Re: [tlug] Debian OpenSSL critical security bug

[Curt Sampson <cjs@example.com>]

On 2008-05-14 10:03 +0900 (Wed), Josh Glover wrote:

> 2008/5/14 Curt Sampson <cjs@example.com>:
> 
> > remember the story
> > about the NSA's changes to the S-box arrangement of the DES algorithm.
> 
> I don't, but it sounds interesting. Have you a link?

Oh, and a small summary, since the Wikipedia page is not all that clear,
IMHO:

The algorithm used an arrangement of these things called "S-boxes",
which were not well understood. To most outside reviewers at the time,
one arrangement seemed as good as another.

The story I heard is that the NSA, after reviewing the original DES
algorithm, asked for one small change in the S-box arrangement before
approving it for government use. They wouldn't say why they'd done this.
This raised a lot of suspicious; had they changed it to make it easier
for them to crack?

Many years later, when techniques of differential analysis were
discovered by the public community, it turned out that that small change
had made DES far more resistant to these techniques than the original
version had been, and thus far stronger.

cjs
-- 
Curt Sampson       <cjs@example.com>        +81 90 7737 2974   
Mobile sites and software consulting: http://www.starling-software.com