[17025] in cryptography@c2.net mail archive
Re: comments wanted on gbde
daemon@ATHENA.MIT.EDU (Roland Dowdeswell)
Sun Mar 6 14:47:32 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
To: "Steven M. Bellovin" <smb@cs.columbia.edu>
Cc: cryptography@metzdowd.com
In-reply-to: Your message of "Fri, 04 Mar 2005 16:36:43 EST."
<20050304213643.CB2603BFE41@berkshire.machshav.com>
Date: Sun, 06 Mar 2005 14:39:50 -0500
From: Roland Dowdeswell <elric@imrryr.org>
I have started writing up a bit of an analysis of GBDE, which I
would like to have people comment on before I continue with it.
I.e. am I onto something here or not? I wrote this up very quickly
over a few sleepless nights while trying to get my normal work done
before I left on vacation, so please bear with me. The explanations
are rather empirical. I am planning to put some mathematics in
there eventually. At least after I return from my vacation.
I think that I have demonstrated that there are weak master keys
which can be used to construct an attack in < 2^128 steps on
individual sectors. I also discuss dictionary attacks and construct
another attack which is more difficult than brute forcing each
sector, but a little less time consuming than GBDE's author claims
it should be.
The URL is:
http://www.imrryr.org/~elric/cgd/gbde-analysis.pdf
Thanks,
--
Roland Dowdeswell http://www.Imrryr.ORG/~elric/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com