•Before
its adoption as a standard, the proposed DES was subjected to intense
criticism, which has not subsided to this day.
•Two areas
drew the critics’ fire.
1.First, the
key length in IBM’s original LUCIFER algorithm was 128 bits, but that of the
proposed system was only 56 bits, an enormous reduction in key size of 72 bits.
–Critics
feared
that this key length was too short to withstand brute-force attacks.
2.The second
area of concern was that the design criteria for the internal structure of DES,
the S-boxes, were classified.
–Thus,
users could not be sure that the internal structure of DES was free of any
hidden weak points that would enable NSA to decipher messages without benefit
of the key.
–Subsequent
events,
particularly the recent work on differential cryptanalysis, seem to indicate
that DES has a very strong internal structure.
–Furthermore,
according to IBM participants, the only changes that were made to the proposal
were changes to the S-boxes, suggested by NSA, that removed vulnerabilities
identified in the course of the evaluation process.
No comments:
Post a Comment