Re: [TLS] Proposed text for IDEA/DES document

To: <Pasi.Eronen at nokia.com>
Subject: Re: [TLS] Proposed text for IDEA/DES document
From: Simon Josefsson <simon at josefsson.org>
Date: Tue, 05 Feb 2008 23:19:32 +0100
Cc: tls at ietf.org
Delivered-to: ietfarch-tls-web-archive at core3.amsl.com
Delivered-to: tls at core3.amsl.com
In-reply-to: <B356D8F434D20B40A8CEDAEC305A1F240536CDD3 at esebe105.NOE.Nokia.com> (Pasi Eronen's message of "Tue, 5 Feb 2008 17:20:03 +0200")
List-archive: <http://www.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <http://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <http://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
Openpgp: id=B565716F; url=http://josefsson.org/key.txt
References: <B356D8F434D20B40A8CEDAEC305A1F240536CDD3 at esebe105.NOE.Nokia.com>
Sender: tls-bounces at ietf.org
User-agent: Gnus/5.110007 (No Gnus v0.7) Emacs/22.1 (gnu/linux)

<Pasi.Eronen at nokia.com> writes:

> For single-DES, it's easy to explain why using it isn't a good 
> idea; for IDEA, I'd like to see some better text than mine...
> Does anyone know about e.g. cryptographic results for IDEA
> (like attacks more efficient than exhaustive key search)?

I believe weak keys is a sign of historical cipher designs, and both DES
and IDEA have weak keys.  A reference for IDEA is:

http://citeseer.ist.psu.edu/daemen93weak.html

I think there are even better results than that paper, but that was one
of the earliest.

One can debate how problematic weak keys are, but I haven't seen anyone
arguing that existence of weak keys improve the security or confidence
in a cipher.

/Simon
_______________________________________________
TLS mailing list
TLS at ietf.org
http://www.ietf.org/mailman/listinfo/tls

Prev by Date: [TLS] MAC verification
Next by Date: Re: [TLS] Proposed text for IDEA/DES document
Previous by thread: [TLS] MAC verification
Next by thread: Re: [TLS] Proposed text for IDEA/DES document
Index(es):
- Date
- Thread

Re: [TLS] Proposed text for IDEA/DES document

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.