یای‌انحصاری-رمز-یای‌انحصاری: تفاوت میان نسخه‌ها

تفاوت جدیدتر ←

محتوای حذف‌شده محتوای افزوده‌شده

دیداریویکی‌متن

درخط

نسخهٔ ‏۲۷ مارس ۲۰۲۰، ساعت ۰۶:۴۹

این صفحه در حال ترجمه‌شدن هست.

روش xor–encrypt–xor (XEX) یک مدهای کاری رمزهای قطعه‌ای از روش رمزگذاری قطعه‌ای محسوب می‌شود.

روش‌های مبتنی بر XEX به وسیله‌ی حالت ciphertext stealing (XTS mode) به عنوان یکی از معروف‌ترین حالت‌های کاری برای whole-disk encryption محسوب می‌شوند.
روش XEX یکی از حالت‌های پراستفاده‌ی key whitening محسوب می‌شود.
روش XEX به عنوان بخشی از طرح‌های پیشنهادی برای کارت‌های هوشمند می‌باشد.^[۱]^[۲]

History

In 1984, to protect DES against exhaustive search attacks, Ron Rivest proposed DESX: XOR a prewhitening key to the plaintext, encrypt the result with DES using a secret key, and then XOR a postwhitening key to the encrypted result to produce the final ciphertext.^[۳]

In 1991, motivated by Rivest's DESX construction, Even and Mansour proposed a much simpler scheme (the "two-key Even–Mansour scheme"), which they suggested was perhaps the simplest possible block cipher: XOR the plaintext with a prewhitening key, apply a publicly known unkeyed permutation (in practice, a pseudorandom permutation) to the result, and then XOR a postwhitening key to the permuted result to produce the final ciphertext.^[۳]^[۴]

Studying simple Even–Mansour style block ciphers gives insight into the security of Feistel ciphers (DES-like ciphers) and helps understand block cipher design in general.^[۵]

Orr Dunkelman, Nathan Keller, and Adi Shamir later proved it was possible to simplify the Even–Mansour scheme even further and still retain the same provable security, producing the "single-key Even–Mansour scheme": XOR the plaintext with the key, apply a publicly known unkeyed permutation to the result, and then XOR the same key to the permuted result to produce the final ciphertext.^[۳]

Rogaway used XEX to allow efficient processing of consecutive blocks (with respect to the cipher used) within one data unit (e.g., a disk sector) for whole-disk encryption.^[۶]

Many whole-disk encryption systems – BestCrypt, dm-crypt, FreeOTFE, TrueCrypt, DiskCryptor, FreeBSD's geli, OpenBSD softraid disk encryption software, and Mac OS X Lion's FileVault 2 – support XEX-based tweaked-codebook mode with ciphertext stealing (XTS mode).

الگو:Cryptography navbox

References

↑ Barış Ege, Elif Bilge Kavun, and Tolga Yalçın. "Memory Encryption for Smart Cards". 2011.
↑ Emmanuel Prouff. "Smart Card Research and Advanced Applications". 2011, p. 201.
↑ ^۳٫۰ ^۳٫۱ ^۳٫۲ Orr Dunkelman, Nathan Keller, and Adi Shamir. "Minimalism in Cryptography: The Even–Mansour Scheme Revisited".
↑ Joan Daemen, Laboratorium Esat. "Limitations of the Even–Mansour Construction". 1992. doi:10.1007/3-540-57332-1_46
↑ Craig Gentry and Zulfikar Ramzan. "Eliminating Random Permutation Oracles in the Even–Mansour Cipher". 2004.
↑ Rogaway, Phillip (2004-09-24). "Efficient Instantiations of Tweakable Blockciphers and Refinements to Modes OCB and PMAC" (PDF).

الگو:Crypto-stub

[1] Barış Ege, Elif Bilge Kavun, and Tolga Yalçın. "Memory Encryption for Smart Cards". 2011.

[2] Emmanuel Prouff. "Smart Card Research and Advanced Applications". 2011, p. 201.

[DKS-3] ۳٫۰ ^۳٫۱ ^۳٫۲ Orr Dunkelman, Nathan Keller, and Adi Shamir. "Minimalism in Cryptography: The Even–Mansour Scheme Revisited".

[4] Joan Daemen, Laboratorium Esat. "Limitations of the Even–Mansour Construction". 1992. doi:10.1007/3-540-57332-1_46

[5] Craig Gentry and Zulfikar Ramzan. "Eliminating Random Permutation Oracles in the Even–Mansour Cipher". 2004.

[rogaway_xex-6] Rogaway, Phillip (2004-09-24). "Efficient Instantiations of Tweakable Blockciphers and Refinements to Modes OCB and PMAC" (PDF).

[۱]

[۲]

[۳]

[۴]

[۵]

[۶]