From: Kristian Gj�steen on 4 Aug 2010 03:20 Fiziwig <fiziwig(a)gmail.com> wrote: >Are there educational resources I can consult to learn how to decide >if a given method of enciphering is strong or weak? As for level, I >have an MS in comp sci with some graduate level math and number >theory, I know only of Schneier's self-study guide, http://www.schneier.com/paper-self-study.html which is somewhat old and doesn't (I think) deal with stream ciphers. -- kg
From: Mok-Kong Shen on 4 Aug 2010 04:22 Fiziwig wrote: > Is there a good source for information about deciding how secure a > cipher is? I am ignorant of any really satisfactory answer. I surmise though that the issue is somewhat yet analogous to that that confronted the engineers constructing bridges etc. before the begin of mechanical science. (Note though that some of their works stand fest even to this day.) But even in modern days, WTC was secure until the technique with the airplanes was discovered, rendering it to collapse like a child's toy. RSA is safe because its key length is way ahead of the known records of factorization, if I don't err. (But can one ever be sure that there don't exist unknown records?) M. K. Shen
From: Joseph Ashwood on 4 Aug 2010 05:58 "Fiziwig" <fiziwig(a)gmail.com> wrote in message news:47e3e79b-d9d7-4797-a375-182cf7c445f2(a)o7g2000prg.googlegroups.com... > Is there a good source for information about deciding how secure a > cipher is? There have been a lot of attempts over the years to create a checklist for a secure cipher, but all they really do is set a bar somewhere below secure. For specific cipher types there has been more headway. For a Feistel type cipher there are numerous methods to check the differential and linear characteristics, although this doesn't dictate that a cipher is secure, it does form a minimum limit. For Wide Trail designs, Joan Daemen has done extensive work as a part of a PhD thesis, but again this forms only a baseline. Both of these have significant weaknesses, Feistels are often subject to boomerang and slide attacks that are virtually impossible to systematically check for, Wide Trail designs have a tendancy towards saturation attacks. The most widely known examples have always included requirements like the Strict Avalanche Critereon, but that one in particular there is growing evidence that SAC is not a requirement for security but instead an artifact of one particular method of achieving security. If anything such lists actually make it more difficult. At an extreme/absurd level there is one option, if you can successfully prove both P=\=NP and the existence of entropy, then secure ciphers exist. It is generally believed that both of these are true, but without absolute proof there is some doubt, however miniscule. For now the only way of judging that a cipher is secure is to subject it to open study by thousands of individuals. Joe
|
Pages: 1 Prev: Monitoring e-mails Next: Idea for the Schmidt-Samoa PK algorithm |