Bugtraq mailing list archives
Re: Secure Science issues preview of their upcoming block cipher
From: devnull () Rodents Montreal QC CA
Date: Fri, 25 Mar 2005 16:02:06 -0500 (EST)
[The From: header is a broken-autoresponder defense; use the address in the signature if you want to write to me.] [quoting order repaired manually -dM]
[...] CS2-128 cipher is a 128-bit block cipher with a 128 bit key. This cipher is [...] provably just as secure as AES-128.Really? How does one go about proving the security of a block cipher?
Proving it just as secure as another cipher is very different from proving its security in any kind of absolute sense. If I wanted to prove two ciphers to be of equivalent security ("just as secure as"), I would try to find a way to use a break of either to break the other (with sufficiently trivial transformation cost, of course). If I show that any break of CS2-128 can be trivially used to break AES-128, then I have shown that CS2-128 is at least as secure than AES-128; if I do the same in the other direction too, I have shown that it is just as secure.
My understanding is that you, and others, perform attacks against it, and see how it holds up.
That is how to probe its security in absolute terms; it cannot prove anything in the mathematical sense that is apparently being used here. (Well, okay, it _can_ prove that a cipher is *in*secure.) "Provably just as secure as" has little to nothing to do with the kind of demonstration of security derived from withstanding skilled attacks. /~\ The ASCII der Mouse \ / Ribbon Campaign X Against HTML mouse () rodents montreal qc ca / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
Current thread:
- Secure Science issues preview of their upcoming block cipher BugTraq (Mar 24)
- Re: Secure Science issues preview of their upcoming block cipher Adam Shostack (Mar 25)
- Re: Secure Science issues preview of their upcoming block cipher Jerrold Leichter (Mar 25)
- Re: Secure Science issues preview of their upcoming block cipher Ralf-Philipp Weinmann (Mar 25)
- Re: Secure Science issues preview of their upcoming block cipher David Covin (Mar 25)
- Re: Secure Science issues preview of their upcoming block cipher devnull (Mar 26)
- Re: Secure Science issues preview of their upcoming block cipher Jerrold Leichter (Mar 25)
- Re: Secure Science issues preview of their upcoming block cipher Adam Shostack (Mar 25)