Jump to content

  • Log In with Google      Sign In   
  • Create Account

Banner advertising on our site currently available from just $5!


1. Learn about the promo. 2. Sign up for GDNet+. 3. Set up your advert!


BitMaster

Member Since 08 Aug 2000
Offline Last Active Today, 12:13 PM

Posts I've Made

In Topic: Random Number Generation

30 April 2015 - 07:31 AM

Someone said that I should not use public keys because they are suspected of being susceptible to quantum cracking.  Is this true for all algorithms or just certain ones?  Also, people tell me I should transmit the key over the Internet, but if I'm not using public key cryptography, that's idiotic!  So there seems to be a conflict here.

I'm not an expert but my understanding was it's a general property of public key algorithms.

You said yourself that transferring the one-time-pad to the other party is not a problem. If you can do that, you can transfer the key for a symmetric cypher as well.

If that assumption was based on public key cryptography being safe, you have to find a different method or believe in public key cryptography remaining strong enough. Maybe forward secrecy is relevant for you? I do, however, have not much interest in public keys cryptography.
 

samoth made a suggestion for 512-bit encryption.  Why not 1024- or 2048- or 4096-bit?  The point is, obviously I couldn't have infinity-bit encryption (though that's essentially what an OTP does, in a way), but why stop at 512?

Because 256 bits are already overkill to the best knowledge available today.
 

There were also suggestions of adding rounds and layering multiple algorithms over each other, etc.  I've read that this is a bad idea, because in some cases it can actually weaken security, and it could potentially be hard to predict whether it will be strengthened or weakened.

If you are not an actual expert in cryptography you should not just do that or stick at least to modifications which have already been adequately discussed in the cryptographic community.
 

Also, one of the things that really bugs me about cryptography is that for the most part, it's not provably secure.  It's so complex that there's usually no mathematical way to absolutely prove the difficulty of cryptanalysis, because someone will come up with a better way eventually.  In many cases, there may be a theoretical limit to how easily an algorithm can be broken, but it seems to me like it can't usually be proven.  It's the same thing with compression algorithms, or most kinds of data encoding, really.  You just have to test it a billion times and then inductively assume that it works.  But with compression algorithms, the worst thing that can happen is the file grows (and you can prevent that anyway, so really the worst thing is that it doesn't shrink), but with cryptography, the consequences can be catastrophic.nbsp; It's so complex that there's usually no mathematical way to absolutely prove the difficulty of cryptanalysis, because someone will come up with a better way eventually.can be broken, but it seems to me like it can't usually be proven.&

Then you don't rely on one cipher but several with independent keys. Finding a fatal flaw in one cipher somewhere during your lifetime is possible, but unlikely. Finding fatal flaws in two or more ciphers during your lifetime is increasingly closer to impossible. Good candidates could be Rijndael (now known as AES), Serpent and Twofish since they were the finalists to become AES.
Also, it is by no means certain that there will ever be a way to break a cipher. For example AES is used extensively (including several governments) and the best attempt on it is still the purely theoretical attack I quoted from Wikipedia. Twofish has a similar purely theoretical attack under extremely special circumstances and there is even a newer replacement with Threefish.

In Topic: Random Number Generation

30 April 2015 - 06:05 AM

[...] And you should shoot the other guy because you can't trust him to keep the secret.


I'm not an expert in the area but that feels to me like the wrong way to go about it. In a lot of places of the world (especially those where an actual terror attack would really be noticed) just shooting someone is bound to cause at least a little bit of investigation. Shouldn't your priority be to make it look like a plausible just-an-accident-scenario?

In Topic: Random Number Generation

30 April 2015 - 04:29 AM

Well, he wants to get some data from A to B through a hostile environment. Standard internet public key cryptography is obviously one way to go. But he can also send it 'in the clear' but pre-encrypted with a symmetric block cypher. Personally I would favor symmetric block ciphers because I know a bit more about their strength than and attack feasibility than public key cryptography. Symmetric ciphers are also closer to the one-time-pad he originally targeted (well, 'still targets' although by now it's pretty clear they are an added complication without adding anything).

In Topic: Random Number Generation

30 April 2015 - 12:55 AM

I have problems with that argument, mhagain. I'd personally consider it reasonable to require encrypted data to remain so in the foreseeable future (say, an expected human lifetime), not just the point of transmission. However, quoting the AES Wikipedia article:

The first key-recovery attacks on full AES were due to Andrey Bogdanov, Dmitry Khovratovich, and Christian Rechberger, and were published in 2011.[27] The attack is a biclique attack and is faster than brute force by a factor of about four. It requires 2^126.1 operations to recover an AES-128 key. For AES-192 and AES-256, 2^189.7 and 2^254.4 operations are needed, respectively. This is a very small gain, as a 126-bit key (instead of 128-bits) would still take billions of years. Also, the authors calculate the best attack using their technique on AES with a 128 bit key requires storing 2^88 bits of data. That works out to about 38 trillion terabytes of data, which is more than all the data stored on all the computers on the planet. As such this is a theoretical attack that has no practical implication on AES security.

I'd believe for myself to be on the safe side, especially when picking the largest possible key size for the cipher instead of the common size and using several different ciphers with independent keys in a cascade.
Unless of course the singularity happens. But then all bets are off anyway, including whether corresponding changes in society would still maintain the desire to keep the data hidden.

In Topic: Random Number Generation

29 April 2015 - 02:28 PM

I have disagreed with a lot of your points pretty much the whole thread. I did not see any reason to chime in on that though because the arguments I was willing to make have already been covered by others and I'm not a fan of "me too" or unnecessary repeatings.

I did however enter the thread to help you become a better person. Right now I see a lot of solid arguments (some of them really well displayed, some of them more sketched) arrayed against you. Unfortunately I do not see you really using that. Lactose! made unfortunately a very good point when he summed it up as good old truthiness. If you cannot argue your point better and more constructively then you are either wrong or you need considerably more knowledge and preparation to convince others.

I'm keeping it at that for today, it's not really the timezone here anymore to deal with that.

One last thing:

Also, the thing about public key cryptography is that it's SLOW, and totally impractical for sending any large amount of data at all.

I did an experiment a while back to see how much encryption would slow things down. Even with a cascade of three different cyphers the read/write speed was not noticeably different. There was obviously a noted increase in CPU utilization but I still had plenty of breathing room. Even a single-core system should be able to deal with it for HDD speeds.

PARTNERS