[17169] in cryptography@c2.net mail archive
Re: Secure Science issues preview of their upcoming block cipher
daemon@ATHENA.MIT.EDU (Lance James)
Mon Mar 28 15:12:56 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Fri, 25 Mar 2005 13:24:52 -0800
From: Lance James <lancej@securescience.net>
To: David Wagner <daw@cs.berkeley.edu>
Cc: cryptography@metzdowd.com
In-Reply-To: <200503251655.j2PGtWsg024860@taverner.CS.Berkeley.EDU>
David Wagner wrote:
> Seecure Science Corporation writes:
>
>>Secure Science is offering a preview of one of the 3 ciphers they will
>>be publishing througout the year. [...] This cipher is [...]
>>provably just as secure as AES-128.
>
>
> Adam Shostack writes:
>
>>Really? How does one go about proving the security of a block cipher?
>
>
> Lance James @ Secure Science Corporation writes:
>
>>We will be proposing 2 hashes as well.
>
>
> Well, that is completely non-responsive to the point Adam made.
> You used the term "provably". Where is your proof?
>
> Did you understand the point Adam is making? In this field, the term
> "provably" means that there you have a mathematical proof. Do you have
> such a proof? I'm awfully skeptical....
>
> Will you retract the claim that SS2 is "provably just as secure as AES-128"?
David,
There is a miswording here, we were trying to show that both AES and
CS2-128 are resistant to the same class of attacks. We definitely did
not try to state that they are equivalent.
I recommend reading http://eprint.iacr.org/2004/085.pdf to see for yourself.
-Lance
>
> As for your future hashes, will you be making similar claims?
>
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
>
>
--
Best Regards,
Lance James
Secure Science Corporation
[Have Phishers stolen your customers' logins? Find out with DIA]
https://slam.securescience.com/signup.cgi - it's free!
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
