[Cryptography Team] Rijndael class>>#keySize

Ron Teitelbaum Ron at USMedRec.com
Fri Mar 24 22:12:42 UTC 2006 

Thanks Chris.  That makes sense.  Other opinions are welcome of course.  As
for the quiet, yeah it has been but there is still work going on behind the
scenes, just nothing to show for it yet.  

Will you or anyone else be available to look into and work with Paul's ASN.1
implementation once it is completed?  Paul is on his 4th or maybe 5th
iteration.

I talked to Hans-Martin and he's been way to busy to work on his projects.
Maybe soon.  If there is something we should be working on in the mean time
please feel free to suggest it.

Ron Teitelbaum

> -----Original Message-----
> From: cryptography-bounces at lists.squeakfoundation.org
> [mailto:cryptography-bounces at lists.squeakfoundation.org] On Behalf Of
> Chris Muller
> Sent: Friday, March 24, 2006 1:34 PM
> To: cryptography at lists.squeakfoundation.org
> Subject: [Cryptography Team] Rijndael class>>#keySize
> 
> Hellooooooooooo...  (It's been pretty quiet here).
> 
>  I would like to propose an increment to Rijndael's keySize as recommended
> in Practical Cryptography.  From Chapter 4, section 5.8 (p. 65):
> 
>      "A 128-bit key would be great except for one problem:  collision
> attacks.  Time and time again we find systems that can be attacked by a
> birthday attack or a meet-in-the-middle attack.  We know these attacks
> exist."
>  ...
>      "Design rule 3.  For a security level of n bits, every cryptographic
> value should be at least 2n bits long."
>  ...
>      "For 128-bit security we really want to use a block cipher witha
> block size of 256 bits, but all the common block ciphers have a block size
> of 128 bits."
>  ...
>      "Still, at least we can use the large keys that all AES candidate
> block ciphers support.  Therefore:  use 256-bit keys!"
> 
>  (I hope I don't get in trouble for quoting this much text).
> 
>  Furthermore, later on in chapter 22 about securing long-term secrets with
> passphrases, it recommends to "salt and stretch" the passphrase to a 256-
> bit value and use that to encrypt your secrets (i.e., keyring).  The only
> way Rijndael can do is with a keySize of 256 bits.
> 
>  If anyone objects, please let me know, otherwise I will post this change
> in the near future.
> 
>  Thanks,
>    Chris
> 
> 
> _______________________________________________
> Cryptography mailing list
> Cryptography at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography

More information about the Cryptography mailing list