CDMF

In cryptography , CDMF ( Commercial Data Masking Facility ) is an algorithm developed by IBM in 1992 to reduce the strength of the 56-bit DES algorithm to that of 40-bit encryption in order to meet the requirements of US export restrictions at the time of crypto technology. Instead of CDMF being a completely different algorithm from DES, only a different key generation algorithm, called key shortening, is used. It is one of the encryption algorithms supported by S-HTTP .

algorithm

Like DES, CDMF also takes a 64-bit key as input, but not all bits are actually used. The algorithm consists of the following steps:

1. Clear bits 8, 16, 24, 32, 40, 48, 56, 64 (ignore these bits as DES does).
2. Apply XOR to the result together with its DES cryptogram with the key 0xC408B0540BA1E0AE.
3. Clear bits 1, 2, 3, 4, 8, 16, 17, 18, 19, 20, 24, 32, 33, 34, 35, 36, 40, 48, 49, 50, 51, 52, 56, 64 .
4. Encrypt the result with DES using the key 0xEF2C041CE6382FE6.

The resulting 64-bit data is used as a DES key. Based on step 3, a brute force attack only needs to try 2 ⁴⁰ possible keys.

Web links

• The Commercial Data Masking Facility (CDMF) data privacy algorithm . ( PDF ) In: IBM (Ed.): IBM Journal of Research and Development . 38, No. 2, March 1994, pp. 217-226. doi : 10.1147 / around 382.0217 . Retrieved April 11, 2007.
• ISO / IEC9979-0005 Register Entry (PDF) , registered October 29, 1994
• RFC 2660 for Secure HTTP (S-HTTP)