Sign in with Facebook
Serious Cryptography Quotes
Serious Cryptography: A Practical Introduction to Modern Encryption
by
Jean-Philippe Aumasson377 ratings, 4.28 average rating, 48 reviews
Serious Cryptography Quotes
Showing 1-4 of 4
“Although quantum computers can in principle be built, we don’t know how hard it will be or when that might happen, if at all. And so far, it looks really hard. As of early 2017, the record holder is a machine that is able to keep 14 (fourteen!) qubits stable for only a few milliseconds, whereas we’d need to keep millions of qubits stable for weeks in order to break any crypto.”
― Serious Cryptography: A Practical Introduction to Modern Encryption
― Serious Cryptography: A Practical Introduction to Modern Encryption
“The most common failure seen with stream ciphers is an amateur mistake: it occurs when a nonce is reused more than once with the same key. This produces identical keystreams, allowing you to break the encryption by XORing two ciphertexts together. The keystream then vanishes, and you’re left with the XOR of the two plaintexts.
For example, older versions of Microsoft Word and Excel used a unique nonce for each document, but the nonce wasn’t changed once the document was modified. As a result, the clear and encrypted text of an older version of a document could be used to decrypt later encrypted versions.”
― Serious Cryptography: A Practical Introduction to Modern Encryption
For example, older versions of Microsoft Word and Excel used a unique nonce for each document, but the nonce wasn’t changed once the document was modified. As a result, the clear and encrypted text of an older version of a document could be used to decrypt later encrypted versions.”
― Serious Cryptography: A Practical Introduction to Modern Encryption
“As I write this, there is no known attack on Grain-128a, and I’m confident that it will remain secure. Grain-128a is used in some low-end embedded systems that need a compact and fast stream cipher—typically industrial proprietary systems—which is why Grain-128a is little known in the open source software community.”
― Serious Cryptography: A Practical Introduction to Modern Encryption
― Serious Cryptography: A Practical Introduction to Modern Encryption
“Each operation contributes to AES’s security in a specific way:
* Without KeyExpansion, all rounds would use the same key, K, and AES would be vulnerable to slide attacks.
* Without AddRoundKey, encryption wouldn’t depend on the key; hence, anyone could decrypt any ciphertext without the key.
* SubBytes brings nonlinear operations, which add cryptographic strength. Without it, AES would just be a large system of linear equations that is solvable using high-school algebra.
* Without ShiftRows, changes in a given column would never affect the other columns, meaning you could break AES by building four 232 element codebooks for each column. (Remember that in a secure block cipher, flipping a bit in the input should affect all the output bits.)
* Without MixColumns, changes in a byte would not affect any other bytes of the state. A chosen-plaintext attacker could then decrypt any ciphertext after storing 16 lookup tables of 256 bytes each that hold the encrypted values of each possible value of a byte.”
― Serious Cryptography: A Practical Introduction to Modern Encryption
* Without KeyExpansion, all rounds would use the same key, K, and AES would be vulnerable to slide attacks.
* Without AddRoundKey, encryption wouldn’t depend on the key; hence, anyone could decrypt any ciphertext without the key.
* SubBytes brings nonlinear operations, which add cryptographic strength. Without it, AES would just be a large system of linear equations that is solvable using high-school algebra.
* Without ShiftRows, changes in a given column would never affect the other columns, meaning you could break AES by building four 232 element codebooks for each column. (Remember that in a secure block cipher, flipping a bit in the input should affect all the output bits.)
* Without MixColumns, changes in a byte would not affect any other bytes of the state. A chosen-plaintext attacker could then decrypt any ciphertext after storing 16 lookup tables of 256 bytes each that hold the encrypted values of each possible value of a byte.”
― Serious Cryptography: A Practical Introduction to Modern Encryption
