The National Security Agency (Information Assurance Directorate) has had quite a good track record in being ahead of the curve in foreseeing crytoanalytic breaks. DES had its S-boxes strengthed against an attack unknown at the time. DES has yet to be broken, except by brute force. As DES key strength became too small, they introduced Triple-DES, also yet to be broken. Skipjack is also yet to be broken, though it was ``almost'' (N-1 rounds in X/2 work.) SHA-0 got replaced by SHA-1 before SHA-0 was broken, and SHA-2 (aka SHA-256, SHA-384, SHA-512) has been available for a while by the time SHA-1 was broken recently. One can also tell the story that they foresaw the MD4 and MD5 breaks and the SHA series were a response.
What of the future? I think they currently recommend AES-256 for Top Secret communications, and elliptic curve cryptography for crytographic signing. Are there breaks for AES-128, AES-192, RSA, and regular DH on the horizon?
No comments :
Post a Comment