[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Weak keys
At 11:44 AM 4/21/98 -0400, Paul Koning wrote:
>
>So what I get from all this is:
>1. Handle the specified list of DES keys (and no others) in phase 1 as
>stated, i.e., skip bits.
>2. Handle all other weak keys in all other cases by rekeying.
There was an interesting comment about weak keys some time ago. Either
from Sommerville or McDonald to something like:
Weak keys are so rare that the code for them might never be exercised in
testing and might be flawed.
ERGO a developer might choose a strategy that keeps the weak key code as
simple as possible.
Robert Moskowitz
ICSA
Security Interest EMail: rgm-sec@htt-consult.com
Follow-Ups:
References: