![]() |
This article includes a list of references, related reading, or external links, but its sources remain unclear because it lacks inline citations. Please help improve this article by introducing more precise citations. (March 2009) (Learn how and when to remove this message)
|
General | |
---|---|
First published | 1975 |
Derived from | Lucifer |
Cipher detail | |
Key sizes | 2048 bits |
Block sizes | 128 bits |
Structure | Feistel network |
Rounds | 16 |
Best public cryptanalysis | |
Grossman & Tuckerman's slide attack uses at most 212 chosen plaintexts |
Incryptography, New Data Seal (NDS) is a block cipher that was designed at IBM in 1975, based on the Lucifer algorithm that became DES.
The cipher uses a block size of 128 bits, and a very large key size of 2048 bits. Like DES it has a 16-round Feistel network structure. The round function uses two fixed 4×4-bit S-boxes, chosen to be non-affine. The key is also treated as an 8×8-bit lookup table, using the first bit of each of the 8 bytes of the half-block as input. The nth bit of the output of this table determines whether or not the two nibbles of the nth byte are swapped after S-box substitution. All rounds use the same table. Each round function ends with a fixed permutation of all 64 bits, preventing the cipher from being broken down and analyzed as a system of simpler independent subciphers.
In 1977, Edna Grossman and Bryant Tuckerman cryptanalyzed NDS using the first known slide attack. This method uses no more than 4096 chosen plaintexts; in their best trial they recovered the key with only 556 chosen plaintexts.
![]() | This cryptography-related article is a stub. You can help Wikipedia by expanding it. |