[Cryptography] NIST Workshop on Elliptic Curve Cryptography Standards

[Adrian McCullagh]

>   My understanding is they changed it to protect against 
>   differential cryptanalysis. At the time, differential 
>   cryptanalysis was known by NSA, but not generally known in the 
>   public crypto community. (The public crypto community was almost 
>   non-existant at the time.)




In post analysis I think you are correct Bill in this statement but I do not believe that the NSA ever acknowledged that this was the reason.


I think the first or at least one of the first papers dealing with differential cryptanalysis of DES was in 1990 by Eli Biham and Adi Shamir.  I am unaware of any papers prior to this one by the civilian community.


Adrian




Dr Adrian McCullagh
Ph.D., LL.B. (Hons), B. App. Sc.(Computing)
Lawyer
Mobile: +61401 646 486
SKYPE: admac57
email: amccullagh at live.com.au
email: ajmccullagh57 at gmail.com

The contents of this email are confidential between the sender and the intended recipient. If you are not the intended recipient then no rights are granted to you because of this error and as such you are requested to promptly inform the sender of the error and to promptly destroy all copies of the email in your power, possession or control. The sender reserves all rights concerning this email and its contents including any privilege, copyright and/or confidentiality associated with this email.








-------------------------------------------------------------------------
Bill Frantz        | Re: Hardware Management Modes: | Periwinkle
(408)356-8506      | If there's a mode, there's a   | 16345 
Englewood Ave
www.pwpconsult.com | failure mode. - Jerry Leichter | Los Gatos, 
CA 95032
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150520/204749bf/attachment.html>