Main Page | See live article | Alphabetical index

International Data Encryption Algorithm

International Data Encryption Algorithm (IDEA) is a symmetric cypher algorithm used to encrypt and decrypt data. A key (which must be randomly chosen) is used to encrypt the data, and that same secret key is needed for decrypting the data again.

IDEA is the second version of a block cipher designed by Xuejia Lai and James L. Massey of ETH-Zürich. RSA Security [1] describes it this way:

[IDEA] is a 64-bit iterative block cipher with a 128-bit key. The encryption process requires eight complex rounds. Decryption is carried out in the same manner as encryption once the decryption subkeys have been calculated from the encryption subkeys. The cipher structure was designed to be easily implemented in both software and hardware, and the security of IDEA relies on the use of three incompatible types of arithmetic operations on 16-bit words. However some of the arithmetic operations used in IDEA are not that fast in software. As a result the speed of IDEA in software is similar to that of DES. [1]

RSA Security goes on to say that IDEA was analyzed to measure its strength against differential cryptanalysis. The analysis concluded that IDEA is immune to that technique. In fact, (says RSA Security), there are no linear cryptanalytic attacks on IDEA, and there are no known algebraic weaknesses in IDEA. The only weakness of note was discovered by Daemen [DGV94]: using any of a class of 251 weak keys during encryption results in easy detection and recovery of the key. "However, since there are 2128 possible keys, this result has no impact on the practical security of the cipher for encryption provided the encryption keys are chosen at random. IDEA is generally considered to be a very secure cipher and both the cipher development and its theoretical basis have been openly and widely discussed." [ibid.]

IDEA encryption is somewhat faster and generally considered to be more secure than DES encryption. But IDEA is newer and therefore has not been as extensively tested, and it is patented which restricts its commercial use. The patent will expire in 2011.

Further Reading

[LM92] X. Lai, J.L. Massey and S. Murphy, Markov ciphers and differential cryptanalysis, Advances in Cryptology - Eurocrypt '91, Springer-Verlag (1992), 17-38.

[DGV94] J. Daemen, R. Govaerts, and J. Vandewalle, Weak keys for IDEA, Advances in Cryptology - Crypto '93, Springer-Verlag (1994), 224-231.