[Cryptography] Is there a point to key schedules?
Ryan Carboni
ryacko at gmail.com
Tue Mar 10 21:31:19 EDT 2015
Is there a point to key schedules? Let's look at the origin of entropy for
an HTTPS session. First hardware entropy is collected. It is usually then
hashed. That is then used to seed a PRNG, often a block cipher, sometimes
RC4 (although ChaCha is being adopted). Due to biases in RC4 and other
biases in all block ciphers, if a 256-bit key is generated, it is at best
255.999... bits secure.
That key is then used for a block cipher....
Now lets go see how many bits a 128-bit block cipher takes... say a
hypothetical one with thirty-two rounds.
32*128= 4096 bits. 4096 bit asymmetric ciphers have 128-bit security and
could transmit 4096 bits. so everything is mathematically comparable.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150310/cd0738bd/attachment.html>
More information about the cryptography
mailing list