Re: Needle in a haystack--or is this just stupid?

I have no copyright, that was just a hypothetical situation :P.
Ok how about 1009 trillion dollars? Ha!

I agree, 256-bit AES is very secure, if used by an informed person.

What about situations in which the attacker knows some information that
you do not know they have about your cryptosystem (perhaps they have
information gathered from plaintext or ciphertext attacks, part of the
key, statistical information about the key, any information really), do
you think the 'needle' technique or superencryption might add security
where a 256-bit AES cryptosystem might be compromised with information
your attacker has that you might not even know about? Hmmmm.

Say you got paranoid, and encrypted with AES, and then Blowfish. Your
attacker had part of your AES key, but was unable to decrypt the file
because it was encrypted with a blowfish also and a different key.
Say you didnt get paranoid, and encrypted with AES. Your attacker had
part of the AES key, and was able to derive the rest of the key, and
decrypted your file.

There are many more possible situations in which adding security to an
already good system would help safegaurd in those situations. There are
also many ways to mess up while adding 'security' to an already good
system, and make that system weaker. The cryptographer must be
informed.

You have to think of every possible breach into your cryptosystem, and
all possible attacks.
Received on Thu Sep 29 21:44:37 2005