Michael Paul Johnson (mpj@csn.net)
Thu, 16 Jul 1998 19:43:45 -0600
At 06:59 PM 7/16/98 -0400, Matt Blaze wrote:
>>
>> Actually, newness is a cryptographic advantage (as well as disadvantage).
>>
>
>No. Newnewss is neither an advantage nor a disadvantage. Strength is
>an advantage. Unfortunately, we don't know what the real strength of
>any practical block cipher is. (Keylength provides an upper bound on
>effort, but knowing the real strength requires a lower bound).
We sort of agree. Age doesn't increase the strength of any cipher, but
review and public scrutiny do increase our knowledge of how strong the
cipher is. This is, indeed, very valuable. On the other hand, there must be
some value to keeping ciphers classified or our own government and some
companies wouldn't do so. Indeed, it does take longer to cryptanalyze
something or build dedicated cracking hardware if you first have to discern
what the algorithm used was, even though I think we all agree that it is
foolhardy to rely too much on this advantage. It is an advantage, though. I
think it makes sense for organizations like the NSA to keep most of their
cryptographic algorithms secret -- because they have their own closed peer
review internally. For the rest of us, though, who don't have a staff of
paid cryptanalysts working for us, let the algorithms be published and
studied seriously for a while by anyone who wants to... but I'll keep my
keys secret, thank you.
_______
Michael Paul Johnson
mpj@ebible.org http://ebible.org http://cryptography.org
PO BOX 1151, Longmont CO 80502-1151, USA Jesus Christ is Lord!
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:20:29 ADT