Menu
I need a good encrypt algorithm for a PIC microcontroller. After some googling, it seems XXTEA is the only option, however, "XXTEA is vulnerable to a chosen-plaintext attack requiring 2^59 queries and negligible work".
I am not good at cryptography, so I would like to ask: how accurate is the above statement? Could I use XXTEA in a commercial security application? If no, is there any available algorithm I could use for my embedded system?
313
You cannot know what makes an encryption algorithm secure. Nobody knows what makes an encryption algorithm secure. The best we have are "algorithms which have sustained heavy scrutiny from hundreds of cryptographers during many years, and are still relatively unscathed". This is the case for AES, not for XXTEA. We may note that the attack on XXTEA is still very expensive, on the verge of the feasible and probably not applicable to most "commercial" situations, but still, this algorithm has been demonstrated flaky. As such, if you value your security, don't get creative with your crypto; use well-vetted standards.
Why would you want to use XXTEA ? What does it do for you, that AES does not ? You may want to have a look at this question for some pointers to implementations of AES for some PIC microcontrollers.
(The main design criterion of TEA and its derivatives like XXTEA was to have compact source code, so that it could be learned by heart and typed again on a computer. This does not immediately translates to compactness of compiled code. (X*)TEA algorithms tend to be slow and to rely on 32-bit operations which are ill-fitting for small microcontrollers.)
100
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
