[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: comments on draft-ietf-ipsec-ciph-cbc-02.txt
> How many rounds do you suggest for IDEA?
IDEA has eight rounds.
4-round IDEA is a research toy, and should not even be called IDEA.
X. Lai and J. Massey never proposed it for real-life applications.
It apparently creeped into the drafts because Applied Cryptography
says (2nd ed, p. 325):
"(..) Currently the best attack against IDEA is faster than brute force
only for 2.5 rounds or less; 4 round IDEA would be twice as fast and,
as far as I know, just as secure."
This does not reflect our 1998 knowledge.
- mj
Markku-Juhani O. Saarinen <mjos@ssh.fi>, SSH Communications Security Ltd
References: