[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Crypt data "on the fly"

On Tue, Jun 03, 2014 at 02:53:26PM +0200, Bzzz wrote:
> On Tue, 3 Jun 2014 10:03:17 +0100
> Darac Marjal <mailinglist@darac.org.uk> wrote:
> …
> > Yes, but choosing your encryption badly can cause problems. For
> > one, as above, bad choices can mean poor security.
> So, you're a real cryptanalyst; then, please develop your
> rant about BF.

No, but I read the news, I read wikipedia. Wikipedia says "Blowfish is
known to be susceptible to attacks on reflectively weak keys". What if I
happened to use the Dual_EC_DRBG RNG that some big-wig in the government
had recommended to me?

Cryptography is hard. Security by obscurity is not security. Really, the
best policy is to be upfront about what you're doing and how you're
doing it. The counter-intuitive thing about modern cryptography is that
this only makes it stronger.

> > But also a
> > badly chosen encryption scheme might mean unnecessarily large
> > diffs (and so more storage/bandwidth on your cloud provider).
> Depends what you're looking after: real security or comfort…
> At this time, there's no known successful attack against BF.

No, that's true. The closest I've seen is an analysis on BF that
differentiates it from random noise. For some people, being able to
prove that data was encrypted is enough of a problem (I live in a
country where my government can force me to reveal my keys - refusing
or forgetting results in a prison term).

> thinking 448 bits is 3.5 more secure than 128 bits doesn't
> mean nothing (AES 256 bits is considered weaker than 128 bits…)
> provided you have a strong random data generator (otherwise
> not any crypto will long more than a few hours).
> As of today, 128 bits fits all the needs.
> Much of people saying: "oh, this cryto's not so good", etc
> are either jealous or disinformers, unless they are specialists
> and publish academic papers; a very few are real cryptanalyzers
> because that needs real maths applied to crypto skills.
> This is no secret that nsa pushed AES in front of BF, there
> are good reasons for that…
> BF have some weakness (some keys aren't that safe) but nobody
> has broken the whole set of rounds, and even if it is an "old"
> crypto (it works on 8bits µCPU!), it is still one of the best
> there is at this time (and a polyvalent one).
> -- 
> You will not censor me through bug terrorism.
> 		-- James Troup
> --
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: [🔎] 20140603145326.1d5a56f7@anubis.defcon1">https://lists.debian.org/[🔎] 20140603145326.1d5a56f7@anubis.defcon1

Attachment: signature.asc
Description: Digital signature

Reply to: