I have been using AES strictly for the past 18 months. I am not a
crypto guru so my decision was based on an article at wikipedia.org
which quoted a United States government report saying,
"The design and strength of all key lengths of the AES algorithm
(i.e., 128, 192 and 256) are sufficient to protect classified
information up to the SECRET level. TOP SECRET information will require
use of either the 192 or 256 key lengths. The implementation of AES in
products intended to protect national security systems and/or
information must be reviewed and certified by NSA prior to their
acquisition and use."
Well, I decided to check for updates on wikipedia and now there is an
amendment saying,
"In April 2005, Daniel_J._Bernstein announced a cache timing
attack that breaks most practical AES implementations, and applied it to
break OpenSSL when using AES encryption. The attack is against practical
implementations but appears hard to defend against because of the AES
structure."
The write-up on the cache-timing attack is here for those interested
http://cr.yp.to/antiforgery/cachetiming-20050414.pdf and also how to do
it. After reading this write-up I am considering moving to blowfish and
am looking for some advice. At least one person is intrested in
cracking my server because my logfile reveals days of dictionary
attacks. Below are the questions I am looking for.
1. 64-bit blocksizes are considered too small and only the full
16-round blowfish implemnation appears sufficient. Are there any other
vulnderabilites?
2. Is blowfish susceptible to cache-timing attacks?
3. How can I ensure that the criteria for #1 are met in my OpenSSH
configuration?
crypto guru so my decision was based on an article at wikipedia.org
which quoted a United States government report saying,
"The design and strength of all key lengths of the AES algorithm
(i.e., 128, 192 and 256) are sufficient to protect classified
information up to the SECRET level. TOP SECRET information will require
use of either the 192 or 256 key lengths. The implementation of AES in
products intended to protect national security systems and/or
information must be reviewed and certified by NSA prior to their
acquisition and use."
Well, I decided to check for updates on wikipedia and now there is an
amendment saying,
"In April 2005, Daniel_J._Bernstein announced a cache timing
attack that breaks most practical AES implementations, and applied it to
break OpenSSL when using AES encryption. The attack is against practical
implementations but appears hard to defend against because of the AES
structure."
The write-up on the cache-timing attack is here for those interested
http://cr.yp.to/antiforgery/cachetiming-20050414.pdf and also how to do
it. After reading this write-up I am considering moving to blowfish and
am looking for some advice. At least one person is intrested in
cracking my server because my logfile reveals days of dictionary
attacks. Below are the questions I am looking for.
1. 64-bit blocksizes are considered too small and only the full
16-round blowfish implemnation appears sufficient. Are there any other
vulnderabilites?
2. Is blowfish susceptible to cache-timing attacks?
3. How can I ensure that the criteria for #1 are met in my OpenSSH
configuration?
Thanks in advance to all who reply!
Bryan
[ reply ]