[Cryptography] Speculation about Baton Block Cipher
Ray Dillinger
bear at sonic.net
Tue Aug 18 16:54:52 EDT 2015
On 08/18/2015 10:18 AM, Ryan Carboni wrote:
> Baton has:
>
> 12 byte block size
> 16 byte block size
> 24 byte initialization vector
> 20 byte key
> 20 byte checksum
>
> Let's play a what does not belong game.
>
> Which number does not belong?
Heh. Is this a trick question?
The checksum size is of course ludicrous with respect to the key
and block size.
They don't need more than 4 bytes for a checksum, if that. BATON
is implemented in hardware with a secret algorithm, so virtually
anything could be encoded in the remaining 16 bytes and nobody
would be the wiser.
The fact, however, doesn't lead me to any specific speculations,
except that it's probably some kind of deliberate side channel.
But it's not at all clear what such a side channel would be
useful for. It's a Type 1 product. Why do you suppose the
NSA would install a side channel on their own communications?
Bear
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150818/e8ee2c31/attachment.sig>
More information about the cryptography
mailing list