1995-08-22 - Re: DES & RC4-48 Challenges

Header Data

From: solman@MIT.EDU
To: dan@milliways.org (Dan Bailey)
Message Hash: b5dabe5245278c3e93ff570f0caf66a27b8c4ba927fff25a4925bc0b53de17e7
Message ID: <9508220443.AA03977@ua.MIT.EDU>
Reply To: <199508220411.AA13217@ibm.net>
UTC Datetime: 1995-08-22 04:43:33 UTC
Raw Date: Mon, 21 Aug 95 21:43:33 PDT

Raw message

From: solman@MIT.EDU
Date: Mon, 21 Aug 95 21:43:33 PDT
To: dan@milliways.org (Dan Bailey)
Subject: Re: DES & RC4-48 Challenges
In-Reply-To: <199508220411.AA13217@ibm.net>
Message-ID: <9508220443.AA03977@ua.MIT.EDU>
MIME-Version: 1.0
Content-Type: text/plain


Dan wrote:

|Not having my copy of The Differential Cryptanalysis of the Data
|Encryption Standard handy, I'd like to know about the distributability
|of this type of DES attack.  Done right, we could significantly reduce
|the time complexity.
|	The main problem, of course, would be coordinating such an effort.  I
|seem to recall this attack requiring lots of known plaintexts.  Time
|to review the text, I suppose....
|	Does the Federal Reserve still use single-key DES?

The forms of differential cryptanalysis that I'm aware of require The
cracker to adaptively atack the encrypting or decrypting device. I
therefore do not believe that they are especially applicable to
financial transactions schemes, most of which change keys quite
frequently.

JWS





Thread