IDEA Encryption & Decryption

IDEA (International Data Encryption Algorithm) was designed by Xuejia Lai and James Massey at ETH Zurich in 1991, originally published as a replacement for DES. Unlike DES’s 56-bit key, IDEA uses a full 128-bit key and operates on 64-bit blocks through a mathematically distinctive structure that mixes three algebraic operations from incompatible groups: XOR, addition modulo 2¹⁶, and multiplication modulo 2¹⁶+1.

IDEA was the default symmetric cipher in PGP 2.x, the most widely-used email encryption software of the 1990s. Its patent (held by MediaCrypt AG) expired in 2012, making it freely usable worldwide. Despite its age, no practical attack has been published against the full 8.5-round cipher — reduced-round cryptanalysis shows weaknesses from 5 rounds downward, but the complete design remains unbroken in practice.

Key Features

• 128-bit key expanded into 52 subkeys of 16 bits each via cyclic left-rotation
• 64-bit block size — same width as DES, but with a significantly larger key and more mixing rounds
• 8.5 rounds alternating between three incompatible algebraic operations: XOR, addition mod 2¹⁶, multiplication mod (2¹⁶+1)
• Patent-free worldwide since 2012 — freely usable in open-source and commercial applications

Encryption Modes

• CBC: Cipher Block Chaining — each 64-bit IDEA block is XORed with the previous ciphertext block before encryption. The 64-bit IV prevents identical plaintext blocks from producing identical ciphertext. Recommended for general-purpose file encryption with IDEA.
• ECB: Electronic Codebook — each 64-bit block is independently encrypted with the same 52 derived subkeys. Identical plaintext blocks always yield identical ciphertext blocks, potentially revealing data structure. Suitable only for encrypting a single isolated random block.
• CFB: Cipher Feedback — IDEA acts as a keystream generator; the previous ciphertext block is encrypted and the output is XORed with plaintext. Converts IDEA’s 64-bit block cipher into a self-synchronizing stream cipher, useful for byte-oriented or variable-length data.
• OFB: Output Feedback — the keystream is generated by repeatedly encrypting the IV, independently of the plaintext. The pre-computable keystream and absence of error propagation make OFB a good fit for noisy communication channels where bit errors must not cascade into subsequent blocks.
• RAW: Raw Block - Direct single block encryption without any chaining mode. No IV required.

Security Considerations

• 64-bit block size introduces birthday-bound risk: after encrypting roughly 2³² blocks (32 GB) under the same key, collision probability rises significantly — rotate keys well before this threshold in high-throughput applications
• The three incompatible algebraic groups were deliberately chosen to neutralize differential and linear cryptanalysis — the two attack families that broke DES in the early 1990s; neither technique is effective against IDEA’s full 8.5 rounds
• A small class of weak keys exists where large subkey portions are zero or one; these are extremely rare (probability ≈ 2⁻¹¹⁴) but should be screened out — reject any generated key that is all-zeros or all-ones in any 16-bit segment
• For new applications, choose AES-256-GCM or ChaCha20-Poly1305; use IDEA only for compatibility with legacy PGP 2.x archives or protocols that explicitly mandate the algorithm

Use Cases

• Decrypting legacy PGP 2.x email archives and S/MIME messages that used IDEA as the default symmetric cipher before OpenPGP RFC 4880 standardized AES
• Embedded hardware platforms where IDEA acceleration is already implemented in silicon and replacing the algorithm would require costly board redesign
• Academic cryptography courses comparing mixed-algebraic-group cipher design to pure substitution-permutation networks, illustrating why multiplying in Z/(2¹⁶+1) defeats differential attacks
• Forensic decryption of archived files from the 1990s where the original software used IDEA without exposing the algorithm name to the user

References

• Wikipedia - International Data Encryption Algorithm
• Original IDEA Paper by Lai and Massey