[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: DId you ever think...
> From: [email protected] (Arsen Ray Arachelian)
> Date: Sun, 24 Apr 1994 14:23:19 -0400 (EDT)
>
> [...] so I certainly do not put it beyond their agenda, (D.Denning
> on AOL mentioned that she didn't know if the IDEA cypher that PGP uses
> was broken >YET< but she would comment no further. :-) Spreading inuendoes
In Crypto 93 is described a class of 2^55 (if I remember correctly)
IDEA keys for which IDEA offers scant security. Your chances of
getting one of these is only 2^55/2^128 == 1 in 2^73 if you choose
your IDEA keys with a uniform distribution from the IDEA keyspace.
(The authors also propose a simple patch -- XOR each key part just
before use with 0DAE. Does any one know of plans to implement this in
PGP, or of reports that this scheme doesn't solve the problem, or
introduces other problems?)
So, DD wasn't lying, or even necesarily being tricky. Other cyphers
have fallen before, and some cracks _are_ visible in IDEA already.
Also, after reading Crypto '92 and '93 for a while, I am more and
more impresed and suprised with the work that NSA put into creating
DES from Lucifer. Impressed that it was so good, and suprised that
the work was so honest (as far as anyone will report to date
anyway.).
j'
--
O I am Jay Prime Positive [email protected]
1250 bit fingerprint B06229 = B8 95 E0 AF 9A A2 CD A5 89 C9 F0 FE B4 3A 2C 3F
524 bit fingerprint 2A915D = 8A 7C B9 F2 D5 46 4D ED 66 23 F1 71 DE FF 51 48
Public keys via `finger [email protected]', or via email to [email protected]
Your feedback is welcome directly or via my symbol JPP on [email protected]
Resist the Clipper Chip, write "I oppose Clipper" to [email protected]