CDMF
In cryptography , CDMF ( Commercial Data Masking Facility ) is an algorithm developed by IBM in 1992 to reduce the strength of the 56-bit DES algorithm to that of 40-bit encryption in order to meet the requirements of US export restrictions at the time of crypto technology. Instead of CDMF being a completely different algorithm from DES, only a different key generation algorithm, called key shortening, is used. It is one of the encryption algorithms supported by S-HTTP .
algorithm
Like DES, CDMF also takes a 64-bit key as input, but not all bits are actually used. The algorithm consists of the following steps:
- Clear bits 8, 16, 24, 32, 40, 48, 56, 64 (ignore these bits as DES does).
- Apply XOR to the result together with its DES cryptogram with the key 0xC408B0540BA1E0AE.
- Clear bits 1, 2, 3, 4, 8, 16, 17, 18, 19, 20, 24, 32, 33, 34, 35, 36, 40, 48, 49, 50, 51, 52, 56, 64 .
- Encrypt the result with DES using the key 0xEF2C041CE6382FE6.
The resulting 64-bit data is used as a DES key. Based on step 3, a brute force attack only needs to try 2 40 possible keys.
Web links
- The Commercial Data Masking Facility (CDMF) data privacy algorithm . ( PDF ) In: IBM (Ed.): IBM Journal of Research and Development . 38, No. 2, March 1994, pp. 217-226. doi : 10.1147 / around 382.0217 . Retrieved April 11, 2007.
- ISO / IEC9979-0005 Register Entry (PDF) , registered October 29, 1994
- RFC 2660 for Secure HTTP (S-HTTP)