From: “Perry E. Metzger” <pmetzger@lehman.com>
To: cypherpunks@toad.com
Message Hash: 84cf2d147e9f8dc9029c3b3aa19757b15c289bc90c127b16d0f8aad985fec36a
Message ID: <9310130349.AA00794@snark.lehman.com>
Reply To: <9310130056.AA06298@flammulated.owlnet.rice.edu>
UTC Datetime: 1993-10-13 03:49:58 UTC
Raw Date: Tue, 12 Oct 93 20:49:58 PDT
From: "Perry E. Metzger" <pmetzger@lehman.com>
Date: Tue, 12 Oct 93 20:49:58 PDT
To: cypherpunks@toad.com
Subject: Re: Breaking DES
In-Reply-To: <9310130056.AA06298@flammulated.owlnet.rice.edu>
Message-ID: <9310130349.AA00794@snark.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain
Karl Lui Barrus says:
> So maybe it's only of theoretical interest, sort of like differential
> cryptanalysis against the DES - which requires 10^47 chosen
> plaintexts.
>
> Why don't you mail Biham and Shamir that their method sucks. It's
> fairly infeasible as well.
It *IS* infeasable, and they realize it. The breakthrough was
differential cryptanalysis itself, and the discovery that DES was
fairly resistant to it. The fact that they made ANY crack in it was
kind of neat, by the way.
A huge number of chosen plaintexts is of course pretty much not
possible in practice, especially since you might not get any chosen
plaintexts at all!
Perry
Return to October 1993
Return to ““Perry E. Metzger” <pmetzger@lehman.com>”