Re: 3-Way Described on web site
From: jsavard@ecn.ab.ca
Date: 03/10/03
- Next message: Duncan MacLean: "Re: SHA1 and entropy"
- Previous message: UBCHI2: "IDEA 128 versus AES 256"
- In reply to: Paul Rubin: "Re: 3-Way Described on web site"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: jsavard@ecn.ab.ca () Date: Mon, 10 Mar 2003 06:13:39 GMT
Paul Rubin (http://phr.cx@NOSPAM.invalid) wrote:
: I remember thinking 3-way was interesting because it can be
: implemented using very little memory. However, there are some other
: ciphers with similar low requirements and more traditional design, so
: it's not that big a deal.
Why I found 3-Way to be worthy of inclusion - in fact, long overdue for
inclusion - on my page is:
- its historical status as an ancestor of both SERPENT and Rijndael, and
- its ingenious approach to the issue of using the same code, or nearly
the same code, for both encryption and decryption
- its uniqueness as a cipher with a 96-bit block size
and so it wasn't necessary for me to view it as highly secure.
A slight modification of the round, from:
key addition
theta
pi-1
gamma
pi-2
to, say
key addition
S-box
key addition
pi-1
gamma
theta
gamma
pi-2
where an S-box with 8-bit inputs and outputs, designed so that it becomes
its own inverse when the bit order of inputs and outputs is reversed is
added would, of course, make the cipher slower and increase its memory
requirements, but it would eliminate the problem with the Courtois and
Pieprzyk attack.
John Savard
- Next message: Duncan MacLean: "Re: SHA1 and entropy"
- Previous message: UBCHI2: "IDEA 128 versus AES 256"
- In reply to: Paul Rubin: "Re: 3-Way Described on web site"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
