IPG cracked with known plaintext

John Pettitt jpp at software.net
Wed Mar 20 12:44:42 PST 1996


At 05:32 PM 3/19/96 GMT, ECafe Anonymous Remailer wrote:
>This information is preliminary and is based on an attempt to
>understand the IPG algorithm information.  That description is not
>clear in some areas, however, hence this analysis is tentative at this
>time.
>
>First let us describe the IPG system in more conventional C:
>
>a[0] to a[63] are initialized to random 8-bit values.  (The
>description is unclear and almost makes it sound like they are
>initialized to a random 8-bit value anded with 0x3500, which would of
>course be zero.  The attack below will assume that this bizarre step
>is not done, but will still apply even if it is.)
>

I think they mean ADD not AND but it's still an odd thing to do IMHO.


>So this algorithm is easily broken with known plaintext.
>
>
Agreed.   Given that most PC apps generate known headers on files
and that only a smallish plaintext is needed it's looks rather weak.

John Pettitt, jpp at software.net
VP Engineering, CyberSource Corporation, 415 473 3065
 "Technology is a way of organizing the universe so that man
  doesn't have to experience it." - Max Frisch

PGP Key available at:
http://www-swiss.ai.mit.edu/htbin/pks-extract-key.pl?op=get&search=0xB7AA3705







More information about the cypherpunks-legacy mailing list