From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 9 Apr 1996 14:25:46 +0800
To: nyap@mailhub.garban.com (Noel Yap)
Subject: Re: RC4 improvement idea
In-Reply-To: <9604082133.AA15440@mailhub.garban.com>
Message-ID: <199604090017.UAA28573@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Noel Yap writes:
> The S-Boxes in DES were optimized to hinder Differential
> Cryptanalysis.  I've seen no studies on the effectiveness of
> jumbling the S-Boxes during encryption -- even Biham and Shamir's
> book doesn't mention it -- but, I figure, if it helps, DES would
> probably already be doing it (unless of course the NSA thought the
> jumbling would make too good an algorithm).

Your conclusion may be correct, but your reasoning is faulty. DES was
built to be run in hardware, which doesn't make S-Box jumbling easy;
it was in fact built to be run on the hardware of twenty years ago,
which was far more constrained than our hardware is now.

Perry