add-des-is-not-a-group (#31)

2022-10-07 17:20:31 +03:00 · 2022-10-07 17:20:31 +03:00 · c59e34d82e
parent d810a08e0f
commit c59e34d82e
1 changed files with 1 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -81,6 +81,7 @@ It will be extended gradually as I find something of "must-have" value. Pull req
 * [The Security and Performance of the Galois/Counter Mode (GCM) of Operation](https://eprint.iacr.org/2004/193.pdf) - Design, analysis and security of GCM, and, more specifically, AES GCM mode, by David A. McGrew and John Viega.
 * [GCM Security Bounds Reconsidered](https://www.iacr.org/archive/fse2015/85400168/85400168.pdf) - An analysis and algorithm for nonce generation for AES GCM with higher counter-collision probability, by Yuichi Niwa, Keisuke Ohashi, Kazuhiko Minematsu, Tetsu Iwata.
 * [Proxy-Mediated Searchable Encryption in SQL Databases Using Blind Indexes](https://eprint.iacr.org/2019/806.pdf) - An overview of existing searchable encryption schemes, and analysis of scheme built on AES-GCM, blind index and bloom filter by Eugene Pilyankevich, Dmytro Kornieiev, Artem Storozhuk.
+* [DES is not a group](https://link.springer.com/content/pdf/10.1007/3-540-48071-4_36.pdf) - Old but gold mathematical proof that the set of DES permutations (encryption and decryption for each DES key) is not closed under functional composition. That means that multiple DES encryption is not equivalent to single DES encryption and means that the size of the subgroup generated by the set of DES permutations is greater than 10^2499, which is too large for potential attacks on DES, which would exploit a small subgroup.

 #### Cryptanalysis