On Tue, Jun 03, 2014 at 02:53:26PM +0200, Bzzz wrote: > On Tue, 3 Jun 2014 10:03:17 +0100 > Darac Marjal <mailingl...@darac.org.uk> wrote: > [cut] > > … > > Yes, but choosing your encryption badly can cause problems. For > > one, as above, bad choices can mean poor security. > > So, you're a real cryptanalyst; then, please develop your > rant about BF.
No, but I read the news, I read wikipedia. Wikipedia says "Blowfish is known to be susceptible to attacks on reflectively weak keys". What if I happened to use the Dual_EC_DRBG RNG that some big-wig in the government had recommended to me? Cryptography is hard. Security by obscurity is not security. Really, the best policy is to be upfront about what you're doing and how you're doing it. The counter-intuitive thing about modern cryptography is that this only makes it stronger. > > > But also a > > badly chosen encryption scheme might mean unnecessarily large > > diffs (and so more storage/bandwidth on your cloud provider). > > Depends what you're looking after: real security or comfort… > > At this time, there's no known successful attack against BF. No, that's true. The closest I've seen is an analysis on BF that differentiates it from random noise. For some people, being able to prove that data was encrypted is enough of a problem (I live in a country where my government can force me to reveal my keys - refusing or forgetting results in a prison term). > thinking 448 bits is 3.5 more secure than 128 bits doesn't > mean nothing (AES 256 bits is considered weaker than 128 bits…) > provided you have a strong random data generator (otherwise > not any crypto will long more than a few hours). > As of today, 128 bits fits all the needs. > > Much of people saying: "oh, this cryto's not so good", etc > are either jealous or disinformers, unless they are specialists > and publish academic papers; a very few are real cryptanalyzers > because that needs real maths applied to crypto skills. > > This is no secret that nsa pushed AES in front of BF, there > are good reasons for that… > > BF have some weakness (some keys aren't that safe) but nobody > has broken the whole set of rounds, and even if it is an "old" > crypto (it works on 8bits µCPU!), it is still one of the best > there is at this time (and a polyvalent one). > > -- > You will not censor me through bug terrorism. > -- James Troup > > > -- > To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org > Archive: https://lists.debian.org/20140603145326.1d5a56f7@anubis.defcon1 >
signature.asc
Description: Digital signature