From: “Harvey Rook (Exchange)” <hrook@exchange.microsoft.com>
To: “‘Michael Motyka’” <cypherpunks@toad.com
Message Hash: af0d8009e3ac074ebc62c900252d047f16742e5de9428fe87e53b6eb8bd4c137
Message ID: <2FBF98FC7852CF11912A0000000000010D19AD2A@DINO>
Reply To: N/A
UTC Datetime: 1998-10-28 01:26:04 UTC
Raw Date: Wed, 28 Oct 1998 09:26:04 +0800
From: "Harvey Rook (Exchange)" <hrook@exchange.microsoft.com>
Date: Wed, 28 Oct 1998 09:26:04 +0800
To: "'Michael Motyka'" <cypherpunks@toad.com
Subject: RE: No Subject
Message-ID: <2FBF98FC7852CF11912A0000000000010D19AD2A@DINO>
MIME-Version: 1.0
Content-Type: text/plain
> More interesting, though, is this: why would a block cipher
> use key bits
> rather than an LFSR to do input or output whitening? Is it strictly a
> performance issue? Is it proven that doing this doesn't leak
> key bits in
> some way?
>
> Mike
>
In many newer block ciphers, the key schedule comes from a fairly good one
way hash of the key. Take a look at RC6, or TwoFish. Essentially this
accomplishes the same thing as using a good LSFR.
Harv.
Return to October 1998
Return to ““Harvey Rook (Exchange)” <hrook@exchange.microsoft.com>”
1998-10-28 (Wed, 28 Oct 1998 09:26:04 +0800) - RE: No Subject - “Harvey Rook (Exchange)” <hrook@exchange.microsoft.com>