Re: Weakness in AES found



On Aug 18, 1:09 pm, unruh <un...@xxxxxxxxxxxxxxxxxxxxxxx> wrote:
On 2011-08-18, Jean-Marc Desperrier <jmd...@xxxxxxxxx> wrote:









Jean-Marc Desperrier wrote:
If doing 2^126 computations is even remotely realistic for you,  it'
probably not that big anymore, just around 300 yottabytes.

In other word, 2^126 computation is probably further away from the
computing power we currently have, than 300 yottabytes is from the
amount of data we are able to store.

However, I retought since my earlier message that progress on computing
power is much faster than the progress on the availability of a very
large address space that we can access *fast*.

So actually if I'm sure we'll be able to store 300 yottabytes of data
earlier than we'll be able to make 2^126 computations, I'm not so sure
300 yottabytes of data that is *fast* to access will really come
earlier. The recent trend is for fast increase in computing power *when*
a high locality of data is possible, performance crumbles if it's not
the case.

So it may be that on the day storing 300 yottabytes of data is feasible,
the cost of accessing one element randomly inside it will be higher than
the one of encrypting a AES block, and that on the day 300 yottabytes of
data that is fast to access becomes possible, computing power will
already be 4 time faster, so that 2^128 will be doable.

So in the absence of infinitively fast access to an infinitively large
amount of data, this attack might not truly weaken AES.

Of course more powerful attacks probably will be found. But they might
be significant only if they *also* reduce the amount of data required.
 From my very layman's reading of the attack, this may require attacks
that are of a completely different class, and whose mere existence is
not obvious from this one.

When you find a tiny crack into which to insert your crowbar, exactly
how the object will fracture is pretty unclear, or even whether it will.
This is a tinycrack. It itself does not weaken AES from what I have
read, but who knows what the appropriate crowbar will do.

One question I have to ask about this. Is that if this was written
and not suppressed during the AES contest itself. Would a different
cipher have been chosen or blessed? I think so and maybe this the
danger in having only one winner. Maybe its time to take another look
at some of the other possible candidates after all it is kind of
foolish to put all the eggs in one basket.


David A. Scott
--
My Crypto code
http://bijective.dogma.net/crypto/scott19u.zip
http://www.jim.com/jamesd/Kong/scott19u.zip old version
My Compression code http://bijective.dogma.net/
**TO EMAIL ME drop the roman "five" **
Disclaimer:I am in no way responsible for any of the statements
made in the above text. For all I know I might be drugged.
As a famous person once said "any cryptograhic
system is only as strong as its weakest link"
.



Relevant Pages

  • Re: Weakness in AES found
    ... just around 300 yottabytes. ... The recent trend is for fast increase in computing power *when* ... this attack might not truly weaken AES. ... From my very layman's reading of the attack, ...
    (sci.crypt)
  • Re: Weakness in AES found
    ... In other word, 2^126 computation is probably further away from the computing power we currently have, than 300 yottabytes is from the amount of data we are able to store. ... I retought since my earlier message that progress on computing power is much faster than the progress on the availability of a very large address space that we can access *fast*. ... So in the absence of infinitively fast access to an infinitively large amount of data, this attack might not truly weaken AES. ... From my very layman's reading of the attack, this may require attacks that are of a completely different class, and whose mere existence is not obvious from this one. ...
    (sci.crypt)
  • Re: WEEKDAY()
    ... That is a lot tidier than my Vlookup! ... With the amount of computing power that is available these days ... there is no real need to shorten processes (make it work no matter how ...
    (microsoft.public.excel.newusers)
  • Re: Unlimited Online Storage - Where does the space come from?
    ... amount of computing power and storage being marshaled by outfits ...
    (rec.photo.digital)
  • Re: 4 October 1957
    ... there are ways to get more computing power next year ... There are no ways to get a little bit further into orbit next year ... 100 years with the same amount of money it takes to get to orbit this ...
    (sci.space.history)