[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Breaking DES
- To: cypherpunks@toad.com
- Subject: Re: Breaking DES
- From: doug@netcom.com (Doug Merritt)
- Date: Tue, 12 Oct 1993 21:16:40 PDT
- In-Reply-To: "Perry E. Metzger" <pmetzger@lehman.com> "Re: Breaking DES" (Oct 12, 11:59pm)
pmetzger@lehman.com said:
>Each DES block is eight bytes. You can't use hashing -- the idea is
>nonsense in context. Did you read the original post?
Yes, I did. If hashing doesn't work, you'll have to say why not. It's a
technique that works in most other situations.
>First of all, its actually twice that because you really need 16
>bytes.
As I said, we can tackle this if anyone cares to...it's unclear that
this is an invitation, but assuming it is: hashing gives a first-pass
screening good for every 1/256 calculations, given the assumptions I
stated. For each collision more work is needed...but you haven't invited
that analysis, nor addressed it yourself.
>Second of all, the method is still impractical. I was merely
>giving the easiest and most obvious attack on it.
Impractical? Your response to Karl implied that it was *impossible*. If
you wish to apologize to Karl, and say that it is merely "impractical",
then I will agree with you and drop the subject. The expense required
definitely indicates that it is "impractical."
>I see no reason to continue this. I don't think your argument has
>credibility.
Clearly you are preparing to drop the argument because you sense that
your tactic of flaming didn't work. I welcome the lessening of flames,
so thank you for that. We could use less flames here.
Doug