Re: Modification on AES



On Dec 24, 7:34 pm, McDohl <mcd...@xxxxxxxxxxxxxx> wrote:
The two major concerns of AES is its weak key schedule and its algebraic
simplicity, correct? I'm no expert, but would replacing rijndaels key
schedule & s-box with something like blowfishes method help?

Be warned, that whatever you do to any good well-known cipher will
most probably weaken it. Neither am I an expert but this is what I can
tell you for sure.

Moreover, AES is hardly going to be the weakest point of the system,
even when a new breakthrough attack should come out tommorow.

If you want something better than look for another thoroughly
analyzed cipher. Maybe a stream cipher (e.g., Salsa20) would do? For
more security some people recommends using cascading different
ciphers, but (afaik all) experts advice against it.
.



Relevant Pages

  • Re: Suitable key Algorithm for 256 bits symmetric block cipher??
    ... > 256 bits symmetric block cipher. ... Schneier does have good advice on it [long story about my tone here... ... hehehe] that is "design your key schedule with the same primitives as ... Tom ...
    (sci.crypt)
  • Re: Suitable key Algorithm for 256 bits symmetric block cipher??
    ... >> 256 bits symmetric block cipher. ... > hehehe] that is "design your key schedule with the same primitives as ...
    (sci.crypt)
  • Re: How good is TEA, REALLY?
    ... Nobody has really reported a weakness in the CCA-IND sense. ... schedule is fairly weak [XTEA is better] but the overall design lacks ... The idea was that "oh lets have a really small and simple cipher" ...
    (sci.crypt)
  • Re: Some empirical results of random S-boxes
    ... among a huge universe of s-box possibilities." ... THE theoretical model for conventional block cipher ... > | saturation attacks, partition attacks]. ... We DO NOT know our current designs ...
    (sci.crypt)
  • Re: Variable S-boxes
    ... of the crypto pool just for my own fun - not to make ciphers to protect ... comes from a polymorphic S-Box. ... just the byte swap) every eight bytes - it is already a fast cipher. ... insignificant (increment a byte by 1, increment another byte via a memory ...
    (sci.crypt)