Given a key, a 128-bit block cipher such as AES does one of the 1.6*10^12963922773915897352139996524992575205380 possible permutations of 2^128 items. lngamma(2^128+1)/log(10), 10^10^40.1.
Assuming 128-bit key length, only 2^128 = 3.4*10^38 permutations of the gigantic number above are actually possible. This is a very small fraction.
The simplest possible block cipher would have key-length 43065219282621326757565580404980237828911 bits (lngamma(2^128+1)/log(2)), enough to specify most (71.3%) permutations of 2^128 items. Add 1 more bit if you want all of them. This is of course completely impractical: the key would be 5383152410327665844695697550 terabytes.
It does illustrate that, beyond AES-256, there is plenty of room for block ciphers with longer keys if we wanted them. They would probably only have a security level of (at most) 128 bits: with 2^128 work, we could try every possible input block and record what comes out. This is much easier than brute-forcing a much larger key.
Previously, on specifying a permutation of (only) 2^8 items.
No comments :
Post a Comment