[8270] in cryptography@c2.net mail archive
Re: IBM press release - encryption and authentication
daemon@ATHENA.MIT.EDU (Nikita Borisov)
Mon Dec 11 21:36:04 2000
To: cryptography@c2.net
From: nikitab@cs.berkeley.edu (Nikita Borisov)
Date: 11 Dec 2000 17:14:09 -0800
Message-ID: <913u51$1kr$1@abraham.cs.berkeley.edu>
In article <Pine.LNX.4.21.0012110217560.13652-100000@ultra.gawth.com>,
Bram Cohen <bram@gawth.com> wrote:
>it's not hard to figure it out just from the slides - there are actually
>two methods given, one which requires an extra lg(n) encryptions and one
>which requires two extra encryptions but has a bunch of modular
>arithmetic. Rijndael is so fast I suspect the second one might not prove
>all that useful.
But in his examples, addition mod 2^128 - 159 can be implemented rather
quickly:
S_i = S_{i-1} + b [regular 128-bit addition]
if (b > S_i) S_i += 159
- Nikita
