Re: updated draft-ietf-ipsec-ciph-cbc-03.txt

[Helger Lipmaa <helger@cyber.ee>]

On Thu, 26 Mar 1998, Roy Pereira wrote:

>    IDEA:
> 
>    IDEA has been found to have weak keys.  Please check with [MOV] and
>    [Schneier] for more information.

As Bart already mentioned, there'll be a new paper by Philip Hawkes on
Eurocrypt '98 about a broader class of weak keys of IDEA (the class is still
not big enough to be a practical threat (of size 2^63)).

[Schneier] does not even list the keys being known at this time. May be the
above should be reworded as:

   IDEA has been found to have weak keys. [MOV] and [Schneier] cover the
   state of art in 1996. As of 1998, broader classes of weak keys have been
   found, but the attacks are not practical.

>    +--------------------+------------+----------------------+
>    | IDEA               | No         | 8                    |
>    +--------------------+------------+----------------------+

Btw, read Hawkes about the perils of four-round IDEA.

>    For a comparison table of the estimated speed of any of these and
>    other cipher algorithms, please see [Schneier97] or for an up-to-
>    date performance comparison, please see [Bosseleaers].

Correct spelling: [Bosselaers]. Probably we should contact and notice him
before using his website as a link in the draft. The numbers on his homepage
are from an yet unpublished paper. He himself or Bart can give the exact
reference.

Helger

---

Follow-Ups:

• Re: updated draft-ietf-ipsec-ciph-cbc-03.txt
• From: "Theodore Y. Ts'o" <tytso@MIT.EDU>

References:

• updated draft-ietf-ipsec-ciph-cbc-03.txt
• From: Roy Pereira <rpereira@TimeStep.com>

---

• Prev by Date: Re: Last Call: Security Architecture for the Internet Protocol to Proposed Standard
• Next by Date: Re: Last Call: Security Architecture for the Internet Protocol to Proposed Standard
• Prev by thread: updated draft-ietf-ipsec-ciph-cbc-03.txt
• Next by thread: Re: updated draft-ietf-ipsec-ciph-cbc-03.txt
• Index(es):
  • Main
  • Thread