From msuinfo!uwm.edu!cs.utexas.edu!uunet!nwnexus!coho!latimer Tue Apr  5 08:58:50 1994
Path: msuinfo!uwm.edu!cs.utexas.edu!uunet!nwnexus!coho!latimer
From: latimer@coho.halcyon.com (Philip B. Latimer)
Newsgroups: sci.crypt
Subject: New Algorthim Available for Peer Review
Date: 5 Apr 1994 04:38:01 GMT
Organization: dan.nelles@ablelink.org
Lines: 266
Distribution: na
Message-ID: <2nqpv9$rhb@nwfocus.wa.com>
NNTP-Posting-Host: coho.halcyon.com

----------------------------------------------------------------------
Special Announcement to all Internet sci.crypt Conference Participants
----------------------------------------------------------------------

Re:
     The Data Encryption Algorithm, DEA Release v.2.01 / 2.02 / 2.03

     A.  New Cryptographic Product - DEA - [New Name [NDISA]]
     B.  Complimentary Professional Peer Review Package - PRP -

Published by:
	       Nellis du Maurier Information Security
	       33 Isabella St., Ste. 1005
	       Toronto, ON  M4Y 2P7
	       CANADA

Internet  E-Mail:

         	Dan Nelles: dan.nelles@ablelink.org

Availability:
-------------

   DEA v.2.01 AND The Professional Peer Review Package (DEA PRP)

   + Contact the publisher via mail, E-Mail, or,

   + FTP to Michigan State University: ripem.msu.edu
     FTP Directory: /pub/crypt/other
     Filenames: nellis-dea2tech-msdos.zip
                nellis-dea201-msdos.zip

     Note: Users must obtain registered login passwords to access crypto
           materials at this site. To obtain login and password, E-mail 
           Mark Riordan at ripem.msu.edu. State your name, nationality 
           and the name and location of your internet host. You will 
           receive your login and password via return E-mail.

   + In Toronto, Canada (DEA201.ZIP ONLY):

		BBS NAME                     Tel. Number   Area Code
	      -------------------------     -------------  ----------
	      Ability Online  ++              650-5411      -416-
	      Baudville BBS                   283-0114      -416-
	      The Westonia BBS                241-9793      -416-

       ++ = both DEA201 & DEA2TECH archives are available at site

	Keyword search: DEA201, encryption, security, Nellis, du Maurier
      File designation: DEA201.ZIP (~179,000 bytes) USER PKG.
			DEA2TECH.ZIP (~130,000 bytes) PRP PKG.



The Commercial Version of the Program
-------------------------------------
  The DEA ACV 2.00 will become available in May 1994.  Its key
  structure is equivalent to that of the Standard Version, 2.01.
  However, the ACV employs two (2) key files, one key is 180 bytes
  (1,440) bits in length, the other is 400 bytes (3,200) bits
  for a total effective keyspace of not less than:

	 2^4,608,000    or
       256^72,000

  Please inquire if you desire more detailed information on the
  Advanced Commercial Version, (ACV).



THE PROFESSIONAL PEER REVIEW PACKAGE
------------------------------------
  The DEA PRP is targeted to professional cryptographers who
  desire to fully examine the DEA's operation and transformations.
  It provides almost all required information.  It is suggested
  the interested individuals obtain both archives, DEA201.ZIP AND
  DEA2TECH.ZIP so that they have the most complete information.



NOTICE IS HEREBY GIVEN THAT:
----------------------------
	THE DATA ENCRYPTION ALGORITHM (DEA v.2.00) IS NOT AND HAS
	NEVER BEEN AFFILIATED WITH ANY OTHER CRYPTOGRAPHIC DESIGN,
	PRODUCT, OR MANUFACTURER.  ANY NAME SIMILARITY IS PURELY
	COINCIDENTAL AND UNINTENSIONAL.  IF ANY CONFUSION ARISES,
	THE DEA IS TO BE REFERRED TO AS:

		       "THE DEA FROM NELLIS DU MAURIER".

	EVERY NEW CRYPTOGRAPHIC SCHEME CAN BE NAMED THE DATA
	ENCRYPTION ALGORITHM (DEA).  Such a designation is not
	proper subject matter for copyright or trademark laws, and
	thus, the reference to 'DEA' does not infringe on any
	official names of any algorithms designed to encrypt
	data.  Indeed, there can be no concrete algorithm with
	just the name Data Encryption Algorithm, (DEA), officially,
	or otherwise.  Therefore, during this review period, this
	algorithm should simply be referred to as the "DEA from ND".

	Following favourable peer review of the DEA, the algorithm
	will be renamed to: NDISA.



Brief Technical Synopsis:

     KEY:
	  Eighteen bytes per File Block, ten (10) File Blocks total
	  Total Session Key Length: 180 bytes, 1,440 bits
	  'C' language key template shown below:

static struct file_block_key
{                   /*  THE DEA KEY STRUCTURE PER FILE BLOCK  */
  unsigned long int file_block,      ......   Variable
		 prime_divisor,   *  4 bytes  Constant
		     numerator,   *  4 bytes  Constant
		    IF_divisor,   *  4 bytes  Variable  CS chaining
		  IF_numerator;   *  4 bytes  Variable  CS chaining
  unsigned char           SABV,   *  1 byte   Constant
		  select_digit,   *  1 byte   Constant
		  start_vector;   - reserved for DEA ACV 2.00,
				    presently defined as ZERO
};

     THE CIPHER FUNCTION:

	  The DEA C.F. requires four (4) data inputs as listed
	  below; the permutation 'P' provides the entropy for
	  the DEA.  The key data only controls the C.F.

	    1. 8-bit plaintext byte
	 *  2. 8-bit Select Digit (one of the digits 0-9)
	 *  3. 8-bit Stop Address Byte Value (one of the values 0-255)
	    4. permutation (P): P = 10^otp_size (THE ONE-TIME-PAD)

	 * = C.F. control variables

	  Shown below is the definition of the DEA 2.00 Cipher
	  Function:
	  .......................................................
	 .        DEA v.2.00 Cipher Function Definition        .
	 .     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^     .
	 .                                                     .
	 .    Given a plaintext 8 bit value, perform an        .
	 .    unknown number of XOR operations upon this       .
	 .    value by using the Select Digit Frame Summation  .
	 .    values derived from the one-time-pad, and        .
	 .    [attempt], via random XORing, to convert the     .
	 .    plaintext byte into the Stop Address Byte Value. .
	 .                                                     .
	 .    When this directed conversion has been           .
	 .    successful, record the current position of the   .
	 .    last Select Digit read by the Cipher Function    .
	 .    represented as a linear address from the         .
	 .    beginning of the current one-time-pad and write  .
	 .    this value in 16-bit format as ciphertext.       .
	 .    We say the Data Input set has been satisfied.    .
	 .......................................................


     THE CIPHERTEXT:

	  Represented in 16-bit format, and ranging from a minimum
	  of 1,301 to a maximum of 20,000.  The term STOP ADDRESS
	  is given to this data entity and indicates a location
	  marker in a specific 10^otp_size permutation of (P).


     THE DEA IN A NUTSHELL:

	  The DEA creates a one-time-pad for every plaintext entity,
	  where the Stop Address (ciphertext) has meaning only if:

	  A. it is mapped correctly to a particular one-time-pad
	  B. the Cipher Function is configured properly
	       (see above, C.F. data inputs)
	  C. the complete ciphertext CS chaining is intact

	  Entropy is provided by the one-time-pad permutation of
	  otp_size digits -- 10^otp_size which is known as 'P'.



  DEA Technical Type Characteristics:

 conventional .................... YES
 public .......................... NO

 stream .......................... YES
 block ........................... NO

 symmetrical ..................... YES
 asymmetrical .................... NO

 closed .......................... YES   (limited number of keys)
 open ............................ NO    (unlimited number of keys)

 key length ...................... 180 BYTES, (1,440 BITS)
 total key space.................. 256^180, or 2^1,440 (+)
 keyspace extendable ............. YES
 employs PRNG's .................. NO
 one (1) Key 'Round' equals ...... Ten (10) bytes
 ciphertext type ................. 16-bit Stop Address (typically),
				   and / or 8-bit scrambled word
 cipher function ................. DIRECTED CONVERSION VIA RANDOM
				   MULTIPLE XORing TO THE SABV
 one-time-pad size ............... 1,300 digits to 20,000 digits
 one-time-pad creator ............ long division of fraction N/D
   (entropy)                       with random mod-mult feed -> (P)
 logical joining function ........ XOR (exclusive OR)

 chaining:  Key & plaintext controlled Cascade Synchronized
	    one-time-pad mapping & chaining

 security claims made ............ 1. more secure than the DES
				   2. more secure than hybrid RSA
				   3. ciphertext unsuitable for
				      traditional cryptanalytic
				      methodology
				   4. broken by brute-force only
				   5. not unbreakable
				   6. ciphertext cannot be attacked
				      anywhere

 method of attack ................ brute force of FIRST(!) 200 Stop
				   Addresses (400 bytes) for
				   confirmation of key via linguistic
				   checking

 ciphertext corruption ........... typically unrecoverable in future
				   rounds


     FEATURES:

		1. extremely large keyspace and long keys
		2. no short-cut methods are presently
		   known to exist, except brute-force
		3. actual key not combined with plaintext;
		   provides control only
		4. severs all relationships between plaintext
		   and ciphertext, and key
		5. is extendable and modifiable in several ways
		   to meet future computational threats
		6. a near one-time-pad implementation
		7. simple design with high cryptographic strength
		8. defeats electronic signal monitoring schemes


 COPYRIGHT NOTICE
 ----------------
   This public message announcement contains information
   which has previously been copyrighted by the publisher:

	   Nellis du Maurier Information Security
	   33 Isabella St., Ste. 1005
	   Toronto, ON  M4Y 2P7
	   Canada

  Copyright (c) 1993, 1994 by Nellis du Maurier Information Security

DISTRIBUTION NOTICE
-------------------
Permission to distribute this document is granted.