Re: triple algorithms




David Eather wrote:

Antony Clements wrote:

eventually someone will figure out how to practically (as opposed to
theoretically) break AES, the same applies for twofish,

I would replace "will" with "may"

They already know how to do that. The data requirements for advance
cryptographic attacks are impossible to meet. So it has to be brute
force - and as many people have already mentioned for a 2**128 bit key
is just not possible (I would bet brute forcing a 2^128 bit key will
never be possible but I can't figure out how to collect)

so why not combine them to double the work of the attacker?

The above is likely to be inerpeted as doubling the work of
a brute-force attacker, which isn't worth the bother. I believe
that Antony's meaning is doubling the work of finding a flaw in
the algorithms that allows decoding in far less time than that.
Clearly, finding such flaws in two algorithms is much harder than
finding a flaw in one algorithm.

The ciphers already have generous security margins. There is no point
unless these margins are insufficient - which has not yet been shown.

Also, doubling the amount of work is exactly equal to adding one bit of
entropy to the key. If a single bit is the difference between broken or
not then you are already hosed.

You are assuming that an attack that takes far less effort than brute
force will never be found. You have no way of knowing that to be true.
There exist ciphers (Akelarre, FEAL-4...) that were at one time thought
to be strong but later found to be badly broken. RC4 was designed in
1987, posted to the cypherpunks mailing list in 1994, and used in the
design of WEP in 1999, only to have WEP be broken in 2001. It *can*
happen.

--
Guy Macon
<http://www.guymacon.com/>

.

Relevant Pages

  • Re: triple algorithms
    ... The above is likely to be inerpeted as doubling the work of a brute-force attacker, ... finding such flaws in two algorithms is much harder than finding a flaw in one algorithm. ... You are assuming that an attack that takes far less effort than brute force will never be found. ...
    (sci.crypt)
  • Simple Unbreakable (Sipher Idea)
    ... to eliminate attackers possibilities for breaking the cipher using ... which the attacker is not assumed ... The algorithms also demonstrate a method, ... produced one-time-pad. ...
    (sci.crypt)
  • Re: My my, how time flies ...... its been about "1 hour" -- anyone cracked CryptoSMS yet?
    ... > One always has to assume that the attacker knows everything about the ... > Schneier explained, in his May 2002 Cryptogram, why the principle is ... Schneier's statement does not mention source code. ... algorithms, and you already know the algorithms used by CryptoSMS. ...
    (sci.crypt)
  • Re: Needle in a haystack--or is this just stupid?
    ... > break AES by brute force. ... >>What about situations in which the attacker knows some information ... This again comes back to the question of multiple encryption. ... supposedly perfect algorithms sounds great ...
    (sci.crypt)