Tiny Encryption Algorithm

In cryptography, the Tiny Encryption Algorithm (TEA) is a block cipher notable for its simplicity of description and implementation (typically a few lines of code). The cipher's designers were David Wheeler and Roger Needham of the Cambridge Computer Laboratory, and the algorithm was first presented at the Fast Software Encryption workshop in 1994 (Wheeler and Needham, 1994). It is not subject to any patents.

TEA operates on 64-bit blocks and uses a 128-bit key. It has a Feistel structure with a suggested 64 rounds, typically implemented in pairs termed cycles. It has an extremely simple key-schedule, mixing in all of the key material identically for each cycle. Different multiples of a magic constant are used in each cycle to prevent simple attacks based on the symmetry of the rounds.

The reference encryption routine is (in C):

void code(long* v, long* k)  {
unsigned long y=v[0],z=v[1], sum=0,   /* set up */
 delta=0x9e3779b9, n=32 ;             /* a key schedule constant */
while (n-->0) {                       /* basic cycle start */
  sum += delta ;
    y += (z<<4)+k[0] ^ z+sum ^ (z>>5)+k[1] ;
    z += (y<<4)+k[2] ^ y+sum ^ (y>>5)+k[3] ;   /* end cycle */
              }
v[0]=y ; v[1]=z ; }
}}

TEA has a few weaknesses. Most notably, it suffers from equivalent keys &mdash each key is equivalent to three others, and this means that the effective key size is only 126 bits (Kelsey et. al., 1996). This weakness led to a method for hacking Microsoft's X-box game console, where the cipher was used as a hash function. TEA is also susceptible to a related-key attack which requires 2²³ chosen plaintexts under a related key pair, with 2³² time complexity (Kelsey et. al., 1997).

Because of these weaknesses, several extensions of TEA were published, including XTEA.