Discussion:
Recommended algorithm
(too old to reply)
Victor James
2007-11-12 12:49:28 UTC
Permalink
Raw Message
Isn't the default AES 256 bit quite weak? How long would someone
expect a brute force attack to take on a modern desktop machine?
SafeBoot Simon
2007-11-12 13:34:21 UTC
Permalink
Raw Message
Post by Victor James
Isn't the default AES 256 bit quite weak? How long would someone
expect a brute force attack to take on a modern desktop machine?
about twice as long as the expected life of the universe, give or take
a millenium or two.

2^256 is quite a big number, more than a gazillion at least ;-)

S.
SafeBoot Simon
2007-11-12 13:36:15 UTC
Permalink
Raw Message
Post by Victor James
Isn't the default AES 256 bit quite weak? How long would someone
expect a brute force attack to take on a modern desktop machine?
In fact, about the same given the entire computing power of every
computer ever made even. Your snazzy alienware desktop isnt going to
make a dent in it.

Of course though, due to the evil nature of probability, you might
break it on your pocket calculator within 10mins, but the odds would
be pretty slim...
Victor James
2007-11-12 14:10:06 UTC
Permalink
Raw Message
On Mon, 12 Nov 2007 13:36:15 -0000, SafeBoot Simon
Post by SafeBoot Simon
Post by Victor James
Isn't the default AES 256 bit quite weak? How long would someone
expect a brute force attack to take on a modern desktop machine?
In fact, about the same given the entire computing power of every
computer ever made even. Your snazzy alienware desktop isnt going to
make a dent in it.
Of course though, due to the evil nature of probability, you might
break it on your pocket calculator within 10mins, but the odds would
be pretty slim...
Please excuse me for being naive but key length has gone well beyond
1024 bits so 256 bits looks relatively small. Now I know that there is
more to it than the length of the key but why would anyone want to
start using bigger keys when they are not neccessary? Is AES 256 set
as the default as it's currently considered a secure method? I've
considered using TripleFish but there seems little point as it
requires more CPU cycles to decrypt.
SafeBoot Simon
2007-11-12 21:23:46 UTC
Permalink
Raw Message
Post by Victor James
Please excuse me for being naive but key length has gone well beyond
1024 bits so 256 bits looks relatively small.
You're comparing symmetric and asymmetric algs - in symmetric keys
every key is useful, so in a key length of 2^256 bits there are 2^256
useful keys. In asymmetric algs, mostly only prime numbers are useful
(RSA crypto for example), so there are a LOT less useful keys, as an
example 256bit AES is about as secure as 16192bit RSA.
Post by Victor James
Now I know that there is
more to it than the length of the key but why would anyone want to
start using bigger keys when they are not neccessary? Is AES 256 set
as the default as it's currently considered a secure method? I've
considered using TripleFish but there seems little point as it
requires more CPU cycles to decrypt.
Indeed, and you are right, you can't compare the same key length for
different algs. AES256 is approved internationally for government use,
so it's a good starting point. Triplefish is a novel alg but not
really used in the commercial world so it's hard to quantify its
strength - after all, if it was any good, why wouldn't it be used for
things like ATM transactions?
Snowwhite
2007-11-13 09:55:20 UTC
Permalink
Raw Message
Post by SafeBoot Simon
Indeed, and you are right, you can't compare the same key length for
different algs. AES256 is approved internationally for government use,
so it's a good starting point. Triplefish is a novel alg but not
really used in the commercial world so it's hard to quantify its
strength - after all, if it was any good, why wouldn't it be used for
things like ATM transactions?
BTW: is there any means of knowing which algorithm has been used by
investigating the cyphertext?

Regards,
Snowwhite
SafeBoot Simon
2007-11-14 00:23:45 UTC
Permalink
Raw Message
Post by Snowwhite
Post by SafeBoot Simon
Indeed, and you are right, you can't compare the same key length for
different algs. AES256 is approved internationally for government use,
so it's a good starting point. Triplefish is a novel alg but not
really used in the commercial world so it's hard to quantify its
strength - after all, if it was any good, why wouldn't it be used for
things like ATM transactions?
BTW: is there any means of knowing which algorithm has been used by
investigating the cyphertext?
Regards,
Snowwhite
nope - that's the whole point - if you could tell what alg was used
that implies a pattern in the data. The whole point of crypto is to
obscure patterns...
Victor James
2007-11-16 15:44:48 UTC
Permalink
Raw Message
On Wed, 14 Nov 2007 00:23:45 -0000, SafeBoot Simon
Post by SafeBoot Simon
Post by Snowwhite
Post by SafeBoot Simon
Indeed, and you are right, you can't compare the same key length for
different algs. AES256 is approved internationally for government use,
so it's a good starting point. Triplefish is a novel alg but not
really used in the commercial world so it's hard to quantify its
strength - after all, if it was any good, why wouldn't it be used for
things like ATM transactions?
BTW: is there any means of knowing which algorithm has been used by
investigating the cyphertext?
Regards,
Snowwhite
nope - that's the whole point - if you could tell what alg was used
that implies a pattern in the data. The whole point of crypto is to
obscure patterns...
So if someone attempts to attack some encrypted text then they first
have to make an assumption about which algorithm was used or try them
all with each key? It seems then that it's useful just having other
methods around even if they aren't used very much in order to obscure
things even further.
nemo_outis
2007-11-16 16:13:00 UTC
Permalink
Raw Message
Post by Victor James
So if someone attempts to attack some encrypted text then they first
have to make an assumption about which algorithm was used or try them
all with each key? It seems then that it's useful just having other
methods around even if they aren't used very much in order to obscure
things even further.
Let's assume for the sake of argument that there are 1000 possible crypto
algorithms that might have been used. That only adds about 10 bits (2^10=
1024) to the difficulty of cracking - insignificant when compared to, say,
AES's 256 bits.

Regards,
SafeBoot Simon
2007-11-22 17:36:59 UTC
Permalink
Raw Message
Also, the whole point of a good alg is that you DONT need to keep it
secret, so if you're attacking data, most often you know exactly what
alg you are working against - unlike the ciphers of the 1st and 2nd
world war, keeping the alg secret is not important with modern crypto
- it's the KEY that needs to be secret.

SafeBoot Simon
2007-11-14 00:25:17 UTC
Permalink
Raw Message
Post by Snowwhite
Post by SafeBoot Simon
Indeed, and you are right, you can't compare the same key length for
different algs. AES256 is approved internationally for government use,
so it's a good starting point. Triplefish is a novel alg but not
really used in the commercial world so it's hard to quantify its
strength - after all, if it was any good, why wouldn't it be used for
things like ATM transactions?
BTW: is there any means of knowing which algorithm has been used by
investigating the cyphertext?
Regards,
Snowwhite
read this - it may help..

http://www.amazon.com/Applied-Cryptography-Protocols-Algorithms-Source/dp/0471117099/ref=sr_1_1/102-3516000-5764160?ie=UTF8&s=books&qid=1194999877&sr=8-1
Loading...