carrick, Blowfish & the NSA
Perry E. Metzger
perry at piermont.com
Sun Apr 14 09:44:13 PDT 1996
SINCLAIR DOUGLAS N writes:
> > Jerry Whiting writes:
> > > One reason we chose to use Blowfish as the basis for carrick is that
> > > it _is_ a new algorithm. One has to assume that the NSA et al. has
> > > tools optimized to crack DES and possibly IDEA/RSA. At least let's
> > > give them something else to sweat over.
> >
> > They won't sweat over it long. Blowfish was broken.
>
> Yikes! Are you sure?
At least partially broken, yes. I've forgotten the details. I believe
they were discussed at Eurocrypt. It may be that with the full number
of rounds that no one yet has a cryptanalysis but I don't recall and
it doesn't particularly matter from my perspective.
> This is the first I've heard of it. This would mean
> that PGPPhone is not secure.
I was unaware that PGPPhone used Blowfish, but if it does that was a
stupid idea in the first place.
Perry
More information about the cypherpunks-legacy
mailing list