From: jpp@markv.com
Date: Tue, 26 Apr 94 13:55:47 PDT
To: cypherpunks@toad.com
Subject: Re: DId you ever think...
In-Reply-To: <9404241823.AA04159@prism.poly.edu>
Message-ID: <9404261354.aa06997@hermix.markv.com>
MIME-Version: 1.0
Content-Type: text/plain


> From: rarachel@prism.poly.edu (Arsen Ray Arachelian)
> Date: Sun, 24 Apr 1994 14:23:19 -0400 (EDT)
> 
> [...] so I certainly do not put it beyond their agenda, (D.Denning
> on AOL mentioned that she didn't know if the IDEA cypher that PGP uses
> was broken >YET< but she would comment no further. :-)  Spreading inuendoes

  In Crypto 93 is described a class of 2^55 (if I remember correctly)
IDEA keys for which IDEA offers scant security.  Your chances of
getting one of these is only 2^55/2^128 == 1 in 2^73 if you choose
your IDEA keys with a uniform distribution from the IDEA keyspace.
(The authors also propose a simple patch -- XOR each key part just
before use with 0DAE.  Does any one know of plans to implement this in
PGP, or of reports that this scheme doesn't solve the problem, or
introduces other problems?)

  So, DD wasn't lying, or even necesarily being tricky.  Other cyphers
have fallen before, and some cracks _are_ visible in IDEA already.

  Also, after reading Crypto '92 and '93 for a while, I am more and
more impresed and suprised with the work that NSA put into creating
DES from Lucifer.  Impressed that it was so good, and suprised that
the work was so honest (as far as anyone will report to date
anyway.).

j'
--
		   O I am Jay Prime Positive jpp@markv.com
1250 bit fingerprint B06229 = B8 95 E0 AF 9A A2 CD A5  89 C9 F0 FE B4 3A 2C 3F
 524 bit fingerprint 2A915D = 8A 7C B9 F2 D5 46 4D ED  66 23 F1 71 DE FF 51 48
Public keys via `finger jpp@markv.com', or via email to pgp-public-keys@io.com
Your feedback is welcome directly or via my symbol JPP on hex@sea.east.sun.com

Resist the Clipper Chip, write "I oppose Clipper" to Clipper.petition@cpsr.org