Leveraging synergy in this championship year
Michael Davies' Blog
Michael Davies
michael [at] the-davies.net
GPG Id: 0x0AA9D6FC
RSS feed.
| < | December 2006 | > | ||||
| Su | Mo | Tu | We | Th | Fr | Sa |
| 1 | 2 | |||||
| 3 | 4 | 5 | 6 | 7 | 8 | 9 |
| 10 | 11 | 12 | 13 | 14 | 15 | 16 |
| 17 | 18 | 19 | 20 | 21 | 22 | 23 |
| 24 | 25 | 26 | 27 | 28 | 29 | 30 |
| 31 | ||||||
Local
chicago
docs
photo blog
planet
site-index
software
News
lwn
/.
linuxtoday
kernel traffic
theregister
abc
bom
Software
sourceforge
savanna
tigris
ibiblio
freshmeat
tridge's junkcode
here
Utility
absolute truth
google
wikipedia
convert currency
convert time
convert tongues
convert temperature
convert temperature (2)
linux man pages
thesaurus
dictionary
acronyms
street maps downunder
street maps usa
toilets downunder
Powered by PyBlosxom
Copyright © 2003, 2004, 2005, 2006, 2007, 2008 Michael Davies,
All Rights Reserved.
All opinions are mine only.
About AES
Russell blogs about choosing encryption algorithms. He comments:
The US government (which incidentally employs some of the best cryptologists in the world) recommends encryption methods for data that is important to US interests (US military and banking operations for starters). Why wouldn't you want to follow those recommendations? Do you think that they are putting back-doors in their own systems?
This is true, but for an additional reason not mentioned. The current block cipher standard is AES. While it was chosen by the US government as a standard, it wasn't develoed by the US government - making the chance of back-doors even less likely. This is not the case for DES - which was an in-house US Government development effort - meaning that it's open to claims of back-door introducing.
There are some questions asked about whether there are inherit weaknesses in AES, but these centre around the "newness" of the mathematics used - the strength of any crypto system is based on solving "hard" mathematical problems, so if someone finds an easy way the "tower of cards" all falls down - and all data is open. But the same could be said for ECC. That's why some people encrypt their encrypted data with a different encryption algorithm - even if one crypto system falls, there's another barrier protecting your data.
So, as a recommendation, you need to ask a few things - how important is the data you are wanting to protect? What timeframe does it need to stay secure? If it needs to be protected forever - like who killed JFK :-) - then you need a really strong crypto system. If it's a personal deep dark secret, probably just your lifetime. If it's your travel planes, only a few weeks. If it's your online banking session - it's only minutes. The other thing is identifying your adversary - if it's the government, then nothing really is secure enough - be assured that if it's in their national interest they will break open the data. If it's some local phisher/cracher - then a much weaker system is all that's needed to protect you as they don't have the mathematicians, nor the computing power, to cause you grief in the timeframe that the data is sensitive.
The easiest solution though is have nothing to hide :-)
Addendum: There's nothing new here - just go read Schneier for more info.
This web page is optimised
for standards.
If this page renders poorly, upgrade to a standards-compliant browser (like Firefox).
This page is Copyright © 2004, 2005, 2006, 2007, 2008 Michael Davies. All Rights Reserved.