MultiSwap
Encyclopedia
In cryptography
, MultiSwap is a block cipher
/MAC
created by Microsoft
in 1999 as part of its Windows Media DRM
service (WMDRM). Microsoft's internal name for the algorithm is not publicly known; it was dubbed MultiSwap in a 2001 report on WMDRM under the pseudonym "Beale Screamer".
The cipher has a block size
of 64 bits, but the two halves are processed nearly separately. All arithmetic operations are performed mod
232. In the encryption process, each half block has added to it the output of the previous half block. Next it undergoes 5 multiplications by odd 32-bit subkeys, each followed by a swap of its 16-bit halves. Then a final subkey is added to it. As the half blocks use separate subkeys, and the multipliers are forced to be odd, the total key size
is 374 bits. The name MultiSwap comes from the cipher's multiplications and swaps. WMDRM uses this algorithm only as a MAC, never for encryption.
Borisov, et al. applied a multiplicative form of differential cryptanalysis
to break MultiSwap.
Cryptography
Cryptography is the practice and study of techniques for secure communication in the presence of third parties...
, MultiSwap is a block cipher
Block cipher
In cryptography, a block cipher is a symmetric key cipher operating on fixed-length groups of bits, called blocks, with an unvarying transformation. A block cipher encryption algorithm might take a 128-bit block of plaintext as input, and output a corresponding 128-bit block of ciphertext...
/MAC
Message authentication code
In cryptography, a message authentication code is a short piece of information used to authenticate a message.A MAC algorithm, sometimes called a keyed hash function, accepts as input a secret key and an arbitrary-length message to be authenticated, and outputs a MAC...
created by Microsoft
Microsoft
Microsoft Corporation is an American public multinational corporation headquartered in Redmond, Washington, USA that develops, manufactures, licenses, and supports a wide range of products and services predominantly related to computing through its various product divisions...
in 1999 as part of its Windows Media DRM
Windows Media DRM
Windows Media DRM is a Digital Rights Management service for the Windows Media platform. It is designed to provide delivery of audio and/or video content over an IP network to a PC or other playback device in such a way that the distributor can control how that content is used.WMDRM includes the...
service (WMDRM). Microsoft's internal name for the algorithm is not publicly known; it was dubbed MultiSwap in a 2001 report on WMDRM under the pseudonym "Beale Screamer".
The cipher has a block size
Block size (cryptography)
In modern cryptography, symmetric key ciphers are generally divided into stream ciphers and block ciphers. Block ciphers operate on a fixed length string of bits. The length of this bit string is the block size...
of 64 bits, but the two halves are processed nearly separately. All arithmetic operations are performed mod
Modular arithmetic
In mathematics, modular arithmetic is a system of arithmetic for integers, where numbers "wrap around" after they reach a certain value—the modulus....
232. In the encryption process, each half block has added to it the output of the previous half block. Next it undergoes 5 multiplications by odd 32-bit subkeys, each followed by a swap of its 16-bit halves. Then a final subkey is added to it. As the half blocks use separate subkeys, and the multipliers are forced to be odd, the total key size
Key size
In cryptography, key size or key length is the size measured in bits of the key used in a cryptographic algorithm . An algorithm's key length is distinct from its cryptographic security, which is a logarithmic measure of the fastest known computational attack on the algorithm, also measured in bits...
is 374 bits. The name MultiSwap comes from the cipher's multiplications and swaps. WMDRM uses this algorithm only as a MAC, never for encryption.
Borisov, et al. applied a multiplicative form of differential cryptanalysis
Differential cryptanalysis
Differential cryptanalysis is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions. In the broadest sense, it is the study of how differences in an input can affect the resultant difference at the output...
to break MultiSwap.