[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DES Question

To: Phil Karn <[email protected]>
Subject: Re: DES Question
From: Matthew J Ghio <[email protected]>
Date: Mon, 28 Feb 1994 17:43:09 -0500 (EST)
Cc: [email protected]
In-Reply-To: <[email protected]>
References: <[email protected]>
Reply-To: [email protected]
Sender: [email protected]

Phil Karn wrote:

> That sounds like my code.

Yup. :)

> That feature seemed like a good thing to do at the time. Then I
> learned about differential cryptanalysis.

Seven years is a virtual eternity in cyberspace.

> No, you cannot strengthen DES in this way, and in fact you
> could actually weaken it unless you are sure to use 128
> completely random bytes for your key.

Okay...  It would prevent brute-force attacks though, wouldn't it?  It
may not prevent differential cryptanalysis, but it would be difficult to
obtain the large amount of data required for differential cryptanalysis
from just a few encrypted email addresses.  Random numbers aren't really
a problem; I have a RNG running here, continuously generating random
numbers from system usage statistics and incoming email.

P.S. What's KA9Q?

References:
- Re: DES Question
  - From: Phil Karn <[email protected]>

Prev by Date: Mar 17 IEEE mtg:Cryptanalysis of DES
Next by Date: Re: standard for stegonography?????!!!!??
Prev by thread: Re: DES Question
Next by thread: Re: DES Question
Index(es):
- Date
- Thread