On Thu, 16 Dec 2010 23:26:25 +1100, Abuse007 said: > Changing the s-boxes in DES (and therefore Triple DES as well) would break > comparability with other implementations as it would no longer decrypt the > same > as a standard implementation. Not if you managed to tweak the s-boxes while DES was still being designed. It's been known for years that while IBM was designing DES, they had some talks with the NSA, and the rumor was that NSA convinced them to tweak the s-boxes to allow a backdoor. Recently, it was revealed that the NSA *did* give advice about the S-boxes, but it was because the IBM guys had independently come up with the concept of differential cryptanalysis, which the NSA knew about but nobody else did at that time. So NSA gave IBM some hints how to design the s-boxes to harden it against differential cryptanalysis. Or so they said. :)
Attachment:
pgpwzUCAxtGhf.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/