Which block cipher parameters should be kept secret?Converting a stream cipher into a block cipherIs SHA-256...
What is the maximum viable speed for a projectile within earth's atmosphere?
How often is duct tape used during crewed space missions?
Plausibility and performance of a composite longbow
What can I actually do with a high credit score?
With a 500GB SSD and a 250GB SSD is it possible to mirror a 250GB partition on the 500GB with the 250GB SSD using ZFS?
How do rulers get rich from war?
Why are there no programmes / playbills for movies?
Talk about Grandpa's weird talk: Who are these folks?
Where did Otto von Bismarck say "lying awake all night, hating"?
Who are the people reviewing far more papers than they're submitting for review?
Account creation and log-in system
Are there any instances in Tanach of Lashon Hara said purely for non-constructive purposes?
Manager manipulates my leaves, what's in it for him?
What's the benefit of prohibiting the use of techniques/language constructs that have not been taught?
Is it safe to unplug a blinking USB drive after 'safely' ejecting it?
Floating Point XOR
What’s a “dissipated” garment supposed to be?
Which block cipher parameters should be kept secret?
Is it possible that the shadow of The Moon is a single dot during solar eclipse?
What is the origin of the "being immortal sucks" trope?
MySQL - How to check for a value in all columns
Is Yang not precluded from conducting his "UBI experiment" as an electoral candidate?
Is Zack Morris's 'time stop' ability in "Saved By the Bell" a supernatural ability?
We suspect colleague is stealing company code - what do we do?
Which block cipher parameters should be kept secret?
Converting a stream cipher into a block cipherIs SHA-256 secure as a CTR block cipher?What (precisely) is a block cipher?Is a tweakable block cipher still considered deterministic in nature?Turning a 64 bit block cipher into a 128 bit block cipherSecurity of a parallelizable block cipher modeShould I use a self-designed Block Cipher Mode of Operation?A block cipher whose key changes after each block
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}
$begingroup$
Which of the parameters of a block cipher (e.g., algorithm name, mode of operation, IV (if any), key length) are essential to keep secret?
block-cipher
edited 8 hours ago
Ella Rose♦
17.4k4 gold badges45 silver badges86 bronze badges
asked 8 hours ago
EmilyEmily
161 bronze badge
New contributor
Emily is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
$endgroup$
add a comment
|
$begingroup$
Which of the parameters of a block cipher (e.g., algorithm name, mode of operation, IV (if any), key length) are essential to keep secret?
block-cipher
edited 8 hours ago
Ella Rose♦
17.4k4 gold badges45 silver badges86 bronze badges
asked 8 hours ago
EmilyEmily
161 bronze badge
New contributor
Emily is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
$endgroup$
add a comment
|
$begingroup$
Which of the parameters of a block cipher (e.g., algorithm name, mode of operation, IV (if any), key length) are essential to keep secret?
block-cipher
edited 8 hours ago
Ella Rose♦
17.4k4 gold badges45 silver badges86 bronze badges
asked 8 hours ago
EmilyEmily
161 bronze badge
New contributor
Emily is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
$endgroup$
Which of the parameters of a block cipher (e.g., algorithm name, mode of operation, IV (if any), key length) are essential to keep secret?
block-cipher
block-cipher
edited 8 hours ago
Ella Rose♦
17.4k4 gold badges45 silver badges86 bronze badges
asked 8 hours ago
EmilyEmily
161 bronze badge
New contributor
Emily is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 8 hours ago
Ella Rose♦
17.4k4 gold badges45 silver badges86 bronze badges
asked 8 hours ago
EmilyEmily
161 bronze badge
New contributor
Emily is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 8 hours ago
Ella Rose♦
17.4k4 gold badges45 silver badges86 bronze badges
edited 8 hours ago
Ella Rose♦
17.4k4 gold badges45 silver badges86 bronze badges
edited 8 hours ago
Ella Rose♦
17.4k4 gold badges45 silver badges86 bronze badges
17.4k4 gold badges45 silver badges86 bronze badges
asked 8 hours ago
EmilyEmily
161 bronze badge
New contributor
Emily is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 8 hours ago
EmilyEmily
161 bronze badge
asked 8 hours ago
EmilyEmily
161 bronze badge
161 bronze badge
New contributor
Emily is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Emily is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment
|
add a comment
|
1 Answer
1
active
oldest
votes
$begingroup$
In you opinion which of the parameters of a block cipher (e.g., algorithm name, mode of operation, IV (if any), key length) are essential to keep secret?
I believe that it is essential that you keep the key secret.
If there is any other aspect of the cipher that you must keep secret (that is, you become insecure if it is revealed), then your cipher is 'broken'.
We can assume that the attacker can learn any long term aspect of your cipher implementation, such as the cipher name, mode of operation, key length. There are a number of possible ways he might learn it, such as an employee accidentally (or deliberately) leaking it, or if the attacker just obtains your implementation and dissects it. Hence, for security, we want to depend solely on something that we update routinely (such as the key). If the attacker learns the key, that limits the damage (as he can decrypt the traffic encrypted with that key, but nothing after we update the key. This idea is referred to as Kerckhoff's principle
Now, you list the IV; that is typically updated constantly. On the other hand, we generally use it to refer to information that need not be secret. If it does have to be secret, then it really is part of the key, and should be considered that way.
edited 4 hours ago
kelalaka
10.7k3 gold badges28 silver badges55 bronze badges
answered 8 hours ago
ponchoponcho
99.2k3 gold badges161 silver badges259 bronze badges
$endgroup$
add a comment
|
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "281"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/4.0/"u003ecc by-sa 4.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Emily is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f74345%2fwhich-block-cipher-parameters-should-be-kept-secret%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
$begingroup$
In you opinion which of the parameters of a block cipher (e.g., algorithm name, mode of operation, IV (if any), key length) are essential to keep secret?
I believe that it is essential that you keep the key secret.
If there is any other aspect of the cipher that you must keep secret (that is, you become insecure if it is revealed), then your cipher is 'broken'.
We can assume that the attacker can learn any long term aspect of your cipher implementation, such as the cipher name, mode of operation, key length. There are a number of possible ways he might learn it, such as an employee accidentally (or deliberately) leaking it, or if the attacker just obtains your implementation and dissects it. Hence, for security, we want to depend solely on something that we update routinely (such as the key). If the attacker learns the key, that limits the damage (as he can decrypt the traffic encrypted with that key, but nothing after we update the key. This idea is referred to as Kerckhoff's principle
Now, you list the IV; that is typically updated constantly. On the other hand, we generally use it to refer to information that need not be secret. If it does have to be secret, then it really is part of the key, and should be considered that way.
edited 4 hours ago
kelalaka
10.7k3 gold badges28 silver badges55 bronze badges
answered 8 hours ago
ponchoponcho
99.2k3 gold badges161 silver badges259 bronze badges
$endgroup$
add a comment
|
$begingroup$
In you opinion which of the parameters of a block cipher (e.g., algorithm name, mode of operation, IV (if any), key length) are essential to keep secret?
I believe that it is essential that you keep the key secret.
If there is any other aspect of the cipher that you must keep secret (that is, you become insecure if it is revealed), then your cipher is 'broken'.
We can assume that the attacker can learn any long term aspect of your cipher implementation, such as the cipher name, mode of operation, key length. There are a number of possible ways he might learn it, such as an employee accidentally (or deliberately) leaking it, or if the attacker just obtains your implementation and dissects it. Hence, for security, we want to depend solely on something that we update routinely (such as the key). If the attacker learns the key, that limits the damage (as he can decrypt the traffic encrypted with that key, but nothing after we update the key. This idea is referred to as Kerckhoff's principle
Now, you list the IV; that is typically updated constantly. On the other hand, we generally use it to refer to information that need not be secret. If it does have to be secret, then it really is part of the key, and should be considered that way.
edited 4 hours ago
kelalaka
10.7k3 gold badges28 silver badges55 bronze badges
answered 8 hours ago
ponchoponcho
99.2k3 gold badges161 silver badges259 bronze badges
$endgroup$
add a comment
|
$begingroup$
In you opinion which of the parameters of a block cipher (e.g., algorithm name, mode of operation, IV (if any), key length) are essential to keep secret?
I believe that it is essential that you keep the key secret.
If there is any other aspect of the cipher that you must keep secret (that is, you become insecure if it is revealed), then your cipher is 'broken'.
We can assume that the attacker can learn any long term aspect of your cipher implementation, such as the cipher name, mode of operation, key length. There are a number of possible ways he might learn it, such as an employee accidentally (or deliberately) leaking it, or if the attacker just obtains your implementation and dissects it. Hence, for security, we want to depend solely on something that we update routinely (such as the key). If the attacker learns the key, that limits the damage (as he can decrypt the traffic encrypted with that key, but nothing after we update the key. This idea is referred to as Kerckhoff's principle
Now, you list the IV; that is typically updated constantly. On the other hand, we generally use it to refer to information that need not be secret. If it does have to be secret, then it really is part of the key, and should be considered that way.
edited 4 hours ago
kelalaka
10.7k3 gold badges28 silver badges55 bronze badges
answered 8 hours ago
ponchoponcho
99.2k3 gold badges161 silver badges259 bronze badges
$endgroup$
In you opinion which of the parameters of a block cipher (e.g., algorithm name, mode of operation, IV (if any), key length) are essential to keep secret?
I believe that it is essential that you keep the key secret.
If there is any other aspect of the cipher that you must keep secret (that is, you become insecure if it is revealed), then your cipher is 'broken'.
We can assume that the attacker can learn any long term aspect of your cipher implementation, such as the cipher name, mode of operation, key length. There are a number of possible ways he might learn it, such as an employee accidentally (or deliberately) leaking it, or if the attacker just obtains your implementation and dissects it. Hence, for security, we want to depend solely on something that we update routinely (such as the key). If the attacker learns the key, that limits the damage (as he can decrypt the traffic encrypted with that key, but nothing after we update the key. This idea is referred to as Kerckhoff's principle
Now, you list the IV; that is typically updated constantly. On the other hand, we generally use it to refer to information that need not be secret. If it does have to be secret, then it really is part of the key, and should be considered that way.
edited 4 hours ago
kelalaka
10.7k3 gold badges28 silver badges55 bronze badges
answered 8 hours ago
ponchoponcho
99.2k3 gold badges161 silver badges259 bronze badges
edited 4 hours ago
kelalaka
10.7k3 gold badges28 silver badges55 bronze badges
edited 4 hours ago
kelalaka
10.7k3 gold badges28 silver badges55 bronze badges
edited 4 hours ago
kelalaka
10.7k3 gold badges28 silver badges55 bronze badges
10.7k3 gold badges28 silver badges55 bronze badges
answered 8 hours ago
ponchoponcho
99.2k3 gold badges161 silver badges259 bronze badges
answered 8 hours ago
ponchoponcho
99.2k3 gold badges161 silver badges259 bronze badges
answered 8 hours ago
ponchoponcho
99.2k3 gold badges161 silver badges259 bronze badges
99.2k3 gold badges161 silver badges259 bronze badges
add a comment
|
add a comment
|
Emily is a new contributor. Be nice, and check out our Code of Conduct.
Emily is a new contributor. Be nice, and check out our Code of Conduct.
Emily is a new contributor. Be nice, and check out our Code of Conduct.
Emily is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Cryptography Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
Use MathJax to format equations. MathJax reference.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f74345%2fwhich-block-cipher-parameters-should-be-kept-secret%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
