Tiny Encryption Algorithm: Difference between revisions

From Citizendium
Jump to navigation Jump to search
imported>Sandy Harris
(new article, moving text from block cipher)
 
imported>Sandy Harris
m (links)
Line 5: Line 5:
  | url = http://www.cl.cam.ac.uk/ftp/users/djw3/tea.ps
  | url = http://www.cl.cam.ac.uk/ftp/users/djw3/tea.ps
  | date = 1994 }}</ref>
  | date = 1994 }}</ref>
is a cipher designed for small size and easy software implementation. It is a Feistel cipher with 64-bit blocks, a 128-bit key, 32 rounds and a very simple round function using only 32-bit operations &mdash; addition, bitwise XOR and shift. In C, the encryption and decryption routines are under 10 lines each. No S-boxes are used, so the data space required is also tiny.
is a cipher designed for small size and easy software implementation. It is a [[Feistel cipher]] with 64-bit blocks, a 128-bit key, 32 rounds and a very simple round function using only 32-bit operations &mdash; addition, bitwise XOR and shift. In C, the encryption and decryption routines are under 10 lines each. No [[Block cipher#S-boxes|S-boxes]] are used, so the data space required is also tiny.


TEA has some weaknesses. Equivalent keys are one problem; each key is equivalent to three others, so the effective key size is only 126 bits.
TEA has some weaknesses. Equivalent keys are one problem; each key is equivalent to three others, so the effective key size is only 126 bits.

Revision as of 02:54, 23 July 2009

The Tiny Encryption Algorithm, or TEA [1] is a cipher designed for small size and easy software implementation. It is a Feistel cipher with 64-bit blocks, a 128-bit key, 32 rounds and a very simple round function using only 32-bit operations — addition, bitwise XOR and shift. In C, the encryption and decryption routines are under 10 lines each. No S-boxes are used, so the data space required is also tiny.

TEA has some weaknesses. Equivalent keys are one problem; each key is equivalent to three others, so the effective key size is only 126 bits. [2] As a result, TEA is weak if used to build a cryptographic hash. This weakness led to a method for hacking Microsoft's Xbox game console, where the cipher was used as a hash function. [3] TEA is also susceptible to a related-key attack which requires 223 chosen plaintexts under a related-key pair, with 232 time complexity [4].

Partly because of these weaknesses, a number of revisions of TEA have been designed. Block TEA or XTEA extends TEA to build a variable block size cipher. XXTEA is a later revision.

The cipher is freely available for any use. It has a home page; see external links.

References

  1. David J. Wheeler, Roger M. Needham (1994), TEA, a Tiny Encryption Algorithm
  2. Kelsey, John (1996), "Key-schedule cryptanalysis of IDEA, G-DES, GOST, SAFER, and Triple-DES", Lecture Notes in Computer Science 1109: 237–251, DOI:10.1007/3-540-68697-5_19
  3. Michael Steil. 17 Mistakes Microsoft Made in the Xbox Security System.
  4. Kelsey, John (1997), "Related-key cryptanalysis of 3-WAY, Biham-DES, CAST, DES-X NewDES, RC2, and TEA", Lecture Notes in Computer Science 1334: 233–246, DOI:10.1007/BFb0028479