1995-08-11 - Re: More “S-1” foolishness

Header Data

From: Jim Gillogly <jim@acm.org>
To: cypherpunks@toad.com
Message Hash: 3ae3ef3d57e7e6fbd0e9450516548ef64974928842dc968bc355a1746b31dbff
Message ID: <199508110914.CAA11614@mycroft.rand.org>
Reply To: <199508110353.UAA04743@jobe.shell.portal.com>
UTC Datetime: 1995-08-11 09:14:55 UTC
Raw Date: Fri, 11 Aug 95 02:14:55 PDT

Raw message

From: Jim Gillogly <jim@acm.org>
Date: Fri, 11 Aug 95 02:14:55 PDT
To: cypherpunks@toad.com
Subject: Re: More "S-1" foolishness
In-Reply-To: <199508110353.UAA04743@jobe.shell.portal.com>
Message-ID: <199508110914.CAA11614@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



> Hal <hfinney@shell.portal.com> writes:
> It is possible I suppose that the F and G boxes are not the ones used
> in the "real" version of whatever cipher this is, so this apparent
> weakness and the ones which Matt has pointed out may not be that
> significant.

To the extent that one can believe the comments, it's more than "possible":
they say that the F and G boxes differ in the S-2 version.  One reason for
doing it this way might be to isolate the sensitive actual values from
people doing analysis or development at a grosser level.  That doesn't
explain the [r] bug you spotted, of course.

	Jim Gillogly
	Sterday, 19 Wedmath S.R. 1995, 09:12





Thread