[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Blowfish ain't broken

To: [email protected]
Subject: Blowfish ain't broken
From: Jerry Whiting <[email protected]>
Date: Sun, 14 Apr 1996 09:28:18 -0700 (PDT)
Sender: [email protected]

> Jerry Whiting writes:
> > One reason we chose to use Blowfish as the basis for carrick is that
> > it _is_ a new algorithm.  One has to assume that the NSA et al. has
> > tools optimized to crack DES and possibly IDEA/RSA.  At least let's
> > give them something else to sweat over.
> 
> Perry writes:
> They won't sweat over it long. Blowfish was broken.

My understanding is that Blowfish using only 3 rounds, not the full 16, has been
broken.  And yes, duplicate entries in an S-box are weak keys.

carrick uses the full 16 rounds and we check for weak keys.

I'll sleep at night.

Jerry Whiting

Prev by Date: Re: [Political Rant] Was: examples of mandatory content rating?
Next by Date: Re: washington post notices archives
Prev by thread: Anybody know of a WinNT Remailer?
Next by thread: Re: Blowfish ain't broken
Index(es):
- Date
- Thread