Re: On the Construction of Pseudo-OTP

New Message Reply About this list Date view Thread view Subject view Author view

Marcus Watts (mdw@umich.edu)
Mon, 11 Jan 1999 03:49:02 -0500


> Mok-Kong Shen writes:
... >So I suppose a good guiding principle
> counteracting the Wassenaar agreement is to develop easily implementable
> (which presupposes easy understandability) algorithms that (either
> singly or in combination) are sufficiently strong, despite the
> fact that they don't exceed the 56-bit bound.

No such animal.

56 bits defines the upper bound on the complexity of breaking
an algorithm. EFF's DES cracking machine shows that this level
of complexity, with today's technology, is vulnerable to a brute
force attack, and that this attack is extremely cost effective.
There is no general purpose way to get around this. Making the key
setup time much more expensive means such algorithsm aren't useful for
appliations where it is important to change keys frequently (such as
high volume credit card transactions, web servers, RPC mechanisms, etc.)
Making encryption or decryption more expensive has an even more obvious
impact on useability. Making some internal structure (such as the S
table) secret (as was done for some older variants of CAST) is more
or less equivalent to merely adding extra key bits. Whitening, or
more generally cascading algorithms, is as you noted also equivalent
to adding key bits.

Besides, pardon my ego-centricism, but I think most of the interesting
internet traffic that needs protection goes through those 33 countries.

                                        -Marcus Watts
                                        UM ITD PD&D Umich Systems


New Message Reply About this list Date view Thread view Subject view Author view

 
All trademarks and copyrights are the property of their respective owners.

Other Directory Sites: SeekWonder | Directory Owners Forum

The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:18:02