What kind of symmetric key ciphers are secure thanks to the intrinsic cryptographic method instead of making the key length very long and secure?

nitchan

2/18/24, 6:23 PM

For example, Threefish has a key length of 1024 and a very long number of rounds (80). but, I have not heard much about Threefish-1024 being particularly secure, so what symmetric key ciphers are there that are secure not because of their large number of rounds or long key length, but because of their intrinsic cryptographic operations? And why is that symmetric key cipher secure?

translator user

104

1 + 1

key-size

symmetric

Eugene Styer

2/18/24, 7:21 PM

You need a sufficiently long key or any algorithm will be subject to brute force attacks

Score:3

Crypto

bk2204

2/18/24, 7:46 PM

Threefish is a block cipher that's specifically designed to operate in the hash function Skein. In many hash function designs, the message is used as the key, and as a consequence, having a key of 512 or 1024 bits is useful because it allows processing messages in larger chunks, improving performance. It isn't really heavily studied independently, but the best public cryptanalysis shows that it's secure.

When we're talking about block ciphers that are normally used for encryption, we typically implement them pretty much the same way, using several sets of smaller words which we combine using addition and subtraction, bitwise operations (AND, OR, XOR, and NOT), and sometimes multiplication. (This is true of Threefish as well.) We use these techniques because they're simple and efficient on a wide variety of modern hardware. Algorithms which are slow and inefficient are typically much less used, regardless of security.

There's no one way to construct a block cipher, but typically there is some sort of S-box (substitution box) which is designed to be non-linear, as well as various linear operations that help create diffusion. These help provide defenses against linear and differential cryptanalysis, among other techniques. There are also many common designs: Feistel, Lai-Massey, and substitution-permutation networks.

As for the number of rounds, that depends on how complex each round is. Threefish has simpler rounds, so it needs more of them. Twofish and AES have more complex rounds that do more at once, so they need fewer of them. The right number of rounds depends heavily on the design and the intended security strength: typically with larger blocks or keys more mixing is required, which requires more rounds.

In all of these cases, we want the best known attack to be brute force: guessing the key. This is true for Threefish, and it's also true for more common block ciphers like AES and Serpent. The difference is that AES and Serpent use smaller keys because we currently think that 256 bit keys will be sufficient for the indefinite future, including with quantum computing. (Performing $ 2^{128} $ operations is believed to be beyond this planet's resources.) Thus, the only benefit to having a longer key is when it's being used in a cryptographic construction, such as a hash function.

Ultimately, there really isn't much difference in the way we construct a block cipher like Threefish and a more common one such as AES or Serpent.

+ 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: What kind of symmetric key ciphers are secure thanks to the intrinsic cryptographic method instead of making the key length very long and secure?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.