Other Directory Sites: SeekWonder | Directory Owners Forum
The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:13:58
Mike Rosing (eresrch@msn.fullfeed.com)
Wed, 2 Sep 1998 15:29:31 -0500 (CDT)
On Wed, 2 Sep 1998, Adam Shostack wrote:
> Possibly of interest is Takeshi Shimoyama & Toshinobu Kaneko's
> Quadratic Relation of S-Box and its Application of the Linear Attack
> of Full Round DES. (Crypto '98)
>
> http://www.yokohama.tao.go.jp/shimo/paper/crypto98
Yes, very interesting. A bit over my head though. Can you explain what
a "Grobner basis" is, say relative to polynomial or normal basis?
Once you've reduced the equations to cubics, the main trick is to solve
them. Obviously, that's hard. Is it possible to factor cubics in GF(2)?
The above authors show how to attack quadratics and point out that there
is more than one factorization. I assume that's true for cubics as well?
Knowing the S-box equations is only part of the solution, the rest of
the cipher has to be converted to equations too. Clearly, it is possible
to do. Given the date on the paper, it's also state of the art.
Congratulations Sandy, you've hit the bleeding edge :-)
Patience, persistence, truth,
Dr. mike
The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:13:58