1995-08-11 - Re: More “S-1” foolishness

Header Data

From: Hal <hfinney@shell.portal.com>
To: cypherpunks@toad.com
Message Hash: c54a76564ad06ce1fc9b029d8ebdce1c30613fce1d707c8dd2d41b1ce3580446
Message ID: <199508110353.UAA04743@jobe.shell.portal.com>
Reply To: N/A
UTC Datetime: 1995-08-11 08:55:14 UTC
Raw Date: Fri, 11 Aug 95 01:55:14 PDT

Raw message

From: Hal <hfinney@shell.portal.com>
Date: Fri, 11 Aug 95 01:55:14 PDT
To: cypherpunks@toad.com
Subject: Re:  More "S-1" foolishness
Message-ID: <199508110353.UAA04743@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


The other thing I noticed that really makes me question this is that G1
only uses 4 of its 8 input bits.  As I wrote, it is equivalent to
parity(i&0x17).  A bit is a terrible thing to waste, and it is hard to
imagine why it would do this intentionally.  G1 may not be that important
an element of the cipher but why throw away four bits?

It is possible I suppose that the F and G boxes are not the ones used
in the "real" version of whatever cipher this is, so this apparent
weakness and the ones which Matt has pointed out may not be that
significant.

Hal





Thread