[146642] in cryptography@c2.net mail archive
Re: [Cryptography] Can you backdoor a symmetric cipher
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Fri Sep 6 09:47:09 2013
X-Original-To: cryptography@metzdowd.com
Date: Fri, 6 Sep 2013 09:47:03 -0400
From: "Perry E. Metzger" <perry@piermont.com>
To: Jon Callas <jon@callas.org>
In-Reply-To: <91A2D3A2-21E8-4440-9D29-C21860A44ED2@callas.org>
Cc: cryptography@metzdowd.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On Thu, 5 Sep 2013 21:42:29 -0700 Jon Callas <jon@callas.org> wrote:
> On Sep 5, 2013, at 9:33 PM, "Perry E. Metzger" <perry@piermont.com>
> wrote:
>
> >
> > It is probably very difficult, possibly impossible in practice, to
> > backdoor a symmetric cipher. For evidence, I direct you to this
> > old paper by Blaze, Feigenbaum and Leighton:
> >
> > http://www.crypto.com/papers/mkcs.pdf
> >
>
> There is also a theorem somewhere (I am forgetting where)
See the URL quoted above. That is the implication of their paper.
> that says that if you have a block cipher with a back door, then it
> is also a public key cipher.
Perry
--
Perry E. Metzger perry@piermont.com
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography