BassOmatic
Encyclopedia
In cryptography
, BassOmatic was the symmetric-key cipher designed by Phil Zimmermann
as part of his email encryption software, PGP
(in the first release, version 1.0). Comments in the source code
indicate that he had been designing the cipher since as early as 1988, but it was not publicly released until 1991. After Eli Biham
pointed out to him several serious weaknesses in the BassOmatic algorithm over lunch at the 1991 CRYPTO
conference, Zimmermann replaced it with IDEA
in subsequent versions of PGP.
The name is explained in this comment from the source code: "BassOmatic gets its name from an old Dan Aykroyd
Saturday Night Live
skit involving a blender and a whole fish. The BassOmatic algorithm does to data what the original BassOmatic did to the fish."
can be anywhere from 8 to 2048 bits. The 6 least-significant bits of the key
are control bits, used to choose between several possible variations. The number of rounds is 1 to 8, depending on the 3 lowest control bits. Bit 4 selects between two possible key schedule
s: one using the key to seed a pseudorandom number generator
, the other using BassOmatic itself. Making such variations key-dependent means some keys must be weaker
than others; the key space is not flat.
The chosen key schedule produces a total of 8 permutation tables, each a permutation
of the numbers 0 to 255. Each round consists of 4 operations: XORing the block with one of the permutation tables, shredding or permuting individual bits throughout the block, an unkeyed diffusion
called raking, and a substitution step using the permutation tables as S-box
es. The shredding step can either permute all 8 bit-plane
s independently, or in groups of 4, depending on control bit 3. The permutation tables stay the same through all rounds of encryption on a given block, but if control bit 5 is set, then the tables are regenerated after each block.
Cryptography
Cryptography is the practice and study of techniques for secure communication in the presence of third parties...
, BassOmatic was the symmetric-key cipher designed by Phil Zimmermann
Phil Zimmermann
Philip R. "Phil" Zimmermann Jr. is the creator of Pretty Good Privacy , the most widely used email encryption software in the world. He is also known for his work in VoIP encryption protocols, notably ZRTP and Zfone....
as part of his email encryption software, PGP
Pretty Good Privacy
Pretty Good Privacy is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication. PGP is often used for signing, encrypting and decrypting texts, E-mails, files, directories and whole disk partitions to increase the security...
(in the first release, version 1.0). Comments in the source code
Source code
In computer science, source code is text written using the format and syntax of the programming language that it is being written in. Such a language is specially designed to facilitate the work of computer programmers, who specify the actions to be performed by a computer mostly by writing source...
indicate that he had been designing the cipher since as early as 1988, but it was not publicly released until 1991. After Eli Biham
Eli Biham
Eli Biham is an Israeli cryptographer and cryptanalyst, currently a professor at the Technion Israeli Institute of Technology Computer Science department. Starting from October 2008, Biham is the dean of the Technion Computer Science department, after serving for two years as chief of CS graduate...
pointed out to him several serious weaknesses in the BassOmatic algorithm over lunch at the 1991 CRYPTO
Crypto
-Cryptography and cryptanalysis:* Cryptography, the practice and study of hiding information* Cryptanalysis, the study of methods for obtaining the meaning of encrypted information* CRYPTO , an annual cryptographical and cryptoanalytic conference...
conference, Zimmermann replaced it with IDEA
International Data Encryption Algorithm
In cryptography, the International Data Encryption Algorithm is a block cipher designed by James Massey of ETH Zurich and Xuejia Lai and was first described in 1991. As a block cipher, it is also symmetric. The algorithm was intended as a replacement for the Data Encryption Standard[DES]...
in subsequent versions of PGP.
The name is explained in this comment from the source code: "BassOmatic gets its name from an old Dan Aykroyd
Dan Aykroyd
Daniel Edward "Dan" Aykroyd, CM is a Canadian comedian, actor, screenwriter, musician, winemaker and ufologist. He was an original cast member of Saturday Night Live, an originator of The Blues Brothers and Ghostbusters and has had a long career as a film actor and screenwriter.-Early...
Saturday Night Live
Saturday Night Live
Saturday Night Live is a live American late-night television sketch comedy and variety show developed by Lorne Michaels and Dick Ebersol. The show premiered on NBC on October 11, 1975, under the original title of NBC's Saturday Night.The show's sketches often parody contemporary American culture...
skit involving a blender and a whole fish. The BassOmatic algorithm does to data what the original BassOmatic did to the fish."
Algorithm
The algorithm operates on blocks of 256 bytes (or 2048 bits). The actual key sizeKey size
In cryptography, key size or key length is the size measured in bits of the key used in a cryptographic algorithm . An algorithm's key length is distinct from its cryptographic security, which is a logarithmic measure of the fastest known computational attack on the algorithm, also measured in bits...
can be anywhere from 8 to 2048 bits. The 6 least-significant bits of the key
Key (cryptography)
In cryptography, a key is a piece of information that determines the functional output of a cryptographic algorithm or cipher. Without a key, the algorithm would produce no useful result. In encryption, a key specifies the particular transformation of plaintext into ciphertext, or vice versa...
are control bits, used to choose between several possible variations. The number of rounds is 1 to 8, depending on the 3 lowest control bits. Bit 4 selects between two possible key schedule
Key schedule
[[Image:DES-key-schedule.png|thumbnail|220px|The key schedule of DES [[Image:DES-key-schedule.png|thumbnail|220px|The key schedule of DES [[Image:DES-key-schedule.png|thumbnail|220px|The key schedule of DES ("[[Image:DES-key-schedule.png|thumbnail|220px|The key schedule of DES ("...
s: one using the key to seed a pseudorandom number generator
Pseudorandom number generator
A pseudorandom number generator , also known as a deterministic random bit generator , is an algorithm for generating a sequence of numbers that approximates the properties of random numbers...
, the other using BassOmatic itself. Making such variations key-dependent means some keys must be weaker
Weak key
In cryptography, a weak key is a key, which, used with a specific cipher, makes the cipher behave in some undesirable way. Weak keys usually represent a very small fraction of the overall keyspace, which usually means that, if one generates a random key to encrypt a message, weak keys are very...
than others; the key space is not flat.
The chosen key schedule produces a total of 8 permutation tables, each a permutation
Permutation
In mathematics, the notion of permutation is used with several slightly different meanings, all related to the act of permuting objects or values. Informally, a permutation of a set of objects is an arrangement of those objects into a particular order...
of the numbers 0 to 255. Each round consists of 4 operations: XORing the block with one of the permutation tables, shredding or permuting individual bits throughout the block, an unkeyed diffusion
Confusion and diffusion
In cryptography, confusion and diffusion are two properties of the operation of a secure cipher which were identified by Claude Shannon in his paper Communication Theory of Secrecy Systems, published in 1949....
called raking, and a substitution step using the permutation tables as S-box
Substitution box
In cryptography, an S-Box is a basic component of symmetric key algorithms which performs substitution. In block ciphers, they are typically used to obscure the relationship between the key and the ciphertext — Shannon's property of confusion...
es. The shredding step can either permute all 8 bit-plane
Bit-plane
A bit plane of a digital discrete signal is a set of bits having the same position in the respective binary numbers.For example, for 16-bit data representation there are 16 bit-planes: the first bit-plane contains the set of the most significant bit and the 16th contains the least significant...
s independently, or in groups of 4, depending on control bit 3. The permutation tables stay the same through all rounds of encryption on a given block, but if control bit 5 is set, then the tables are regenerated after each block.
External links
- PGPkeys.org - downloads of older PGP software, including version 1.0 source