symmetric ciphers, e.g. users could state a preference list
like this:
No. This idea gets floated every few years and the answers never
change. It's not a good idea. If you look in the list archives
you can find some pretty long, detailed writeups on why.
I just tried googling a bit
Having not read far enough down the thread, Mark H. Wood wishes to
recall a completely redundant message:
Consider a composition of *three* ciphers:
A := ROT13
B := ROT10
C := ROT3
--
Mark H. Wood, hasty poster mw...@iupui.edu
Machines should not be friendly. Machines should be
On Wed, Oct 30, 2013 at 11:33:18PM +0100, Philipp Klaus Krause wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Is there a known good way to combine multiple symmetric ciphers into
something that is at least as strong as the weakest of them?
I sincerely doubt
noone
researched something like 3AES yet?
There is no single answer to this. The other symmetric ciphers need
to be evaluated combinatorically: for instance, are AES128, 3DES and
Camellia a group? That answer may be different from AES192, 3DES and
Camellia.
However, encrypting a message with AES
On Thursday, October 31, 2013 at 10:06 AM, Johan Wevers
joh...@vulcan.xs4all.nl wrote:
However, encrypting a message with AES with key1 and then
encrypting it again with key2 (key1 unrelated to key2) can't make it less
secure
since any attacker can encrypt the intercepted encrypted message
On 31/10/13 16:37, ved...@nym.hush.com wrote:
The advantage is, that if it should ever be possible to brute force the
keyspace of one key, then NONE of the possible elements of the keyspace
(including the *correct* key) will result in an identifiable *correct*
plaintext. It will only result in
Playing Captain Obvious:
Excellent! Let's play more.
- \forall {A,B \in G} -- A X B \in G: G is closed.
What's this \forall and \in? I don't understand. Are those HTML
entity codes that my email client isn't presenting properly?
... Or, in other words, your very first line assumes a
The advantage is,
that if it should ever be possible to brute force the keyspace of one key
No one will ever be able to brute-force a 128-bit key until such time
as we have quantum computers with 256-bit ensembles running at 3.2
kelvins and powered by stars.
Consequentially, I don't think
On 31-10-2013 22:36, Robert J. Hansen wrote:
... Or, in other words, your very first line assumes a level of
mathematical knowledge that the overwhelming majority of people lack:
namely, the abilities of understanding mathematical notion and TeX.
I am quite confident the majority of the
I am quite confident the majority of the people don't understand this,
but they don't need to. Someone can prove wether AES / Twofish / ... /
combinations of them is a group or not, and can then explain that
combinations are safer / at least as safe / less safe.
Yes. But please remember how
The reason why the cryptanalytic community looked into whether DES forms a
group is because the 56-bit keyspace was too short and we critically needed
a way to compose DES into a stronger algorithm. That's not the case with
AES.
Disclaimer : I am not a mathematician, only a student in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am 10.09.2013 15:30, schrieb Robert J. Hansen:
On 9/10/2013 6:35 AM, Philipp Klaus Krause wrote:
I wonder if it would be a good idea to have an option to combine
symmetric ciphers, e.g. users could state a preference list
like
Well, here's a (rough, and maybe naive) explanation of why I assumed
that the effort is at least max(a, b):
If you first encrypt with ROT10 and then with ROT16, the final
strength is not the maximum of (ROT10, ROT16). You may think that's a
silly example, and I grant that it is, but it
fruit.
I wouldn't assme that: RSA is something taught in typical maths and
computer science curriculums at universities. Factorization is a
well-known problem.
Symmetric ciphers, on the other hand are for specialists.
So I would assume that RSA got much more attention and eyes looking at
it than any
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am 30.10.2013 18:39, schrieb Robert J. Hansen:
Well, here's a (rough, and maybe naive) explanation of why I
assumed that the effort is at least max(a, b):
If you first encrypt with ROT10 and then with ROT16, the final
strength is not the maximum
Quoting Philipp Klaus Krause p...@spth.de:
But ROT10 and ROT16 fail the condition that breaking them should be
substancially harder than applying them.
Arguing that but that's not a real example! is a nonstarter. It
wasn't presented as a real example. It was presented as a way to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am 10.09.2013 12:35, schrieb Philipp Klaus Krause:
I wonder if it would be a good idea to have an option to combine
symmetric ciphers, e.g. users could state a preference list like
this:
TWOFISH+AES256 3DES+BLOWFISH+AES AES 3DES
The meaning
On 30/10/13 20:25, Philipp Klaus Krause wrote:
If we have plenty of randomness available, we could do this a different
way: XOR the message M with a random one-time pad P to obtain N. Encrypt P
with A, and N with B.
Why are you inventing new crypto primitives? Symmetric crypto is already good
If we have plenty of randomness available, we could do this a
different way:
Dangerously naive. Meet-in-the-middle and/or miss-in-the-middle
attacks could be devastating.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
On Wed, 30 Oct 2013 20:25, p...@spth.de said:
If we have plenty of randomness available, we could do this a
Entropy (which should be at the core of every CRNG) is a scarce
resource. Thus a one time pad is not going to work because you need
true random at the same size of the message.
XOR the
On Wed, 30 Oct 2013 18:06, p...@spth.de said:
I wouldn't assme that: RSA is something taught in typical maths and
computer science curriculums at universities. Factorization is a
well-known problem.
Using RSA in a safe way is a not easy - it took more than 20 years until
most cryptographers
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Is there a known good way to combine multiple symmetric ciphers into
something that is at least as strong as the weakest of them?
Philipp
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Icedove - http
-521-5562
Fax: 858-385-8810
Cell:858-361-2068
-Original Message-
From: Gnupg-users [mailto:gnupg-users-boun...@gnupg.org] On Behalf Of Philipp
Klaus Krause
Sent: Wednesday, October 30, 2013 3:33 PM
To: gnupg-users@gnupg.org
Subject: Re: The symmetric ciphers
* PGP Signed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am 30.10.2013 23:33, schrieb Philipp Klaus Krause:
Is there a known good way to combine multiple symmetric ciphers
into something that is at least as strong as the weakest of them?
Philipp
This should have been ... as the strongest of them
?
There are multiple symmetric ciphers. Any one of them might already
have been broken by an adversary, but I assume that there are many
among them that are not broken. I do not know which ones are which.
So, if I have ciphers A, B and C, and a way to combine them into one
symmetric cpher
Is there a known good way to combine multiple symmetric ciphers into
something that is at least as strong as the weakest of them?
Not one that generalizes to all ciphers.
signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing
So, if I have ciphers A, B and C, and a way to combine them into one
symmetric cpher that is at least as strong as the strongest among
them, I could use this combined cipher for somewhat secure
communication as long as at least one of A, B, C is not broken, even
if I do not know which
.
That's because ROT(N) is a group. In a way, we already use a combination
cipher in the form of 3DES, which uses 3 times the same cipher (OK, 2
times and one time in the reverse) but that works because DES is not a
group.
I don't know wether the other symmetric ciphers are a group though, but
I'm
avoided.
I don't know wether the other symmetric ciphers are a group though,
but I'm sure someone has investigated that.
There is no single answer to this. The other symmetric ciphers need
to be evaluated combinatorically: for instance, are AES128, 3DES and
Camellia a group? That answer may
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I wonder if it would be a good idea to have an option to combine
symmetric ciphers, e.g. users could state a preference list like this:
TWOFISH+AES256 3DES+BLOWFISH+AES AES 3DES
The meaning of A+B would be to encrypt using A first, and then encrypt
Philipp Klaus Krause p...@spth.de wrote:
I wonder if it would be a good idea to have an option to combine
symmetric ciphers, e.g. users could state a preference list like this:
TWOFISH+AES256 3DES+BLOWFISH+AES AES 3DES
The meaning of A+B would be to encrypt using A first, and then encrypt
On 9/10/2013 6:35 AM, Philipp Klaus Krause wrote:
I wonder if it would be a good idea to have an option to combine
symmetric ciphers, e.g. users could state a preference list like
this:
No. This idea gets floated every few years and the answers never
change. It's not a good idea. If you
.
Why? Assuming the Keys are not related (e.g. by creating random keys and
then encrypting them both with RSA) this is safer, assuming the attacker
can crack one of the two symmetric ciphers but not RSA.
If you use the same/related Keys for both encryptions and/or the ciphers
don't interact somehow
On 09/10/2013 11:10 AM, Josef Schneider wrote:
Why? Assuming the Keys are not related (e.g. by creating random keys
and then encrypting them both with RSA) this is safer, assuming the
attacker can crack one of the two symmetric ciphers but not RSA.
I repeat my earlier message:
If you look
I suggest looking at openssl. I'd hazard a guess that most nix OS's
end up with it installed.
The speed command does benchmarking :)
Barton 2Ghz:
$ openssl speed aes-256-cbc bf-cbc
Doing aes-256 cbc for 3s on 16 size blocks: 6396149 aes-256 cbc's in 2.98s
Doing aes-256 cbc for 3s on 64 size
On 8/4/05, Werner Koch [EMAIL PROTECTED] wrote:
So roughly libgcrypt gets 55% of the performance of OpenSSL with AES
and 61% for 3DES. This all with a higher level interface, a non ia32
optimized AES. I am pretty sure we can improve here but it will
require to duplicate code for the modes
On 8/4/05, Ryan Malayter [EMAIL PROTECTED] wrote:
My test show 7-zip yields ~228 Mbps on a 2.4 GHz P4. The only cipher
available with this program is AES256 in (I believe) ECB mode.
You seem pretty knowledgeable, but I'll say it anyway:
ECB in general shouldn't be used. Especially in the case
On Thu, 4 Aug 2005 08:10:00 -0500, Ryan Malayter said:
My test show 7-zip yields ~228 Mbps on a 2.4 GHz P4. The only cipher
available with this program is AES256 in (I believe) ECB mode.
Why encrypt at all when using ECB? ECB has no use except in very very
special cases.
Still, it seems a
On 8/3/05, Henry Hertz Hobbit [EMAIL PROTECTED] wrote:
Given the size of the files that you are encrypting, I would strongly
advise going with the Eden chip rather than a software based solution...
I actually found an open-source tool, 7-zip, that includes AES-256
encryption functionality. For
Hi Ryan,
* Ryan Malayter [EMAIL PROTECTED] [01. Aug. 2005]:
I'm reposting this because it never appeared on the list for some
reason, even after 12 hours.
is your message about service throughput?
Gregor
___
Gnupg-users mailing list
I was going to use GnuPG for encrypting some very large backup files
on disk (~200 GB). However, the symmetric ciphers in GnuPG seem to be
fairly slow. Using the Windows build of 1.4.2, I only modest
throughputs piping GPG output from a fast 7200 RPM disk to NUL (the
Windows equivalent of /dev/nul
41 matches
Mail list logo
