For brute force key search, the initial permution can effectively be factored out, and neither speeds nor impedes the search. This was done by all of the keysearch apps used in the RSA Symmetric DES Challenges. I (this was before I worked for RSA) also described an extremely fast method to generate and iterate key schedules which was also widely used, reducing key schedule management from 90% of cpu to less than 10%. Peter Trei
---------- From: Kevin Elliott[SMTP:k-elliott@wiu.edu]
At 17:30 -0400 9/6/00, juzam wrote:
according to applied cryptography, these permutaions do not effect the security of the algorithm, but i'm not sure about the purpose.
As I recall the basic purpose was to make it slow in software meaning that software cracking apps were/are at a severe disadvantage vs. hardware implementations. It would be interesting to see how much longer that extended DES's effective lifetime. I would consider the initial permutations to be in the same category as Blowfish's (and derivative algorithm's) time consuming key expansion phase- a neat "trick" that does not improve theoretical security but significantly increases the difficulty of real world attacks. --
Kevin "The Cubbie" Elliott
At 10:13 -0400 9/7/00, Trei, Peter wrote:
For brute force key search, the initial permution can effectively be factored out, and neither speeds nor impedes the search. This was done by all of the keysearch apps used in the RSA Symmetric DES Challenges.
Do you have a link and/or expanded information on the specifics?
I (this was before I worked for RSA) also described an extremely fast method to generate and iterate key schedules which was also widely used, reducing key schedule management from 90% of cpu to less than 10%.
Does this method work for apps that are generating and testing lots of keys or does the initial key generation step still have to be undertaken? The whole point of the blowfish technique was to increase the attackers required effort. It was basicly assumed that valid users would simply store the expanded key. Is their a link somewhere to more information on this technique or could you expand on it? -- Kevin "The Cubbie" Elliott <mailto:kelliott@mac.com> ICQ#23758827 _______________________________________________________________________________ "As nightfall does not come at once, neither does oppression. In both instances, there is a twilight when everything remains seemingly unchanged. And it is in such twilight that we all must be most aware of change in the air--however slight--lest we become unwitting victims of the darkness." -- Justice William O. Douglas
At 08:02 PM 9/7/00 -0400, Kevin Elliott wrote:
Does this method work for apps that are generating and testing lots of keys or does the initial key generation step still have to be undertaken? The whole point of the blowfish technique was to increase the attackers required effort. It was basicly assumed that valid users would simply store the expanded key. Is their a link somewhere to more information on this technique or could you expand on it? --
Kevin if you haven't, read the DES Crack book, its online too.
participants (3)
-
David Honig -
Kevin Elliott -
Trei, Peter