[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPv6 Security Last Call
Reply to: RE>>IPv6 Security Last Call Initial Questions
>CDMF is very elegant. ``Its strength is as the strength of DES, because
>its S-boxes are pure''...
>More seriously, CDMF is DES-based. If you can't cryptanalyze DES, you
>can't cryptanalyze CDMF. You can do a brute-force search on the 40-bit
>key, of course, but there are barriers to short-cut attacks. The paper
>is well worth reading.
So, can anyone document that CDMF is *really* exportable with a C.J.,
something akin to NSA's "Mass Market Software Product" criteria published
in John Gilmore's "CJR kit" for 7-day C.J. using RC4?