From: email@example.com (Shimrod)
Message Hash: 672294ae0d214f594ca93d6bf502f511872b68472985018a1fdc5f0198757196
Message ID: <9310132049.AA21296@anon.penet.fi>
Reply To: N/A
UTC Datetime: 1993-10-13 20:51:45 UTC
Raw Date: Wed, 13 Oct 93 13:51:45 PDT
From: firstname.lastname@example.org (Shimrod) Date: Wed, 13 Oct 93 13:51:45 PDT To: email@example.com Subject: FLAME: breaking DES Message-ID: <9310132049.AA21296@anon.penet.fi> MIME-Version: 1.0 Content-Type: text/plain I have been following this argument, and I cannot let this post slide without comment. As near as I can tell, Karl pointed out an attack which shows that double encrypting really doesn't buy you much security over single encrypting. Perry has chosen to ridicule this for impracticality. (Incidentally, I notice a slight error in a followup post by Karl, undoubtedly a typo on his part. The number of chosen plaintexts needed by differential cryptanalysis is 2^47 and not 10^47. While still a large number at more than 100 trillion, it is at least much smaller than 10^47!) This fact seems to have eluded Perry, despite his apparent expertise. There are other meet-in-the-middle attacks, such as the one Chaum and Evertse use against a DES variant (fewer number of rounds), described in "Cryptanalysis of the DES with a reduced number of rounds" at CRYPTO '85. The meet-in-the-middle attack Karl posted is by Merkle and Hellman, from the 1981 paper "On the Security of Multiple Encryption", Communications of the ACM. Strange, but I don't recall Perry asking if Merkle and Hellman were worried that others might think they beleived this. Incidentally, the complexity of factoring a 2000 bit number is on the order of 2.4 X 10^43 steps. >Whenever Perry Metzger defends an opinion of his well, somebody whines. >Whenever Perry Metzger disagrees with someone's arguments, someone else >crys "unfair! He's using his WITS on me!" >Whenever Perry Metzger has to stop and demonstrate something as simple as >arithmetic to end an argument, someone cries "foul! sarcasm! Hey, he's not >playing nice!" Well, if Perry were to have the BALLS to make impracticality arguments against the experts who actually created the protocols and methods, instead of taking cowardly pot-shots, maybe we wouldn't think he's full of shit. The attack is impractical, and if Perry weren't so strung out he could have written a coherent post stating despite the cleverness of the attack, it is out-of-reach with today's technology, with some calculations showing this. In the 1980 paper by Helleman "A Cryptanalytic Time-Space Tradeoff", Helleman suggests it is possible to pre-compute and store 2^56 results, and use this information to lookup keys. Cost: estimated at $5 million. (Although this is for singly encrypted text). Funny, but I don't recall any dissenting papers by Perry on this subject. He didn't ask if Helleman really wanted people to think he beleived this. >Y'all need to develop slightly thicker skins. Perry's efforts could serve to >raise the thought level of other posters to this list, if they'd stop reacting >to each prod with an irritated swipe back at the prodder. First off, Perry Metzger had treated this list to such CYPHERPUNK (?) gems as: 1) his dripping sarcasm 2) posts about theories on government, anarchy, and nazis 3) riduling posts obviously mistakenly sent (one such post with several ^H in it) 4) mailing list vs. newsgroup and how he can handle 300 mails a day and get work done 5) posts on the wide variety of services banks offer in New York 6) posts on the former libertarian orientation of Rep. Dana Rohrbacher 7) other pointless garbage If Perry wanted to raise the thought level of other posters, he would quit posting such bilge. Ah, but then, he wouldn't be posting at all! If he would take his BULLSHIT to private email, this list would improve vastly. If I missed the cypherpunk content in the above examples, point it out. He has a rather inflated ego and is quick to insult others: >You don't know anything about hashing, then. So if Perry feels that "you can lead a horse to water but can't make him think" he could perhaps pull his head out of his ass, wipe the shit from his eyes and ears, buy a fucking clue at the nearest store, and shut up. ------------------------------------------------------------------------- To find out more about the anon service, send mail to firstname.lastname@example.org. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to email@example.com.