Alleged IDEA(tm) Weakness
Eric Cordian
emc at wire.insync.net
Sat Sep 19 19:37:42 PDT 1998
> I think this is wrong. It claims that the problem
> in IDEA comes from the bias of the multiplication
> operation... but the multiply in IDEA is over the
> integers modulo 65537, with the 0 value
> representing 65536, not 0... this is in fact an
> unbiased operation. However I have not attempted
> to verify the rest of the logic.
Correct, multiplication by a non-zero residue modulo 65537 is a
permutation of the non-zero residues. The central notion behind IDEA is
to use this operation, which can be expressed expeditiously in terms of
the unsigned 16x16->32 multiply, as a builtin wide S-Box. This is how
IDEA manages to do strong encryption using only a few ordinary arithmetic
and logical instructions with no necessity for table lookup.
I didn't bother to read the rest of the rant.
--
Sponsor the DES Analytic Crack Project
http://www.cyberspace.org/~enoch/crakfaq.html
More information about the cypherpunks-legacy
mailing list