Re: Undefined and underdefined algorithms

[dontspam-tzeruch@xxxxxxxxxx]

On Tue, 30 Jun 1998, Uri Blumenthal wrote:

> dontspam-tzeruch@xxxxxxxxxx says:
> > > 2. The algorithm allows variable-length key. I say - make it 128 bits
> > >    for the sake of simplicity.
> > 
> > I assume this is the key material.
> 
> Hm... "Key material" isn't "officially" standard, so...
> 
> When people say "56-bit DES' - this is the key they mean.
> When they say "80-bit SKIPJACK" or "128-bit IDEA" - that's the key.
> 
> So here the key can be whatever you wish (between 40 and 256 bits),
> and I suggest to fix it at 128, because [in my understanding] a
> user isn't likely to input that key directly anyway. On the
> other hand, if you see it feasible to allow variable-ness,
> I of course won't mind. Or if you prefer a different length
> value (say, 256, or 80, or 96) - I can live with it too.

Maybe I have uncovered another ambiguity

For 3DES I have:

    des_set_key((des_cblock *) key, ctx->ck.dk[0]);
    des_set_key((des_cblock *) & key[8], ctx->ck.dk[1]);
    des_set_key((des_cblock *) & key[16], ctx->ck.dk[2]);

Which is going 8 bytes between keys, If DES is 56 bit and not 64 bit the
extra bytes are being wasted (the DES key size is 24 - should it have been
21?).

So I assume you would mean that it takes 16 bytes of key material.

> all of the DES round finction - it's 64-bit.  [It isn't worth extending
> to 128-bit, because the main idea was to preserve the "original" DES...
> All the cryptanalytic tests done on DES apply fully. Once we start doin'
> something to the rounds (besides increasing their number :-), many bets
> are off.]

It also avoids worrying aobut the CFB length.

Thanks!

--- reply to tzeruch - at - ceddec - dot - com ---