[Cialug] Complete C source online

Zachary Kotlarek zach at kotlarek.com
Thu Jul 25 05:39:36 CDT 2013


On Jul 25, 2013, at 1:33 AM, Morris Dovey <mrdovey at iedu.com> wrote:

> AES has the look and feel of a method /designed/ to be cracked with appropriate hardware. I think we’ll learn that it’s as open as DES.

It wasn't designed in-secret by people known to be friendly to the NSA, and it's been studied in great detail by smart people who would have quite a lot to gain by proving it's crackable (and some of them *have* shown weaknesses, just not anything terribly significant). Like anything else it could be compromised, but you have to weigh the chance of that intentional (or otherwise known) compromise against the chances of you unintentionally compromising your own algorithm in any number of ways.

I'm also not sure what you're saying about DES. The key size is too small -- that was known (and complained about) at the time it was released. Other than the short keys it's pretty good, even by modern standards; the best faster-than-brute-force attacks on DES require like 2^40+ known/chosen plaintexts, which is impractical in most contexts. And 3DES is still considered a moderately secure cipher, though I wouldn't recommend it for new work; 3DES it's slow due to the iterative design and in the foreseeable future 112-bits will again be too short a key.

And of course AES isn't your only option. There are a whole slew of competitors if you don't like AES in particular. Or you could design a new set of s-boxes (assuming you know how to defend against differential cryptanalysis) and add a few rounds while still using the same basic algorithm. Or you could apply 3 different algorithms at the same time, for layered protection.

Of course none of that matters if you're not making the key secret, or if you're just trying to make someone spend a few of seconds of effort on decryption -- presumably even with the right hardware and a compromised algorithm there's still some effort required to crack the encryption.

I'm all for your goal of hiding your communications. I can even get behind some paranoia about existing tools. I'm just trying to encourage you to consider the available tools as a starting point -- at least in so far as understanding their design and all the complications of good encryption systems -- because I think they're closer to providing what you want than you might imagine, and I know they've already solved a lot of problems that could easily put your new system further from your goal than the existing systems.

	Zach

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2746 bytes
Desc: not available
URL: <http://cialug.org/pipermail/cialug/attachments/20130725/c1053768/attachment.bin>


More information about the Cialug mailing list