17 Dec
2003
17 Dec
'03
11:17 p.m.
The other thing I noticed that really makes me question this is that G1 only uses 4 of its 8 input bits. As I wrote, it is equivalent to parity(i&0x17). A bit is a terrible thing to waste, and it is hard to imagine why it would do this intentionally. G1 may not be that important an element of the cipher but why throw away four bits? It is possible I suppose that the F and G boxes are not the ones used in the "real" version of whatever cipher this is, so this apparent weakness and the ones which Matt has pointed out may not be that significant. Hal