[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Skipjack extensibility

To: [email protected]
Subject: Skipjack extensibility
From: [email protected] (Anonymous)
Date: Thu, 25 Jun 1998 09:05:13 +0200
Organization: Replay Associates, L.L.P.
Sender: [email protected]


NSA made a claim that Skipjack couldn't be extended past 80 bits of key. Most
plausible explanation to my mind is that they're lying. Second is that there is
an attack against a class of Skipjack-like ciphers that requires only a few
plaintexts and 2^80 operations. Third is that some common key-lengthening
tricks like those for 2-key-3DES, DES-X, and DEAL fail when applied to
Skipjack. I can hardly fathom one resistant to all three, but I guess it's
possible with NSA.

Seems to me that you could always figure out some construct so that no
practically-secure cipher with Skipjack's observable properties could evade
having its key lengthened with much probability. Or maybe not. IANAC.

Besides, it's impossible to make a cipher that can't be used to construct
constructs with bigger key lengths: Skipjack(cryptovariable, IDEA(key,
plaintext)) -- terminology jab intended -- provably has an effective key length
as long as IDEA's. Even if that is cheating...

Follow-Ups:
- Re: Skipjack extensibility
  - From: Bill Frantz <[email protected]>

Prev by Date: Re: Banning privacy: A radical proposal
Next by Date: NSA Declass Query
Prev by thread: CTIA Daily News from WOW-COM - June 24, 1998
Next by thread: Re: Skipjack extensibility
Index(es):
- Date
- Thread