From: Greg Rose <ggr@qualcomm.com>
Date: Sat, 19 Sep 1998 22:16:49 +0800
To: coderpunks@toad.com
Subject: Re: Repost in text: IDEA(tm) weakness
In-Reply-To: <199809200116.DAA28107@replay.com>
Message-ID: <199809200308.NAA12805@avalon.qualcomm.com>
MIME-Version: 1.0
Content-Type: text/plain



I think this is wrong. It claims that the problem
in IDEA comes from the bias of the multiplication
operation... but the multiply in IDEA is over the
integers modulo 65537, with the 0 value
representing 65536, not 0...  this is in fact an
unbiased operation. However I have not attempted
to verify the rest of the logic.

Anonymous writes:
     
>   Is IDEA secure ?
>   
>     The IDEA algorithm (patented by ASCOM) is the core algorithmm used
>     in PGP. It is based on a rotating 128 bit key split into 16 bit
>     segments. The algorthm converts 64 bits of data at a time using the
>     following operations '+', '^' (exclusive-or) and '*'.
>     
>     The formulas are :
>     
>[...]
>     
>     Given a large random data message (ie 1000 samples - 64*1000 = 8Kb
>     file). The distribution of the above operations can be used to
>     break the key. ie both the '+' and the '^' operations give an even
>     distribution but the '*' operator gives a biased distribution
>     towards '0'.
     
Greg Rose                                     INTERNET: ggr@qualcomm.com
QUALCOMM Australia        VOICE:  +61-2-9181 4851   FAX: +61-2-9181 5470
Suite 410, Birkenhead Point              http://people.qualcomm.com/ggr/ 
Drummoyne NSW 2047      B5 DF 66 95 89 68 1F C8  EF 29 FA 27 F2 2A 94 8F