1996-04-14 - Re: carrick, Blowfish & the NSA

Header Data

From: “Perry E. Metzger” <perry@piermont.com>
To: SINCLAIR DOUGLAS N <sinclai@ecf.toronto.edu>
Message Hash: a500cebc7c63efd0b8282cbcc1b30d233435888b2be485a30258105684a21712
Message ID: <199604141422.KAA05302@jekyll.piermont.com>
Reply To: <96Apr14.100201edt.1826@cannon.ecf.toronto.edu>
UTC Datetime: 1996-04-14 16:44:13 UTC
Raw Date: Mon, 15 Apr 1996 00:44:13 +0800

Raw message

From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 15 Apr 1996 00:44:13 +0800
To: SINCLAIR DOUGLAS N <sinclai@ecf.toronto.edu>
Subject: Re: carrick, Blowfish & the NSA
In-Reply-To: <96Apr14.100201edt.1826@cannon.ecf.toronto.edu>
Message-ID: <199604141422.KAA05302@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



SINCLAIR DOUGLAS N writes:
> > Jerry Whiting writes:
> > > One reason we chose to use Blowfish as the basis for carrick is that
> > > it _is_ a new algorithm.  One has to assume that the NSA et al. has
> > > tools optimized to crack DES and possibly IDEA/RSA.  At least let's
> > > give them something else to sweat over.
> > 
> > They won't sweat over it long. Blowfish was broken.
> 
> Yikes!  Are you sure?

At least partially broken, yes. I've forgotten the details. I believe
they were discussed at Eurocrypt. It may be that with the full number
of rounds that no one yet has a cryptanalysis but I don't recall and
it doesn't particularly matter from my perspective.

> This is the first I've heard of it.  This would mean
> that PGPPhone is not secure.

I was unaware that PGPPhone used Blowfish, but if it does that was a
stupid idea in the first place.

Perry

Thread

• Return to April 1996

• Return to “Dave Del Torto <ddt@lsd.com>”
• Return to “Jerry Whiting <jwhiting@igc.apc.org>”
• Return to “K00l Secrets <secret@secret.alias.net>”
• Return to ““Mark M.” <markm@voicenet.com>”
• Return to ““Perry E. Metzger” <perry@piermont.com>”
• Return to “s1113645@tesla.cc.uottawa.ca”
• Return to “SINCLAIR DOUGLAS N <sinclai@ecf.toronto.edu>”

• Return to “Wei Dai <weidai@eskimo.com>”

• 1996-04-14 (Sun, 14 Apr 1996 15:33:58 +0800) - carrick, Blowfish & the NSA - Jerry Whiting <jwhiting@igc.apc.org>
  • 1996-04-14 (Sun, 14 Apr 1996 20:23:19 +0800) - Re: carrick, Blowfish & the NSA - “Perry E. Metzger” <perry@piermont.com>
    • 1996-04-14 (Mon, 15 Apr 1996 00:21:22 +0800) - Re: carrick, Blowfish & the NSA - SINCLAIR DOUGLAS N <sinclai@ecf.toronto.edu>
      • 1996-04-14 (Mon, 15 Apr 1996 00:44:13 +0800) - Re: carrick, Blowfish & the NSA - “Perry E. Metzger” <perry@piermont.com>
        • 1996-04-14 (Mon, 15 Apr 1996 04:34:45 +0800) - Re: carrick, Blowfish & the NSA - “Mark M.” <markm@voicenet.com>
          • 1996-04-14 (Mon, 15 Apr 1996 07:00:23 +0800) - Re: carrick, Blowfish & the NSA - “Perry E. Metzger” <perry@piermont.com>
        • 1996-04-15 (Mon, 15 Apr 1996 10:02:13 +0800) - Re: carrick, Blowfish & the NSA - Wei Dai <weidai@eskimo.com>
          • 1996-04-15 (Mon, 15 Apr 1996 10:57:20 +0800) - Re: carrick, Blowfish & the NSA - “Perry E. Metzger” <perry@piermont.com>
        • 1996-04-16 (Tue, 16 Apr 1996 14:59:27 +0800) - Re: carrick, Blowfish & the NSA - K00l Secrets <secret@secret.alias.net>
      • 1996-04-14 (Mon, 15 Apr 1996 04:58:50 +0800) - Re: carrick, Blowfish & the NSA - s1113645@tesla.cc.uottawa.ca
        • 1996-04-14 (Mon, 15 Apr 1996 06:52:32 +0800) - Re: carrick, Blowfish & the NSA - “Perry E. Metzger” <perry@piermont.com>
      • 1996-04-16 (Tue, 16 Apr 1996 23:53:20 +0800) - Re: carrick, Blowfish & the NSA - Dave Del Torto <ddt@lsd.com>
    • 1996-04-14 (Mon, 15 Apr 1996 05:05:27 +0800) - Re: carrick, Blowfish & the NSA - s1113645@tesla.cc.uottawa.ca
  • 1996-04-15 (Mon, 15 Apr 1996 09:14:21 +0800) - Re: carrick, Blowfish & the NSA - Wei Dai <weidai@eskimo.com>