CDR: Re: Permutations in DES
Trei, Peter
ptrei at rsasecurity.com
Thu Sep 7 07:13:33 PDT 2000
For brute force key search, the initial permution can effectively be
factored out, and neither speeds nor impedes the search. This was
done by all of the keysearch apps used in the RSA Symmetric DES
Challenges.
I (this was before I worked for RSA) also described an extremely
fast
method to generate and iterate key schedules which was also widely
used, reducing key schedule management from 90% of cpu to less
than 10%.
Peter Trei
> ----------
> From: Kevin Elliott[SMTP:k-elliott at wiu.edu]
>
> At 17:30 -0400 9/6/00, juzam wrote:
> >according to applied cryptography, these permutaions do not effect the
> >security of the algorithm, but i'm not sure about the purpose.
>
> As I recall the basic purpose was to make it slow in software meaning
> that software cracking apps were/are at a severe disadvantage vs.
> hardware implementations. It would be interesting to see how much
> longer that extended DES's effective lifetime. I would consider the
> initial permutations to be in the same category as Blowfish's (and
> derivative algorithm's) time consuming key expansion phase- a neat
> "trick" that does not improve theoretical security but significantly
> increases the difficulty of real world attacks.
> --
>
> Kevin "The Cubbie" Elliott
>
More information about the cypherpunks-legacy
mailing list