Talk:Twofish

From Wikipedia, the free encyclopedia

This article is part of WikiProject Cryptography, an attempt to build a comprehensive and detailed guide to cryptography on Wikipedia. If you would like to participate, you can choose to edit the article attached to this page, or visit the project page, where you can join the project and see a list of open tasks.

[edit] Information

There appears to be a great deal of information regarding the AES selection and Twofish (and all the other nominees) here at [1]. I'm going to incorporate parts of this into the article, including the info about supposed breaks, but be forewarned, I'm not a crypto geek. Sword 17:45, 4 Nov 2004 (UTC)

[edit] Murphy & Robshaw attack

Twofish's S-boxes are key dependent but do not change with each encryption. The attack referred to is [2] (ps) but it's not very relevant (it only breaks five of Twofish's 16 rounds) and should either form part of a longer section on cryptanalysis of Twofish or be dropped. I've removed it for now. ciphergoth 13:01, 2004 Nov 16 (UTC)

For reference, S. Murphy and M. Robshaw report that knowing that the S-boxes change with each encryption, that one can craft a differential attack by choosing a plaintext and seeing what the output is. This has only been suggested against a reduced-round (near 5) Twofish. is the removed text. — Matt 13:16, 16 Nov 2004 (UTC)

[edit] Diagram ERROR

The one-bit left rotate in the column containing K₂ and K₆ should be a one-bit RIGHT rotate. The other rotate (in the rightmost column) should indeed be a left rotate. Compare with figure 1 on page 6 of the twofish paper.

It also might be worth describing the symbols for addition modulo 2³² and XOR. —The preceding unsigned comment was added by 192.35.100.1 (talk • contribs) 07:27, 8 June 2006 (UTC)