From: Jerry Whiting <jwhiting@igc.apc.org>
To: cypherpunks@toad.com
Message Hash: a921651ac701686444b944c0ef461b8ac12d40cd0c78f6db8ad65f9cd27022ed
Message ID: <199604141628.JAA17215@igc2.igc.apc.org>
Reply To: N/A
UTC Datetime: 1996-04-14 19:12:07 UTC
Raw Date: Mon, 15 Apr 1996 03:12:07 +0800
From: Jerry Whiting <jwhiting@igc.apc.org>
Date: Mon, 15 Apr 1996 03:12:07 +0800
To: cypherpunks@toad.com
Subject: Blowfish ain't broken
Message-ID: <199604141628.JAA17215@igc2.igc.apc.org>
MIME-Version: 1.0
Content-Type: text/plain
> Jerry Whiting writes:
> > One reason we chose to use Blowfish as the basis for carrick is that
> > it _is_ a new algorithm. One has to assume that the NSA et al. has
> > tools optimized to crack DES and possibly IDEA/RSA. At least let's
> > give them something else to sweat over.
>
> Perry writes:
> They won't sweat over it long. Blowfish was broken.
My understanding is that Blowfish using only 3 rounds, not the full 16, has been
broken. And yes, duplicate entries in an S-box are weak keys.
carrick uses the full 16 rounds and we check for weak keys.
I'll sleep at night.
Jerry Whiting
Return to April 1996
Return to “Jerry Whiting <jwhiting@igc.apc.org>”
1996-04-14 (Mon, 15 Apr 1996 03:12:07 +0800) - Blowfish ain’t broken - Jerry Whiting <jwhiting@igc.apc.org>