CDMF
Encyclopedia
In cryptography
, CDMF (Commercial Data Masking Facility) is an algorithm developed at IBM
in 1992 to reduce the security strength of the 56-bit
DES
cipher to that of 40-bit encryption, at the time a requirement of U.S. restrictions on export of cryptography
. Rather than a separate cipher from DES, CDMF constitutes a key generation
algorithm, called key shortening. It is one of the cryptographic algorithms supported by S-HTTP.
, but not all bits are used.
The algorithm consists of the following steps:
The resulting 64-bit data is to be used as a DES key. Due to step 3, a brute force attack
needs to test only 240 possible keys.
Cryptography
Cryptography is the practice and study of techniques for secure communication in the presence of third parties...
, CDMF (Commercial Data Masking Facility) is an algorithm developed at IBM
IBM
International Business Machines Corporation or IBM is an American multinational technology and consulting corporation headquartered in Armonk, New York, United States. IBM manufactures and sells computer hardware and software, and it offers infrastructure, hosting and consulting services in areas...
in 1992 to reduce the security strength of the 56-bit
56-bit encryption
In computing, 56-bit encryption refers to a key size of fifty-six bits, or seven bytes, for symmetric encryption. While stronger than 40-bit encryption, this still represents a relatively low level of security in the context of a brute force attack....
DES
Data Encryption Standard
The Data Encryption Standard is a block cipher that uses shared secret encryption. It was selected by the National Bureau of Standards as an official Federal Information Processing Standard for the United States in 1976 and which has subsequently enjoyed widespread use internationally. It is...
cipher to that of 40-bit encryption, at the time a requirement of U.S. restrictions on export of cryptography
Export of cryptography
The export of cryptography in the United States is the transfer from the United States to another country of devices and technology related to cryptography....
. Rather than a separate cipher from DES, CDMF constitutes a key generation
Key generation
Key generation is the process of generating keys for cryptography. A key is used to encrypt and decrypt whatever data is being encrypted/decrypted....
algorithm, called key shortening. It is one of the cryptographic algorithms supported by S-HTTP.
Algorithm
Like DES, CDMF accepts a 64-bit input keyKey (cryptography)
In cryptography, a key is a piece of information that determines the functional output of a cryptographic algorithm or cipher. Without a key, the algorithm would produce no useful result. In encryption, a key specifies the particular transformation of plaintext into ciphertext, or vice versa...
, but not all bits are used.
The algorithm consists of the following steps:
- Clear bits 8, 16, 24, 32, 40, 48, 56, 64 (ignoring these bits as DES does).
- XOR the result with its encryption under DES using the key 0xC408B0540BA1E0AE.
- Clear bits 1, 2, 3, 4, 8, 16, 17, 18, 19, 20, 24, 32, 33, 34, 35, 36, 40, 48, 49, 50, 51, 52, 56, 64.
- Encrypt the result under DES using the key 0xEF2C041CE6382FE6.
The resulting 64-bit data is to be used as a DES key. Due to step 3, a brute force attack
Brute force attack
In cryptography, a brute-force attack, or exhaustive key search, is a strategy that can, in theory, be used against any encrypted data. Such an attack might be utilized when it is not possible to take advantage of other weaknesses in an encryption system that would make the task easier...
needs to test only 240 possible keys.