[10696] in cryptography@c2.net mail archive
Re: your mail
daemon@ATHENA.MIT.EDU (Bram Cohen)
Mon Apr 15 13:56:51 2002
Date: Mon, 15 Apr 2002 10:08:28 -0700 (PDT)
From: Bram Cohen <bram@gawth.com>
To: =?iso-8859-2?Q?Pawe=B3?= Krawczyk <kravietz@ceti.pl>
Cc: cryptography@wasabisystems.com, cypherpunks@lne.com
In-Reply-To: <20020415145034.GN17897@aba.krakow.pl>
Message-ID: <Pine.LNX.4.21.0204151006060.26711-100000@ultra.gawth.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=X-UNKNOWN
Content-Transfer-Encoding: QUOTED-PRINTABLE
Pawe=B3 Krawczyk wrote:
> In this paper we study the security of such ciphers under an
> additional hypothesis: the S-box can be described by an overdefined
> system of algebraic equations (true with probability 1). We show that
> this hypothesis is true for both Serpent (due to a small size of
> S-boxes) and Rijndael (due to unexpected algebraic properties).
They claim an attack on 256-bit Rijndael and 192 and 256 bit Serpent. This
is a bit ironic, since Serpent's big claim previously was that it
exchanged some performance loss for better security, which turns out not
to be the case.
-Bram Cohen
"Markets can remain irrational longer than you can remain solvent"
-- John Maynard Keynes
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
