Repost in text: IDEA(tm) weakness
Greg Rose
ggr at qualcomm.com
Sat Sep 19 07:16:49 PDT 1998
I think this is wrong. It claims that the problem
in IDEA comes from the bias of the multiplication
operation... but the multiply in IDEA is over the
integers modulo 65537, with the 0 value
representing 65536, not 0... this is in fact an
unbiased operation. However I have not attempted
to verify the rest of the logic.
Anonymous writes:
> Is IDEA secure ?
>
> The IDEA algorithm (patented by ASCOM) is the core algorithmm used
> in PGP. It is based on a rotating 128 bit key split into 16 bit
> segments. The algorthm converts 64 bits of data at a time using the
> following operations '+', '^' (exclusive-or) and '*'.
>
> The formulas are :
>
>[...]
>
> Given a large random data message (ie 1000 samples - 64*1000 = 8Kb
> file). The distribution of the above operations can be used to
> break the key. ie both the '+' and the '^' operations give an even
> distribution but the '*' operator gives a biased distribution
> towards '0'.
Greg Rose INTERNET: ggr at qualcomm.com
QUALCOMM Australia VOICE: +61-2-9181 4851 FAX: +61-2-9181 5470
Suite 410, Birkenhead Point http://people.qualcomm.com/ggr/
Drummoyne NSW 2047 B5 DF 66 95 89 68 1F C8 EF 29 FA 27 F2 2A 94 8F
More information about the cypherpunks-legacy
mailing list