Schneier On the US Crypto Competition

Bruce Schneier has a commentary in Wired titled An American Idol for Crypto Geeks on the US government's competition for a new cryptographic hash function to become the national standard, covered here recently. He talks about how much the competition, slated to wrap up by 2011, will advance the cryptographic state of the art. And how much fun he expects to have.

Terrorists??

[MrShaggy]

But I though that it was only terrorists that use encryption??

Re:

[Anonymous Coward]

Don't worry son. I'm sure they'll get to him anytime now.

Re:

[darkhitman]

Encryption is not the same as hashing.

Damn terrorists!

Re:

[skintigh2]

Back in my day, it was only pedophiles and drug runners that used encryption. Oh, how times and emotionally munipulative FUD have changd.

Donald Rumsfeld is the early favourite

[Timesprout]

After submitting some of his more cryptic speeches.

Re:

[ErikTheRed]

After submitting some of his more cryptic speeches.

Well, SHA's not a cipher... but considering the hash [reference.com] (see def #7) Rumsfeld & co made in Iraq....

tasty

[qwertphobia]

mmm.... hash browns

American Idol?

[CerebusUS]

Please, oh please oh please don't let there be a William Hung [williamhung.net] to spring from this.

Re:

[Darth_brooks]

C'mon, You know you wanna hear someone do "She !'s, She !'s"

Re:

[forkazoo]

Please, oh please oh please don't let there be a William Hung to spring from this.

Maybe this guy should submit his work. He'd be right about on William Hung's level of competetiveness....
http://xkcd.com/c153.html [xkcd.com]

Re:

[CerebusUS]

Ha! I love that guy.

Re:

[h4rm0ny]

Wow! Thank you. I'd never seen that series before. I love it! It's mathematical and yet so sweet!

Re:

[strider44]

Alright, I love XKCD but I've got to ask someone for an explanation for that specific comic - I've never listened to Missy Elliot.

Re:

[CerebusUS]

Missy Elliot's Work It lyrics:

This is a Missy Elliott one-time exclusive (Come on)

Is it worth it, let me work it
I put my thang down, flip it and reverse it
I put my thang down, flip it and reverse it

I'm not a huge rap fan, but I generally dig her stuff.

Fun ???

[jfbus]

And how much fun he expects to have.

Sometimes, I wonder whether we live in the same world...

Re:Fun ???

[realnowhereman]

Repeat after me. It's okay. This is a site for geeks. I don't have to pretend to be cool here. Being interested in encryption does not make me a bad person. I am not in high school any more.

Re:

[gkhan1]

You just gave me a flashback of me studying the DES standard during breaks and people looking weirdly at me. You know, "Look, these S-boxes are so cool!".

It was nice to impress people by cracking some simple ciphers though. That didn't last long, however....

Re:

[Goaway]

Yes, obviously intellectual exercise is always dull and boring. Who the hell wants to THINK when you could WATCH TV?

Re:

[An ominous Cow art]

Don't think of it as 'American Idol', think of it as 'American 0x000001D0L'.

SHA-256?

[Bromskloss]

What about SHA-512?

Re:SHA-256?

[Phleg]

It uses a word size of 64 bits, so is not as fast on 32-bit computers. Also, I believe it's received less scrutiny than SHA-256. IANAC.

Re:

[kestasjk]

Also it's still based on the SHA-1 algorithm that was "broken".
For practical purposes even SHA-1 is still reasonably safe, but it'd be best to learn from the cryptanalysis and research of almost two decades if we're going to make everyone change their hashing algorithm anyway.

Re:

[Chandon Seldon]

For practical purposes even SHA-1 is still reasonably safe.

That's a very dangerous statement. It can be much easier to extend theoretical attacks into practical attacks than you might think. Cryptographic algorithms only provide any security at all because they are supposed to have specific mathematical properties. SHA-1 doesn't have the ones it's supposed to.

Re:SHA-256?

[archen]

If your algorithm is showing weaknesses, then throwing more bits at the problem is best reserved as a temporary solution. At the worst this competition will just give us an alternative hash algorithm, and that is probably reason enough to have it.

Re:

[Library Spoff]

off topic(ish) but...

So what option should I be using in Truecrypt for my partition that i've got encrypted?
I'm using the default out the box encryption -can't remember what off the top of my head, i'm at work.

I'm not bothered about the government breaking it - it contains banking information and other stuff they could get at anyway, Just yer average cr/hacker.

My pc is a dualcore Athlon64 with 2 gig of ram if that makes a difference.

 

Re:

[draziw]

Select Tools->Benchmark, and run with one that is fastest on your system. :) - For protection from citizens, any of them will do fine for many years.

Re:

[DarthTaco]

"If your algorithm is showing weaknesses, then throwing more bits at the problem is best reserved as a temporary solution."

All cryptographic solutions are temporary.

Re:

[Chandon Seldon]

All cryptographic solutions are temporary.

I'm not sure where this idea comes from, but it's largely false.

You hear a lot about cryptographic breaks because they make good news on Slashdot, but the fact of the matter is that if you encrypted something in 1978 using 3-DES it'd still be 100% secure today. If you encrypt something today using a secure 256-bit symmetric key encryption algorithm it will remain secure forever unless something really unexpected happens in computing (and no, quantum computers aren

Theyre sking to find unSHA func or bigger word bit

[rogtioko]

NIST is either looking for an entirely revolutionary function to the SHA series, considering the emphasis that SHA-1 has been around since 1995, or seeking a function that supplies words greater than 64bits and also but albeit distantly 256bit and higher to counter higher chunk rate processors. If they're looking for something different than SHA, here are factors they are considering: the fact that all the SHA hashes after SHA-1 use part, maybe all, of SHA-1's 4 functions and vary only by the function's ou

That man gets everywhere

[hawkinspeter]

http://geekz.co.uk/schneierfacts/ [geekz.co.uk]

Whirlpool

[rumplet]

But I guess that's out since it's patent free.

Re:Whirlpool

[MostAwesomeDude]

The patents (or lack thereof) have not had effects on cryptography endorsements before. One of the more popular AES candidates in use is the 384-bit key-based cipher, Blowfish, which has a public domain specification and is very useful in slow key-rescheduling conditions. One common use is for LUKS or Truecrypt hard drive encryption, and another is in BSD password hashes (the idea being that it takes the cipher about two seconds to reset itself internally each time a password is guessed, and so even with the ciphertext, the password takes a longer time to crack.)

Re:

[Ckwop]

The patents (or lack thereof) have not had effects on cryptography endorsements before.

Yes they have. In particular the AES competition required that submitters adhere to certain restrictions [aes.org] regarding patents.

One of the more popular AES candidates in use is the 384-bit key-based cipher, Blowfish, which has a public domain specification and is very useful in slow key-rescheduling conditions.

Blowfish was never an AES candiate [quadibloc.com]

.. Blowfish, which has a public domain specification and is very useful in s

Re:

[iabervon]

IIRC, the algorithm the same group chose for AES was patent-free. This was despite some people wanting them to choose a patented algorithm because the contest requirements included that the winner would have to license any necessary patents to everyone for free. So choosing a patented algorithm would have meant that you and I could use one more AES-finalist-quality algorithm.

I Win!

[lottameez]

73 32 76 105 110 33

Re:

[LordP]

Nooo... 4 8 15 16 23 42

Re:

[gkhan1]

447564652C207468617420776F756C64206861766520626565 6E207761792066756E6E69657220696620796F75206861646E 2774206D65737365642075702074686520617363696900

I've got the solution!!

[JimXugle]

[ASCII text in Binary string] + 1

It's so simple that it might just work!

Re:

[fuego451]

Funny. I was thinking md5sum-1.

Re:

[DamnStupidElf]

[ASCII text in Binary string] + 1

It's so simple that it might just work!

J think you're right! (this message hashed)

Bruce could take the Simon Cowell role...

[mutterc]

... insulting the inferior entries.

(Search his site for "The Doghouse" for some smackdowns of snake-oil crypto products.)

The NSA's entry....

[slcdb]

I heard the NSA is entering a new hash algorithm, named AYBABTU, into the competition. Interestingly, reverse engineering of the algorithm has shown it to be very similar to an algorithm, tentatively named Eksore, that was submitted to the contest by a local Junior High cryptography team.

i for one,

[stupidsocialscientis]

cpx up pvs fodszqujpo pwfsmpstet!

Re:

[mbessey]

QNS-27 dmbqxoshnm, dg? H khjd hs. Ax sgd vzx, xnt lhrodkkdc "Nudqknqcr"