[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPv6 Security Last Call Initial Questions
Date: Wed, 29 Mar 1995 14:04:47 -0500 (EST)
And then there is CDMF, which is rather similar to DES, and which
enjoys similar exportability as RC2/RC4 (except the review time
is 15 days instead of 7)...
IP issues aside, what's the strength of CDMF? My
understanding of 40 bit RC4 is that it doesn't give away
anything about the NSA's ability to crack cyphers. 40-bit RC4
is reportedly quiet easy for anyone to cryptoanalyze. If CDMF
is similarily weak, what's the point of using it at all?
CDMF is very elegant. ``Its strength is as the strength of DES, because
its S-boxes are pure''...
More seriously, CDMF is DES-based. If you can't cryptanalyze DES, you
can't cryptanalyze CDMF. You can do a brute-force search on the 40-bit
key, of course, but there are barriers to short-cut attacks. The paper
is well worth reading.