[CryptoAPI-devel] IDEA

[Gisle S{l. <gi...@ii...>]

As I told, IDEA is broken. Both the cipher and the key schedule seems
to be broken. In particular the key schedule is broken. If I have not
done a mistake, the cipher is effectivly reduced to a two round cipher,
since all but the first 12 subkeys seems to be always zero. This will
make the cipher trivial to break if it's right.

Using the test tools, with added debug printouts printing out subkeys,
this is my result:

[gisle@fisk tests]$ ./test_cipher -c idea-ecb -k \
ffffffffffffffffffffffffffffffff -p 0000000100020003 -e 5ae0bcea9fd5ae2d
ffff - ffff - ffff - ffff - ffff - ffff - ffff - ffff -
ffff - ffff - ffff - ffff - 0000 - 0000 - 0000 - 0000 -
0000 - 0000 - 0000 - 0000 - 0000 - 0000 - 0000 - 0000 -
0000 - 0000 - 0000 - 0000 - 0000 - 0000 - 0000 - 0000 -
0000 - 0000 - 0000 - 0000 - 0000 - 0000 - 0000 - 0000 -
0000 - 0000 - 0000 - 0000 - 0000 - 0000 - 0000 - 0000 -
0000 - 0000 - 0000 - 0000
=2E...

Since idea merly distribute the keybits on the roundkeys, all
roundkeys should have been 'ffff', but most of them will
always be '0000' regardless of key.

RC5 in kerneli seems to be RC5-32/16/16, and I don't have test
vectors for that one. If anyone have, it would be nice.
(That is rc5 with 32-bit wordsize, 16 rounds and 16 bytes of
key material)

--
Gisle S=E6lensminde ( gi...@ii... )

With sufficient thrust, pigs fly just fine. However, this is not
necessarily a good idea. It is hard to be sure where they are going
to land, and it could be dangerous sitting under them as they fly
overhead. (from RFC 1925)