[Cryptography] BLAKE2: "Harder, Better, Faster, Stronger" Than MD5
Bear
bear at sonic.net
Mon Mar 24 16:36:57 EDT 2014
On Sun, 2014-03-23 at 17:36 -0400, Jerry Leichter wrote:
> There are plenty of other potential contenders (Blowfish, RC5), though
> the great grand-daddy appears to be IDEA: Initial patent proposal in
> 1990, full patent proposal in 1991, no known attacks to date. That
> puts it at 24 years or so.
http://www.cs.bris.ac.uk/eurocrypt2012/Program/Tues/Rechberger.pdf
Almost true, but not quite completely true anymore. At Eurocrypt
in 2012, Reschberger published an attack on full IDEA. It
exploits narrow bicliques in order to get an attack with complexity
of 2^126.1 against a 128-bit key - a 2-bit break. Not nearly
enough for practical deployment against a 128-bit key, but it
demonstrates a tiny chink in the armor.
It could happen tomorrow that someone figures out how to broaden the
attack and get another 2 bits....
Bear
More information about the cryptography
mailing list