CDMF

In cryptography, CDMF (Commercial Data Masking Facility) is an algorithm developed at IBM in 1992 to reduce the security strength of the 56-bit DES cipher to that of 40-bit encryption, at the time a requirement of U.S. restrictions on export of cryptography. Rather than a separate cipher from DES, CDMF constitutes a key generation algorithm, called key shortening. It is one of the cryptographic algorithms supported by S-HTTP.

Algorithm

Like DES, CDMF accepts a 64-bit input key, but not all bits are used. The algorithm consists of the following steps:

1. Clear bits 8, 16, 24, 32, 40, 48, 56, 64 (ignoring these bits as DES does).
2. XOR the result with its encryption under DES using the key 0xC408B0540BA1E0AE.
3. Clear bits 1, 2, 3, 4, 8, 16, 17, 18, 19, 20, 24, 32, 33, 34, 35, 36, 40, 48, 49, 50, 51, 52, 56, 64.
4. Encrypt the result under DES using the key 0xEF2C041CE6382FE6.

The resulting 64-bit data is to be used as a DES key. Due to step 3, a brute force attack needs to test only 2⁴⁰ possible keys.

References

• Lua error in package.lua at line 80: module 'strict' not found.
• U.S. Patent 5,323,464, IBM's patent on CDMF
• ISO/IEC9979-0005 Register Entry (PDF), registered October 29, 1994
• Lua error in package.lua at line 80: module 'strict' not found.
• RFC 2660, defines S-HTTP

<templatestyles src="Asbox/styles.css"></templatestyles>

This cryptography-related article is a stub. You can help Wikipedia by expanding it.

• v
• t
• e