“The initial permutation and the corresponding final permutation do not affect DES’s security…” and “this bit-wise permutation is difficult in software (although it is trivial in hardware)”

Interestingly enough, he thinks the permutation was intended to deal with byte-wise loading of plaintext data into the hardware implementation. I don’t see any justification for that in the structure of the IP. So it remains a mystery, although everyone agrees it doesn’t add security to the cipher itself.

]]>How did you come to this conclusion?

Did the NSA actually print that? or is it a conspiracy theory? seriously..i can’t see how something like that would be for the purpose of a more difficult implementation in software.

Surely the reason behind permutation was due to available hardware at the time of the algorithms design?

And the only reason to use it in software was to comply with the standard..no?

]]>period, Applied Cryptography is the old thing to rail at. Now we complain about blogs. I don’t think lack of mathematical understanding is the problem. The problem is that engineers are working at too low a level if they have to know anything about the math behind crypto.

]]>If you’re a beginner, and want a very good understanding of underlying mathematical principles, please pick up S.C. Coutinho’s “The Mathematics of Ciphers: Number Theory & RSA Cryptography”. It’s mind-blowingly simple to follow, but goes very deep.

]]>Bill: absolutely, the crew keeps changing. Most Web 2.0 programmers weren’t even around for the transition from Unix DES crypt to MD5 or Blowfish (8 char password limit anyone?) Some companies do value external review, hence why I still have a job.

]]>