Introducing dynamics into block encryptions
in [Cryptography]
|
Prev: Generic Crypto APIs ?
Next: in ElGamal, could you hardcode the generator for a public key and not lose security?
From: Phoenix on 8 Mar 2010 12:42 M. K. Shen How do you choose/introduce the keys? Imagine that. A file with 1000 blocks, each one with 128 bytes, and each key with 128 bit/16 Byte size. You have 2 options: 1)- A key with 16000 Bytes size or 2)- A initial key with only 16 bytes size, and the restant 999 keys derived/dependent from the fist one (similar to my example above in code) The first option is not very practical. The second one, decrease security compared to the first one. Another think, not very important, but the performance goes down. However, I agree with that. Introduce dynamic keys, makes the attacker work more.
From: Mok-Kong Shen on 8 Mar 2010 16:13 Maaartin wrote: > Mok-Kong Shen wrote: >> Maaartin wrote: >>> Mok-Kong Shen wrote: >>>> Consider, for instance, AES, where each round (excepting the last) >>>> consists of the four components SubBytes, ShiftRows, MixColumns and >>>> AddRoungkey in this order. Would it really matter very much, if the >>>> order of these components is changed? As layman I guess it wouldn't. >> >>> I guess, it would in most cases. Look at >>> http://groups.google.com/group/sci.crypt/browse_thread/thread/6f443d0... >>> and think what happens when you permute the rounds. Moreover, >>> obviously some operation sequences make no sense at all (it's easy to >>> find examples). >> >> Could you kindly tell why e.g. the steps ShiftRows and MixColumns >> of AES couldn't be exchanged? > > Said simply: You need to mix the whole state as much as you can. If > you exchange two steps in one round, than you get something like > ShiftRows ... ShiftRows ... MixColumns ... MixColumns > What should be shifting rows twice in a row good for? > > As already said, you should try harder to find out such simple things, > this is no rocket science. I acknowlege your point. You may be right, though I am personally of different opinion (because that doesn't hurt and does achieve a variability). There is no rocket science in my post "at all". All points are in my own opinion quite obvious and commonplace. But I want nonetheless to ensure that there aren't prinicipal arguments against them. The feedback has been till now quite slow in the coming, unfortunately. M. K. Shen
From: Mok-Kong Shen on 8 Mar 2010 16:16 Phoenix wrote: > How do you choose/introduce the keys? To quote myself: One uses namely a master key and employs e.g. a block cipher in counter mode to generate the said different keys to do the proper encryption of the given plaintext. Thanks, M. K. Shen
From: Mok-Kong Shen on 8 Mar 2010 16:43
Maaartin wrote: > Said simply: You need to mix the whole state as much as you can. If > you exchange two steps in one round, than you get something like > ShiftRows ... ShiftRows ... MixColumns ... MixColumns > What should be shifting rows twice in a row good for? Just to ensure that I didn't misunderstand you while responding to you last time: You mean: when I do different permutations of the four functions in different rounds, then it could happen that ShiftRows of one round could be immediately followed by ShiftRows of the next round, right? If so, then my last post answering you needs no correction. Thanks, M. K. Shen |