Applied Cryptology 2.2: SPN and Feistel
Summary
TLDRThis script delves into the intricacies of block ciphers, focusing on two main types: SPN (Substitution-Permutation Network) and Feistel networks. It explains the structure and function of each, using AES and PRESENT as SPN examples, and highlighting their layers of encryption. It also touches on cipher design considerations, such as platform suitability, security vs. speed, and the evolution of encryption standards from DES to AES. The lecture underscores the importance of key length in security, illustrating the impracticality of brute force attacks on modern ciphers like AES-256, and briefly mentions cryptanalysis techniques.
Takeaways
- 🔑 Block ciphers can be classified into two types: SPN (Substitution-Permutation Network) and Feistel networks, each with unique structures and characteristics.
- 🔄 In an SPN cipher, the process involves key addition, substitution for confusion, permutation for diffusion, and repeated rounds to produce the ciphertext.
- 🔒 AES (Advanced Encryption Standard) is an example of an SPN cipher widely used for its security and efficiency, with varying key lengths affecting the number of encryption rounds.
- 🔑 The security of a block cipher is based on the secrecy of the key, assuming all details of the encryption algorithm are public, which is known as Kerckhoffs's principle.
- 🛡️ Feistel ciphers, such as the DES (Data Encryption Standard), involve a round function and a swap operation, with the encryption and decryption processes being similar, differing only in the order of round keys.
- 🔩 The design of block ciphers must consider factors like platform suitability (hardware vs. software), security vs. speed trade-offs, and the target application's specific requirements.
- 🌐 Light-weight cryptography focuses on creating secure algorithms suitable for devices with limited memory and computational power, such as those used in IoT (Internet of Things).
- 🚫 DES is no longer recommended for secure encryption due to its short key length of 56 bits, making it vulnerable to brute force attacks.
- 🔍 Cryptanalysis techniques, such as differential cryptanalysis and linear cryptanalysis, are used to find weaknesses in cryptographic algorithms to improve their security.
- 💡 The key length of a cipher is crucial for security; longer keys like those in AES (128, 192, 256 bits) provide a significantly higher number of possible keys and thus greater security.
- ⏱️ The time complexity of breaking a cipher through exhaustive search increases exponentially with key length, making longer keys like AES-256 practically unbreakable with current technology.
Q & A
What are the two main types of block ciphers discussed in the script?
-The two main types of block ciphers discussed are SPN (Substitution-Permutation Network) and Feistel ciphers.
What is the purpose of the key addition layer in an SPN cipher?
-The key addition layer in an SPN cipher combines the key material with the plaintext, providing an initial mixing of the key into the data before the rounds of substitution and permutation.
Can you explain the role of the substitution layer in an SPN cipher?
-The substitution layer in an SPN cipher provides confusion by substituting certain inputs with specific outputs, creating a complex relationship between the plaintext and the ciphertext.
What does the permutation layer in an SPN cipher achieve?
-The permutation layer in an SPN cipher provides diffusion by rearranging the bits of the data, ensuring that changes in one bit of the plaintext affect multiple bits in the ciphertext.
Why is the round key addition after each round important in SPN ciphers?
-The round key addition after each round is important because it prevents an attacker from easily reversing the cipher's operations without knowing the key, thus maintaining the security of the encryption.
What is the block size and key length of the PRESENT cipher mentioned in the script?
-The block size of the PRESENT cipher is 64 bits, and the key length can be either 80 bits or 128 bits, although 128 bits is recommended for better security.
What is the main advantage of Feistel ciphers in terms of encryption and decryption processes?
-The main advantage of Feistel ciphers is that the encryption and decryption algorithms are identical, with only the order of the round keys changing, which simplifies the implementation.
How does the security of a block cipher compare to an exhaustive search attack?
-The security of a block cipher is upper-bounded by the exhaustive search attack, which requires 2^k encryptions for a k-bit key cipher. Any weakness that allows breaking the cipher with fewer operations is considered a successful cryptanalysis attack.
What is the significance of the DES (Data Encryption Standard) in the history of cryptography?
-DES was a widely used encryption standard developed by IBM in the 1970s, but its key length was reduced to 56 bits by the NSA, making it vulnerable to brute force attacks. It was eventually replaced by the AES due to security concerns.
Why is the key length important in determining the security of a block cipher?
-The key length is crucial for the security of a block cipher because it determines the number of possible keys an attacker must try in a brute force attack. A longer key length exponentially increases the difficulty of such attacks, thus enhancing security.
What are some of the hardware options available for performing exhaustive search attacks?
-Some hardware options for performing exhaustive search attacks include CPUs, GPUs, FPGAs (Field Programmable Gate Arrays), and ASICs (Application-Specific Integrated Circuits), each with their own advantages in terms of speed, cost, and efficiency.
Outlines
🔒 Introduction to Block Ciphers and SPN Structure
This paragraph introduces the concept of block ciphers and delves into the Substitution-Permutation Network (SPN) structure. It explains that SPNs consist of three layers: key addition, substitution, and permutation, which are repeated multiple times to achieve encryption. The paragraph uses the AES and PRESENT ciphers as examples of SPNs. It also discusses the importance of the initial and final key addition layers in preventing attackers from easily reversing the encryption process. The security principle of Kerckhoffs's assumption is highlighted, which states that the encryption algorithm can be public knowledge, with only the key remaining secret.
🔄 Understanding the Permutation-Substitution Network (Feistel Ciphers)
The second paragraph explores the Feistel cipher structure, which is an alternative to SPNs. It describes the round function and the data swapping operation that characterizes Feistel ciphers. The paragraph provides an illustration of how data is divided, processed through a round function, and then swapped to provide confusion and diffusion. An example of a Feistel cipher, the CLAWIA block cipher, is given, showing how bits are manipulated across multiple rounds. The pros of Feistel ciphers are noted, such as the identical encryption and decryption algorithms, with only the order of round keys differing.
🛡️ Design Considerations for Block Ciphers
This paragraph discusses various factors to consider when designing block ciphers, such as the platform (hardware vs. software), the need for lightweight cryptography, and the trade-off between security and speed. It touches on the importance of cipher design in hardware implementation, affecting the number of gates and area required, and the impact on power and latency. The paragraph also mentions the significance of designing for specific use cases, such as the Internet of Things, where devices may have limited memory and computational power.
🚫 The Data Encryption Standard (DES) and Its Limitations
The fourth paragraph examines the history and shortcomings of the Data Encryption Standard (DES). Initially designed by IBM with a 128-bit key, the NSA reduced it to 56 bits, making it vulnerable to brute force attacks. The paragraph details the involvement of the NSA in modifying the S-boxes of DES and the subsequent discovery of cryptanalysis techniques like differential cryptanalysis. It emphasizes that DES is no longer considered secure and should not be used.
🔓 The Evolution of Cryptanalysis and the Rise of AES
This paragraph delves into the development of cryptanalysis, starting with the exhaustive search attack and moving on to more sophisticated techniques like differential and linear cryptanalysis. It discusses the impact of these techniques on the security of DES and the eventual introduction of the Advanced Encryption Standard (AES), which emerged from a competition and offers longer key lengths and a larger block size, making it more secure against known attacks.
💡 The Importance of Key Length in Block Cipher Security
The sixth paragraph emphasizes the significance of key length in determining the security of a block cipher. It provides a comparison of the number of possible keys for DES, PRESENT, and AES with different key lengths, illustrating the exponential increase in security with longer keys. The discussion includes the impracticality of brute force attacks on ciphers with sufficiently long keys, even with powerful computational resources like GPUs, and the potential for collaborative efforts to break weaker ciphers like PRESENT with 80-bit keys.
Mindmap
Keywords
💡SPN (Substitution-Permutation Network)
💡Block Cipher
💡Feistel Cipher
💡Key Schedule
💡Confusion and Diffusion
💡Ciphertext
💡Lightweight Cryptography
💡Differential Cryptanalysis
💡Exhaustive Search Attack
💡DES (Data Encryption Standard)
💡AES (Advanced Encryption Standard)
Highlights
Introduction of two types of block ciphers: SPN (Substitution Permutation Network) and Feistel ciphers.
Explanation of SPN's three layers: key addition, substitution, and permutation.
AES and PRESENT as examples of SPN ciphers.
Importance of round keys in preventing attackers from obtaining intermediate values.
The principle of Kerckhoffs's assuming all details of the encryption algorithm are public except the key.
PRESENT cipher as a standard for lightweight cryptography with a block size of 64 bits and key lengths of 80 or 128 bits.
The simplicity and hardware orientation of the PRESENT cipher.
Feistel ciphers introduced by Horst Feistel, consisting of a round function and a swap operation.
The encryption and decryption process of Feistel ciphers being identical except for the order of round keys.
Comparison of SPN and Feistel ciphers in terms of their pros and cons, including the impact of a single round on the input.
Considerations for block cipher design, such as platform, security versus speed, and hardware implementation.
The concept of lightweight cryptography and its focus on secure algorithms with minimal resource requirements.
The history and development of the Data Encryption Standard (DES), including NSA's involvement and its eventual deprecation.
Differential cryptanalysis as a technique to find weaknesses in cryptographic algorithms.
The impact of key length on security and the exponential increase in possible keys with longer key lengths.
The use of various computational devices for exhaustive search attacks, including CPUs, GPUs, FPGAs, and ASICs.
The impracticality of brute force attacks on ciphers with sufficiently long key lengths, even with modern computational power.
Transcripts
so we said that there are
uh two types that we can classify block
ciphers into
spn and face that so let's start with
spn
in other words substitution permutation
network around
a spn consists of three layers
key addition which combines key material
with the plain text
substitution layer which provides
confusion
and permutation layer which provides
diffusion block
ciphers like aes or present are examples
of
spn which are going to be which we are
going to
analyze in this course frequently
so i try to draw a picture of what an
spn looks like
so you have the plain text block here
at first layer initially you have to
combine it with the
key so you have the key and the key
schedule algorithm which provides round
keys
so you combine your first round key with
your plain text block
most of the time we use simple
operations like xor operation here
then the actual run starts which
consists of substitution permutation and
again add round key
here again this is the confusion layer
this is the permutation layer and this
is the key addition layer
so one round consists of these three
layers you repeat it many times
and at the end you obtain the cipher
text so
as you can see initially
at the beginning and at the end you have
the add run key because
if you don't use this layer for instance
assume that there is no add-on key here
and you have the ciphertext block here
and an adversary captures the ciphertext
block
they can go upwards and
perform the inverse of the permutation
and inverse of the substitution layer so
they can reach to here so this means
that these layers has no effect
but once you use the round key here and
since the attacker does not know this
value
they cannot obtain the value here so
they cannot capture the intermediate
values
uh going upwards or even if they know
what the plaintext block is
they cannot go forward since they don't
know the key so this is why we are
using the cachos principle we are
assuming that
all of the details of the encryption
algorithm is
public and only secret information is
the key
so this is why the attacker cannot
capture
plain text block from ciphertext or
intermediate values and so on
or the key so
here's an example for an spn cipher
this is present which is iso iec
standard for lightweight cryptography
this standard contains only two block
ciphers present
and clavia so present cipher is really
simple
it is designed for hardware the block
size is 64 bits
and in this picture each line actually
represents a single bit so there are 64
lines here
key length is 80 bits or 128 bits
it depends on the user but the algorithm
doesn't change much the key schedule
algorithm is very similar in both cases
so
in my opinion there is no point of using
the 80 bit key because
you will be losing a lot of security at
this point because
uh i believe that it is not that hard
to perform brute force attacks for the
8-bit key which
i will be briefly mention this
briefly mentioning this before the end
of this lecture
so you have a
key but here you will be using 64 bits
of that key which is the round key and
you have an s box here this is
actually the confusion layer you have
the same
box which has four bits of input and
four bits of
output and you repeat this operation 16
times
and the definition of this box is given
here in the hexadecimal notation
so for instance if the input of this s
box
is zeros here so you have zero zero zero
0 this means that in hexadecimal
notation your input is 0.
so the output will be c in the
integer notation this is 12 but in the
bit notation if the rightmost
bit is the least significant bit which
is the case most of the time in
cryptography
this means that 12 will be represented
as
one one zero zero so if your input is
all zeros you end up with one one zero
zero
so you repeat this process 16 times
so this is your confusion layer because
you're substituting some input with some
odd with an output so you create some
confusion here
but as you can see the these four bits
only affect these four bits
so there's not much of a diffusion here
this is the reason
why we have we are having a permutation
layer
afterwards so this line saying that this
bit
goes here but this bit goes here
and this one goes there and so on so
you're kind of
shuffling the places of bits so this is
your just one rod so after the end of
this one round you have 64 bits here
take it put the top now exercise with
the next front key
perform the s box operations again and
perform the permutations and so on and
so forth
how many times for this cipher it is
chosen as 31.
so take this picture and repeat it 31
times
from top to the bottom and at the end of
course at the final
round key edition and this is your
blog cipher presence so this is a very
simple
and a good example for the spn site
of course we haven't mentioned the
details of the key schedule
but we will be talking about it next
week so we are just
trying to see the main idea here
let's move on to phase star ciphers
these ciphers are introduced by
horseface that
a round of a face down network consists
of a run function
and the swept operation so the b bits
input is divided into two halves run
function is applied to one house and the
other
the output is exhored to the other half
and the places of this
house are swapped key material is used
inside the run function most of the time
so again i try to draw a picture for you
so the main idea for the general
face style ciphers you have the plain
text block and you divided
it into into two so left part and the
right part
so you have the key schedule algorithm
again so you have the key which provides
round keys
so in a single round you take the right
part
and you move it to the left part
also you'd have the right part and have
a round function here you are performing
a substitution and permutation
operations so that you provide
uh confusion and diffusion here and the
output is the exhort to the left part
but left part becomes the right part for
the next round
so each round one half is not affected
moves to the second round but the other
half is
modified and goes to the other house so
this is your select operation
here's an example but this is an example
for a generalized
face stud network so instead of two
lines
you can see that there are four lines
here so this
this is the picture of the clavia block
cipher which is again the
iss standard for lightweight
cryptography
this cipher has a block size of 128 bits
so each line here
actually represents 32 bits of
information
so as you can see the leftmost parts
these 32 bits goes to right most part
without any effect but it affects the
second line here and this one goes
here without taking an effect on it but
it affects the
right most part and it goes here and so
on so you repeat this process
many times depends on how many runs the
cipher is
generally in the face cyphers most of
the time we
don't perform the final swap operation
in the final round
because uh that has no cryptographic
importance to us
so there is no
answer for which one is better it
depends on
your application actually but if you
need to
compare these two types
let's look at the pros for the face
style ciphers
encryption algorithm is identical to the
decryption algorithm
only the order of the round keys change
this is important because if we go back
to the picture here
for instance in the encryption part you
have the plain text block so you follow
this picture from top to bottom
so you have a run function here so this
right part goes inside this function and
you
obtain the output but when you are
decrypting
you have the ciphertext parts left and
right this right part
also goes to the run function in this
way so the
direction of the arrows does not change
when you are encrypting or decrypting so
this is the
uh plural of the phase the cipher
but this is not for valid for
substitution permutation networks
because
uh look at the picture here once you're
at the top you are going
the encryption goes in this direction
but the person who is decrypting has the
ciphertext so
in order to go to from bottom to top
you need the inverses of all of these
operations
uh a pro for the spn is a single round
affects the whole
input but so this
we will have the inverses of these
statements in the cons
for the phase star a single round only
affects the half of the input
and for the spn decryption procedure
requires the inverses of the
substitution and permutation layers
so this might take
more uh i mean this can produce
larger code size if you are performing
this operation in software
or this may might mean that you need
more gates if you are
doing it on a hardware but of course uh
this is not always the case because this
also depends on the mode of operation
that you are going to use
in the real world so we haven't talked
about mode of operations yet
uh but we will be talking about them
i think two weeks later so this uh
mean will mean uh more sense
at that point currently we are focused
on b bits input and b with output
but when we are going to be working on
larger
inputs like one gigabyte for instance we
need to
talk about mode of operations and again
this will be
in two weeks
another thing to consider when we are
designing a block cipher is that
the the platform that we are going to
use these
algorithms and
[Music]
we might maybe divide it into hardware
versus software
hardware implementations can easily work
on bits
but since most programming languages
focus on bytes
bit operations are more costly on
software because
getting the information about the single
bit or shifting the
bits and so on is not that easy on
software but it is much
easier on hardware cipher design also
determines the number of cases required
to perform encryption on hardware
so a number of gates determine the area
required so
the cost of this implementation on
hardware
will depend on your design so it is
important
how you design the cipher so actually
for this reason we have the lightweight
cryptography area
where you're trying to
[Music]
design secure algorithms secure
encryption algorithms that require
less number of cases let's say but also
you are focusing on the
power and energy needs of this algorithm
the latency and troops and so on
but this is uh the topic of another
course
actually i'm teaching it this semester
also so if you're interested
you can watch the uh videos of that
course too
which is available again in this
platform
and that course is titled uh lightweight
cryptography for the internet of things
code size or record memory is not a big
problem for software
implementations due to the fast cpus and
large ram again
our desktop computers laptops
smartphones or tablets has huge
amount of computational power and all of
them comes with more than one or two
gigabytes of
memory but again for lightweight
cryptography
we have very small devices that has like
64 bytes of memory and so on so your in
design should depend on the platform
that you are going to use it
security versus speed is another design
consideration
speed is generally measured as
throughput
adding more security measures for
instance increasing the number of runs
increases the security but reduces the
speed
cyphers performing well on hardware or
software may not be suitable for
constraint devices for rfid systems or
sensor networks due to the limited
memory battery or computational power
hence we also need lightweight cyphers
ciphers for this kind of platforms
and currently needs this performing a
standardization process so there's a
competition going on
and at the end one or more lightweight
ciphers
will be standardized by nist which
probably will end in two or three years
so let's move to uh probably the most
hurt
encryption algorithm which is this short
for data encryption standard
it was designed by ibm in 1970s it was
based on an earlier design by faceta
in 1976 nsa tweaked the algorithm by
changing its
s-boxes and after that
it became a standard so an essays
tweak here is actually a good
tweak because this way uh the cipher
becomes
more secure we will talk about it when
we are talking about differential
cryptanalysis
but nsa also shortens the key of the
algorithm
ibm was using algorithms that has
key length of 128 bits at the time
but after this tv key length beca became
56 bits which is very short even for
that time
which actually allows brute force
attacks that that i'm going to mention
in a few minutes
so uh this is why we have to
[Music]
stop using this algorithm in 1990s
so this algorithm is currently known as
data encryption algorithm dea
since it is no longer a standard and
actually this is a very important topic
a lot of people still think that this is
a standard and
it is secure i know a lot of people
still using this algorithm
but it hasn't it provides no security at
all
it became useless after 1990s since
its short key is susceptible to brute
force attacks which i haven't mentioned
in a few minutes so let's look at nsa's
involvement
in 1976 nsa tv i tweaked ibm's initial
design by changing
the s-boxes but didn't explain to ibm
why
they made such a change ibm people
analyzed this tv and they discovered an
attack that breaks their initial design
and they called it t attack they shared
their discovery with nsa
and they say ask them not to share this
knowledge with public for they had known
this
attack type for some time and were using
it to listen
other countries and uh
biham and xiaomi's rediscovery of
differential cryptanalysis in 1990s is
the first
public announcement of this technique
and later on we
we learned that even a japanese people
even knew it
during second world war uh this
technique
they were using this kind of techniques
in second world war
but uh every country kept this
information to themselves
so biham and xiaomi's discovery of
differential cryptanalysis was the first
public announcement
of this technique actually biham
received a
fellowship from iacr
uh
international association of
cryptographic research a few years ago
and during his keynote speech he thanked
all of the
secrecy services who has known this
technique and kept it to themselves
so that biham and shamir can
present it for the first time publicly
main idea in differential crypt analysis
is to find the weakness so that a small
change in the
input provides an anticipated change in
the output with high probability
and we will be actually talking about
this
uh in the week that we are
talking about cryptanalysis so the main
picture of
this is as follows you have the key and
key schedule algorithm which
only contains permutations and rotations
and as i told you that this is a face
style cipher you have left and right
part you have an initial permutation
which is
which has no cryptographic importance it
is just used for the
receiving the data from the hardware in
a
good way let's say so you have some
functions like expansion and so on
and you have here s boxes and the
permutation
so you have 16 rounds for this
so what should be the key size
this is a good question uh an attacker
that captures a single ciphertext
can try to decrypt it with every
possible key to check
if it is if it provides a meaningful
plain text
such an attack is called exhaust
research or brute force attack so this
attack does not use any weakness in the
design
so it is just a brute force attack by
trying every possible key
exhaustive search is a generic attack in
other words valid for every cipher
for a key bit key cipher the attacker is
required to perform
at most 2k encryptions and decryptions
or decryptions sorry
so i mean you can capture plain text
below can perform the brute force
attacks but most of the time
most probably you will get a plain text
block and the corresponding ciphertext
block so
all you need to do is to perform two to
decay encryptions and check if the
ciphertext
you obtained is the same as the one you
captured
the security of a block cipher is upper
bounded by
exhaustive search attack which is to
decay
encryptions so this quantity is referred
to as time complexity
so you can break every cipher with two
to the k encryptions
so any weakness that you find that makes
it
easier to break the cipher that requires
less than 2 to decay encryptions
is a
cryptanalysis attack actually so which
is which would be better than
brute force so let's look at
the security of deaths bihar and xiaomi
provided the first hierarchical attack
in 1992
the differential crypto analysis but
this required this was better than
exhaust distort but however the
attack required two to the four to seven
chosen plaintext to be captured
which is actually unrealistic in real
life
so attack wasn't that successful as
expected because of the nsa's tv of the
s boxes
massive provided the first experimental
cryptons of tests by introducing linear
cryptanalysis
and in 1997 industrial project
which is around seven to eight thousand
pieces connected by the internet breaks
a message
encrypted with test for the first time
in public
in 1998 eff's desk record which is a
machine containing
around 2000 custom chips which can break
a
desky in 56 hours
and so which is very practical so in
1999
this is only allowed in legacy systems
and
uh a transition to triple desks which is
just using the des algorithm
three times is suggested so
but uh at those times a competition
is made and which was called advanced
encryption competition
and the winner of that competition
become became the advanced encryption
standard
aes in short and uh
we always encourage people to use aes
instead of
triple dash so aes
is advanced encryption standard uh the
original name of the algorithm is random
but
which was designed by john damon and
vincent raymond uh
it was one of the finalists together
with sarpan two fish
rc-6 and mars but randolph won the
competition so
it is now known as the aes advanced
encryption standard
this time the key lengths are
longer than or larger than this you have
three options 128
192 and 256 bits
again as i told you this is good for
personal security this is
good for military use and as far as i
know no one uses this
uh middle value but
depending on the choice of the key
length
the number of rounds changes so if you
are using a longer key the number of
runs also increases so you obtain like
you get a performance drop
like from 10 rounds to 14 so you
get like 40 percent of
extra
competition block size is larger
128 bits there are many cryptanalysis
results on
aes but none of the known attacks
are effective so we believe that aes is
secure to use
so why are we interested in this key
length so if you look at 2 to the 56
which is the size of the possible
keys for the desk the number is this
and for present if you are using 80-bit
key this is the number of possible keys
and for aes 128 it is this
for 192-bit key it is this and
for 256 bits it is this
since this is an exponential increase
uh even if a technological breakthrough
happens that
somebody can break aes 128 in a single
second
which means that you can perform 2 to
the 128
as encryptions in one second such a
person would not be able to break as
256 because
if you can perform this many operations
in a second
this means that and in a year there is
around
2 to the 27 seconds so
this would mean that you need two to the
100 years
to break aes 256 and
2 to the 100 years is way longer than a
human lifetime so
how can we perform this exhaustive
search attacks
uh you can use cpus we have
uh everybody nowadays a desktop or
laptop computer so
these are the easiest computational
devices that we can
obtain gpus which were mainly used for
gaming today is very good for
scientific computing paralyzable
algorithms becomes faster compared to
cpus
depending on the algorithm you can get a
speed of
up to 10 or 100 times it depends on the
gpu and the
algorithm we you can also use fpgas
field programmable gateways for
exhaustive search
or you can use asics which are dedicated
hardwares
these can only perform the implemented
algorithm but they are
cost effective compared to fpgas or any
other devices in the list
so i just uh
calculated the performance of my cpus
and gpus for
uh for a brute force attack on present
80.
so a very old computer a laptop computer
has four cores
as you can see here which has clocked as
two gigahertz
by using this laptop from 2010 i can
perform
15 million present encryptions in a
second
so in order to perform two to the eight
encryptions i need
this many years for this laptop
to run itself and for a desktop computer
from those times the clock speed is
higher so you can perform
twice more encryptions in a second so it
will take this many years
for this cpu to break present
80. but if you look at the gpus
this laptop from 2010 has a gpu which
has
96 cores so as you can see even from
those dates
gpus were faster than cpus when
you're doing parallel computations
but if you use a again old but
a good gpu which has 1664 cores
and nowadays we have gpus that has more
than three thousand cores
and clocked as 2g guys but even for this
gpu
you need 84 million years
but again with a modern gpu
you can reduce this number to actually
10
million years and you might say that
still
you cannot break it 10 million years is
a long time
but this means that if video gamers on
the internet decides to break present
instead of playing a video game
they can break a present via brute force
attacks
in a in some days so for this reason
i never suggest use of 80-bit
keys for security because even if
video gamers can gather around on the
internet and break the cipher
secrecy services can perform very much
[Music]
large number of encryptions and with
dedicated devices you can
actually perform 8-bit brute force
attacks
in a few days
Weitere ähnliche Videos ansehen
5.0 / 5 (0 votes)