This page uses content from Wikipedia and is licensed under CC BY-SA.


Designers Laurel Intelligent Systems
First published December 1993
Cipher detail
Key sizes 64 bits
Block sizes 64 bits
Structure Substitution-permutation network
Rounds 8
Best public cryptanalysis
Differential and linear cryptanalysis[1]

In cryptography, SXAL (Substitution Xor ALgorithm, sometimes called SXAL8) is a block cipher designed in 1993 by Yokohama-based Laurel Intelligent Systems. It is normally used in a special mode of operation called MBAL (Multi Block ALgorithm). SXAL/MBAL has been used for encryption in a number of Japanese PC cards and smart cards.

SXAL is an 8-round substitution-permutation network with block size and key size of 64 bits each. All operations are byte-oriented. The algorithm uses a single 8×8-bit S-box K, designed so that both K(X) and X XOR K(X) are injective functions. In each round, the bytes of the block are first permuted. Then each byte is XORed with a key byte and an earlier ciphertext byte, processed through the S-box, and XORed with the previous plaintext byte.

The key schedule is rather complex, processing the key with SXAL itself, beginning with a null key and using permuted intermediate results as later keys.


MBAL is an encryption algorithm built using SXAL that can be applied to messages any number of bytes in length (at least 8). It uses two 64-bit extended keys for key whitening on the first 64 bits. The algorithm consists of 9 steps:

  1. Pre-whitening
  2. Fm: An expanded version of SXAL applied to the entire message
  3. SXAL the block consisting of the first 4 and last 4 bytes
  4. Reverse the byte order of the entire message
  5. Fm
  6. Reverse
  7. SXAL the ends
  8. Fm
  9. Post-whitening

MBAL has been shown to be susceptible to both differential cryptanalysis and linear cryptanalysis.[1]


  1. ^ a b Schneier, Bruce (1996). Applied Cryptography (2nd ed.). John Wiley & Sons. p. 344. ISBN 0-471-11709-9. 

External links