[cryptography] Tigerspike claims world first with Karacell for mobile security

Ben Laurie ben at links.org
Thu Dec 27 08:26:00 EST 2012


On Wed, Dec 26, 2012 at 9:38 PM, Jon Callas <jon at callas.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I took a look at it. Amusing. I didn't spend a lot of time on it. Probably not more than twice what it took me to write this.
>
> It has an obvious problem with known plaintext. You can work backward from known plaintext to get a piece of their "tumbler" and since the tumbler is just a big bitstring, work from there to pull out the whole thing.

It is not self-evident how you might go about this, and, indeed, their
own analysis rests on the difficulty of doing it, so "since the
tumbler is just a big bitstring, work from there to pull out the whole
thing" hardly cuts it as a viable attack.

Much as I am inclined to suspect this scheme doesn't work, you've shed
no more light that their own paper does.



More information about the cryptography mailing list