Prev: Infinite One-Time Pad, is this product BS?
Next: reverse use of encryption and decryption
From: Mok-Kong Shen on 4 Jan 2010 16:50
The following question may be absolutely trivial, but I am anyway
confused at the moment and not sure of the answer.

Kerchhoffs' principle requires that one makes use of publicly-known
algorithms, if I don't err. Consider however the case where one employs
a combination of publicly-known algorithms, where the actual combination
depends (in an undisclosed way) at setup time on certain bits taken
from a secret key, with the rest of key being used for the individual
algorithms. Does one violate thereby Kerchhoffs' principle or not?

Thanks in advance,

M. K. Shen
From: amzoti on 4 Jan 2010 17:16
On Jan 4, 1:50 pm, Mok-Kong Shen <mok-kong.s...(a)t-online.de> wrote:
> The following question may be absolutely trivial, but I am anyway
> confused at the moment and not sure of the answer.
>
> Kerchhoffs' principle requires that one makes use of publicly-known
> algorithms, if I don't err. Consider however the case where one employs
> a combination of publicly-known algorithms, where the actual combination
> depends (in an undisclosed way) at setup time on certain bits taken
> from a secret key, with the rest of key being used for the individual
> algorithms. Does one violate thereby Kerchhoffs' principle or not?
>
> Thanks in advance,
>
> M. K. Shen

1. Do you think he knew there would be agencies that specialize in
these areas and had and probably still have special skills and
resources over the general public?
2. Many of his principles can be extended to account for things today
- but know that some of those are outdated - like the one about
memorizing key material - no way Jose
3. Remember what era those were written in - and I am not saying they
are bad - for example - the public vetting process for things like
AES, hash algorithms and stream ciphers help the community at large.
Many wonderful cryptographers are in the university and private
companies and much progress has been made - but much is still not
known. Having people with special skills in these areas makes us all
aspire to be better at our craft.

Another recent example of this is the GSM break. Security is hard -
period!

When you don't spend the correct time, resources of have necessary
skills and build up the assurance - you likely failed.

Very few people - if any - actually know what the heck is secure -
heck, I am not even sure most people know how to properly pose the
question, understand the risks and understand the weakest link in
their designs.

Most stuff on the market today should be called privacy - because it
is certainly not security.
From: bert on 4 Jan 2010 17:18
On 4 Jan, 21:50, Mok-Kong Shen <mok-kong.s...(a)t-online.de> wrote:
> The following question may be absolutely trivial, but I am anyway
> confused at the moment and not sure of the answer.
>
> Kerchhoffs' principle requires that one makes use of publicly-known
> algorithms, if I don't err. Consider however the case where one employs
> a combination of publicly-known algorithms, where the actual combination
> depends (in an undisclosed way) at setup time on certain bits taken
> from a secret key, with the rest of key being used for the individual
> algorithms. Does one violate thereby Kerchhoffs' principle or not?

If knowledge of the undisclosed combination would
be of assistance to an attacker, then yes, such a
system would violate Kerchhoffs' principle.

Another view of his principle is that the minimum
amount of material should need to be kept secret.
The more there is to keep secret, the harder it is
to keep it secret, and the greater the change that
would need to be made to the system if some of the
secret material were to become known. On that view,
a system where only the key needs to be kept secret
is the best of all. It's not that the algorithm
ought to be publicly-known, just that obtaining
knowledge of it should be of no help to an enemy.
--
From: unruh on 4 Jan 2010 18:01
On 2010-01-04, Mok-Kong Shen <mok-kong.shen(a)t-online.de> wrote:
> The following question may be absolutely trivial, but I am anyway
> confused at the moment and not sure of the answer.
>
> Kerchhoffs' principle requires that one makes use of publicly-known
> algorithms, if I don't err. Consider however the case where one employs
> a combination of publicly-known algorithms, where the actual combination
> depends (in an undisclosed way) at setup time on certain bits taken
> from a secret key, with the rest of key being used for the individual
> algorithms. Does one violate thereby Kerchhoffs' principle or not?

If information could be found out, without knowing a key, they you
should assume that that information is public. Thus if you have a
cryptosystem which others can use, then you have to assume that your
enemy will have a copy as well. Since it is common to a whole bunch of
people, there is no way to ensure that it will not become comnon
knowledge to your enemy. If the thing is used only between you and the
one person you are communicating with, then it is fine to keep it
secret. Ie, Kerchoffs' principle means that you should assume that the
algorithm is public knowledge. That does not mean you cannot try to keep
it secret as an extra layer of protection but that should not for a part
of your security estimate.

Many algorithms work as you suggest-- the key itself determines which
transformation of the data are carried out, and in what order. You have
to assume that the attacker knows this, knows not only which of the
subalgorithms are used but also exactly how a key determines which
transfomation are carried out. All he does not know is the details of
the key itself.
Thus the selection criteria are public knowledge. Ie, "the combination
depends (in a known way) at setup time on certain bits taken from the
secret key" is what you have to assume. You may try to keep it secret,
but you will almost certainly fail, unless your algorithm is a "one off"
deal which is never reused for anyone else.


>
> Thanks in advance,
>
> M. K. Shen
From: Joseph Ashwood on 4 Jan 2010 21:27
"Mok-Kong Shen" <mok-kong.shen(a)t-online.de> wrote in message
news:hhtnqe$eud$00$1(a)news.t-online.com...
> Kerchhoffs' principle requires that one makes use of publicly-known
> algorithms, if I don't err.

You do err, in the same way that most err is the application of Kerchhoff.
Kerchhoff's principal in question is that the level of security is not
affected by publication. In practice this means we publish our algorithms so
that others can catch our mistakes, the publication does nto affect the
security but it does improve our understanding of the security and so
affects our usage and improves our security in practice. It is always
important to realize that publication does not make something secure, just
as lack of publication does not make something secure.

To answer your further question, you'll want to take a look at "Cascade
Ciphers: The Importance of Being First" basically the combined system will
be at least as secure as the first cipher used.
Joe

 |  Next  |  Last
Pages: 1 2 3 4
Prev: Infinite One-Time Pad, is this product BS?
Next: reverse use of encryption and decryption