What Happened to IDEA? 4
insomniac asks: "Recently we decided to purchase a Cryptographic Service Provider to plug into the infamous JCA. On their Web site they have links to information regarding the various patents for crypto algorithms. One of them is IDEA. They link to the Web site of the owners of the patent. However, the company was bought out recently by Entrust. I've had no response from them regarding the status of the IDEA patent, and further searching has shown up a surprising lack of info on IDEA's current status. I also noticed the recent Ask Slashdot on choosing encryption algorithms contained very little regarding this algorithm. So what happened? Has the patent forced it out of circulation? Or did someone discover a serious vulnerability?"
Re:Haiku sucks (Score:1)
(I normally ignore troll posts, but...)
Sorry you feel that way. Perhaps, instead of asking others to moderate according to your tastes, you should get an ID and do your own moderation. I fail to see why the community should pay attention to your wishes if you're not willing to pull your share of the load.
------
Haiku (Score:2)
It has disappeared!
Where did algorithm go?
I have no idea.
------
The Patent is the main issue (Score:3)
The only use I have seen of IDEA lately is in products that are ignoring patents all together.
IDEA (Score:5)
Basically, it proved vulnerable to some esoteric attacks. It's no longer as strong as was once thought; while it's still secure, 4.5 rounds have been broken (last I heard--considering how quickly the field moves, it might be more now.)
Between its small security margin, its rather slow operation speed and the obnoxious patent (obnoxious both in terms of cost, and in terms of how difficult Ascom-Tech A.G.--and now apparently Entrust, too--made it to obtain one), people have just decided to use other ciphers.
IDEA's big selling point for the longest time was that it was the only trusted replacement for DES (barring 3DES, of course). Since we now have literally dozens of trusted replacements for DES, why bother with IDEA? Blowfish is well-trusted and pretty snappy in its operation; I'm not as fond of CAST as others are, but it's held up rather well (well enough to have been a strong AES contender).
When we have ciphers which are faster, less patent-encumbered and offer a larger security margin than IDEA, why should we continue to use IDEA?