Round Key
   HOME

TheInfoList



Click Here for Items Related To - Round Key
OR:
Round Key on:   [Wikipedia]   [Google]   [Amazon]

In
cryptography Cryptography, or cryptology (from "hidden, secret"; and ''graphein'', "to write", or ''-logy, -logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of Adversary (cryptography), ...
, the so-called
product cipher In cryptography, a product cipher combines two or more transformations in a manner intending that the resulting cipher is more secure than the individual components to make it resistant to cryptanalysis.Handbook of Applied Cryptography by Alfred J. ...
s are a certain kind of cipher, where the (de-)ciphering of data is typically done as an iteration of '' rounds''. The setup for each round is generally the same, except for round-specific fixed values called a
round constant In cryptography, a round or round function is a basic transformation that is repeated ( iterated) multiple times inside the algorithm. Splitting a large algorithmic function into rounds simplifies both implementation and cryptanalysis. For exampl ...
, and round-specific data derived from the cipher key called a round key. A key schedule is an algorithm that calculates all the round keys from the key.


Some types of key schedules

*Some ciphers have simple key schedules. For example, the block cipher
TEA Tea is an aromatic beverage prepared by pouring hot or boiling water over cured or fresh leaves of '' Camellia sinensis'', an evergreen shrub native to East Asia which probably originated in the borderlands of south-western China and nor ...
splits the 128-bit key into four 32-bit pieces and uses them repeatedly in successive rounds. * DES has a key schedule in which the 56-bit key is divided into two 28-bit halves; each half is thereafter treated separately. In successive rounds, both halves are rotated left by one or two bits (specified for each round), and then 48 round key bits are selected by Permuted Choice 2 (PC-2) – 24 bits from the left half and 24 from the right. The rotations have the effect that a different set of bits is used in each round key; each bit is used in approximately 14 out of the 16 round keys. *To avoid simple relationships between the cipher key and the round keys, in order to resist such forms of
cryptanalysis Cryptanalysis (from the Greek ''kryptós'', "hidden", and ''analýein'', "to analyze") refers to the process of analyzing information systems in order to understand hidden aspects of the systems. Cryptanalysis is used to breach cryptographic se ...
as
related-key attack In cryptography, a related-key attack is any form of cryptanalysis where the attacker can observe the operation of a cipher under several different keys whose values are initially unknown, but where some mathematical relationship connecting the ...
s and
slide attack The slide attack is a form of cryptanalysis designed to deal with the prevailing idea that even weak ciphers can become very strong by increasing the number of rounds, which can ward off a differential attack. The slide attack works in such a wa ...
s, many modern ciphers use more elaborate key schedules to generate an "expanded key" from which round keys are drawn. Some ciphers, such as Rijndael (AES) and
Blowfish Tetraodontidae is a family of marine and freshwater fish in the order Tetraodontiformes. The family includes many familiar species variously called pufferfish, puffers, balloonfish, blowfish, blowers, blowies, bubblefish, globefish, swellfish, ...
, use the same operations as those used in the data path of the cipher algorithm for their key expansion, sometimes initialized with some "
nothing-up-my-sleeve number In cryptography, nothing-up-my-sleeve numbers are any numbers which, by their construction, are above suspicion of hidden properties. They are used in creating cryptographic functions such as hashes and ciphers. These algorithms often need random ...
s". Other ciphers, such as
RC5 In cryptography, RC5 is a symmetric-key block cipher notable for its simplicity. Designed by Ronald Rivest in 1994, ''RC'' stands for "Rivest Cipher", or alternatively, "Ron's Code" (compare RC2 and RC4). The Advanced Encryption Standard (AES) ...
, expand keys with functions that are somewhat or completely different from the encryption functions.


Notes

Knudsen and Mathiassen (2004) give some experimental evidence that indicate that the key schedule plays a part in providing strength against
linear In mathematics, the term ''linear'' is used in two distinct senses for two different properties: * linearity of a '' function'' (or '' mapping''); * linearity of a '' polynomial''. An example of a linear function is the function defined by f(x) ...
and
differential cryptanalysis Differential cryptanalysis is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions. In the broadest sense, it is the study of how differences in information input can a ...
. For toy
Feistel cipher In cryptography, a Feistel cipher (also known as Luby–Rackoff block cipher) is a symmetric structure used in the construction of block ciphers, named after the German-born physicist and cryptographer Horst Feistel, who did pioneering resear ...
s, it was observed that those with complex and well-designed key schedules can reach a uniform distribution for the probabilities of differentials and linear hulls faster than those with poorly designed key schedules.


References

* Lars R. Knudsen and John Erik Mathiassen
On the Role of Key Schedules in Attacks on Iterated Ciphers
ESORICS 2004, pp322–334. * Uri Blumenthal and Steven M. Bellovin
A Better Key Schedule for DES-like Ciphers
Proceedings of PRAGOCRYPT '96. {{Cryptography navbox , block Cryptographic algorithms