یایانحصاری-رمز-یایانحصاری: تفاوت میان نسخهها
Borjianamin (بحث | مشارکتها) Content in this edit is from the existing English Wikipedia article at en:Xor–encrypt–xor; see its history for attribution. Formatting follows. |
(بدون تفاوت)
|
نسخهٔ ۲۷ مارس ۲۰۲۰، ساعت ۰۶:۴۹
این صفحه در حال ترجمهشدن هست.
روش xor–encrypt–xor (XEX) یک مدهای کاری رمزهای قطعهای از روش رمزگذاری قطعهای محسوب میشود.
- روشهای مبتنی بر XEX به وسیلهی حالت ciphertext stealing (XTS mode) به عنوان یکی از معروفترین حالتهای کاری برای whole-disk encryption محسوب میشوند.
- روش XEX یکی از حالتهای پراستفادهی key whitening محسوب میشود.
- روش XEX به عنوان بخشی از طرحهای پیشنهادی برای کارتهای هوشمند میباشد.[۱][۲]
History
In 1984, to protect DES against exhaustive search attacks, Ron Rivest proposed DESX: XOR a prewhitening key to the plaintext, encrypt the result with DES using a secret key, and then XOR a postwhitening key to the encrypted result to produce the final ciphertext.[۳]
In 1991, motivated by Rivest's DESX construction, Even and Mansour proposed a much simpler scheme (the "two-key Even–Mansour scheme"), which they suggested was perhaps the simplest possible block cipher: XOR the plaintext with a prewhitening key, apply a publicly known unkeyed permutation (in practice, a pseudorandom permutation) to the result, and then XOR a postwhitening key to the permuted result to produce the final ciphertext.[۳][۴]
Studying simple Even–Mansour style block ciphers gives insight into the security of Feistel ciphers (DES-like ciphers) and helps understand block cipher design in general.[۵]
Orr Dunkelman, Nathan Keller, and Adi Shamir later proved it was possible to simplify the Even–Mansour scheme even further and still retain the same provable security, producing the "single-key Even–Mansour scheme": XOR the plaintext with the key, apply a publicly known unkeyed permutation to the result, and then XOR the same key to the permuted result to produce the final ciphertext.[۳]
Rogaway used XEX to allow efficient processing of consecutive blocks (with respect to the cipher used) within one data unit (e.g., a disk sector) for whole-disk encryption.[۶]
Many whole-disk encryption systems – BestCrypt, dm-crypt, FreeOTFE, TrueCrypt, DiskCryptor, FreeBSD's geli, OpenBSD softraid disk encryption software, and Mac OS X Lion's FileVault 2 – support XEX-based tweaked-codebook mode with ciphertext stealing (XTS mode).
References
- ↑ Barış Ege, Elif Bilge Kavun, and Tolga Yalçın. "Memory Encryption for Smart Cards". 2011.
- ↑ Emmanuel Prouff. "Smart Card Research and Advanced Applications". 2011, p. 201.
- ↑ ۳٫۰ ۳٫۱ ۳٫۲ Orr Dunkelman, Nathan Keller, and Adi Shamir. "Minimalism in Cryptography: The Even–Mansour Scheme Revisited".
- ↑ Joan Daemen, Laboratorium Esat. "Limitations of the Even–Mansour Construction". 1992. doi:10.1007/3-540-57332-1_46
- ↑ Craig Gentry and Zulfikar Ramzan. "Eliminating Random Permutation Oracles in the Even–Mansour Cipher". 2004.
- ↑ Rogaway, Phillip (2004-09-24). "Efficient Instantiations of Tweakable Blockciphers and Refinements to Modes OCB and PMAC" (PDF).