From: Alan Olsen <alano@teleport.com>
Date: Mon, 15 Apr 1996 05:09:26 +0800
To: Jerry Whiting <cypherpunks@toad.com
Subject: Re: Blowfish ain't broken
Message-ID: <2.2.32.19960414181603.00a9f404@mail.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain


At 09:28 AM 4/14/96 -0700, Jerry Whiting wrote:

>> Perry writes:
>> They won't sweat over it long. Blowfish was broken.
>
>My understanding is that Blowfish using only 3 rounds, not the full 16, has
been
>broken.  And yes, duplicate entries in an S-box are weak keys.
>
>carrick uses the full 16 rounds and we check for weak keys.

I thought there was a variant of Blowfish that fixed the problems that had
been found with the algorythm.  I believe it was called "Blowfish-SK". (I
need to check my archives for further details.)  

Are you using the original Blowfish or the improved version? 
---
Alan Olsen -- alano@teleport.com -- Contract Web Design & Instruction
        `finger -l alano@teleport.com` for PGP 2.6.2 key 
                http://www.teleport.com/~alano/ 
  "We had to destroy the Internet in order to save it." - Sen. Exon