Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Encryption Security

What Happened to IDEA? 4

Posted by Cliff from the but-should-it-have-been-a-slashback? dept.
insomniac asks: "Recently we decided to purchase a Cryptographic Service Provider to plug into the infamous JCA. On their Web site they have links to information regarding the various patents for crypto algorithms. One of them is IDEA. They link to the Web site of the owners of the patent. However, the company was bought out recently by Entrust. I've had no response from them regarding the status of the IDEA patent, and further searching has shown up a surprising lack of info on IDEA's current status. I also noticed the recent Ask Slashdot on choosing encryption algorithms contained very little regarding this algorithm. So what happened? Has the patent forced it out of circulation? Or did someone discover a serious vulnerability?"
This discussion has been archived. No new comments can be posted.

What Happened to IDEA? More

What Happened to IDEA?

Comments Filter:

  • (I normally ignore troll posts, but...)

    Sorry you feel that way. Perhaps, instead of asking others to moderate according to your tastes, you should get an ID and do your own moderation. I fail to see why the community should pay attention to your wishes if you're not willing to pull your share of the load.

    ------

  • Haiku (Score:2)

    by YASD ( 199639 )

    It has disappeared!
    Where did algorithm go?
    I have no idea.

    ------

  • The Patent is the main issue (Score:3)

    by Black Art ( 3335 ) on Friday June 23, 2000 @09:49AM (#979769)
    The reason few use IDEA is because of the uncertanty of the patent issues. It seems to be very secure, but since there is no clear indication of who to pay and how much, people tend to avoid it. (Especially for free products, where you are not making any money off of it anyways.)

    The only use I have seen of IDEA lately is in products that are ignoring patents all together.

  • IDEA (Score:5)

    by rjh ( 40933 ) <rjh@sixdemonbag.org> on Friday June 23, 2000 @12:05PM (#979770)
    IRL, I'm a full-time PGP hacker for PGP (part of Network Associates)--so keep in mind that my perspective may be biased by my employment. (And as always, I am not speaking for my employer, and this post does not constitute professional advice.)

    Basically, it proved vulnerable to some esoteric attacks. It's no longer as strong as was once thought; while it's still secure, 4.5 rounds have been broken (last I heard--considering how quickly the field moves, it might be more now.)

    Between its small security margin, its rather slow operation speed and the obnoxious patent (obnoxious both in terms of cost, and in terms of how difficult Ascom-Tech A.G.--and now apparently Entrust, too--made it to obtain one), people have just decided to use other ciphers.

    IDEA's big selling point for the longest time was that it was the only trusted replacement for DES (barring 3DES, of course). Since we now have literally dozens of trusted replacements for DES, why bother with IDEA? Blowfish is well-trusted and pretty snappy in its operation; I'm not as fond of CAST as others are, but it's held up rather well (well enough to have been a strong AES contender).

    When we have ciphers which are faster, less patent-encumbered and offer a larger security margin than IDEA, why should we continue to use IDEA? :)

Slashdot Top Deals

8 Catfish = 1 Octo-puss

Close