[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Comparing Algorithms On The List OfHard-to-brut-force?
- To: Brandon Enright <bmenrigh@xxxxxxxx>
- Subject: Re: [Full-disclosure] Comparing Algorithms On The List OfHard-to-brut-force?
- From: Bipin Gautam <gautam.bipin@xxxxxxxxx>
- Date: Wed, 2 Nov 2005 11:58:30 +0545
On 11/1/05, Brandon Enright <bmenrigh@xxxxxxxx> wrote:
> Brute forcing an algorithm suggests that you are not attacking a weakness or
> known flaw in the algorithm but rather just running through the keyspace
> trying to recover the plaintext. In that case, whichever allows you to use
> the most bits is what you want.
>
> IIRC, there aren't any good known attacks against Blowfish, AES, or Twofish
> so the *RIGHT* algorithm is whatever works best for your application.
>
> Also, your encrypt-decrypt-encrypt choices may be "more" secure from a pure
> brute force perspective but the marginal security they add doesn't negate
> the difficulty of key management.
>
> You should look into Bruce Schneier's book, "Applied Cryptography" (ISBN:
> 0471117099) for an excellent treatment on the subject.
>
>
> Brandon Enright
>
Yap, thanks for all your input.... i have looked at the book you
mentioned as well.... but i was searching for 'any short of'
statistic, REMEMBER?
anyways, thanks.......
Bipin Gautam
http://bipin.tk
Zeroth law of security: The possibility of poking a system from lower
privilege is zero unless & until there is possibility of direct,
indirect or consequential communication between the two...
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/