At 00:55 14/11/02 -0800, Bill Stewart wrote: >At 12:03 PM 11/11/2002 -0500, Arnold G. Reinhold wrote: >>One of the tenets of cryptography is that new security systems >>deserve to be beaten on mercilessly without deference to their creator. > >In particular, I'd be interested in finding out if the new stuff >has been beaten up by Ian, Nikita, and the other people who >did the earlier shreddings of the WEP system - >while it certainly needs broader attention than that, >it at least needs to get by some of the usual suspects >rather than just approval by the same sort of standards people >who let the first one out the door. > >That doesn't mean that it's a solid guarantee, >but all this talk of 20-bit MIC codes doesn't strike me as something >that could pass the "Ian's Lunch Break" test, much less the >kind of attention that AES got.
I would contend that I am not "the same sort of standards people that let WEP out the door". Have a look at my website and list of publications (http://niels.ferguson.net/). I've been designing cryptographic systems since 1990. That doesn't mean that I don't make mistakes. I make many of them. Michael is very much an on-the-edge design, due to the harsh requirements. It is quite possible that someone will find a better attack against Michael, but unless I really goofed it will take Ian more than a single lunch break. Cheers! Niels ============================================================== Niels Ferguson, [EMAIL PROTECTED], phone: +31 20 463 0977 PGP: 3EC2 3304 9B6E 27D9 72E7 E545 C1E0 5D7E --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]