[2901] in cryptography@c2.net mail archive
Re: Eli Biham notches the pressure up a bit higher.
daemon@ATHENA.MIT.EDU (Anonymous)
Sun Jul 5 19:33:04 1998
Date: 3 Jul 1998 04:27:31 -0000
From: Anonymous <nobody@remailer.ch>
In-Reply-To: <199807022339.TAA16220@jekyll.piermont.com>
To: cryptography@c2.net
"Perry E. Metzger" <perry@piermont.com> writes:
> Quite a stunning result. One can only wonder what he finds in coming
> days.
I wonder if the authors of the 1993 SKIPJACK Interim Report have any
comment on Biham's results?
Back then they "concluded it was not possible to perform an attack
based on differential cryptanalysis in less time than with exhaustive
search." They did not mention attacks on reduced versions of the
algorithm. However they wrote, "The design underwent a sequence of
iterations based on feedback from the evaluation process. These
iterations eliminated properties which, even though they might not
allow successful attack, were related to properties that could be
indicative of vulnerabilities."
