| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA512 |
| 3 |
|
| 4 |
Sebastian Wiesner wrote: |
| 5 |
| "Jason Rivard" <jase.rivard@×××××.com> at Wednesday 25 June 2008, 23:53:23 |
| 6 |
[snip] |
| 7 |
| A OTP cannot be broken using brute force, so the term "perfectly secure" |
| 8 |
| fits here, imho, at least a bit ;) |
| 9 |
|
| 10 |
A OTP cipher would be *theoretically* impossible to crack, even given infinite |
| 11 |
computing power. I use the word "theoretically" here because this "perfect |
| 12 |
security" of OTP depends on a purely theoretical perfect setting. |
| 13 |
|
| 14 |
http://en.wikipedia.org/wiki/One-time_pad |
| 15 |
|
| 16 |
| Does that difference really matter for ciphers like AES or at least for |
| 17 |
| brute-force attacks on random 256-bit keys? |
| 18 |
|
| 19 |
The key word here is "random". Nothing generated by your computer can generate |
| 20 |
pure entropy, only a good representation of it. Now if you have a computer |
| 21 |
network at your disposal, and can get the computers working in parallel or in a |
| 22 |
distributed manner, you will notice that tasks are completed much faster than |
| 23 |
with one computer working on that task. A network of supercomputers would be |
| 24 |
able to, in a sense, either work on breaking a single key at a time (assuming |
| 25 |
CBC with keys >= blocks), then you could decrypt the message one block at a |
| 26 |
time. I did not say it would be very fast, just faster than many people would |
| 27 |
like to assume. |
| 28 |
|
| 29 |
[snip] |
| 30 |
|
| 31 |
| Still, there is a difference between the algorithm as such and a |
| 32 |
| cryptosystem applying this algorithm. |
| 33 |
| |
| 34 |
| Btw, apart from general stuff like weak passphrases, that apply to most |
| 35 |
| cryptosystems, really bad leaks often came from weak algorithms. Consider |
| 36 |
| WEP. |
| 37 |
|
| 38 |
An algorithm is just a "recipe" - a set of steps to achieve a task. The |
| 39 |
implementation is the *only* thing that counts. A weak implementation of |
| 40 |
AES256 would lead to a weak cryptosystem. While a strong implementation would, |
| 41 |
theoretically, lead to a strong cryptosystem. I will state my view as a |
| 42 |
programmer. An algorithm is next to useless without a working application that |
| 43 |
uses it. |
| 44 |
|
| 45 |
As an aside, let us say you use a USB thumb drive or the like to store a master |
| 46 |
key, from which cryptographically random quality keys are derived. There would |
| 47 |
be two weak points in that system. You, and the thumb drive. If any entity |
| 48 |
can get you, your computer and your thumb drive, your data could be decrypted |
| 49 |
without the need for a supercomputer. |
| 50 |
|
| 51 |
[snip] |
| 52 |
|
| 53 |
|>> Anyway, you may believe, what you want to believe, I'm just reflecting, |
| 54 |
|>> what |
| 55 |
|>> real experts like Bruce Schneier have been telling for years: It's |
| 56 |
|>> wrong to trust into simple ciphers, but it's equally wrong, to believe, |
| 57 |
|>> that anything can be broken. |
| 58 |
|> It is equally wrong to believe that any cipher is immune to attack |
| 59 |
| |
| 60 |
| I don't and I did not say so, things like the Debian disaster bring you back |
| 61 |
| to reality from dreams ... |
| 62 |
|
| 63 |
With desktop computing power and speed growing at the rate that it currently |
| 64 |
is, does it stretch the imagination so much that supercomputer power and speed |
| 65 |
is also growing at a similar rate. Even if an AES256 key cannot be broken "in |
| 66 |
a million years" by one supercomputer (*I* would like to see a citation for |
| 67 |
that), there will soon be a time when it will be able to be cracked in a much |
| 68 |
shorter time - with one supercomputer. |
| 69 |
|
| 70 |
Regards, |
| 71 |
Chris |
| 72 |
-----BEGIN PGP SIGNATURE----- |
| 73 |
|
| 74 |
iQIcBAEBCgAGBQJIYv1LAAoJEIAhA8M9p9DAK44P/2ikcuihfTj6OgArcNvJUHNK |
| 75 |
m1qwKpk8dRkkeeLQsNZJzZtd00Gv03dkV0pD3sEfzVlKl9TIaoMheJ4D+XqHuorA |
| 76 |
ojFfWjcV7eFs5C5rMpvyb96fQ+m98bfRuGNlwnb3Jwy82ehGsxdM3VuVQEgojsyi |
| 77 |
TmFIuoS9moZrecLn+Smap5SxSvFmSdHpZ/sy0vbN78+58vvP/Fuq+uoqdz5fZcJH |
| 78 |
HwPu+8euaabBOiiPBXInRYYCfSdDqS/X9VuUzetRIhU15B+yijBesDmeo9BjB3oi |
| 79 |
ING3XFtbXiQ94/Kjzfz3Bx5MGotm2npM4H8TIr1SQSpB57j8+VHy+EepFWEjN3Dj |
| 80 |
hh8D3d4hpw64oBi6Gj+P0b/4QYkot1yBdQvXXeAt7oappQ0QsFXv1CDvGS8tDQ9f |
| 81 |
WWv9IXQ/1EaeQYPLVEv8kSuTxgqte4EcvpUJpIZ9Ku4Z8PGh50Bc2Y2AGlszezxk |
| 82 |
IIk7eI/Z2wJquQ7+A8QLGpiuM2+2WDfrfdh/kvX4AZS6mYm/a2V95K9oPPGTqDgp |
| 83 |
R5HwGW69hANARhdJAQg/GZFMrsi3BFGMDtj1EIVnWwXS1W3cAFZFIWJHWuBf0c06 |
| 84 |
5aQjYQNq055eUe1QvsIf0v3eyuG1QiOazb+0FaDJ1u9wrgsYQ7G1hR9uVBCxyWz7 |
| 85 |
moYaBh171qt40nMFrp8u |
| 86 |
=ond2 |
| 87 |
-----END PGP SIGNATURE----- |
| 88 |
-- |
| 89 |
gentoo-user@l.g.o mailing list |
Archives