Phil Karn wrote:
That sounds like my code.
Yup. :)
That feature seemed like a good thing to do at the time. Then I learned about differential cryptanalysis.
Seven years is a virtual eternity in cyberspace.
No, you cannot strengthen DES in this way, and in fact you could actually weaken it unless you are sure to use 128 completely random bytes for your key.
Okay... It would prevent brute-force attacks though, wouldn't it? It may not prevent differential cryptanalysis, but it would be difficult to obtain the large amount of data required for differential cryptanalysis from just a few encrypted email addresses. Random numbers aren't really a problem; I have a RNG running here, continuously generating random numbers from system usage statistics and incoming email. P.S. What's KA9Q?