On Sun, 14 Apr 1996, SINCLAIR DOUGLAS N wrote:
They won't sweat over it long. Blowfish was broken.
Yikes! Are you sure? This is the first I've heard of it. This would mean that PGPPhone is not secure.
If it's the one that's in applied crypto 2 (p.339) and ddj, then it's only a partial crack on a low number of rounds (according to AC2). Schneier still thought it was secure at the time of the publishing of AC2, but then he may be biased. (and since this is crypto why not be paranoid, eh?) ú Besides, doesn't PGPfone give you a choice of algorithms? (including IDEA?) I haven't gotten it yet, no sound card. Perry, you've mentioned this before, was this the same crack that's in the book or something newer? (paper references?) (I just caught your reply to Sinclair after writing this. In any case Schneier lists the diff. cryptanalysis of blowfish paper as unpublished.)