lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed Nov  2 06:13:41 2005
From: gautam.bipin at gmail.com (Bipin Gautam)
Subject: Comparing Algorithms On The List
	OfHard-to-brut-force?

On 11/1/05, Brandon Enright <bmenrigh@...d.edu> wrote:
> Brute forcing an algorithm suggests that you are not attacking a weakness or
> known flaw in the algorithm but rather just running through the keyspace
> trying to recover the plaintext.  In that case, whichever allows you to use
> the most bits is what you want.
>
> IIRC, there aren't any good known attacks against Blowfish, AES, or Twofish
> so the *RIGHT* algorithm is whatever works best for your application.
>
> Also, your encrypt-decrypt-encrypt choices may be "more" secure from a pure
> brute force perspective but the marginal security they add doesn't negate
> the difficulty of key management.
>
> You should look into Bruce Schneier's book, "Applied Cryptography" (ISBN:
> 0471117099) for an excellent treatment on the subject.
>
>
> Brandon Enright
>

Yap, thanks for all your input.... i have looked at the book you
mentioned as well.... but i was searching for 'any short of'
statistic, REMEMBER?
anyways, thanks.......
Bipin Gautam
http://bipin.tk

Zeroth law of security: The possibility of poking a system from lower
privilege is zero unless & until there is possibility of direct,
indirect or consequential communication between the two...

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ