Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
MARS (cipher)
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
==Security analysis== Subkeys with long runs of ones or zeroes may lead to efficient attacks on MARS.<ref name="Preneel-Comments-by-NESSIE-Project-on-AES-Finalists">{{citation | author = B. Preneel | title = Comments by the NESSIE Project on the AES Finalists | url = http://csrc.nist.gov/archive/aes/round2/comments/20000524-bpreneel.pdf | publisher = NIST | year = 2000 |display-authors=etal}}</ref> The two least significant bits of round keys used in multiplication are always set to the value 1. Thus, there are always two inputs that are unchanged through the multiplication process regardless of the subkey, and two others which have fixed output regardless of the subkey.<ref name="Preneel-Comments-by-NESSIE-Project-on-AES-Finalists"/> A [[meet-in-the-middle attack]] published in 2004 by [[John Kelsey (cryptanalyst)|John Kelsey]] and [[Bruce Schneier]] can break 21 out of 32 rounds of MARS.<ref>[https://www.schneier.com/wp-content/uploads/2016/02/paper-mars-attacks.pdf ''MARS Attacks! Preliminary Cryptanalysis of Reduced-Round MARS Variants''] John Kelsey, Bruce Schneier, 2004</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)