On Wed, 3 Jan 2001, Ben Laurie wrote:
> > A cipher is Conditionally Computationally Secure
> > (CCS) if the cipher could be implemented with keys
> > that are not quite "long enough" or with not quite
> > "enough" rounds to warrant a CS rating. Examples:
> > SKIPJACK and RSA.
This seems a bit strange to me. I would have expected "conditionally"
computationally secure to mean "secure if some condition holds."
For instance, Rabin is secure if factoring is hard.
> An example of this would be the cipher used on DVDs, or the mobile phone
> one, both of whose names I've forgotten.
The mobile phone one would be A5, with two variants A5/1 and A5/2.
A5/1 likely qualifies as Weak, while A5/2 would now be Very Weak.
-David
