[Cryptography] BLAKE2: "Harder, Better, Faster, Stronger" Than MD5

tpb-crypto at laposte.net tpb-crypto at laposte.net
Tue Mar 25 18:42:00 EDT 2014



> Message du 25/03/14 23:18
> De : "ianG" 
> A : cryptography at metzdowd.com
> Copie à : 
> Objet : Re: [Cryptography] BLAKE2: "Harder, Better, Faster, Stronger" Than MD5
>

> On 25/03/2014 22:08 pm, tpb-crypto at laposte.net wrote:
> >> Message du 24/03/14 19:09
> >> De : "Jerry Leichter" 
> >> A : tpb-crypto at laposte.net
> >>> Some of my customers demand such solutions, shouldn't we develop a protocol for piggy-backing crypto over crypto? It would be a cool thing.
> >> Maybe. And maybe we should have a protocol for those super-secure million-bit-key ciphers we keep hearing about. :-(
> >>
> >> Just because people demand it doesn't mean it's a good idea. First you need to find a piggy-backing method that has meaningful security benefits. Then we can talk about a protocol.
> > 
> > Since I'm merely a code monkey and not a cryptographer,...
> 
> 
> This is no weakness, this is a strength. You are closer to what matters.
> 
> > I know you guys don't like this approach, yet I have got no references on how to make it better. All I know is that if the first layer is broke, the would-be attacker will get another jumbled stream and will have to start all over again.
> 
> 
> In terms of directly combining two ciphers, the common approach is to do
> two stream ciphers and to xor them.
> 
> 
> > The idea of my question is, can we do that in a proper manner? What proper manner is that, exactly?
> 
> 
> There is academic work to combine ciphers at block level, which in
> general shows that it is tricky to do, has a few surprising effects, and
> often doesn't really help more than picking a good cipher. Others will
> write about that, I'm sure, and see the comment previously about DES-X.
> 
> However, there is a top tip from the NSA: you should use two systems,
> not two ciphers. That is, you should use an underlying p2p system such
> as IPSec or TLS or SSH, and then layer an application security system
> over the top of it.
> 
> Which is to say; if you are going to do super-encryption, the best
> thing is to separate the layers as much as possible.
> 
> my 2c.
> 
> iang
> 

Thank you, your ideas are much appreciated.

Since "using a best cipher is better than using two good ones Xored", I think the approach of using two supposedly best ciphers not broken into until now and Xored seems to be good, then.

Using your approach seems good to encrypt the first layer with tls 1.3 and deliver by port 443 to the client, then above it to use the stream ciphers. It will look like some big download over SSL but in fact it is another thing. Maybe I should add another layer under the streams ...


More information about the cryptography mailing list