This preview shows page 1. Sign up to view the full content.
Unformatted text preview: ntext attack with as much data as he needs. Even assume that he can mount a chosen-plaintext attack. If your cryptosystem can remain secure, even in the face of all that knowledge, then you’ve got something. That warning aside, there is still plenty of room in cryptography to maneuver. In reality, this kind of security isn’t really necessary in many situations. Most adversaries don’t have the knowledge and computing resources of a major government, and even the ones who do probably aren’t that interested in breaking your cryptosystem. If you’re plotting to overthrow a major government, stick with the tried and true algorithms in the back of the book. The rest of you, have fun. Time and Cost Estimates for Brute-Force Attack
Remember that a brute-force attack is typically a known-plaintext attack; it requires a small amount of ciphertext and corresponding plaintext. If you assume that a brute-force attack is the most efficient attack possible against an algorithm—a big assumption—then the key must be long enough to make the attack infeasible. How long is that? Two parameters determine the speed of a brute-force attack: the number of keys to be tested and the speed of each test. Most symmetric algorithms accept any fixed-length bit pattern as the key. DES has a 56-bit key; it has 256 possible keys. Some algorithms discussed in this book have a 64-bit key; these have 264 possible keys. Others have a 128-bit key. The speed at which each possible key can be tested is also a factor, but a less important one. For the purposes of this analysis, I will assume that each different algorithm can be tested in the same amount of time. The reality may be that one algorithm may be tested two, three, or even ten times faster than another. But since we are looking for key lengths that are millions of times more difficult to crack than would be feasible, small differences due to test speed are irrelevant. Most of the debate in the cryptologic community about the efficiency of brute-force attacks has centered on the DES algorithm. In 1977...
View Full Document
- Fall '10