlight specialized results that are based on the context of your query. Examples of specialized results include specific links to news, images, or video.

Top Matching Results may highlight information from other Search.com pages, content from the CNET Network of sites, or third party content. The listings are based purely on relevance. Search.com does not receive payment for listings in this section but our partners that provide this data may get paid for listing these products.

Sponsored Links

This section contains paid listings which have been purchased by companies that want to have their sites appear for specific search terms and related content. These listings are administered, sorted and maintained by a third party and are not endorsed by Search.com.

Search Results

Search.com sends your search query to several search engines at one time and integrates the results into one list which has been sorted by relevance using Search.com's proprietary algorithm. You can customize the list of search engines included in your metasearch from the preferences.

The search engines that are used in your metasearch may allow companies to pay to have their Web sites included within the results. To view the Paid Inclusion policy for a specific search engine, please visit their Web site. Search.com does not accept payment or share revenue with any search engine partner for listings in this section.