Crab (cipher)
General | |
---|---|
Designers | Burt Kaliski, Matt Robshaw |
First published | 1993 |
Derived from | MD5 |
Related to | SHACAL |
Cipher detail | |
Key sizes | 80 bits |
Block sizes | 8192 bits |
Structure | Cryptographic hash function |
Best public cryptanalysis | |
Proposed differential cryptanalysis using no more than 216 chosen plaintexts |
In cryptography, Crab is a block cipher proposed by Burt Kaliski and Matt Robshaw at the first Fast Software Encryption workshop in 1993. Not really intended for use, Crab was developed to demonstrate how ideas from hash functions could be used to create a fast cipher.
Crab has an unusually large block size of 8192 bits. Its creators suggested using an 80-bit key, but the cipher could use any key size. The authors didn't specify an actual key schedule, only that the key is used to generate two large sets of subkeys: a permutation of the numbers 0 through 255, and an array of 2048 32-bit numbers. The block is divided into 256 32-bit subblocks, which are permuted at the beginning. Then the algorithm makes four passes over the data, each time applying one of four transformations adapted from MD5.
A brief note on the cryptanalysis of Crab is included in Markku-Juhani Saarinen's paper on block ciphers based on SHA-1 and MD5, published at FSE 2003. The author demonstrates a weakness in Crab that permits a distinguisher using no more than a dozen chosen plaintexts, and speculates that this can be converted into a full key-recovery attack using no more than 216 chosen plaintexts. Such an attack would depend on the key schedule used.
References
- B.S. Kaliski and M.J.B. Robshaw (December 1993). Fast Block Cipher Proposal. Fast Software Encryption (FSE '93). Cambridge: Springer-Verlag. pp. 33–40.
- U.S. patent 6,463,150 A patent on an encryption device that uses Crab.
- Schneier, Bruce (1996). Applied Cryptography (2nd ed.). John Wiley & Sons. pp. 342–344. ISBN 0-471-11709-9.
- Markku-Juhani Olavi Saarinen (February 2003). Cryptanalysis of Block Ciphers Based on SHA-1 and MD5 (PDF). FSE '03. Lund: Springer-Verlag. pp. 36–44. Retrieved 12 October 2007.