Cryptography Do I have this wrong? Security Levels |
| Do I have this wrong? Security Levels Posted: 30 Nov 2017 01:31 PM PST Hi All, I work in networking, although I have a background in Information Assurance including some crypto theory classes from university. I'm by no means an expert. I'm working on building a primer for my colleagues when dealing with IKE, and choosing parameters for key negotiation which will fit our needs. Not many of us have backgrounds in crypto, so I'm trying to simplify the topic - hopefully not too much however. One part which I'm not confident of myself is the relation between each IKE setting and the overall benefit to the system in terms of a security level. For example, I know that - at least on paper, by NIST and other definitions - that AES-128 provides approximately 128 bits of security. So does SHA-256. And again, on paper, DH with a modulus of 3072 provides about 128 bits as well. Is it therefore safe to say that, when performing IKE with AES-128, SHA-256 and using DH group 15 (mod 3072), the 'total' security offered is 128 bits? If that is indeed true, then what happens when I mix pieces with differing levels of security? Let's say I take AES-256, with SHA-512, and DH-15. Is the 'total' security offered lowered by the fact that my modulus is low? Is my system only still providing 128 bits of security? Appreciate any help that you could provide! It's been awhile since I've gone through most of this, and I'm just trying to make sure I have it straight! [link] [comments]  |
| I have an idea that requires a specific algorithm, but I dont know if one exists. Any tips? Posted: 30 Nov 2017 01:53 PM PST I want to create a program where a user inputs any moderately large number (between 1016 and 1032 and definitely no larger than 1032). Ill call this number "d". The program uses this number to create a key-pair of which the private key is d itself. (The private key can contain other numbers as well but the secret part will be d). I also need this algorithm to work in a way where an attacker, knowing the public key as well as every part of the private key except d, will have a very hard time finding d. Maybe I am asking too much, as d is limited to being relatively small, but does something like this exist? [link] [comments]  |
| You are subscribed to email updates from Cryptography news and discussions. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment