DESX is the name for a enhancement of DES, invented by Ron Rivest (in an unpublished manuscript from 1984), which strengthens DES against brute force key search without slowing it's performance significantly, as 3DES does. In addition to the normal 56-bit key used for DES, a pair of 64-bit keys are also used, denoted here as KO and KI, for outer and inner keys (resp).

To encrypt a plaintext, P, with DESX, we do the following:

C = KO DES(P ⊕ KI)

This extends the key length from a paltry 56 bits to 184 bits (which is by even the most conservative estimates sufficient for security over the next 50 years). In addition, Robshaw and Kaliski show that DESX has somewhat improved strength against linear and differential cryptanalysis compared to DES. The process of using XORing in key material before and after the main cryptographic operations is now known as whitening, and is used in many modern algorithms, such as Twofish and RC6.

DESX, despite it's efficiency and simplicity, has never really caught on, for reasons that are not particularly clear. DESX is is a trademark of RSA DSI, but there are no patents or other restrictions on it's use. RSA's BSAFE software package does contain a DESX implementation in C, and I know of a small number of open source crypto libraries that include it. However, it seems that 3DES has remained the popular choice despite the performance hit involved, and as of this writeup AES is in the process of being adopted into virtually every protocol and application you can think of, leaving DESX to remain just another interesting sidenote in cryptology.


Log in or register to write something here or to contact authors.