[4101] in cryptography@c2.net mail archive
Re: Pop Count Instruction and crytanalysis
daemon@ATHENA.MIT.EDU (Jon Callas)
Fri Jan 29 21:47:02 1999
In-Reply-To: <199901282035.PAA09158@postal.research.att.com>
Date: Fri, 29 Jan 1999 16:28:34 -0800
To: Steve Bellovin <smb@research.att.com>,
"Jitze Couperus" <jcouperus@creativeis.com>
From: Jon Callas <jon@callas.org>
Cc: cryptography@c2.net, "MCKAY john" <mckay@cs.concordia.ca>
At 12:35 PM -0800 1/28/1999, Steve Bellovin said:
For years, I had heard the story about NSA liking that instruction.
But I never understood why, until I started working on plaintext
recognizers,
and independently derived the need for it. See, for example,
http://www.research.att.com/~smb/papers/probtxt.ps.
There are other instruction types that are useful for cryptanalysts.
The CDC Star had a lovely set of vector operations under masks. And
the Harvest add-on to the IBM 7030 (Stretch), described in a book by
Buchholz ("Planning a Computer System", McGraw-Hill, 1962) was intended
for NSA as well.
For what it's worth, the same instruction was taken out of the
widely-released versions of the VAX, at the request of the NSA. Allegedly,
there were versions that had the opcode in the machine for that same
customer.
Jon
