carrick, Blowfish & the NSA
s1113645 at tesla.cc.uottawa.ca
s1113645 at tesla.cc.uottawa.ca
Sun Apr 14 13:58:50 PDT 1996
On Sun, 14 Apr 1996, SINCLAIR DOUGLAS N wrote:
> > They won't sweat over it long. Blowfish was broken.
>
> Yikes! Are you sure? This is the first I've heard of it. This would mean
> that PGPPhone is not secure.
>
If it's the one that's in applied crypto 2 (p.339) and ddj, then it's only a
partial crack on a low number of rounds (according to AC2). Schneier still
thought it was secure at the time of the publishing of AC2, but then he
may be biased. (and since this is crypto why not be paranoid, eh?)
ú
Besides, doesn't PGPfone give you a choice of algorithms? (including IDEA?)
I haven't gotten it yet, no sound card.
Perry, you've mentioned this before, was this the same crack that's in
the book or something newer? (paper references?)
(I just caught your reply to Sinclair after writing this. In any case
Schneier lists the diff. cryptanalysis of blowfish paper as unpublished.)
More information about the cypherpunks-legacy
mailing list