This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
mcmambo [21/03/2014 08:06:29] mmeh [Cryptanalysis] |
mcmambo [29/04/2014 12:09:43] stek [The Algorithm] |
||
---|---|---|---|
Line 4: | Line 4: | ||
* Author(s): Watson Ladd | * Author(s): Watson Ladd | ||
* CAESAR submission: [[http://competitions.cr.yp.to/round1/mcmambov1.pdf|McMambo]] | * CAESAR submission: [[http://competitions.cr.yp.to/round1/mcmambov1.pdf|McMambo]] | ||
+ | * [[https://maps.google.com/maps?q=37.874015,-122.250754&num=1&t=m&z=17|Location]] | ||
===== Cryptanalysis ===== | ===== Cryptanalysis ===== | ||
- | Samuel Neves points out in [[https://groups.google.com/forum/#!topic/crypto-competitions/ysiDA5Qqfrs|this thread]] a high-probability differential for the block cipher underlying McMambo. The designer acknowledges this as a forgery attack with success probability 2^{-24}, thus calling McMambo "dead". | + | ^ Type ^ Probability ^ Reference ^ |
+ | | Differential attack on block cipher | $2^{-24}$ | Neves [[https://groups.google.com/forum/#!topic/crypto-competitions/ysiDA5Qqfrs|on newsgroup]] | | ||
+ |