Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.forth > #18275
| From | Paul Rubin <no.email@nospam.invalid> |
|---|---|
| Newsgroups | comp.lang.forth |
| Subject | Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth |
| Date | 2012-12-24 21:51 -0800 |
| Organization | Nightsong/Fort GNOX |
| Message-ID | <7x4njaznku.fsf@ruckus.brouhaha.com> (permalink) |
| References | (16 earlier) <1721365.TAIWJIEe1u@sunwukong.fritz.box> <7xr4mgxll2.fsf@ruckus.brouhaha.com> <18582692.VqSCSsnmkf@sunwukong.fritz.box> <7xa9t310qk.fsf@ruckus.brouhaha.com> <3668332.IbXBfKmko9@sunwukong.fritz.box> |
Bernd Paysan <bernd.paysan@gmx.de> writes: > So you are saying that when I'm actually interested in cryptography, I > can ignore that standard, I think you can ignore the AES standard unless you actually want to implement the low-level cipher for some reason. Otherwise just call some existing library. I do think choosing something other than AES to protect high-value traffic is probably inadvisable at the present time, as already mentioned. Maybe Keccak or something like it will become more acceptable in the future. It's partly a matter of the kinds of questions you'll have to answer if something goes wrong. >> I've heard this called "ego-oriented programming". > All the really good cryptographers like Bruce Schneier or Dan Bernstein > have an ego that swallows black holes that accidently come nearby. The difference is that they don't try to substitute ego for skill. ;-) > These people *are* oppinionated, and they do have different opinions > about AES. That's perfectly reasonable--nobody knows why (or if) primitives like AES are secure, there's just a bunch of mystery, intuitionism, and experimental observations about resistance to known attacks. So it's logical that there's a range of opinion. Operating modes (based on the presumption that the primitive is secure) are a different story: they are well-understood mathematically, there's no mystery, and people like DJB know how to do the math. > AFAIK, Dan Bernstein included AES into his NaCl library only > for the reason that some stubborn people won't buy anything without > AES They're not stubborn out of stupidity; it's a perfectly sound decision if someone else's assets are at risk. AES represents a kind of industry consensus and if it fails, at least you followed the accepted best procedure. If you chose experimental cipher XYZ and it fails, you have some uncomfortable explaining to do. Salsa20 is maybe in between since it is an eSTREAM finalist and there are applications whose performance demands might justify it. > in it, and he uses it in counter mode; i.e. just as replacement for his > stream cipher, which he strongly prefers. AES-CTR is perfectly fine if you've got an authentication mechanism and a good source of IV's. >>>> What black magic? The thing to do is supply a library that >>>> implements a sensible mode for the application. >>> That's what the NIST should do, as it is their standard. I can't think of any other standards body that does anything like that. The ANS Forth committee doesn't ship a Forth interpreter, the ITU doesn't ship voice codecs, etc. Even if they did ship something, it would be "here's a reference implementation, here's how to access all the modes, have fun". They wouldn't tell you what mode to use. Standards are not tutorials. > Or ask the user to gather entropy for you. I remember things like "move > the mouse pointer" or "type in keys" from the time where /dev/random > wasn't available. Not always practical--lots of systems aren't interactive, especially during initialization when the random numbers are first needed. > I'm sure the Nazis had spies in UK. The way it's always been told, the British captured and turned enough of those spies to be able to locate and round up the rest. So ALL the Nazi spies in England were either double agents or else locked up and possibly being impersonated by the British, either way sending false intelligence back to the Reich. I've seen this multiple places in print, though it does boggle the mind a bit. > I.e. you should implement more than one primitive in hardware. Meh, you have to figure out the cost of the additional primitive and the increased likelihood of some error causing security failure due to the added complexity, the likelihood of something going wrong with AES during the expected lifetime of the equipment, the plausibility of any AES attack affecting AES-256 (something encroaching on AES-128 is easier to imagine), etc. > Some hardware had successful attacks, too. Of course. Thus all the tamper-reactive packaging, EM shielding, physical security around the equipment, etc. To keep the attacker away from the hardware. > It's at least a low-margin concern. It would be nice to know how much > material you need for a distinguisher for 5, 6, resp. 7 rounds, to see > how that would extrapolate. Yeah. Really though, cryptanalysis of cipher primitives is a generally less likely source of security failures in real systems. Keys escaping, protocol failures, application bugs, etc. are all far more common.
Back to comp.lang.forth | Previous | Next — Previous in thread | Next in thread | Find similar | Unroll thread
ANN: SHA-256 Secure Hash Algorithm in ANS Forth Howerd <howerdo@yahoo.co.uk> - 2012-11-20 22:32 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth stephenXXX@mpeforth.com (Stephen Pelc) - 2012-11-22 22:53 +0000
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth ritaoakford@gmail.com - 2012-11-23 00:21 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth albert@spenarnc.xs4all.nl (Albert van der Horst) - 2012-11-23 14:20 +0000
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth mhx@iae.nl (Marcel Hendrix) - 2012-11-25 22:58 +0200
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Paul Rubin <no.email@nospam.invalid> - 2012-11-25 14:41 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth mhx@iae.nl (Marcel Hendrix) - 2012-11-26 00:59 +0200
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Paul Rubin <no.email@nospam.invalid> - 2012-11-25 16:10 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Howerd <howerdo@yahoo.co.uk> - 2012-11-26 04:18 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Bernd Paysan <bernd.paysan@gmx.de> - 2012-11-26 19:17 +0100
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth stephenXXX@mpeforth.com (Stephen Pelc) - 2012-11-26 11:57 +0000
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Andrew Haley <andrew29@littlepinkcloud.invalid> - 2012-11-26 06:17 -0600
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth mhx@iae.nl (Marcel Hendrix) - 2012-11-26 23:22 +0200
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth stephenXXX@mpeforth.com (Stephen Pelc) - 2012-11-27 13:33 +0000
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Fritz Wuehler <fritz@spamexpire-201211.rodent.frell.theremailer.net> - 2012-11-27 09:18 +0100
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Mark Wills <forthfreak@gmail.com> - 2012-11-27 01:08 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth stephenXXX@mpeforth.com (Stephen Pelc) - 2012-11-27 11:18 +0000
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth albert@spenarnc.xs4all.nl (Albert van der Horst) - 2012-11-27 16:32 +0000
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Fritz Wuehler <fritz@spamexpire-201211.rodent.frell.theremailer.net> - 2012-11-28 11:59 +0100
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth albert@spenarnc.xs4all.nl (Albert van der Horst) - 2012-11-28 14:11 +0000
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth albert@spenarnc.xs4all.nl (Albert van der Horst) - 2012-11-26 16:50 +0000
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth stephenXXX@mpeforth.com (Stephen Pelc) - 2012-11-27 13:36 +0000
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Howerd <howerdo@yahoo.co.uk> - 2012-11-28 14:31 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Howerd <howerdo@yahoo.co.uk> - 2012-11-28 14:36 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Josh Grams <josh@qualdan.com> - 2012-11-30 00:08 +0000
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Howerd <howerdo@yahoo.co.uk> - 2012-11-30 13:56 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Josh Grams <josh@qualdan.com> - 2012-12-01 16:02 +0000
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Howerd <howerdo@yahoo.co.uk> - 2012-12-01 13:54 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Josh Grams <josh@qualdan.com> - 2012-12-02 11:26 +0000
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Paul Rubin <no.email@nospam.invalid> - 2012-12-12 14:52 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Howerd <howerdo@yahoo.co.uk> - 2012-12-12 23:47 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Paul Rubin <no.email@nospam.invalid> - 2012-12-13 00:38 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Howerd <howerdo@yahoo.co.uk> - 2012-12-13 20:17 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Paul Rubin <no.email@nospam.invalid> - 2012-12-13 20:25 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Howerd <howerdo@yahoo.co.uk> - 2012-12-13 20:53 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Paul Rubin <no.email@nospam.invalid> - 2012-12-13 21:16 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Howerd <howerdo@yahoo.co.uk> - 2012-12-14 03:43 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Andrew Haley <andrew29@littlepinkcloud.invalid> - 2012-12-14 12:15 -0600
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Paul Rubin <no.email@nospam.invalid> - 2012-12-20 00:21 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Andrew Haley <andrew29@littlepinkcloud.invalid> - 2012-12-14 04:45 -0600
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Howerd <howerdo@yahoo.co.uk> - 2012-12-14 03:33 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Andrew Haley <andrew29@littlepinkcloud.invalid> - 2012-12-14 12:20 -0600
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Paul Rubin <no.email@nospam.invalid> - 2012-12-14 10:28 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Andrew Haley <andrew29@littlepinkcloud.invalid> - 2012-12-14 12:39 -0600
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Bernd Paysan <bernd.paysan@gmx.de> - 2012-12-15 01:47 +0100
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Paul Rubin <no.email@nospam.invalid> - 2012-12-19 18:10 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Paul Rubin <no.email@nospam.invalid> - 2012-12-19 19:53 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Bernd Paysan <bernd.paysan@gmx.de> - 2012-12-20 14:44 +0100
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Bernd Paysan <bernd.paysan@gmx.de> - 2012-12-20 19:28 +0100
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Paul Rubin <no.email@nospam.invalid> - 2012-12-20 13:56 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Bernd Paysan <bernd.paysan@gmx.de> - 2012-12-21 01:41 +0100
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Andrew Haley <andrew29@littlepinkcloud.invalid> - 2012-12-21 03:58 -0600
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Paul Rubin <no.email@nospam.invalid> - 2012-12-21 02:20 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Andrew Haley <andrew29@littlepinkcloud.invalid> - 2012-12-21 06:46 -0600
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Bernd Paysan <bernd.paysan@gmx.de> - 2012-12-21 15:34 +0100
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Andrew Haley <andrew29@littlepinkcloud.invalid> - 2012-12-21 08:40 -0600
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Bernd Paysan <bernd.paysan@gmx.de> - 2012-12-22 03:36 +0100
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Paul Rubin <no.email@nospam.invalid> - 2012-12-21 20:07 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Bernd Paysan <bernd.paysan@gmx.de> - 2012-12-23 02:37 +0100
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Paul Rubin <no.email@nospam.invalid> - 2012-12-22 19:24 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Bernd Paysan <bernd.paysan@gmx.de> - 2012-12-23 15:52 +0100
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Paul Rubin <no.email@nospam.invalid> - 2012-12-23 17:52 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Andrew Haley <andrew29@littlepinkcloud.invalid> - 2012-12-24 03:57 -0600
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Bernd Paysan <bernd.paysan@gmx.de> - 2012-12-24 16:20 +0100
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Paul Rubin <no.email@nospam.invalid> - 2012-12-24 15:36 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Bernd Paysan <bernd.paysan@gmx.de> - 2012-12-25 02:52 +0100
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Paul Rubin <no.email@nospam.invalid> - 2012-12-24 21:51 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Bernd Paysan <bernd.paysan@gmx.de> - 2012-12-25 20:56 +0100
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Paul Rubin <no.email@nospam.invalid> - 2012-12-26 01:08 -0800
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Bernd Paysan <bernd.paysan@gmx.de> - 2012-12-26 16:02 +0100
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth David Thompson <dave.thompson2@verizon.net> - 2012-12-31 02:48 -0500
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth kenney@cix.compulink.co.uk - 2012-12-24 03:20 -0600
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Andrew Haley <andrew29@littlepinkcloud.invalid> - 2012-12-22 03:24 -0600
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Bernd Paysan <bernd.paysan@gmx.de> - 2012-12-23 01:24 +0100
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Andrew Haley <andrew29@littlepinkcloud.invalid> - 2012-12-23 04:59 -0600
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Bernd Paysan <bernd.paysan@gmx.de> - 2012-12-23 17:32 +0100
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Andrew Haley <andrew29@littlepinkcloud.invalid> - 2012-12-23 11:28 -0600
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth Bernd Paysan <bernd.paysan@gmx.de> - 2012-12-24 00:30 +0100
Re: ANN: SHA-256 Secure Hash Algorithm in ANS Forth jzakiya@gmail.com - 2012-12-07 14:27 -0800
csiph-web