Welcome Guest [Log In] [Register]
Welcome to Crypto. We hope you enjoy your visit.


You're currently viewing our forum as a guest. This means you are limited to certain areas of the board and there are some features you can't use. If you join our community, you'll be able to access member-only sections, and use many member-only features such as customizing your profile, sending personal messages, and voting in polls. Registration is simple, fast, and completely free.


Join our community!


If you're already a member please log in to your account to access all of our features:

Username:   Password:
Add Reply
Algorithm switch; Algorithm: AES-to-Twofish...
Topic Started: Oct 3 2013, 05:57 PM (459 Views)
JOE.TEKK1
Elite member
[ *  *  *  *  * ]
Please note: I have seen that Silent Circle will move from AES-256 (Rijndael; from Belgium ) to Twofish ( BT-USA; Schneirer ) .
They also want to use Skein instead of SHA-256 .
You may find that of interest.

Joe

-----

Offline Profile Quote Post Goto Top
 
novice
Super member
[ *  *  *  * ]
I didn't know about this service until I read your posting and then Wikipedia. Do you use their service?

Interesting that Wiki says:

Quote:
 
On August 9, 2013, through their Web site, Silent Circle announced that the Silent Mail service would be shut down, because the company could "see the writing on the wall" and felt it was not possible to sufficiently secure email data


This suggests that attempts to organise large-scale encrypting of emails will meet major problems, at least in the U.S.
Offline Profile Quote Post Goto Top
 
JOE.TEKK1
Elite member
[ *  *  *  *  * ]
= Friday, 4 October 2013; 3:12PM New Jersey USA time

Novice, Everyone --

Encryption of emails is the <<RESPONSIBILITY>> of the individual ; with support ( to a certain degree ) from others.
Silent Circle is <<STILL>> encrypting Text/Chats ( acts like Facsimile/FAX ) . Joe
Offline Profile Quote Post Goto Top
 
mok-kong shen
NSA worthy
[ *  *  *  *  *  * ]
JOE.TEKK1
Oct 3 2013, 05:57 PM
... Silent Circle will move from AES-256 (Rijndael; from Belgium ) to Twofish ( BT-USA; Schneirer ) .

I find it difficult to conceive of reasons to suspect that AES might have backdoors etc. in comparison to Twofish. Personally I tend to think that both are "clean". (I mean the algorithms and the open-source codes that one has carefully verified, not the binaries that one gets from somewhere and that might have been manipulated.)
Edited by mok-kong shen, Oct 7 2013, 08:18 PM.
Offline Profile Quote Post Goto Top
 
Ribeiro Alvo
/\ |_ \/ ( )
[ *  *  * ]
mok-kong shen
 
I find it difficult to conceive of reasons to suspect that AES might have backdoors etc. in comparison to Twofish. Personally I tend to think that both are "clean". (I mean the algorithms and the open-source codes that one has carefully verified, not the binaries that one gets from somewhere and that might have been manipulated.)
completely agree.
Offline Profile Quote Post Goto Top
 
Ribeiro Alvo
/\ |_ \/ ( )
[ *  *  * ]
But for those who do not know how to program computers, and are most people, what is the solution?
Offline Profile Quote Post Goto Top
 
jdege
Member Avatar
NSA worthy
[ *  *  *  *  *  * ]
mok-kong shen
Oct 7 2013, 08:13 PM
I find it difficult to conceive of reasons to suspect that AES might have backdoors etc. in comparison to Twofish. Personally I tend to think that both are "clean". (I mean the algorithms and the open-source codes that one has carefully verified, not the binaries that one gets from somewhere and that might have been manipulated.)
The real question - do either have "magic numbers" that are not clearly explained?
When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl.
Offline Profile Quote Post Goto Top
 
Ribeiro Alvo
/\ |_ \/ ( )
[ *  *  * ]
Quote:
 
The real question - do either have "magic numbers" that are not clearly explained?
Well, I want to believe that mathematics is a science, not some quackery. Or put another way, if the algorithm is well explained, I see no reason to fear it.
Offline Profile Quote Post Goto Top
 
jdege
Member Avatar
NSA worthy
[ *  *  *  *  *  * ]
The DES S-boxes involved NSA-selected permutations and provided no explanation of why those particular permutations were chosen. It was always feared that they were chosen because they gave the NSA a backdoor.
When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl.
Offline Profile Quote Post Goto Top
 
Ribeiro Alvo
/\ |_ \/ ( )
[ *  *  * ]
That is precisely what I mean. All details of the scheme / algorithm should be very well explained, otherwise, should be avoided.
Offline Profile Quote Post Goto Top
 
JOE.TEKK1
Elite member
[ *  *  *  *  * ]
I refer you to the United States National Institute of Standards website ( NIST ) that describes the Advanced Encryption Standard.
If you review that, you will understand the sponsorship and the nationalities of the cryptographers. Bruce Shcneirer has made some comments about the complete selection process; and the current state of affairs. Some people will stick with Diffie-Hellman/ElGamal public keys; and keep using AES-256 ( Rijndael ) , and at times may use Twofish also. Some are re-thinking about avoiding Elliptic Curve Crypto public keys. Joe . << Saturday, 12 October 2013; 11:04AM >>
Offline Profile Quote Post Goto Top
 
mok-kong shen
NSA worthy
[ *  *  *  *  *  * ]
jdege
Oct 11 2013, 06:55 PM
The real question - do either have "magic numbers" that are not clearly explained?
There is no magic number (in the sense I understand) in AES and the same is with Twofish, if I don't err. On the other hand, unfortunately any design of a practical cipher would (as a result of creativity involved) contain a number of more or less arbitrary decisions to do certain processing (and at the same time not to do certain other eligible alternatives) and so, if questioned to an ever increasing depth, could hardly be explained entirely satisfactorily logically. IMHO this often applies e.g. to key scheduling for most block ciphers. Thus the freedom of backdoors of the algorithm of a cipher couldn't in general be demonstrated with the kind of rigor commonly demanded in pure math in comparison to applied math, which is regrettable but to be accepted in real life. This naturally doesn't mean that one could at any time slight the issue of backdoors in crypto algorithms. (The issue of implantation of backdoors into crypto binaries is of course an entirely different matter.)
Edited by mok-kong shen, Oct 13 2013, 09:12 AM.
Offline Profile Quote Post Goto Top
 
1 user reading this topic (1 Guest and 0 Anonymous)
« Previous Topic · News · Next Topic »
Add Reply