[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: No Subject

> More interesting, though, is this: why would a block cipher 
> use key bits
> rather than an LFSR to do input or output whitening? Is it strictly a
> performance issue? Is it proven that doing this doesn't leak 
> key bits in
> some way?
> Mike

In many newer block ciphers, the key schedule comes from a fairly good one
way hash of the key. Take a look at RC6, or TwoFish. Essentially this
accomplishes the same thing as using a good LSFR.