Re: Snake Oil

Paulo Barreto (pbarreto@nw.com.br)
Fri, 01 Jan 1999 10:21:19 -0200

• Next message: Paulo Barreto: "Re: Snake Oil"
• Previous message: Lewis McCarthy: "Re: Snake Oil"
• Next in thread: Paulo Barreto: "Re: Snake Oil"
• Reply: Paulo Barreto: "Re: Snake Oil"

At 00:29 1999.01.01 -0500, Lewis McCarthy wrote:

>Regarding the use of polynomial composition in the www.usdsi.com
>system, see http://www.cs.umass.edu/~landau/alg_alg.html for work
>by Kozen and Landau on fast polynomial decomposition. Thee's an
>online copy of the paper, I` believe.

Yes, but it is stated there that "polynomials could be factored over
algebraic number fields in time polynomial in the size of the polynomial
and the size of the field extension.", and the polynomial g^-1 in the TTM
system can be quite large -- 2^(2^(m-2)) for an underlying Galois field
GF(2^m), if I computed it correctly.

This does not mean TTM is secure, of course (as bram <bram@gawth.com>
points out, there's the possibility that only linear transforms be chosen,
thus constituting a weak key). I wouldn't use that system anyway (if my
poor opinion counts anything at all).

Paulo.

• Next message: Paulo Barreto: "Re: Snake Oil"
• Previous message: Lewis McCarthy: "Re: Snake Oil"
• Next in thread: Paulo Barreto: "Re: Snake Oil"
• Reply: Paulo Barreto: "Re: Snake Oil"