[Cryptography] Which big-name ciphers have been broken in living memory?
Bear
bear at sonic.net
Tue Aug 26 15:21:33 EDT 2014
On Tue, 2014-08-26 at 23:24 +1200, Peter Gutmann wrote:
> Bear <bear at sonic.net> writes:
>
> >Is there any evidence that CAST5 is in any way inadequate?
> >
> >People are upset with use of an "Antique" algorithm? Why?
>
> There's nothing obviously wrong with CAST, but it is nearly twenty years old
> and hasn't had anywhere near the analysis of AES (or 3DES), particularly
> against recent cryptanalysis techniques.
(Massive snip)
See, those are much better reasons for proposing a change.
When someone wants to change and advances no better reason
than "It's Old," or "it's an antique from the 90's" or such
that doesn't make sense. Math doesn't go stale. "Old" just
means that it has remained in place with no discovered
weaknesses through more cryptanalytic effort, and ought
therefore be considered more, rather than less, reliable.
But when you come out and admit that cryptanalysts,
especially those using more modern methods and attacks,
have been actively ignoring it such that it has now withstood
LESS cryptanalytic effort than some more recent cipher, that
makes a bit less nonsense. The problem is not its age,
the problem is that despite it having been around for more
cryptanalytic effort it has actually withstood less.
The 64-bit blocksize being too short is also a legitimate
technical issue and a good reason for requesting a change,
especially when use for file encryption offers so many 64-bit
blocks whose contents are completely known to an attacker.
Bear
More information about the cryptography
mailing list