Re: Question about bit strength
- From: Johnny Bravo <baawa_knight@xxxxxxxxx>
- Date: Fri, 15 Sep 2006 03:56:16 GMT
The strength of a properly implemented secure
algorithm is based entirely on the size of the keyspace
Doesn't blocksize have something to do with it?
I did say a properly implemented secure algorithm, if your blocksize is
revealing information then either the algorithm isn't secure or isn't being
implemented properly.
I didn't want to make this too technical, the OP didn't sound too familiar
with the jargon and theory that gets bandied about here on a regular basis.
At least until the OP clarified, I was trying to keep it as simple as possible.
and has nothing at all
to do with how much data it can
handle or how fast it can handle it.
Cryptography is a process of reversibly transforming data
from one (possibly dynamic) encoding to another based on a
parameter, "the key". Security depends on the degree of
difficulty of reversing the transformation without "the
key". Doesn't it seem plausible that the degree of
difficulty of reversing the transformation may depend
somewhat on its complexity, which may in turn determine how
fast it can process data?
In specific cases yes, but there are encryption methods where the method of
reversing the transformation is thousands of orders of magnitude more complex
than performing the original transformation. Speed of the original
transformation among current algorithms doesn't really tell you much about how
secure those algorithms might be.
On the other hand, perhaps the OP was saying, "Look how SLOW
my algorithm is; it must be very complex, therefore very
secure."
I couldn't tell if the OP felt that the speed of the encryption was good or
bad at that rate. So I just went with a neutral position that in general, speed
just doesn't tell you anything meaningful about security of a competently
designed cipher.
It's [the OP's question] equivalent to asking "I built
a red car, can anyone tell me how fast it will go?"
No argument here.
Without professional cryptanalysis of your algorithms
you can't be sure your hybrids have any security at
all, no matter how large the keyspace is; even then
that's not a guarantee but it's a lot better than no
analysis at all.
Professional peer review has no bearing on the security of
the cipher--the security is what it is. Cryptanalysis can
expose exploitable weaknesses in a cipher in the same way
that peer review can expose problems in anything, but that's
about all you can expect.
Yes, but from the lack of precision in the wording of the original post I
gathered that the OP was a novice at crypto, but a more than competant
programmer. We get enough warnings in this group about how hard it is to
properly implement a single crypto system without worrying about trying to make
a hybrid out of two separate systems. Without knowing a lot more about this
"hybrid" system it only seemed reasonable to suggest that an expert in the field
be consulted if only to spot any obvious, as well as hopefully not-so obvious,
problems that may exist in the implementation.
.
- Follow-Ups:
- Re: Question about bit strength
- From: Mike Amling
- Re: Question about bit strength
- From: John E. Hadstate
- Re: Question about bit strength
- From: Antony Clements
- Re: Question about bit strength
- References:
- Question about bit strength
- From: Antony Clements
- Re: Question about bit strength
- From: Johnny Bravo
- Re: Question about bit strength
- From: John E. Hadstate
- Question about bit strength
- Prev by Date: Re: Question about bit strength
- Next by Date: Re: Question about bit strength
- Previous by thread: Re: Question about bit strength
- Next by thread: Re: Question about bit strength
- Index(es):
Relevant Pages
|
