[cryptography] Minimally Sufficient Cryptosystem

Jean-Philippe Aumasson jeanphilippe.aumasson at gmail.com
Tue Jul 5 09:21:31 EDT 2011

See the Asiacrypt 2010 rump session talk "An Optimal Attack On
Cryptosystems With Pre/Post Whitening Keys" by Orr Dunkelman and Adi


On Tue, Jul 5, 2011 at 3:05 PM, Jonathan Katz <jkatz at cs.umd.edu> wrote:
> On Tue, 5 Jul 2011, Scott Guthery wrote:
>> Adi Shamir gave a talk at MIT last week at which I think he said that the
>> following cryptosystem was minimally sufficient:
>> XOR Key / Permutation / XOR Key
>> He seemed to me to imply that (informally speaking) any additional
>> complexity would be more likely to provide attack opportunities than not.
>> Perhaps anybody else that was there or is familiar with Shamir's work
>> along this line might comment.
> Hard to say what he was talking about without some context, but it sounds
> like he might (?) have been referring to DES-X:
>  http://en.wikipedia.org/wiki/DES-X
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography

More information about the cryptography mailing list