Re: triple algorithms

Guy Macon wrote:
David Eather wrote:
Antony Clements wrote:

eventually someone will figure out how to practically (as opposed to theoretically) break AES, the same applies for twofish,

I would replace "will" with "may"

They already know how to do that. The data requirements for advance cryptographic attacks are impossible to meet. So it has to be brute force - and as many people have already mentioned for a 2**128 bit key is just not possible (I would bet brute forcing a 2^128 bit key will never be possible but I can't figure out how to collect)

so why not combine them to double the work of the attacker?

The above is likely to be inerpeted as doubling the work of a brute-force attacker, which isn't worth the bother. I believe
that Antony's meaning is doubling the work of finding a flaw in the algorithms that allows decoding in far less time than that.
Clearly, finding such flaws in two algorithms is much harder than finding a flaw in one algorithm.

The ciphers already have generous security margins. There is no point unless these margins are insufficient - which has not yet been shown.

Also, doubling the amount of work is exactly equal to adding one bit of entropy to the key. If a single bit is the difference between broken or not then you are already hosed.

You are assuming that an attack that takes far less effort than brute force will never be found. You have no way of knowing that to be true.
There exist ciphers (Akelarre, FEAL-4...) that were at one time thought
to be strong but later found to be badly broken. RC4 was designed in 1987, posted to the cypherpunks mailing list in 1994, and used in the design of WEP in 1999, only to have WEP be broken in 2001. It *can* happen.


Watch your quoting. You've got comment of mine and AC mixed in together
.

Relevant Pages

  • Re: triple algorithms
    ... So it has to be brute ... The above is likely to be inerpeted as doubling the work of ... a brute-force attacker, ... finding such flaws in two algorithms is much harder than ...
    (sci.crypt)
  • Re: Strongest encryption algorithm
    ... you propose, then it would be all the info required to encrypt/decrypt, ... A brute force attack would just try any likely ... the attacker has little advantage ... over bruteforcing the Large key space. ...
    (sci.crypt)
  • Re: Symetric encryption : DES or not DES ?
    ... >> But isn't there still a possibility for the attacker to crack this ... >> encryption by brute force? ... > In simple terms the suggested methods of encryption ...
    (sci.crypt)
  • Re: Wireless security
    ... >>So, in a brute force attack, how long does it take to try each possible ... >> I have no concept of how long it would take an attacker. ... > WPA is dependent on CPU speed, ... Note my "one try per clock cycle" ...
    (comp.security.misc)
  • Re: Wireless security
    ... >>So, in a brute force attack, how long does it take to try each possible ... >> I have no concept of how long it would take an attacker. ... > WPA is dependent on CPU speed, ... Note my "one try per clock cycle" ...
    (alt.computer.security)