At 09:05 AM 5/30/96 -0400, you wrote:
>
>To all: my comparison against brute force encryption was for the sake
>of comparing its level of effort against that of encryption. There
>are certainly better methods available to the sablime cryptoanalyst.
>{sablime = !strcmp("brute", analyst);}
>
>But the point holds true unless the algorithm itself is flawed. If
>the order of cryptoanalytic algorithm without the key, is the same as
>that of the unencryption algorithm with the key, then the algorithm is
>really bad!! Otherwise my point about hardware advances favoring
>the lower order algorithm holds.
>
Exactly what I intended with my CURRENT technology comment. Encryption
technology developed at date X will ALWAYS out distance cryptanalysis
technology at date X. Usually exponentially as you, hopefully, picked an
algorithm where brute force was the best KNOWN attack at date X. I doubt
people deliberately pick flawed algoithms to secure there own data
(exempting special cases related to legal issues (ITAR) or attempts to leak
misinformation). As date X moves forward in time this will still hold true,
however, date Y technology (where Y < X) may become vunerable to a new
attack method discovered sometime between date Y and date X. Suppose some
12 year old kid uses a year 2005 model of a 'Commodore 64' to develop a new
algorithm for factoring large composite numbers, can you say goodbye RSA.
Is this likely, I hope not. Can I (or anyone else) guarrantee it, no.
Welcome to encryption technology!
BTW, I did four years of abstract algebra at University of Chicago. My
roommate eventually did graduate work in Fast Fourier transforms (used in
spread spectrum technology which Uncle Sam likes because it is harder to
pick up with a DF unit). Think all math bitheads are attracted to encryption
type technologies?
>Dana Nowell wrote:
>>
>> Mark,
>> I agree with your point ASSUMING the only available attack is brute force.
>> Differential cryptanalysis and other attack methods are not necessarily
>> exponential. Of course the gains in CURRENT encryption technology due to
>> increased processing power will (I think) always out weigh the gains in
>> CURRENT cryptanalysis, it just might not be an exponential advantage.
>> However, weak algorithms will fall very fast.
>>
>> The major advantage of increased processing power in cryptanalysis is the
>> ability to try new approaches. This new approaches may determine new
>> avenues of attack which cause currently 'secure' algorithms to fall over
>> rapidly by discovering unknown weaknesses in the fundamental algorithm.
>> Consequently an algorithm (and key length) that is rated at 50 years with
>> today's technology (and expected growth factors) may fall to a new attack
>> method discovered 5 years from now. That attack method may have been
>
>RIGHT! I compared against brute force mainly to emphasize the point
>that hardware gains are in favor of the encryptor not the cryptoanalyst.
>There's always a chance that todays encryption algorithm will fall to
>tomorrows advance in science.
>
>I've been reading more and more in this field. It really is an amazing
>area of research. My undergraduate BS was Math, but the field quickly goes
>past my training. Somebody in the field of complexity and computability
>or number theory will probably eventually publish an algorithm that is
>provably hard to break. Or prove once and for all that factoring large
>composites is hard ...
>I Wish I knew more about that part of this field but most of the papers
>that I have read about factoring difficult to understand, although I
>am always trying to cover more ground. Sigh.
>
>Mark Riggins
>Secure Systems Engineering
>AT&T Bell Labs
>
>
>
Dana Nowell Voice (603) 595-7480 EXT 28
Cornerstone Software Inc. FAX (603) 882-7313
Work: DanaNowell @
corsof .
com Home: dana @
nowell .
mv .
com
MIME attachments prefered, BINHEX and uuencode acceptable.
Veni, Vidi, et in machina posui. As usual, I speak only for myself.
|
|
