| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 17 Dec 2010 00:50:25 +1100
From: malfy <malfy@...hop.net>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Allegations regarding OpenBSD IPSEC
On Thu, Dec 16, 2010 at 08:45:13AM -0500, Valdis.Kletnieks@...edu wrote:
> On Thu, 16 Dec 2010 23:26:25 +1100, Abuse007 said:
>
> > Changing the s-boxes in DES (and therefore Triple DES as well) would break
> > comparability with other implementations as it would no longer decrypt the same
> > as a standard implementation.
>
> Not if you managed to tweak the s-boxes while DES was still being designed.
>
> It's been known for years that while IBM was designing DES, they had some talks
> with the NSA, and the rumor was that NSA convinced them to tweak the s-boxes to
> allow a backdoor. Recently, it was revealed that the NSA *did* give advice
> about the S-boxes, but it was because the IBM guys had independently come up
> with the concept of differential cryptanalysis, which the NSA knew about but
> nobody else did at that time. So NSA gave IBM some hints how to design the
> s-boxes to harden it against differential cryptanalysis.
>
> Or so they said. :)
There are no cryptographic S-Box backdoors in AES, I haven't verified
this myself, it's on the agenda, but there have been many comb searches
through the DES algorithm.
~malfy
--
"Wisdom begins in wonder"
-Socrates
I don't read unencrypted mail
PGP Key: C9E86E81
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists