On 06/28/2011 12:48 PM, Steven Bellovin wrote:
Wow, this sounds a lot like the way 64-bit DES was weakened to 56 bits.
It wasn't weakened -- parity bits were rather important circa 1974.
(One should always think about the technology of the time.
It's a very reasonable-sounding explanation, particularly at the time.
http://en.wikipedia.org/wiki/Robbed_bit_signaling is even still used for
things like T-1 lies.
But somehow the system managed to handle 64-bit plaintexts and 64-bit
ciphertexts. Why would they need to shorten the key? Of the three
different data types it would be the thing that was LEAST often sent
across serial communications lines needing parity.
If error correction was needed on the key for some kind of cryptographic
security reasons, then 8 bits would hardly seem to be enough.
What am I missing here?
The
initial and final permutations were rightly denounced as cryptographically
irrelevant (though it isn't clear that that would be true in a secret
design; the British had a lot of trouble until they figured out the
static keyboard map of the Enigma), but they weren't there for
cryptographic reasons; rather, they were an artifact of a
serial/parallel conversion.
Interesting.
- Marsh
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
