In cryptography, DES-X (or DESX) is a variant on the DES (Data Encryption Standard) block cipher intended to increase the complexity of a brute force attack using a technique called key whitening.
The original DES algorithm was specified in 1976 with a 56-bit key size: 256 possibilities for the key. There was criticism that an exhaustive search might be within the capabilities of large governments, particularly the United States' National Security Agency (NSA). One scheme to increase the key size of DES without substantially altering the algorithm was DES-X, proposed by Ron Rivest in May 1984.
DES-X augments DES by XORing an extra 64 bits of key (K1) to the plaintextbefore applying DES, and then XORing another 64 bits of key (K2) after the encryption:
The key size is thereby increased to 56 + 2 × 64 = 184 bits.
Joe Kilian and Phillip Rogaway, How to protect DES against exhaustive key search (http://wwwcsif.cs.ucdavis.edu/~rogaway/papers/desx.ps) (PostScript), Advances in Cryptology - Crypto '96, Springer-Verlag (1996), pp. 252–267.
P. Rogaway, The security of DESX (http://www.cs.ucdavis.edu/~rogaway/papers/cryptobytes.ps) (PostScript), CryptoBytes 2(2) (Summer 1996).
DESX is a strengthened variant of DES supported by RSA Security's toolkits (see Question 5.2.3).
The difference between DES and DESX is that, in DESX, the input plaintext is bitwise XORed with 64 bits of additional key material before encryption with DES and the output is also bitwise XORed with another 64 bits of key material.
The security of DESX against differential and linear attack (see Question 2.4.5) appears to be equivalent to that of DES with independent subkeys (see Question 3.2.8) so there is not a great increase in security with regards to these attacks.
Feeds |
Contact