More "S-1" foolishness
Jim Gillogly
jim at acm.org
Fri Aug 11 02:14:55 PDT 1995
> Hal <hfinney at shell.portal.com> writes:
> It is possible I suppose that the F and G boxes are not the ones used
> in the "real" version of whatever cipher this is, so this apparent
> weakness and the ones which Matt has pointed out may not be that
> significant.
To the extent that one can believe the comments, it's more than "possible":
they say that the F and G boxes differ in the S-2 version. One reason for
doing it this way might be to isolate the sensitive actual values from
people doing analysis or development at a grosser level. That doesn't
explain the [r] bug you spotted, of course.
Jim Gillogly
Sterday, 19 Wedmath S.R. 1995, 09:12
More information about the cypherpunks-legacy
mailing list