To all: my comparison against brute force encryption was for the sake
of comparing its level of effort against that of encryption. There
are certainly better methods available to the sablime cryptoanalyst.
{sablime = !strcmp("brute", analyst);}
But the point holds true unless the algorithm itself is flawed. If
the order of cryptoanalytic algorithm without the key, is the same as
that of the unencryption algorithm with the key, then the algorithm is
really bad!! Otherwise my point about hardware advances favoring
the lower order algorithm holds.
Dana Nowell wrote:
>
> Mark,
> I agree with your point ASSUMING the only available attack is brute force.
> Differential cryptanalysis and other attack methods are not necessarily
> exponential. Of course the gains in CURRENT encryption technology due to
> increased processing power will (I think) always out weigh the gains in
> CURRENT cryptanalysis, it just might not be an exponential advantage.
> However, weak algorithms will fall very fast.
>
> The major advantage of increased processing power in cryptanalysis is the
> ability to try new approaches. This new approaches may determine new
> avenues of attack which cause currently 'secure' algorithms to fall over
> rapidly by discovering unknown weaknesses in the fundamental algorithm.
> Consequently an algorithm (and key length) that is rated at 50 years with
> today's technology (and expected growth factors) may fall to a new attack
> method discovered 5 years from now. That attack method may have been
RIGHT! I compared against brute force mainly to emphasize the point
that hardware gains are in favor of the encryptor not the cryptoanalyst.
There's always a chance that todays encryption algorithm will fall to
tomorrows advance in science.
I've been reading more and more in this field. It really is an amazing
area of research. My undergraduate BS was Math, but the field quickly goes
past my training. Somebody in the field of complexity and computability
or number theory will probably eventually publish an algorithm that is
provably hard to break. Or prove once and for all that factoring large
composites is hard ...
I Wish I knew more about that part of this field but most of the papers
that I have read about factoring difficult to understand, although I
am always trying to cover more ground. Sigh.
Mark Riggins
Secure Systems Engineering
AT&T Bell Labs
References:
|
|
