[1162] in cryptography@c2.net mail archive
Re: Better DES challenge update
daemon@ATHENA.MIT.EDU (Steven Bellovin)
Thu Jul 3 09:56:56 1997
To: Bill Frantz <frantz@netcom.com>
cc: die@die.com, andreas@artcom.de (Andreas Bogk), eli@gs160.sp.cs.cmu.edu,
cryptography@c2.net, crisp@netcom.com
Date: Thu, 03 Jul 1997 07:14:26 -0400
From: Steven Bellovin <smb@research.att.com>
At 5:21 PM -0700 7/2/97, Steven Bellovin wrote:
>The former, by David Wagner and myself, describes a programmable plai
ntext
>recognizer designed to fit on-chip with a Wiener engine. The latter,
by
>me, analyzes IPSEC for probable plaintext. The hardware feature you
want
>for the latter is a "population count under mask" -- you XOR the targ
et
>word with the trial decryption, then count how many 0 bits are in sel
ected
>positions...
And now you know why machines designed by Cray have an instruction
which counts the number of 1 bits in a register (in one machine cycle).
Yup.
Many years ago, I took a course on computer architecture. Several
machines were described as being "code-breaking computers" for NSA.
I learned to recognize the characteristics, though at the time I didn't
understand why those characteristics were useful for that. It was only
when I started designing my own gadgets that comprehension came -- I
was reinventing all these mechanisms...
It would be interesting to do a chip design for a modern cryptanalytic
machine. For an older one, see Buchholz's book on the design of
Stretch, the IBM 7030, and in particular the "Harvest" add-on.
