Profile

unixronin: Galen the technomage, from Babylon 5: Crusade (Default)
Unixronin

December 2012

S M T W T F S
      1
2345678
9101112131415
16171819202122
23242526272829
3031     

Page Summary

Most Popular Tags

Expand Cut Tags

No cut tags
unixronin: A somewhat Borg-ish high-tech avatar (Techno/geekdom)
Wednesday, September 1st, 2010 09:09 am

Bruce Schneier is one of eight designers of Skein, an entrant for the NIST SHA-3 competition.  It's extremely robust, and has proven very difficult to attack.

Which is why a group of very clever cryptanalysts invented a completely new type of cryptanalytic attack to use against Threefish, the block cipher underlying Skein.  The crypto community is still trying to figure out how the new attack changes the crypto landscape.

Brilliant as it is, though, the new "known-key distinguisher attack" still didn't really work.  It was able to distinguish between a reduced-round — 57 of 72 rounds — Threefish ciphertext and a random permutation, but doesn't actually recover any key bits, requires that the attacker be able to manipulate both plaintexts and keys "in a structured way", and is only marginally faster than a brute-force attack.  Even then, it can only distinguish Threefish ciphertext, and doesn't actually affect Skein itself (yet).  Further, Schneier and the other Skein designers were able to identify a way to block the new attack by changing a single constant in Threefish's key schedule, which prevents the attack from being able to distinguish between Threefish ciphertext and random permutation beyond 33 of 72 Threefish rounds, and have made that change as a second-round tweak permitted by the NIST.

Still, it illustrates a point:  Both cryptography and cryptanalysis only get better over time.  When you run into a problem where none of the existing tools work, the truly clever cryptologist devises a new tool.

Tags: