Tiny Encryption Algorithm
Two rounds of the TEA block cipher
TEA operates on 64-bit blocks and uses a 128-bit key. It has a Feistel structure with a suggested 64 rounds, typically implemented in pairs termed cycles. It has an extremely simple key schedule, mixing all of the key material in exactly the same way for each cycle. Different multiples of a magic constant are used to prevent simple attacks based on the symmetry of the rounds.
TEA has a few weaknesses. Most notably, it suffers from equivalent keys — each key is equivalent to three others, and this means that the effective key size is only 126 bits (Kelsey et. al., 1996). This weakness led to a method for hacking Microsoft's Xbox game console, where the cipher was used as a hash function. TEA is also susceptible to a related-key attack which requires 2^{23} chosen plaintexts under a related-key pair, with 2^{32} time complexity (Kelsey et. al., 1997).
Because of these weaknesses, a number of revisions of TEA have been designed, including XTEA.
Table of contents |
2 References 3 External links |
Reference code
The reference encryption routine is (in C):void code(long* v, long* k) { unsigned long y=v[0],z=v[1], sum=0, /* set up */ delta=0x9e3779b9, n=32 ; /* a key schedule constant */ while (n-->0) { /* basic cycle start */ sum += delta ; y += (z<<4)+k[0] ^ z+sum ^ (z>>5)+k[1] ; z += (y<<4)+k[2] ^ y+sum ^ (y>>5)+k[3] ; /* end cycle */ } v[0]=y ; v[1]=z ; } }}
References
- David J. Wheeler and Roger M. Needham. TEA, a tiny encryption algorithm. In Bart Preneel, editor, Fast Software Encryption: Second International Workshop, volume 1008 of Lecture Notes in Computer Science, pages 363-366, Leuven, Belgium, 14–16 December 1994.
- John Kelsey, Bruce Schneier, and David Wagner. Key-schedule cryptanalysis of IDEA, G-DES, GOST, SAFER, and Triple-DES. Lecture Notes in Computer Science, 1109: 237–251, 1996.
- John Kelsey, Bruce Schneier, and David Wagner. Related-key cryptanalysis of 3-WAY, Biham-DES, CAST, DES-X NewDES, RC2, and TEA. Lecture Notes in Computer Science, 1334: pp233–246, 1997.
External links
- A web page advocating TEA and providing a variety of implementations
- Test vectors for TEA
- A survey of TEA and XTEA and their cryptanalysis
Block ciphers |
Algorithms: 3-Way | AES | Blowfish | Camellia | CAST-128 | CAST-256 | CMEA | DEAL | DES | DES-X | FEAL | G-DES | GOST | IDEA | Iraqi | KASUMI | KHAZAD | Khufu and Khafre; | LOKI89/91 | LOKI97 | Lucifer | MacGuffin | Madryga | MAGENTA | MARS | MISTY1 | MMB | NewDES | RC2 | RC5 | RC6 | Red Pike; | S-1 | SAFER | Serpent | SHARK | Skipjack | Square | TEA | Triple DES; | Twofish | XTEA |
Design: Feistel network; | Key schedule; | Product cipher; | S-box | SPN Attacks: Brute force; | Linear / Differential cryptanalysis | Mod n; | XSL Standardisation: AES process; | CRYPTREC | NESSIE Misc: Avalanche effect | Block size; | IV | Key size; | Modes of operation; | Piling-up lemma; | Weak key; |