| 1 |
The idea of avoiding something less popular, is that if someone gets your |
| 2 |
encrypted data, they could look through the algorithm and find a hole and |
| 3 |
break it without you knowing. However, choosing Serpent is not a choice of |
| 4 |
security through obscurity. Serpent is as open as AES, and in this day and |
| 5 |
age we have fairly reliable ways of deciding what makes a strong encryption |
| 6 |
cipher. Serpent came in 2nd in the AES contest, only beaten by Rijndael |
| 7 |
(which directly became AES). It is a 32-round substitution-permutation |
| 8 |
network where 16 rounds were deemed sufficient. Which, by the way, helped |
| 9 |
against the XSL attack (which can weaken AES), when applied to Serpent it is |
| 10 |
more expensive than a brute force attack (not true for AES). |
| 11 |
|
| 12 |
There is probably more to gain by announcing you broke Serpent than by using |
| 13 |
it for personal gain, where I would argue the opposite is true of AES. That |
| 14 |
said, this conversation was initially about personal laptops and personal |
| 15 |
computers, and I only ever suggest it for personal use. Of course if you |
| 16 |
have government secrets or corporate data that needs to be secured, you |
| 17 |
should use something under heavy scrutiny. There is a lesser chance of a |
| 18 |
determined group of mathematicians getting at your data since many in the |
| 19 |
academic world are actively trying to break it. |
| 20 |
|
| 21 |
To say either AES or Serpent will never be broken is simply ignorant, but |
| 22 |
when it happens there will likely be programs to decrypt such data. Lets |
| 23 |
say which ever cipher you chose is broken tomorrow. I'm guessing the AES |
| 24 |
tools will be easier to get, and use than the Serpent ones. So if some |
| 25 |
random thief steals your laptop, they are more likely to decrypt it if you |
| 26 |
use AES. This scenario is more likely if they make an image of the hard |
| 27 |
drive to save for later. Again, all this changes if your data is very |
| 28 |
valuable for some reason, but I don't consider it a bad choice for personal |
| 29 |
use. |
| 30 |
|
| 31 |
On Thu, Mar 6, 2008 at 8:30 AM, Peter Meier <peter.meier@×××××××.ch> wrote: |
| 32 |
|
| 33 |
> Hi |
| 34 |
> |
| 35 |
> > I just wanted to jump in and say that I'm personally a fan of Serpent. |
| 36 |
> I |
| 37 |
> > like to use something that's a little less popular, but still open. It |
| 38 |
> is |
| 39 |
> > similar in strength (IMHO), but there will be more people trying to |
| 40 |
> break |
| 41 |
> > AES than Serpent. For example, I've read the XSL attack that can weaken |
| 42 |
> AES |
| 43 |
> > is too complex when used on Serpent -- it would be more expensive than a |
| 44 |
> > brute force attack. |
| 45 |
> |
| 46 |
> in my opinion quite a bad assumption. the more a crypto algorithm is |
| 47 |
> open, the more people it test, the more it can be assumed that it is |
| 48 |
> safe against current known attacks. |
| 49 |
> |
| 50 |
> greets pete |
| 51 |
> -- |
| 52 |
> gentoo-security@l.g.o mailing list |
| 53 |
> |
| 54 |
> |
Archives