I know I'm a bit out of the loop, as I have not been studying the AES
submissions like the rest of you, but a couple of questions come to mind
on reading the meeting reports.
1) Does the power analysis apply to all smart cards, or only those that
draw from a reader?
The reason that I ask is I know of a project where they want to
build an entire IPv6 stack into a smart card, with kerberos and
IPSec. But, I believe that the card has its own power supply and
antennae. What are the constraints?
2) What's this about patenting data dependent rotations?
I certainly used data dependent rotations in my "Cipher Block
CheckSum" (CBCS) internet-drafts, and discussed it on the IPSec
mailing list as far back as '94. (It's just a modification on the
theme of CBC, with an extra key added, bit counted, and rotated; a
later version has two keys and two rotations.)
I've plenty of old printouts of using the CDC population count and
rotate instructions for checksumming as far back as mid-70s. Not
precisely "cryptography", but ought to be related, as we used it for
both hashing and integrity.
[EMAIL PROTECTED]
Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
