Re: triple algorithms


Content-Transfer-Encoding: 8Bit


Paul Rubin wrote:

Guy Macon <http://www.guymacon.com/> writes:

There exist ciphers (Akelarre, FEAL-4...) that were at one
time thought to be strong but later found to be badly broken.

Thought by who?

Akelarre Thought to be secure:
"Presumably, it is cryptographically secure, due to the heavy
use of data dependent rotations and the mixing of arithmetic
operations from different algebraic groups
Source: _Akelarre: a New Block Cipher Algorithm_
Proceedings of SAC'96: pp.1?14. (1996)

Akelarre Broken:
"We show two practical attacks against the Akelarre block
cipher. The best attack retrieves the 128-bit key using
less than 100 chosen plaintexts and 2^42 off-line trial
encryptions.
Source: Niels Ferguson and Bruce Schneier _Cryptanalysis
of Akelarre_ Proceedings of SAC'97, pp.201?212. (1997)

FEAL-4 Thought to be secure:
"an encipherment algorithm that has safety equal to DES
and is suitable for software as well as hardware
implementation is needed. The FEAL (Fast data Encipherment
ALgorihtm) fills this need."
Source: _Fast Data Encipherment Algorithm FEAL_, Advances in
Cryptology ? EUROCRYPT? 87 (1988)

FEAL-4 Broken:
"Different versions of FEAL have been broken almost every year
since its introduction. The original version of FEAL was
quickly broken. A modified version, FEAL-4, was broken by
Bert den Boer in "Cryptanalysis of FEAL", Advances in
Cryptology - Eurocrypt'88 Proceedings, and completely
demolished by Sean Murphy in "The Cryptanalysis of FEAL-4
with 20 Chosen Plaintexts", Journal of Cryptology Vol.2,
No.3, 1990.
Source: Post by Peter Gutmann to sci.crypt (Oct 21 1996)

I am sure that someone with more expertise than I have can
come up with further examples of algorithms that had no known
attack when released and later were broken. In fact, that's
pretty much the best we can say about any algorithm; no known
attacks that are better than brute-force. The more the experts
pound on a popular algoritm without breaking it, the more
confidence we have in it, but nobody can say for sure that
it will never be broken.

I chose a poor example by mentoning WEP, but the fact remains
that the known weaknesses in RC4 were discovered after it had
been in use for a while.

.

Relevant Pages

  • Password "security" - was"Passwords with Lan Manager (LM) under Windows" and &qu
    ... it is limited to 7 characters, when NTLM is up to 14 in older Windows, ... Algorithm 256 encryption algorithm and AES ... etc) will have infinite collisions. ... Final rant, other attacks on passwords... ...
    (Pen-Test)
  • Re: Security of Secret Algorithm encruption
    ... > how difficult is it to attack an arbitrary and unknown algorithm? ... cracks that attackers can use for compromise. ... secret algorithm that was supposed to be widely deployed ... ... so the threat models are not only how difficult are frontal attacks ...
    (sci.crypt)
  • Re: How to pick best encryption algorithm based on application
    ... the optimum encryption algorithms for your particular application. ... severley affected if one algorithm is better at treating a continuous ... AES and other AES contest finalist will be unfeasible to break from a ... we should take in account not only attacks to the algorithm ...
    (sci.crypt)
  • Re: Invision Power Board Army System Mod <= 2.1 SQL Injection Exploit
    ... If you use an ecryption algorithm to store/get data into/from the ... database you will not be able to do SQL injections? ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Up to 75% of cyber attacks are launched on shopping carts, forms, ...
    (Pen-Test)
  • Re: Random delay as a countermeasure to timing attacks
    ... random delays is an efficient countermeasure against timing ... and are the only randomness in the adversary's measurements. ... One of the key features of an algorithm are that it be fast. ... where other attacks such as brute force ...
    (sci.crypt)