At 10:32 PM 6/15/94 -0400, Rick Busdiecker wrote:

Date: Wed, 15 Jun 1994 17:32:24 -0700 From: Ben.Goren@asu.edu

Are there any implementations of DES-variants that use variable S-boxes?

Well, if you don't use the DES S-boxes then it isn't DES :-)

Well...yeah....

Variable boxes tend to weaken DES. The DES S-boxes were chosen to make differential cryptanalysis difficult. Random S-boxes don't tend to have this desirable property.

Perhaps I should clarify: not DES with randomly-chosen fixed S-boxes; I'm well aware that those that DES uses are the best for differential cryptanalysis. However, as Bruce Schneier points out (p. 242), *variable* S-boxes make differential cryptanalysis impossilbe, as such an adaptive plaintext attack relies on knowledge of the composition of the S-boxes. If the boxes and their contents change with both keys used and plaintext--probably with the help of a strong RNG--then the only way such an attack could work would be by first figuring out what causes the changes in the S-boxes; in that case, the attack is probably already finished, by other means. Perhaps, even, the S-boxes could change with so many chunks of text--again, variable, of course. Most, if not all, of the actual S-box designs used would be much weaker than the original design of DES for differential cryptanalysis. However, each different plaintext (and key) would use different s-boxes, so that particular attack isn't possible. So, I guess part of my question should be, does this open up other attacks? Or, for that matter, am I completely wrong? And, like I said before, has this been done?

Use IDEA.

Certainly, until there's something better. I'm just hoping this might be, or that I can learn more along the way.

Rick

And thanks to Bill and Lyman, who also responded similarly. b& PS Hopefully, I'll learn to check the Cc: line more carefully in the future. Apologies again for the noise. b& -- Ben.Goren@asu.edu, Arizona State University School of Music net.proselytizing (write for info): Protect your privacy; oppose Clipper. Voice concern over proposed Internet pricing schemes. Stamp out spamming. Finger ben@tux.music.asu.edu for PGP 2.3a public key.