[52330] in Cypherpunks
Re: IPG cracked with known plaintext
daemon@ATHENA.MIT.EDU (John Pettitt)
Tue Mar 19 16:58:17 1996
Date: Tue, 19 Mar 1996 11:43:16 -0800
To: cypherpunks@toad.com
From: John Pettitt <jpp@software.net>
At 05:32 PM 3/19/96 GMT, ECafe Anonymous Remailer wrote:
>This information is preliminary and is based on an attempt to
>understand the IPG algorithm information. That description is not
>clear in some areas, however, hence this analysis is tentative at this
>time.
>
>First let us describe the IPG system in more conventional C:
>
>a[0] to a[63] are initialized to random 8-bit values. (The
>description is unclear and almost makes it sound like they are
>initialized to a random 8-bit value anded with 0x3500, which would of
>course be zero. The attack below will assume that this bizarre step
>is not done, but will still apply even if it is.)
>
I think they mean ADD not AND but it's still an odd thing to do IMHO.
>So this algorithm is easily broken with known plaintext.
>
>
Agreed. Given that most PC apps generate known headers on files
and that only a smallish plaintext is needed it's looks rather weak.
John Pettitt, jpp@software.net
VP Engineering, CyberSource Corporation, 415 473 3065
"Technology is a way of organizing the universe so that man
doesn't have to experience it." - Max Frisch
PGP Key available at:
http://www-swiss.ai.mit.edu/htbin/pks-extract-key.pl?op=get&search=0xB7AA3705
