CDMF [was Re: Columbia crypto box]

[Anton Stiglic]

----- Original Message -----
From: "Bill Frantz" <frantz at pwpconsult.com>

>[...]
> through the 40 bit key space.  (IIRC, basically what the device did was
> reveal 16 bits of a DES key.)

I can't find a description of it on the web (I had it on a paper somewhere
but
I don't have access to it now),
but I think that what it does is encrypt the intial 56-bit key (64 bits with
the
additional parity bits) using a fixed value 56-bit key.  Then, given the
64-bit
result, it would substitute 16 (non parity) bits with fixed values and
modify
the result so that it had correct parity, effectively tranforming keys with
56
random bits to only 40 random bits.  (maybe I'm recalling wrongly however
I think it was something like that...)

Can you do E-D-E with this, using double-length keys, to effectively get a
key
strength of 80 bits? (at a first glance, I don't see what would prevent you
from doing this..).
If it's a library that you were exporting, with an API for encryption and
decryption,
nothing would prevent someone from using such a library to do strong
crypto...

--Anton


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com