On Tue, 30 Jun 1998, Uri Blumenthal wrote:
dontspam-tzeruch(_at_)ceddec(_dot_)com says:
2. The algorithm allows variable-length key. I say - make it 128 bits
for the sake of simplicity.
I assume this is the key material.
Hm... "Key material" isn't "officially" standard, so...
When people say "56-bit DES' - this is the key they mean.
When they say "80-bit SKIPJACK" or "128-bit IDEA" - that's the key.
So here the key can be whatever you wish (between 40 and 256 bits),
and I suggest to fix it at 128, because [in my understanding] a
user isn't likely to input that key directly anyway. On the
other hand, if you see it feasible to allow variable-ness,
I of course won't mind. Or if you prefer a different length
value (say, 256, or 80, or 96) - I can live with it too.
Maybe I have uncovered another ambiguity
For 3DES I have:
des_set_key((des_cblock *) key, ctx->ck.dk[0]);
des_set_key((des_cblock *) & key[8], ctx->ck.dk[1]);
des_set_key((des_cblock *) & key[16], ctx->ck.dk[2]);
Which is going 8 bytes between keys, If DES is 56 bit and not 64 bit the
extra bytes are being wasted (the DES key size is 24 - should it have been
21?).
So I assume you would mean that it takes 16 bytes of key material.
all of the DES round finction - it's 64-bit. [It isn't worth extending
to 128-bit, because the main idea was to preserve the "original" DES...
All the cryptanalytic tests done on DES apply fully. Once we start doin'
something to the rounds (besides increasing their number :-), many bets
are off.]
It also avoids worrying aobut the CFB length.
Thanks!
--- reply to tzeruch - at - ceddec - dot - com ---