[cryptography] DES history
marcus.brinkmann at ruhr-uni-bochum.de
Mon May 5 21:58:23 EDT 2014
On 05/06/2014 01:20 AM, Bernie Cosell wrote:
> On 6 May 2014 at 8:35, Dave Horsfall wrote:
>> On Mon, 5 May 2014, Marcus Brinkmann wrote:
>>> It is well known that the DES S-Boxes were specifically designed (by
>>> NSA, no less, back in the good ol' days) to protect against that
>> If I recall Schneier, the S-boxes were *modified* by the NSA, not
> More than that, the modifications *improved* the S-boxes --- they made
> DES resistent to differential attacks that [AFAIK] weren't yet known in
> the civilian community. I think it was only after a few years that the
> impact of their changes was understood [and that it was a good thing].
On rereading the Wikipedia article on DES history, the whole story seems
to be considerably muddier than I recalled at first.
On the one hand, the article cites Schneier "Applied Cryptography" (2nd
ed.). p. 280, quoting Alan Konheim (one of the designers of DES) with:
"We sent the S-boxes off to Washington. They came back and were all
On the other hand the article says that Steven Levy ("Crypto") claims
that "IBM Watson researchers discovered differential cryptanalytic
attacks in 1974 and were asked by the NSA to keep the technique secret."
Yet again the "United States Senate Select Committee on Intelligence" is
cited with: "In the development of DES, NSA [...] indirectly assisted in
the development of the S-box structures."
Also, the article cites "a declassified NSA book on cryptologic history"
with: "NSA worked closely with IBM to strengthen the algorithm against
all except brute force attacks and to strengthen substitution tables,
I guess a more careful review of the evidence is required to make heads
and tails of it.
More information about the cryptography