Re: Cryptanalysis
At 11:57 PM 3/9/96, E. ALLEN SMITH wrote:
From: IN%"tcmay@got.net" 9-MAR-1996 12:05:04.70
There are very good reasons to say little about "conventional cryptanalysis": it just doesn't matter much with modern ciphers, such as public key systems. Modern ciphers don't fall to conventional attacks based on word frequency, pattern analysis, etc.
I realize that this may also be considered an out of date subject, but what's a good reference for codes as opposed to cyphers (other than the one reference in the Cyphernomicon which includes "codes" in its title)?
The usual: Kahn, Denning, and some of the old Dover Press books on crypto. Also, Herbert Zim wrote a nice little book about 40-50 years ago on codes. Some of the standard crypto textbooks will of course have more pointers to cryptanalysis. (Not to sound harsh to Allen, but why would anyone ask here on the list for recommendations to such a standard subject when Schneier, Garfinkel, Denning, etc. all have books listed?) Again, the reason stuff like "word frequency counts" and "index of coincidence" notions are so seldom involved in modern crypto--which is what all public key systems involve--is that they are essentially of no use. There is no point in doing statistical analysis of patterns on the ciphertext in an RSA or similar encryption. (Because any "patterns" discovered are meaningless.) And there are so many interesting areas to pursue with using and furthering modern crypto, that I just can't understand how people can think that classical cryptanalysis is useful. It might be fun, as a hobby, but it has no bearing on modern systems. (Well, I'm exaggerating a bit. I suspect that classical cryptanalysts at the NSA or GCHQ might have some insights into some problems with modern systems, such as traffic analysis. So I shouldn't say there is "no use" for it. But I hope you all understand my point in general. It is unlikely in the extreme that anyone who fools around a little with classical cryptanalysis will have anything important to contribute as a result of this.) --Tim May Boycott "Big Brother Inside" software! We got computers, we're tapping phone lines, we know that that ain't allowed. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^756839 - 1 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
Timothy C. May wrote: | cryptanalysis. (Not to sound harsh to Allen, but why would anyone ask here | on the list for recommendations to such a standard subject when Schneier, | Garfinkel, Denning, etc. all have books listed?) Niether Schneier nor Garfinkel really talk about analysis. The only book I can think of is Biham's "Cryptanalysis of the DES," and thats on a single technique. I don't know of any books on 'applied cryptanalysis.' The public knowledge is all in the heads of a few practitioners, and the papers they've written. | And there are so many interesting areas to pursue with using and furthering | modern crypto, that I just can't understand how people can think that | classical cryptanalysis is useful. It might be fun, as a hobby, but it has | no bearing on modern systems. (Well, I'm exaggerating a bit. I suspect that | classical cryptanalysts at the NSA or GCHQ might have some insights into | some problems with modern systems, such as traffic analysis. So I shouldn't While classical cryptanalysis is not likely to be useful, traditional cryptanalysis hasn't changed much. Stealing keys, bribing people, getting physical access to systems is still far more useful than trying to brute force a key. Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume
participants (2)
-
Adam Shostack -
tcmay@got.net