|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-disclosure] Comparing Algorithms On The List OfHard-to-brut-force?
From: Andrew Farmer (andfarm
gmail.com)
Date: Tue Nov 01 2005 - 12:55:31 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 01 Nov 05, at 10:11, Brandon Enright wrote:
> Brute forcing an algorithm suggests that you are not attacking a
> weakness or
> known flaw in the algorithm but rather just running through the
> keyspace
> trying to recover the plaintext. In that case, whichever allows
> you to use
> the most bits is what you want.
Note that the encryption speed of an algorithm is *not* a significant
factor
in the time taken to brute-force it, except for extremely small
keyspaces!
Remember that the time taken to brute-force an N-bit algorithm that
takes K
seconds per encryption is, on average
N
K * 2
which increases much more rapidly with N than it does with K. Adding
even one
more bit will double the average time taken to brute-force an
algorithm, while
using a slower algorithm will only increase the difficulty marginally.
Also note that anything beyond 256 bits is silly. Brute-forcing a 256-
bit
algorithm can be shown to be PHYSICALLY impossible, so there's no
reason to
go anywhere beyond that.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
iD8DBQFDZ7ojPa6RRaKl0ScRAks7AKDfby+YNTbv3dKLFM7yPa76cUT3rgCffj0E
MZDooGO24EFSoMkBm5BET7E=
=jLtN
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]