From: cme@ellisun.sw.stratus.com (Carl Ellison)
Date: Thu, 19 Aug 93 12:30:46 PDT
To: cypherpunks@toad.com
Subject: Re: Cypherpunk Chip
In-Reply-To: <9308191619.AA26375@transfer.stratus.com>
Message-ID: <9308191528.ZM2217@ellisun.sw.stratus.com>
MIME-Version: 1.0
Content-Type: text/plain


On Aug 19, 12:18pm, peter honeyman wrote:
> Subject: Re: Cypherpunk Chip
> how important is the prng aspect of tran?  presumably des-cbc does
> a good job of bit diffusion.  why is it better to tran than to 
> "dd conv=swab" or rot13?  (or even to do nothing at all, simply
> des-cbc|des-cbc|des-cbc?)
> 
> 	peter
>-- End of excerpt from peter honeyman


I did a version of tran which did 4 rounds of an FFT-style butterfly.
This achieves maximal mixing.  However, it's predictable -- therefore
easier to cryptanalyze (not that I'd care to try it :-).

DES does a fine job of bit diffusion, within its block.  (for CBC, that
includes the rest of the stream -- if you hide the ciphertext from the
cryptanalyst, so he can't XOR it out again)

tran moves bytes of DES output around so that they can expect to have
new neighbors for the next round of encryption.  This produces diffusion.

The actual diffusion of tran is less than that of the FFT-butterfly.
However, for the cryptanalyst, there are more possibilities.  Any byte
can go anywhere within the 8KB block.  With the FFT, each byte goes to
a known location and gets diffused with 7 neighbors by the next round of
DES.

 - Carl