analysis and implementation of LRW
Ben Laurie
ben at links.org
Tue Jan 23 13:03:04 EST 2007
David Wagner wrote:
> Jim Hughes writes:
>> The IEEE P1619 standard group has dropped LRW mode. It has a
>> vulnerability that that are collisions that will divulge the mixing
>> key which will reduce the mode to ECB.
>
> This is interesting. Could you elaborate on this? I suspect we could
> all learn from the work the IEEE P1619 working group is doing.
>
> I tried to trawl the P1619 mailing list archives to find some detailed
> analysis on the topic of collisions, as you suggested, but I probably
> wasn't looking in the right places. The closest I found was this message:
> http://grouper.ieee.org/groups/1619/email/msg01322.html
> which estimates that if one continuously accesses the disk for 4.6
> years (roughly the average life time of a disk), the chances of seeing
> a collision are about 1/2^29. Is that the analysis that triggered the
> concern over collisions?
Google is your friend:
http://grouper.ieee.org/groups/1619/email/msg00558.html
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.links.org/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list