[Cryptography] List of Proven Secure Ciphers / Hashes
Bill Frantz
frantz at pwpconsult.com
Tue Sep 16 01:44:37 EDT 2014
On 9/15/14 at 8:41 AM, jkatz at cs.umd.edu (Jonathan Katz) wrote:
>There is no cryptosystem whose security (in any standard sense)
>can be reduced to an NP-hard problem. The issue, intuitively,
>is that NP-hardness is a *worst-case* notion, whereas we want
>cryptosystems to be hard *on the average*.
The requirements of crypto turn what is wanted around like a lot
of things in security. Most often people ask, "What can that
computer system do?" The security guys ask, "What can I be sure
it can't do?"
With computational difficulty, we aren't asking, "What is the
hardest case?", instead we are asking, "What is the easiest
case?". Sometimes, like with DES weak keys, we find a limited
number of cases where the answer is, "Too easy." and we avoid
those cases. If there are too many of these easy cases, we worry
about the security of the crypto.
Cheers - Bill
--------------------------------------------------------------
Bill Frantz | There are now so many exceptions to the
408-356-8506 | Fourth Amendment that it operates only by
www.pwpconsult.com | accident. - William Hugh Murray
More information about the cryptography
mailing list