XTEA

The XTEA ( eXtended Tiny Encryption Algorithm) is a block cipher which is an extension and improvement of the block cipher TEA. XTEA is like TEA known for their simple description and implementation. The code as a C program usually involves only a few lines of code. It was developed by David Wheeler and Roger Needham at Cambridge University in 1997. XTEA is just like its predecessor TEA free of patents.

Properties

XTEA works on 64- bit big blocks and uses a 128 -bit long key. It provides a Feistelchiffre with a proposed Feistel round number of 64 dar. Usually it is implemented so that two rounds constitute a cycle. He has a very simple mechanism for generating the respective round key. The introduction of a so-called delta which is defined as such with TEA, prevented an attack that is based on the symmetry of the individual rounds. However, in XTEA the delta is introduced differently in the round, which causes the actual strengthening of the algorithm.

As of 2004, the best known attack in the form of related- key attack on XTEA in an implementation deliberately weaker chosen by only 26 rounds is ( are recommended 64 ) are known. This attack requires at least 220.5 freely chosen plaintext blocks.

Reference

It follows the adaptation of the reference implementation of the encryption and decryption routines in C that was released into the public domain by David Wheeler and Roger Needham:

# include   / * 64 bits of data given in v and v and 128 key bits in k to k * / / * The data is encrypted with 2 * num_cycles rounds * /   void encipher (unsigned int num_cycles, uint32_t v, uint32_t const k ) {      unsigned int i;      const uint32_t delta = 0x9E3779B9;      uint32_t v0 = v, v1 = v, sum = 0;      for (i = 0; i < num_cycles; i ) {          v0 = ((( v1 << 4) ^ (v1 >> 5 )) v1) ^ ( sum k [sum & 3 ]);          sum = delta;          v1 = ((( v0 << 4) ^ (v0 >> 5 )) v0) ^ ( sum k [ (sum >> 11) & 3 ]);      }      v = v0; v = v1; }   void decipher (unsigned int num_cycles, uint32_t v, uint32_t const k ) {      unsigned int i;      const uint32_t delta = 0x9E3779B9;      uint32_t v0 = v, v1 = v, sum = delta * num_cycles;      for (i = 0; i < num_cycles; i ) {          v1 - = (( (v0 << 4) ^ (v0 >> 5 )) v0) ^ ( sum k [ (sum >> 11) & 3 ]);          sum - = delta;          v0 - = (( (v1 << 4) ^ (v1 >> 5 )) v1) ^ ( sum k [sum & 3 ]);      }      v = v0; v = v1; } The adaptation to the original implementation on smaller border points:

• The original implementation uses the unsigned long type in place of the 64-bit uint32_t suitable types.
• The original code did not use const types.
• The original code avoids redundant parantheses, which reduces the readability of the code.

Credentials