Re: IPG cracked with known plaintext
At 05:32 PM 3/19/96 GMT, ECafe Anonymous Remailer wrote:
This information is preliminary and is based on an attempt to understand the IPG algorithm information. That description is not clear in some areas, however, hence this analysis is tentative at this time.
First let us describe the IPG system in more conventional C:
a[0] to a[63] are initialized to random 8-bit values. (The description is unclear and almost makes it sound like they are initialized to a random 8-bit value anded with 0x3500, which would of course be zero. The attack below will assume that this bizarre step is not done, but will still apply even if it is.)
I think they mean ADD not AND but it's still an odd thing to do IMHO.
So this algorithm is easily broken with known plaintext.
Agreed. Given that most PC apps generate known headers on files and that only a smallish plaintext is needed it's looks rather weak. John Pettitt, jpp@software.net VP Engineering, CyberSource Corporation, 415 473 3065 "Technology is a way of organizing the universe so that man doesn't have to experience it." - Max Frisch PGP Key available at: http://www-swiss.ai.mit.edu/htbin/pks-extract-key.pl?op=get&search=0xB7AA3705
John Pettitt wrote:
a[0] to a[63] are initialized to random 8-bit values. (The description is unclear and almost makes it sound like they are initialized to a random 8-bit value anded with 0x3500, which would of course be zero. The attack below will assume that this bizarre step is not done, but will still apply even if it is.)
I think they mean ADD not AND but it's still an odd thing to do IMHO.
Well, in the description it clearly says AND in two separate places, and the surrounding verbage makes it seem like he really meant AND. ______c_____________________________________________________________________ Mike M Nally * Tiv^H^H^H IBM * Austin TX * pain is inevitable m5@tivoli.com * m101@io.com * <URL:http://www.io.com/~m101> * suffering is optional
participants (2)
-
John Pettitt -
Mike McNally