[12512] in cryptography@c2.net mail archive
Re: Columbia crypto box
daemon@ATHENA.MIT.EDU (Bill Frantz)
Tue Feb 11 18:45:50 2003
X-Original-To: cryptography@wasabisystems.com
X-Original-To: cryptography@wasabisystems.com
In-Reply-To: <20030211154051.AE08F7B4D@berkshire.research.att.com>
Date: Tue, 11 Feb 2003 11:14:05 -0800
To: cryptography@wasabisystems.com
From: Bill Frantz <frantz@pwpconsult.com>
At 7:40 AM -0800 2/11/03, Steven M. Bellovin wrote:
>The 40-bit issue is orthogonal to the other problems with WEP. Look at
>IBM's Commercial Data Masking Facility (CDMF), a way to degrade the
>strength of DES from 56 bits to 40 bits, while still ensuring that
>they didn't enable any less-expensive attack.
I have a lot of respect for the way IBM dealt with ITAR in this device.
Note that they did not call it secure, they called it the "Commercial Data
Masking Facility", and did not advertise it as secure against NSA level
attackers. As Steven says, the most effective attack is exhaustive search
through the 40 bit key space. (IIRC, basically what the device did was
reveal 16 bits of a DES key.)
Cheers - Bill
-------------------------------------------------------------------------
Bill Frantz | Due process for all | Periwinkle -- Consulting
(408)356-8506 | used to be the Ameican | 16345 Englewood Ave.
frantz@pwpconsult.com | way. | Los Gatos, CA 95032, USA
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
