1996-04-14 - Blowfish ain’t broken

Header Data

From: Jerry Whiting <jwhiting@igc.apc.org>
To: cypherpunks@toad.com
Message Hash: a921651ac701686444b944c0ef461b8ac12d40cd0c78f6db8ad65f9cd27022ed
Message ID: <199604141628.JAA17215@igc2.igc.apc.org>
Reply To: N/A
UTC Datetime: 1996-04-14 19:12:07 UTC
Raw Date: Mon, 15 Apr 1996 03:12:07 +0800

Raw message

From: Jerry Whiting <jwhiting@igc.apc.org>
Date: Mon, 15 Apr 1996 03:12:07 +0800
To: cypherpunks@toad.com
Subject: Blowfish ain't broken
Message-ID: <199604141628.JAA17215@igc2.igc.apc.org>
MIME-Version: 1.0
Content-Type: text/plain


> Jerry Whiting writes:
> > One reason we chose to use Blowfish as the basis for carrick is that
> > it _is_ a new algorithm.  One has to assume that the NSA et al. has
> > tools optimized to crack DES and possibly IDEA/RSA.  At least let's
> > give them something else to sweat over.
> 
> Perry writes:
> They won't sweat over it long. Blowfish was broken.

My understanding is that Blowfish using only 3 rounds, not the full 16, has been
broken.  And yes, duplicate entries in an S-box are weak keys.

carrick uses the full 16 rounds and we check for weak keys.

I'll sleep at night.


Jerry Whiting






Thread