Re: Crypto in DragonFlyBSD
--00032555623a8672c704831c680f
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
Hello, Robin!
Robin Carey wrote:
> There is some talk on the kernel-mailing list about implementing
> Cryptography in DragonFlyBSD.
>
> I would like to add my input in this discussion;
>
> Most cryptography implementations use block-ciphers. But I consider
> block-ciphers (even AES) bad, because
> they are just a code-book.
>
Actually, you can use different cipher modes like CBC to overtook this
code-book-alike behavior of block ciphers. Advanced modes like LRW/XEX/XTS
are even protecting against watermarking attacks.
I consider Stream Ciphers to be the best way to encrypt data, as these are
> "the next best thing" to a
> one-time-pad (one-time-pad is a provably secure encryption method).
>
One-time-pad is indeed provably secure encrypted method (more, it has
``perfect security'' property) but this does not holds for arbitrary stream
cipher. A5 algorithm (which implemented in cell phones for GSM) considered
weak ATM, for example.
Moreover, there is always opportunity to make attack with known plain text
on stream cipher. Take the first block of a file which is, for example, C
source. In most cases it will start with string like ``#include'' or, even
worse, with license notice. You know, almost surely, that plain text is
license or sequence of includes. If cipher-stream was just xor'ed with plai=
n
text, you can take the license, xor it with the first block of the file and
get the stream. With it you can perform further cryptanalysis.
It depends on application =97 which type of cipher to use. Stream ciphers a=
re
good when you don't actually know where your data will end (like the encode=
d
voice in cell phones). Block ciphers were primarily designed to be used in
computers (e.g. file systems and databases).
--=20
Best regards, Dmitry A. Stephantsov
--00032555623a8672c704831c680f
Content-Type: text/html; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
Hello, Robin!
<br>
<br>Robin Carey wrote:
<br><blockquote style=3D"border-left: 1px solid rgb(204, 204, 204); margin:=
0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class=3D"gmail_quote">There is some=
talk on the kernel-mailing list about implementing
<br>Cryptography in DragonFlyBSD.
<br><br>I would like to add my input in this discussion;
<br><br>Most cryptography implementations use block-ciphers. But I consider
<br>block-ciphers (even AES) bad, because
<br>they are just a code-book.
<br></blockquote>
<br>Actually, you can use different cipher modes like CBC to overtook this=
=20
code-book-alike behavior of block ciphers. Advanced modes like=20
LRW/XEX/XTS are even protecting against watermarking attacks.
<br>
<br><blockquote style=3D"border-left: 1px solid rgb(204, 204, 204); margin:=
0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class=3D"gmail_quote">I consider St=
ream Ciphers to be the best way to encrypt data, as these are
<br>"the next best thing" to a
<br>one-time-pad (one-time-pad is a provably secure encryption method).
<br></blockquote>
<br>One-time-pad is indeed provably secure encrypted method (more, it has=
=20
``perfect security'' property) but this does not holds for arbitrar=
y=20
stream cipher. A5 algorithm (which implemented in cell phones for GSM)=20
considered weak ATM, for example.
<br>
<br>Moreover, there is always opportunity to make attack with known plain=
=20
text on stream cipher. Take the first block of a file which is, for=20
example, C source. In most cases it will start with string like=20
``#include'' or, even worse, with license notice. You know, almost=
=20
surely, that plain text is license or sequence of includes. If=20
cipher-stream was just xor'ed with plain text, you can take the license=
,=20
xor it with the first block of the file and get the stream. With it you=20
can perform further cryptanalysis.
<br>
<br>It depends on application =97 which type of cipher to use. Stream ciphe=
rs=20
are good when you don't actually know where your data will end (like th=
e=20
encoded voice in cell phones). Block ciphers were primarily designed to=20
be used in computers (e.g. file systems and databases).
<br>
<br>--
<br>
<br>Best regards, Dmitry A. Stephantsov<br>
--00032555623a8672c704831c680f--
討論串 (同標題文章)
完整討論串 (本文為第 3 之 7 篇):