Schneier on Security
A blog covering security and security technology.
« The Effects of Data Breach Litigation |
| Harms of Post-9/11 Airline Security »
March 28, 2012
Last weekend was the 2012 SHARCS (Special-Purpose Hardware for Attacking Cryptographic Systems) conference. The presentations are online.
Posted on March 28, 2012 at 6:05 AM
• 9 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
On reading the CEASER paper on modified GPU style CPU's as AES cracker, it gave me a sense of deja vie.
Anyone remeber those heady days when the first papers about a haedware cracker for DES would only cost $1million and a few years later the EFF produced a real cracker for around a quater that in all up cost.
Well the paper mentions a number of machines one of which (top sentance of page 3 of the paper) that would need a year of precomputation and then be able to find AES keys around every eight minutes...
Time for NIST to start considering a MES (Mega Encryption Standard) competition ;)
Maybe we can see one comming to Utah real soon now in that new NSA building :-)
@Clive: "MES (Mega Encryption Standard)"
Easy: Triple-AES ;-)
As a sidenote, I always wonder how feasible these cryptanalytic attacks are, assuming that we have fast enough hardware.
For example, the related-key attack on AES seems to require pretty strong additional preconditions for which I can hardly imagine where to find them in practice.
Well, it certainly deserves a prize for the most contorted acronym of the year. SHARCS? Oy!
You forgoto to quote the smiley at the end ;-)
More seriously though we went through Triple-DES very quickly.
However I doubt like you we have much to worry about for a few years, but if I was doing anything with long term value I'd certainly be looking at using chained ciphers for some things.
Remember it's still quite common in the UK to have contracts on land that last between 99 and 999years.
But as I said this is the way confidence in DES started to wash away even with the NSA fighting all it could to stop it initialy.
Could you also post some kind of update regarding the SHA-3 competition and skein? I think the final conference was a week ago.
I think the strength of cryptography would be way down the list of problems with 999 year contracts. My own family lost title to some property when the church who had leased it for 99 years successfully argued that our ancestor had meant that as synonymous with "in perpetuity". To imagine that the judges 999 years from now will pay any attention to contracts made today strikes me as beyond optimistic.
Also, I wonder how those contracts are entered into spreadsheets, when, IIRC, MSFT issued its final "Yes, 2000 is a leap-year" fix in November 1999. One would think that 99year contracts entered today would already have issues with programs whose writers over-generalized that lesson.
I think the best contribution is the assembler language for GPU's. I see that having quite a few uses, possibly.
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.