[27403] in cryptography@c2.net mail archive
RE: Status of attacks on AES?
daemon@ATHENA.MIT.EDU (Whyte, William)
Tue Jun 6 18:25:23 2006
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Mon, 5 Jun 2006 05:36:44 -0400
From: "Whyte, William" <WWhyte@ntru.com>
To: "Marcos el Ruptor" <Ruptor@cryptolib.com>,
<cryptography@metzdowd.com>
> Isn't what you are referring to called "secure number of rounds"? In =
other
> words the number of rounds after which no known attack exists that can =
break
> the cipher faster than brute-forcing the key?
>=20
> It looks like I have no choice but to invent a new term, "PRF rounds" =
- the
> number of rounds after which each function that defines the value of =
each
> bit of the block/state/output is a pseudo-random function (PRF) of all =
the
> bits of the block/state/key/input, in other words a function
> indistinguishable from random by any existing general purpose =
randomness
> tests. Of course dedicate randomness tests exploiting the cipher =
structure
> and utilising a significant amount of computational resources could be
> effective in distinguishing a larger number of rounds from random, but
> that's in the area of the "secure number of rounds" research.
Can you briefly explain how you determine the PRF rounds value?
William
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
