Howdy all, I havent seen anyone refer to the actual scientific paper yet, last year there where some mails about the slides.
The paper by Dunkelman, Keller and Shamir is now up on the IACR web: http://eprint.iacr.org/2010/013.pdf I picked up the following interesting text from the abstract: "....These complexities are so small that we have actually simulated the attack in less than two hours on a single PC, and experimentally veriļ¬ed its correctness and complexity. Interestingly, neither our technique nor any other published attack can break MISTY in less than the 2^128 complexity of exhaustive search, which indicates that the changes made by the GSM Association in moving from MISTY to KASUMI resulted in a much weaker cryptosystem. " and this from the summary: "....Our main point was to show that contrary to the assurances of its designers, the transition from MISTY to KASUMI led to a much weaker cryptosystem, which should be avoided in any application in which related key attacks can be mounted. " _______________________________________________ A51 mailing list [email protected] http://lists.lists.reflextor.com/cgi-bin/mailman/listinfo/a51
