Some basic questions that we can talk about 1. What is the best cipher, and which modes are the best for what? How would you cascade multiple ciphers? 2. Which hash is the fastest, or the most useful? 3. Is it possible to combine hashes to prevent both pre-image attacks and collision attacks?
1. CBC is best for decryption-heavy operations, XTS is best for encryption-heavy operations AES, Serpent, Twofish, Camellia mix-and match. Most secure cipher closest to the plaintext, weakest cipher at the outer layer. 2. KangarooTwelve > BLAKE2 > SHA384/512 > Skein512 and BLAKE512 > SHAKE128 > BLAKE256 > SKEIN1024 > SHA3-256 and SHAKE256 > SHA256 (sauce: bench.cr.yp.to/results-sha3.html)
Every text about cryptography I have read has said how you shoudn't make your own algorithms but from purely cryptographic security perspective is there really any downside for making your own algorithm, encrypting with it and then encrypting with industry standard algorithm again, as opposed to just using industry standard algorithm? Obviously excluding the chance that your extra code might add security vulnerabilities. In many applications the performance overhead would easily be overshadowed by gains from custom encryption. I would imagine it to be hellish situation for the alphabet soups if every application had custom encryption algorithms that they would have to crack, in addition to the industry standard algorithms?
David Ross
In general no, it's just a waste of time.
Aaron Bennett
This only applies to brainlets. I'd recommend not starting from scratch though and instead starting wish some primitives that are recognized to be secure.
Ryan Gonzalez
What about secure hashes? Don't you want those to be slow as possible? Isn't that why bcrypt is used so often?
Only when hashing low entropy stuff like passwords. If the data your hashing has an entropy of >=128 bits then it is practically impossible to brute force a collision. If the entropy is low (passwords like s3cr3tp4ssw0rd) than you can easily brute force a collision. To guard against that you hash passwords with a slow hash function to make brute forcing infeasible.
Carter Hall
i accidentally two wordd The only thing you need for symmetric cryptography is this
Carter Wood
1. dangerous 2. even if you have the skills, it is a waste of time It is better to just combine existing libraries to an amalgamation e.g. cascade ciphers, multihash like x11/13/14/15 or hashing multiple hashes then XOR/concat it. eprint.iacr.org/2016/723.pdf
BCrypt/Scrypt and its derivatives relies on existing hashes and ciphers, using repeated operations to increase time complexity. If you are only hashing larger files just use KangarooTwelve, BLAKE2 or Skein512 (or SHA2/SHA3/BLAKE/Skein1024 if you want it to be slow)
Keccak is one of the best thing in the future, but then ARXs like BLAKE and Skein is just comfy. If you want to see which one is comfier, try python golfing Keccak vs BLAKE and Skein
Who here wants to roll their own crypto using existing libraries?
Luke Carter
I'm rolling my own libraries using existing cryptograhic algorithms.
Jaxson Green
if you're retarded, your own primitives can add oracles and other problems, even when combined with industry standards
okay then go to stackoverflow where you get upvotes to say that
Carter Wilson
roll your own primitives or roll your own protocols? stackoverflow autists can't distinguish beside the two. when you get into a discussion about rolling your own anything and adding the word crypto into the discussion, they go crosseyed and NEVER ROLL YOUR OWN CYPTO NEVER ROLL YOUR OWN CYPTO NEVER ROLL YOUR OWN CYPTO NEVER ROLL YOUR OWN CYPTO NEVER ROLL YOUR OWN CYPTO NEVER ROLL YOUR OWN CYPTO NEVER ROLL YOUR OWN CYPTO NEVER ROLL YOUR OWN CYPTO NEVER ROLL YOUR OWN CYPTO NEVER ROLL YOUR OWN CYPTO
Aiden Clark
Roll your own protocol with combinations of different pre-existing primitives
Wyatt Baker
How do I get start on this stuff???
Easton Carter
github.com/TokTok/c-toxcore/issues/426 You NEVER roll your own crypto, unless you absolutely know what your doing and have let others who also absolutely know what their doing review your shit.
Alexander Parker
No shit captain obvious. That's a design feature of the crypto protocol, not a flaw. Secure your private key better you gigantic faggot. Don't just share your password/private key with random idiots.
Either you are retarded or pretending to be retarded. If you are using a secure key exchange protocol then an attacker can only impersonate you if he obtains your private key. If your shitty protocol is vulnerable to KCI (Key Compromise Impersonation) then an attacker can furthermore impersonate others to you without having obtained their provate key.
To PQCrypto, or cryptographic standards in general
Brandon Perry
Didn't you read the PDFs I posted????? What we currently have is already quantum secure.
Adrian Martin
Quote "A closer look reveals, however, that there is no justification for the leap from “quantum computers destroy RSA and DSA and ECDSA” to “quantum computers destroy cryptography.”"
It said that RSA, DSA and ECC are dead and we need alternatives.
James Diaz
This thread is not about RSA, DSA or ECC though. You have to work on your reading comprehension, kiddo.
Parker Gutierrez
PQCrypto is for replacing RSA/ECC
Connor Allen
Holy fucking shit. Do you have negative IQ or what?
Chase Diaz
Tangential faggotry.
Adrian Martin
DES, encoded with base64 for extra security
Nicholas Martin
Important information such as passwords should be encrypted with MD5 and then Base64. This will be bulletproof against hackers trying to steal passwords.
Isaac Watson
kek. On a serious not, why would Ryzen have special operations for SHA256/SHA224?
