1994-02-28 - Re: DES Question

Header Data

From: Phil Karn <karn@qualcomm.com>
To: mg5n+@andrew.cmu.edu
Message Hash: 30369f7e3f49dd9cbb2268714ade2b4df0f759e56159f1fa8e05b26bb152b62a
Message ID: <199402282149.NAA00940@servo.qualcomm.com>
Reply To: <ghQZ=Nq00awT82I0UR@andrew.cmu.edu>
UTC Datetime: 1994-02-28 21:50:05 UTC
Raw Date: Mon, 28 Feb 94 13:50:05 PST

Raw message

From: Phil Karn <karn@qualcomm.com>
Date: Mon, 28 Feb 94 13:50:05 PST
To: mg5n+@andrew.cmu.edu
Subject: Re: DES Question
In-Reply-To: <ghQZ=Nq00awT82I0UR@andrew.cmu.edu>
Message-ID: <199402282149.NAA00940@servo.qualcomm.com>
MIME-Version: 1.0
Content-Type: text/plain


>Second question: The DES code that I have (not written by me) has a
>comment section which describes filling all 16 subkeys seperately,
>thereby allowing a 128 byte key.  Is there any significant advantage to
>doing this?  Is there any reason that I should not do it?

That sounds like my code. That feature seemed like a good thing to do
at the time. Then I learned about differential cryptanalysis. No, you
cannot strengthen DES in this way, and in fact you could actually
weaken it unless you are sure to use 128 completely random bytes for
your key.

>What is the purpose of the initial and final permutations?

Mainly to sabotage the performance of DES software implementations.
Even back then the government knew it was much easier to control
the dissemination of hardware than software.

Phil





Thread