Re: Algorithms to generate permutations

Crypto_at_S.M.S
Date: 08/02/05


Date: Tue, 02 Aug 2005 23:08:32 +1000

Tom St Denis wrote:

> Unruh wrote:
>
>>It IS. Most block cyphers are concatenations of primative encryption steps
>>(rounds). YOu could stop after 1,2,3,4 rounds and you would have an
>>encryption. Usually weak. It is the concatenation of the mutiple
>>encryptions that is strong.
>
>
> There is a difference between adding rounds to AES and adding CAST5 to
> AES.
>
> AES has a well defined round structure [e.g. branch=25 over 4R]. This
> makes the analysis much easier. There is a reason why it has 10 rounds
> and not 4 or 3 or 7 or 5 or ... What does tacking on CAST5 buy you
> that you can actually sit here and prove?
>

It buys you strength against future successful attacks against AES.
Just because a new technique works against AES does not mean it will
work against CAST.

> Does that mean AES is provably CCA-IND immune? No. But it's among the
> best we can do with the resource constraints in place.
>
> And frankly, I'd be really surprised if AES-128 is broken [*] in the
> next 10 years, broken to the point of unusable in the next 20.
>

The Nazis were probably surprised when Enigma was broken.

> I mean of all the attacks out there none of them can actually break the
> design. * So a totally new line of attack will have to be devised. Do
> I think this is possible? Yes. Does this make it the likely threat
> vector? No.
>

Likely? Maybe not. Possible? You already said "yes", thus indicating
the need for multiple encryption.

> There are way more things to concern yourself with then what cipher you
> choose...
>
> If you're really that threaten then design a protocol that is agnostic
> to the underlying cipher/hash/etc and upgrade as required.
>

Good idea. That's precisely why CryptoSMS has plug-in ciphers.
New ones are added to the mix all the time.



Relevant Pages

  • Re: Algorithms to generate permutations
    ... Most block cyphers are concatenations of primative encryption steps ... YOu could stop after 1,2,3,4 rounds and you would have an ... AES is stronger than mini-AES which is AES but with only half of the rounds. ...
    (sci.crypt)
  • Re: New Encryption Idea
    ... performing the 5 reads necessary in the example algorithm results in a delay ... Panama at 400MB/sec, or RC4 at about 90MB/sec, or AES in CTR mode at ... and the speed failings of your design become very clear. ... > Manansala Encryption and Authentication System ...
    (sci.crypt)
  • Re: Quadruple Algorithms
    ... occurring" (a fatal flaw being found in AES, ... If you really want secure crypto use various layers of encryption ... with the output of one cipher feeding ...
    (sci.crypt)
  • Re: Modes of operation
    ... previous block encryption as an effort to "randomize" data. ... This is the main reason why, when the AES competition was launched, ... brother Twofish, from the same authors but with an enlarged block size. ... That's quite sufficient for an attack. ...
    (sci.crypt)
  • Blacking Whitening Transform for Security in double encryption.
    ... Many people fear one layer of AES used during encryption may not ... enough after applying the transform many long strings of common ...
    (sci.crypt)