[103092] in Cypherpunks
Re: Repost in text: IDEA(tm) weakness
daemon@ATHENA.MIT.EDU (Raph Levien)
Sun Sep 20 00:42:29 1998
Date: Sat, 19 Sep 1998 21:30:31 -0700
From: Raph Levien <raph@acm.org>
To: cypherpunks@algebra.com
CC: coderpunks@toad.com
Reply-To: Raph Levien <raph@acm.org>
A quick review reveals that this is clearly another "PGP is broken"
hoax. The author is assuming that IDEA's * operation has a nonuniform
distribution of outputs given a uniform distribution of inputs. Since it
is taken mod 65537 (a prime), this is simply not the case - for constant
x, x * y mod 65537 is a permutation over y. Everything else flows from
this flawed assumption.
The rest of the post is silly as well. "Not tested on real PGP data
because I couldn't find where the IDEA data starts." Very funny, this
info is quite accessible. Also, posting the technique but witholding the
code is ridiculous. If the technique worked, it would get implemented
within hours.
Oh well. It was exciting for a minute or two.
Raph
