0
void encrypt (unsigned long* v, unsigned long* k) {

unsigned long v0=v[0], v1=v[1], sum=0, i;           /* set up */
unsigned long delta=0x9e3779b9;                     /* a key schedule constant */
unsigned long k0=k[0], k1=k[1], k2=k[2], k3=k[3];   /* cache key */
for (i=0; i < 32; i++) {                       /* basic cycle start */
    sum += delta;
    v0 += ((v1<<4) + k0) ^ (v1 + sum) ^ ((v1>>5) + k1);
    v1 += ((v0<<4) + k2) ^ (v0 + sum) ^ ((v0>>5) + k3);
}                                              /* end cycle */
v[0]=v0; v[1]=v1;

}

I saw this code on the wiki of TEA encryption and was wondering is this considered a 4-bit or 5-bit algorithm since there was a shift of 4 bits to the left but a shift of 5 bit to the right.

I am confused on the algorithm of this encryption and would appreciate it if somebody can clarify it for me.

Thank you

Jeugasce
  • 3
  • 1

1 Answers1

3

TEA is neither considered a 4-bit nor 5-bit algorithm (these are not categorized by their shift count). TEA:

  • Is a 64-bit block cipher, meaning encrypt modifies 64 bits: the block is v[0] v[1] and the code shown (non-portably) assumes unsigned long is 32-bit.
  • Has a 128-bit key k[0] k[1] k[2] k[3] ; notice that each key has 3 other equivalent ones (obtained by complementing the high-order bits of even or/and odd numbered words), thus key is effectively 126-bit.
  • Performs 32 double rounds, with in each double round (focusing on shifts because that's asked) two left shifts by 4 bits and two right shifts by 5 bits (on a 32-bit quantity). That's 128 shifts on a machine with a 32-bit barrel shifter, and 5760 shifts with a 32-bit ALU without barrel shifter.

Addition: the only two common reasons to count the shifts in an algorithm are:

  • Determine how much computational effort is spent on that, to predict how the CPU influences the performance. Continuing on that track: on 8-bit CPU, 32-bit shifts are quite expensive, and naive code with likely have 23040 shift instructions executed per bloc encrypted, with shifting representing I guess like 3/4 of the effort. In assembly language at least, it is possible to do significantly better by realizing that most bits of v1>>5 can be obtained as ((v1<<4)>>8)>>1, with the shift by 8 efficient on an 8-bit CPU. Also, many 8-bit CPUs have an instruction that swaps the halves of an octet, and might be put to use for the shift by 4.
  • Determining is there's enough diffusion. In TEA, it is used shift rather than rotations (largely because there is no built-in rotation in the C language, and building one would have made at least the source code more complex), and therefore diffusion across bits of the 32 ranks in 32-bit words is mostly by shifting (exclusively so for right diffusion, and with carry propagation contributing slightly to left diffusion). Full diffusion requires about 8 rounds, and that is significantly slower than say in DES, which diffuses I'd say more than twice faster. That's one of several reasons TEA must have a lot of rounds (64 rounds versus 16 in DES).
fgrieu
  • 149,326
  • 13
  • 324
  • 622