| Jerrold Leichter writes:
| >They don't claim that:
| >
| >     This cipher is ... provably just as secure as AES-128.
| >
| >I can come up with a cipher provably just as secure as AES-128 very 
| Actually, I think Adam is totally right.
| Have you looked at their scheme?
|   http://www.securescience.net/ciphers/csc2/
I was responding in jest to the text Adam actually quoted - and indeed was
refering to:

| The way to come up with a cipher provably as secure as AES-128 is to use
| AES-128 as part of your cipher 
[Remind self once more:  Ironic humor doesn't work in mail....]

|                                -- but their scheme does not do anything
| like that.
| I am very skeptical about claims that they have a mathematical proof that
| CS2-128 is as secure as AES-128.  I want to see the proof.
I didn't see that claim on their site, but then again I only glanced at it
quickly.  Unless they have some entirely new kind of reduction, I'm guessing
that what they are really claiming is that the same proofs of security that
are available for AES - against generalized differential attacks, for example -
are also available for CSC2.  *That* much is certainly possible.

                                                        -- Jerry

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to