1996-03-20 - Re: IPG cracked with known plaintext

Header Data

From: John Pettitt <jpp@software.net>
To: cypherpunks@toad.com
Message Hash: 6c4672f5fdbd277a91f30f98ffec169a07da2eebec7c47ab82447b8b8dba12cd
Message ID: <2.2.32.19960319194316.00ce76e4@mail.software.net>
Reply To: N/A
UTC Datetime: 1996-03-20 20:44:42 UTC
Raw Date: Thu, 21 Mar 1996 04:44:42 +0800

Raw message

From: John Pettitt <jpp@software.net>
Date: Thu, 21 Mar 1996 04:44:42 +0800
To: cypherpunks@toad.com
Subject: Re: IPG cracked with known plaintext
Message-ID: <2.2.32.19960319194316.00ce76e4@mail.software.net>
MIME-Version: 1.0
Content-Type: text/plain


At 05:32 PM 3/19/96 GMT, ECafe Anonymous Remailer wrote:
>This information is preliminary and is based on an attempt to
>understand the IPG algorithm information.  That description is not
>clear in some areas, however, hence this analysis is tentative at this
>time.
>
>First let us describe the IPG system in more conventional C:
>
>a[0] to a[63] are initialized to random 8-bit values.  (The
>description is unclear and almost makes it sound like they are
>initialized to a random 8-bit value anded with 0x3500, which would of
>course be zero.  The attack below will assume that this bizarre step
>is not done, but will still apply even if it is.)
>

I think they mean ADD not AND but it's still an odd thing to do IMHO.


>So this algorithm is easily broken with known plaintext.
>
>
Agreed.   Given that most PC apps generate known headers on files
and that only a smallish plaintext is needed it's looks rather weak.

John Pettitt, jpp@software.net
VP Engineering, CyberSource Corporation, 415 473 3065
 "Technology is a way of organizing the universe so that man
  doesn't have to experience it." - Max Frisch

PGP Key available at:
http://www-swiss.ai.mit.edu/htbin/pks-extract-key.pl?op=get&search=0xB7AA3705






Thread