[Cryptography] BLAKE2: "Harder, Better, Faster, Stronger" Than MD5

Bear bear at sonic.net
Mon Mar 24 16:36:57 EDT 2014

On Sun, 2014-03-23 at 17:36 -0400, Jerry Leichter wrote:

> There are plenty of other potential contenders (Blowfish, RC5), though
> the great grand-daddy appears to be IDEA:  Initial patent proposal in
> 1990, full patent proposal in 1991, no known attacks to date.  That
> puts it at 24 years or so.


Almost true, but not quite completely true anymore.  At Eurocrypt 
in 2012, Reschberger published  an attack on full IDEA.  It 
exploits narrow bicliques in order to get an attack with complexity 
of  2^126.1 against a 128-bit key - a 2-bit break.  Not nearly 
enough for practical deployment against a 128-bit key, but it
demonstrates a tiny chink in the armor. 

It could happen tomorrow that someone figures out how to broaden the 
attack and get another 2 bits....   


More information about the cryptography mailing list