[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: No Subject
> More interesting, though, is this: why would a block cipher
> use key bits
> rather than an LFSR to do input or output whitening? Is it strictly a
> performance issue? Is it proven that doing this doesn't leak
> key bits in
> some way?
In many newer block ciphers, the key schedule comes from a fairly good one
way hash of the key. Take a look at RC6, or TwoFish. Essentially this
accomplishes the same thing as using a good LSFR.