1994-05-27 - Re: dispersed DES

Header Data

From: Rolf Michelsen <Rolf.Michelsen@delab.sintef.no>
To: Matt Blaze <mab@crypto.com>
Message Hash: 4c6e5bae4c4d0f76e45139b469898b336273333d3751a11e650c7388ee9daf53
Message ID: <Pine.3.88.9405270838.B23228-0100000@svme.er.sintef.no>
Reply To: <9405261559.AA25189@crypto.com>
UTC Datetime: 1994-05-27 06:53:56 UTC
Raw Date: Thu, 26 May 94 23:53:56 PDT

Raw message

From: Rolf Michelsen <Rolf.Michelsen@delab.sintef.no>
Date: Thu, 26 May 94 23:53:56 PDT
To: Matt Blaze <mab@crypto.com>
Subject: Re: dispersed DES
In-Reply-To: <9405261559.AA25189@crypto.com>
Message-ID: <Pine.3.88.9405270838.B23228-0100000@svme.er.sintef.no>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 26 May 1994, Matt Blaze wrote:

> Assuming the 4 bytes really are unpredictable, and assuming you deal with
> both "ends" of the stream, there doesn't seem to be an *obvious* attack
> that allows independent search for each of the 2 or 3 des keys.  There
> was a paper in Eurocrypt this year (that I haven't seen yet) that
> discusses some not-so-obvious properties of multi-cipher modes that may
> reveal another attack, however.

This was probably Eli Biham's talk during the rump session titled 
"Cryptanalysis of multiple modes of operation".  His conclusions were 
basically that you should use the "traditional" triple DES -- other 
variants had a nasty habit of being *very* vulnerable to diff cryptanalysis.

-- Rolf



----------------------------------------------------------------------
Rolf Michelsen                           "Standards are wonderful --     
Email: rolf.michelsen@delab.sintef.no      everyone should have one"
Phone: +47 73 59 87 33                       -- Ancient FORTH proverb
----------------------------------------------------------------------






Thread