|
To: |
cipe-l,AT,inka,DOT,de |
|
Subject: |
Re: Relevant information |
|
From: |
hans steegers <steegers,AT,steegers,DOT,nl> |
|
Date: |
Tue, 30 Sep 2003 19:51:17 +0200 |
|
In-reply-to: |
<3F79BA93.4020009@hp.com> |
|
Organization: |
steegers |
|
References: |
<000e01c3860a$6d169fa0$d620a8c0@pcw_hans.hnsasd.priv> <3F79BA93.4020009@hp.com> |
Op dinsdag 30 september 2003 19:17, schreef u:
> Hans Steegers wrote:
> >[11] Note that SHA comes from the National S{neek|noop|pook|ecurity}
> > Agency. The NSA fooled the public once: DES coded messages could easily
> > be decoded by the NSA for 20 (!!!) years before the (so called expert)
> > cryptographers discovered differential crypto-analysis and found this
> > weakness.
>
> Rewriting history Hans? What was surprising in the discovery of
> differential crypt-analysis wasn't how weak DES was, but how strong the
> addition of S-Boxes made it to this new form of attack. Biham and
> Shamir's work probably exposes the limits of what the NSA knew in the
> '70s, but trying to describe NSA's attempt to strengthen DES against
> differential cryptanalysis as a fatal weakness inserted by NSA is just
> bizarre. DES remains significantly stronger than it would have been
> without the addition of S-Boxes to IBM's original proposal, and Biham
> and Shamir's paper proves that the arrangement of the S-Boxes is
> significantly better than a random placement would have afforded. At a
> difficulty of 2**37, the S-Boxes are sub-optimal, but with a typical
> random arrangement strength of 2**18 to 2**20, it is clear that DES was
> strengthened, not weakened by the involvement of the NSA.
It is a correctly translated and compacted summary (except for NSA abbrev) of
an alinea in a dutch artlcle I found when looking for information on SHA.
I couldn't resist to include it. Where did you read "...fatal weakness
inserted by NSA..."? Furher discussion is IMHO off-topic for this list.
Thank you for your additions and have a nice day!
--
_____________________________________________
Hans Steegers