FYI: AES patch
Gregor Longariva
longariva@softbaer.de
Fri, 13 Oct 2000 13:25:33 +0200
On Thu, Oct 12, 2000 at 07:42:40PM +0200, Johan Wevers wrote:
> Vergonet, Henk wrote:
>
> > But I agree with Werner:
> > It's likely the NSA have already found a backdoor in the
> > algorithm, this is probably why the NIST has selected it ;).
>
> When did Werner say this?
I can not imagine Werner did really said this ;-) Werner, am I wrong?
> BTW, not that I trust the NSA, but doesn't selecting a weak cipher also give
> certauin risks to themselves when someone else can also bvreak it? And
> didn't they actually make the original IBM DES design stronger by optimizing
> it against differential cryptanalyses in a time when this technique wasn't
> known in the civilian crypto world?
In fact nobody knows if they really did. IBM proposed DES to NBS/NIST for
the requested Public Cipher Algorithm. NSA (at that time the Agency did not
publicly admit their own existence) checked the algorithm and changed the
S-Boxes. This was the only thing done by NSA (officially to assure IBM did
not put any trapdoor in DES - some people pointed to this as evidence NSA
put themselve a trapdoor in DES. But no cryptoanalysis did ever prove this
theory). Tuchman and Meyer, two of the cryptographers at IBM who designed
DES, said NSA did not alter the design: "NSA did not dictate a single wire"
--
Gruesse
Gregor
-+-+-+-
All true wisdom is found on T-shirts.
--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org