Hello, Robin! Robin Carey wrote:
> There is some talk on the kernel-mailing list about implementing > Cryptography in DragonFlyBSD. > > I would like to add my input in this discussion; > > Most cryptography implementations use block-ciphers. But I consider > block-ciphers (even AES) bad, because > they are just a code-book. > Actually, you can use different cipher modes like CBC to overtook this code-book-alike behavior of block ciphers. Advanced modes like LRW/XEX/XTS are even protecting against watermarking attacks. I consider Stream Ciphers to be the best way to encrypt data, as these are > "the next best thing" to a > one-time-pad (one-time-pad is a provably secure encryption method). > One-time-pad is indeed provably secure encrypted method (more, it has ``perfect security'' property) but this does not holds for arbitrary stream cipher. A5 algorithm (which implemented in cell phones for GSM) considered weak ATM, for example. Moreover, there is always opportunity to make attack with known plain text on stream cipher. Take the first block of a file which is, for example, C source. In most cases it will start with string like ``#include'' or, even worse, with license notice. You know, almost surely, that plain text is license or sequence of includes. If cipher-stream was just xor'ed with plain text, you can take the license, xor it with the first block of the file and get the stream. With it you can perform further cryptanalysis. It depends on application — which type of cipher to use. Stream ciphers are good when you don't actually know where your data will end (like the encoded voice in cell phones). Block ciphers were primarily designed to be used in computers (e.g. file systems and databases). -- Best regards, Dmitry A. Stephantsov
