This preview shows page 1. Sign up to view the full content.
Unformatted text preview: hash function, could make it insecure in an encryption algorithm such as MDC. I know of no cryptanalytic analysis of particular one-way hash functions as block ciphers; wait for such analysis before you trust any of them. Figure 14.5 Message Digest Cipher (MDC). 14.12 Choosing a Block Algorithm
It’s a tough decision. DES is almost certainly insecure against the major governments of the world unless you only encrypt very small chunks of data for a single key. IT’S probably all right against anyone else, but that is changing soon. Brute-force DES key search machines will quickly become economical for all sorts of organizations. Biham’s key-dependent S-boxes for DES should be secure for at least a few years against all but the most well-funded adversaries, and possibly even from them. If you need security that lasts decades or fear the cryptanalytic efforts of major governments, use triple-DES with three independent keys. The other algorithms arenot worthless. I like Blowfish because it is fast and I wrote it. 3-WAY looks good, and GoST is probably okay. The problem with any recommendation is that the NSA almost certainly has an array of impressive cryptanalytic techniques that are still classified, and I donot know which algorithms they can break with them. Table 14.3 gives timing measurements for some algorithms. These are meant for comparison purposes only. My favorite algorithm is IDEA. Its 128-bit key, combined with its resistance to any public means of cryptanalysis, gives me a warm, fuzzy feeling about the algorithm. The algorithm has been analyzed by a lot of different groups, and no serious results have been announced yet. Barring extraordinary cryptanalytic news tomorrow, I am betting on IDEA today. Table 14.3 Encryption Speeds of Some Block Ciphers on a 33 MHz 486SX Algorithm Blowfish (12 rounds) Blowfish (16 rounds) Blowfish (20 rounds) DES FEAL-8 FEAL-16 FEAL-32 GOST IDEA Khufu (16 rounds) Khufu (24 rounds) Khufu (32 rounds) Luby-Rackoff (using MD4) Luby-Rackoff (using MD5) Encryption Speed (Kilobytes/second) 182 135 110 35 300 161 91 53 70 221 153 115 4...
View Full Document
This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.
- Fall '10