On 7/21/05, Rich Walker <[EMAIL PROTECTED]> wrote: > I think you mean: > > The story that is circulated now about the tweaking of the S-box is > that it was to make DES more resistant to differential cryptanalysis, > which was unknown at the time.
I tend to give Bruce Schneier a certain amount of credence, although I recognize that he is not a historian. It is well documented that the NSA and at least some of the IBM researchers who contributed to the DES design were cognizant of the technique now known as differential cryptanalysis prior to the finalization of the DES S-boxes, and that the S-boxes are locally (and very nearly globally) optimal with respect to d-c attack. > Once you allow systems to exist with poor disclosure of the construction > process of their internals, you have opened up a back door wide enough > to drive a thousand exploits through. I don't pretend to do a security (or even maintainability) audit of all the code that passes through my hands. I frequently rely on the good faith (and continued existence) of upstream when choosing software products on and with which to build my own work. Yes, I do some due diligence; where it seems worthwhile, I spot-check the code quality, the documentation completeness, and the history of the individuals and organizations; and where it really matters, I make some attempt to evaluate the test coverage and the computational complexity of core algorithms. Very, very few open source projects (and even fewer of the closed-source projects whose internals I've seen) impress me on all of the above scores; but you've got to have some tools to work with if you expect to build big things on a small budget. > If you are aware that the providers of the system have an agenda, then > it actually makes sense to work *harder* on the "full disclosure of all > components necessary to reconstruct" angle than you would otherwise. Everybody's got an agenda. If you're confident that you understand what that agenda is, then you can hedge intelligently against it. Openness is good, but sometimes it reveals not-so-pretty things, and you need to think about whether a shortcut somebody admits to have taken is repugnant or merely regrettable. > (Yes, I *am* in the business of producing stuff that you can only > reproduce part of from the design data.) Who isn't? :-) Cheers, - Michael