Re: [Cfrg] matching AES security

Peter Gutmann <pgut001@cs.auckland.ac.nz> Fri, 01 August 2014 13:10 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 69FD11A0AFF for <cfrg@ietfa.amsl.com>; Fri, 1 Aug 2014 06:10:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RP_MATCHES_RCVD=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K0yDfkHFgguD for <cfrg@ietfa.amsl.com>; Fri, 1 Aug 2014 06:10:11 -0700 (PDT)
Received: from mx2.auckland.ac.nz (mx2.auckland.ac.nz [130.216.125.245]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 37FC71A0383 for <cfrg@irtf.org>; Fri, 1 Aug 2014 06:10:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=uoa; t=1406898611; x=1438434611; h=from:to:subject:date:message-id: content-transfer-encoding:mime-version; bh=ln4fdAkUl14UVbf2SggLK5bJ/bf3wQp39oiRl1eZ3aY=; b=Me/a42zP6NCqMenoQNSjFocOtvx5LQe18Q7USyrQ3MTv3UV4grl7I0ul YlE5Vez/+nAGI32XC6RRfoBbi/Pk8iHTB99sEybECcXBlzcVime26XFd9 zwHEK2NnmTRTwEKHLsDS0IFEm45nhRKwSkpJDJ+h+5dgvVHfDHjHbb7fZ Q=;
X-IronPort-AV: E=Sophos;i="5.01,780,1399982400"; d="scan'208";a="266839849"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 130.216.4.106 - Outgoing - Outgoing
Received: from uxchange10-fe2.uoa.auckland.ac.nz ([130.216.4.106]) by mx2-int.auckland.ac.nz with ESMTP/TLS/AES128-SHA; 02 Aug 2014 01:10:08 +1200
Received: from UXCN10-5.UoA.auckland.ac.nz ([169.254.5.247]) by uxchange10-fe2.UoA.auckland.ac.nz ([169.254.27.86]) with mapi id 14.03.0174.001; Sat, 2 Aug 2014 01:10:08 +1200
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: "'cfrg@irtf.org'" <cfrg@irtf.org>
Thread-Topic: [Cfrg] matching AES security
Thread-Index: Ac+tiep7KEhI5s/HT5ebw8bFDOFZrg==
Date: Fri, 1 Aug 2014 13:10:07 +0000
Message-ID: <9A043F3CF02CD34C8E74AC1594475C738EFB422D@uxcn10-5.UoA.auckland.ac.nz>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/jlh_5x7Bqi7AX1UeT_hXarUcHmQ
Subject: Re: [Cfrg] matching AES security
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Aug 2014 13:10:16 -0000

Watson Ladd <watsonbladd@gmail.com> writes:

>Except that the issue isn't doing 2^128 calculations: it's what you have when
>you have only done 2^70 or so calculations. The relevant paper is
>http://cr.yp.to/snuffle/bruteforce-20050425.pdf.

That was the one that postulated (goes back to paper) a custom device with
2^42 bytes of memory and 2^32 keysearch engines that required 2^36 inputs.
That's 100 terabytes of RAM, 4 billion keysearch engines, and around 70
billion sets of input data.

I'm not overly concerned.

(Having said that, it's an interesting FYI and aptly gets across what's
described in the abstract, it's just a long way down on the things-to-keep-me-
up-at-night register).

Peter.