[Cryptography] Should the demarcation point for a viable cryptographic attack really be more efficient than brute force?

Ryan Carboni 33389 at protonmail.com
Sun Jun 9 18:08:54 EDT 2019


Should the demarcation point for a viable cryptographic attack really be more efficient than brute force? It could be argued that the birthday bound is the point when a cipher should be rekeyed due to the risk of collisions or a distinguishing attack.  But then the slide attack wouldn't qualify, and further research into the slide attack wouldn't occur, nor would someone finally discover that the slide attack is vulnerable to Simon's algorithm.

Who decided upon this point? Could consensus be wrong?

Sent with [ProtonMail](https://protonmail.com) Secure Email.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20190609/156d31d5/attachment.html>


More information about the cryptography mailing list