From: “David A. Wagner” <dawagner@phoenix.Princeton.EDU>
To: Ted_Anderson@transarc.com
Message Hash: 91ab1919dd16c1589ea7130690ef91d2ab2537a0f51e3ef6fe69195286539b91
Message ID: <9509012308.AA17004@tucson.Princeton.EDU>
Reply To: <skEmR=X0BwwMM0o3Im@transarc.com>
UTC Datetime: 1995-09-01 23:10:20 UTC
Raw Date: Fri, 1 Sep 95 16:10:20 PDT
From: "David A. Wagner" <dawagner@phoenix.Princeton.EDU>
Date: Fri, 1 Sep 95 16:10:20 PDT
To: Ted_Anderson@transarc.com
Subject: Re: Cryptanalysis of S-1
In-Reply-To: <skEmR=X0BwwMM0o3Im@transarc.com>
Message-ID: <9509012308.AA17004@tucson.Princeton.EDU>
MIME-Version: 1.0
Content-Type: text/plain
Ted_Anderson@transarc.com writes:
> Further we have a concrete design principle: the per-round sub-keys
> should not repeat.
Right. In fact, this design principle has been known for a long time:
the earliest reference I know of is
@inproceedings{subkeys-important,
author = {Edna K. Grossman and Bryant Tuckerman},
title = {Analysis of a Weakened {Feistel}-like Cipher},
booktitle = {1978 International Conference on Communications},
pages = {46.3.1--46.3.5},
publisher = {Alger Press Limited},
year = {1978},
annote = {Feistel ciphers with identical subkeys in each round
are very weak}
}
-------------------------------------------------------------------------------
David Wagner dawagner@princeton.edu
Return to September 1995
Return to “Ted_Anderson@transarc.com”