This article is rated Start-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects: | ||||||||||||||
|
I'm not so sure about the suggested defence to a custom hardware attack. Depending on the point at where the attack occurs, the keylength may be irrelevant. The best defence to a custom hardware attack would be a timelimited and continually changing algorithm. The effectiveness of a custom hardware attack depends on the algorithm not changing or not changing sufficiently to render the hardware attack void. --Jmccormac 00:55, 30 December 2006 (UTC)
--
No problem Matt. The earlier defence of using long keylengths and changing keys was a bit too nebulous. While changing keys regularly would introduce an element of lag into the attack, it doesn't necessarily follow that it will defend against the attack. The way I see it is that the custom hardware based attack is really a worst case scenario for an algorithm because all of the messages up to the point the algorithm changes or is modified are vulnerable.
Most well designed systems would have some element of regular key change so even with changing keys the custom hardware attack would still work. Changing keys reduces the effect of a key break, limiting the number of messages that can be decrypted with the recovered key. In this respect it is a defence against the effectiveness of a custom hardware attack rather than a defence against the custom hardware attack itself. Each ciphertext is effectively a single problem for the hardware and this granularity was missing from the original version.
Your point about the practicalities of changing algorithms is an important one. The reluctance of the users of a widely distributed system to change algorithms can be seen in how the Pay TV channels try to get the maximum use out of each issue of smartcard before changing to a new issue. In their case, the reluctance to change is due to the cost of manufacturing millions of smartcards and the logistics of issuing them to subscribers. The historical example, that of Enigma, was a modification to the system that made the algorithm more complex.
I used the Wikipedia entry on the Bombe (but without specifically linking to the section on the challenge of the 4 rotor Enigma) as an example of how the most effective countermeasure to the attack was successful. I'd have to go back to some of the books on the history of Enigma to get a more exact reference on the effect the introduction of the fourth rotor. --Jmccormac 01:46, 1 January 2007 (UTC)