From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Mon, 19 Feb 1996 00:47:56 +0800
To: frankw@in.net (Frank Willoughby)
Subject: Re: DES_ono
In-Reply-To: <9602180502.AA03842@su1.in.net>
Message-ID: <199602181633.LAA09963@homeport.org>
MIME-Version: 1.0
Content-Type: text


Frank Willoughby wrote:
| Specifically, the rumors mentioned that there were some questions about the 
| design of the S-boxes and the possibility that there was a trap door which 
| would permit the NSA or other gov't agency to quickly obtain the cleartext.

	This seems not to be true.  The design of the S boxes seems to
be to foil differential cryptanalysis, where pairs of similar texts
are encrypted to find information about the key.

| Another rumour was that the French & Israeli intelligence agencies downgraded
| the classification of DES to one of the lowest strengths of encryption
| algorithms.

	I wouldn't be suprised; major intelligence agencies are likely
to have DES cracking custom hardware.

| I have been wondering about these issues off & on for a while & have tried to 
| do some research on them, but have come up with nothing which would amount to 
See Schneier's Applied Cryptography, 2nd ed.

| Assuming the rumours of the weakness of DES are true, which symmetric
| encryption algorithms would you recommend which are substantially more
| secure than DES (and which are obtainable from Internet or commercial
| sources)?  (It doesn't haver to be exportable).

	I'd use IDEA or 3DES.  Again, see Schneier.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume