Re: [GNU Crypto] problem with serpent-128 in gnu-crypto-1.1.0?

[Casey Marshall]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, Sep 26, 2003 at 02:41:36PM -0400, Ron Lee wrote:

> Have there been any bugs reported on the implementation of this
> algorithm? I am having trouble with it not returning the original
> cleartext when run through an encrypt/decrypt cycle. I am using 128-bit
> blocks and 256-bit keys. My code works with both the GNU Rijndael and
> Twofish implementaions, as well as with the BouncyCastle implementations
> of all three (Serpent, Rijndael, and Twofish).
> 

BouncyCastle's Serpent implementation is incorrect; it suffers from the
same endianness bug that we used to. See:

<http://www.kerneli.org/pipermail/cryptoapi-devel/2002-December/000316.html>

I can't speak of any known bugs in our version, but if you have a simple
test case that illustrates a suspected bug I would appreciate seeing it.

Also note that if you are using the JCE you might be seeing a bug that
was recently uncovered in our Cipher adapters.

> Is there a bulletin board I can check for problems others may have run
> into?
> 

Just this mailing list. There is a bug reporting system at Savannah
<http://savannah.gnu.org/projects/gnu-crypto>, but no-one uses it.

- -- 
Casey Marshall || address@hidden
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE/dKKOgAuWMgRGsWsRAo+yAJ0b+iVoRC6fze6AtTwj0ZCmrZxR3QCghU6E
Uou+/aGxHRL4MhUv3/HrcYw=
=FAVO
-----END PGP SIGNATURE-----