Ted_Anderson@transarc.com writes:
Further we have a concrete design principle: the per-round sub-keys should not repeat.
Right. In fact, this design principle has been known for a long time: the earliest reference I know of is @inproceedings{subkeys-important, author = {Edna K. Grossman and Bryant Tuckerman}, title = {Analysis of a Weakened {Feistel}-like Cipher}, booktitle = {1978 International Conference on Communications}, pages = {46.3.1--46.3.5}, publisher = {Alger Press Limited}, year = {1978}, annote = {Feistel ciphers with identical subkeys in each round are very weak} } ------------------------------------------------------------------------------- David Wagner dawagner@princeton.edu