• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Encryption Software Advice. Is this program any good?

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Cryptographic Software and Hardware

View previous topic :: View next topic  
Author Message
gtf004
Just Arrived
Just Arrived


Joined: 08 Apr 2008
Posts: 0


Offline

PostPosted: Tue Apr 08, 2008 8:07 am    Post subject: Encryption Software Advice. Is this program any good? Reply with quote

Hello everybody. I'm new here. I just have a couple questions about an encryption software that was recommended to me by my teacher. It is Advanced Encryption Package 2008 Professional. I personally have no experience with encryption software or types of encryption. I was wondering if the program is trustworthy and worth the money. I have looked everywhere and I cannot find any reviews of the product which leads me to believe that I should choose a different program. The program seems good and it offers quite a few encryption options but I honestly don't know how to test it to see if it is any good.

Also, I was wondering what encryption method I should use. The options available are
*DESX (128-bit)
*BLOWFISH (448-bit)
*RIJNDAEL or AES (256-bit)
*CAST (256-bit)
*3DES (192-bit)
*RC2 (1024-bit)
*DIAMOND2 (2048-bit)
*TEA (128-bit)
*SAFER (128-bit)
*3WAY (96-bit)
*GOST (256-bit)
*SHARK (128-bit)
*SQUARE (128-bit)
*SKIPJACK (80-bit)
*TWOFISH (256-bit)
*MARS (448-bit)
*SERPENT (256-bit)

I will be encrypting mostly personal files and some business records.Sorry if I did not post the information needed. I don't know what information would be needed for this type of question. Also, if this program is not a good one, I would be very grateful if someone could recommend a good program.

Thanks in advance,
gtf004 Smile
Back to top
View user's profile Send private message
Elderan
Just Arrived
Just Arrived


Joined: 08 Jun 2007
Posts: 0


Offline

PostPosted: Thu Apr 10, 2008 6:13 pm    Post subject: Reply with quote

Hi,
it costs something? Then it's closed source, right?
You shouldn't use closed source, maybe there is a bug or a backdoor in the implementation, as seen in so many other products.
Use instead TrueCrypt, it's free and open source. You can use it with Windows but also with Linux etc.
I like it, it's realy easy in handling and why should you buy an encryption program as a black-box when you can get an open one for free?


Quote:
Also, I was wondering what encryption method I should use. The options available are

The program offers you some algorithm which are not realy strong, e.g. 3-Way, Shark or Skipjack.
Skipjack had been developed by the U.S. National Security Agency (NSA), and they inserted a nice back door.


It's realy strange that the developer of this program offers you so many algorithms. Normaly it's much better to offer just 1-3 different, but secure, algorithms (e.g. AES (RIJNDAEL), Twofish, Serpent).
Why should I implement a weak algorithm in my product? That doesn't make sense or the developer doesn't know anything about cryptography, because the biggst enemy of security is complexity.


I wouldn't use this program for my private data.

Moderator note: edited to fix URL - capi
Back to top
View user's profile Send private message
moondoggie
Lurker
Lurker


Joined: 27 May 2005
Posts: 19


Offline

PostPosted: Fri Apr 11, 2008 3:18 am    Post subject: Reply with quote

PGP is a software suite which costs money but yet many people swear by it. just because it's free doesn't mean it's the only valid implementation. i will say that trucrypt is definitely worth the download, but if you must have something that costs money, PGP is very trustworthy as well.
Back to top
View user's profile Send private message
capi
SF Senior Mod
SF Senior Mod


Joined: 21 Sep 2003
Posts: 16777097
Location: Portugal

Offline

PostPosted: Fri Apr 11, 2008 6:36 am    Post subject: Reply with quote

Elderan wrote:
it costs something? Then it's closed source, right?

Actually, being open or closed source has nothing to do with price. It is perfectly possible for open source (and even free, as in libre) software to cost money, and it is also perfectly possible for proprietary software to not cost money.


moondoggie wrote:
PGP is a software suite which costs money but yet many people swear by it. just because it's free doesn't mean it's the only valid implementation. i will say that trucrypt is definitely worth the download, but if you must have something that costs money, PGP is very trustworthy as well.

Again, money has nothing to do with it. What does very much have something to do with it, however, is the fact that without openness, you cannot have verifiability. "many people swear by it" based on what?

I'm not saying PGP is an invalid implementation. I'm not even commenting on PGP in particular. In fact, I couldn't even if I wanted to, since neither I nor anyone else in the general public has any way of verifying whether it's securely done or not.

When it comes to anything related to security, one needs to turn to open standards, open algorithms and implementations, subject to peer review and public scrutiny, if one wants to have a chance of being truly secure. Whether by malice or by accident, implementation bugs and design errors do happen, and in a closed product they are much less likely to be found and corrected (not to mention obviously that in the case of malice they won't be corrected, period).
Back to top
View user's profile Send private message
Elderan
Just Arrived
Just Arrived


Joined: 08 Jun 2007
Posts: 0


Offline

PostPosted: Fri Apr 11, 2008 2:57 pm    Post subject: Reply with quote

Hi,
Quote:
Actually, being open or closed source has nothing to do with price. It is perfectly possible for open source (and even free, as in libre) software to cost money, and it is also perfectly possible for proprietary software to not cost money.

Sure, but a program which costs money is mostly closed source Wink
And there had been a ?, so it was also a question Wink
Back to top
View user's profile Send private message
capi
SF Senior Mod
SF Senior Mod


Joined: 21 Sep 2003
Posts: 16777097
Location: Portugal

Offline

PostPosted: Fri Apr 11, 2008 3:44 pm    Post subject: Reply with quote

Hi Elderan,
Elderan wrote:
Sure, but a program which costs money is mostly closed source Wink
And there had been a ?, so it was also a question Wink

True, most free/libre and open source programs don't cost money. I just wanted to clarify that that doesn't necessarily have to be the case Smile
Back to top
View user's profile Send private message
JustinT
Trusted SF Member
Trusted SF Member


Joined: 17 Apr 2003
Posts: 16777215
Location: Asheville, NC, US / Uberlândia, MG, Brazil

Offline

PostPosted: Mon Apr 14, 2008 2:17 am    Post subject: Various thoughts. Reply with quote

I e-mailed the parent company regarding the following concerns, SecureAction, on 12/11/07, but have yet to hear back.

Quoting from their website:

secureaction wrote:
Professional version takes this feature packed cryptography product, and makes it even more secure by adding a host of new encryption algorithms such as:


Remember this: Giving the user numerous cryptographic primitives to choose from does not make a product more security; unfortunately, it does add complexity to the implementation. This is tragic, because when cryptography fails in practice, it's almost always because of the implementation - not the cryptography itself. Cramming in a horde of primitives is not an added measure of security; it's clutter, at best, and not a sign of good cryptographic engineering.

There's good reason to simply use the AES, and the AES alone. It receives more cryptanalytical attention than any other primitive, which is the most compelling reason I can think of to recommend any cryptographic primitive. The AES can easily be recycled in encryption and authentication schemes - the latter of which this product doesn't not address, as far as I can tell. This leads me to my biggest concern with this product: It apparently does not address integrity.

Encryption schemes, like AES-CBC, take care of confidentiality, but we can't expect modes of confidentiality, like CBC, to do anything for integrity; they weren't built for it. What we expect out of CBC is IND-CPA security, but what we really want, as a whole, is IND-CCA2 security. (This addresses chosen-ciphertext attacks.) To get IND-CCA2 /\ IND-CCA2 security, we apply a SUF-CMA MAC to the ciphertext of an IND-CPA secure encryption scheme. What we end up with is IND-CCA2 /\ INT-CTXT security - the strongest notions of confidentiality and integrity. Applying AES-CMAC to the ciphertext of AES-CBC, in the Encrypt-then-Authenticate composition, is an example of this.

Environments that can do this should and environments that cannot should do the best they can (i.e., poor-man's authentication). AxCrypt is an example of the former. Assuming the correctness and security of its implementation, it's the only file-based encryption solution I've seen that addresses both confidentiality and integrity this way. BitLocker is an example of the latter. Because of the cost of a MAC in their environment, they couldn't implement it, so they attempted to diffuse over a wide block to gain some sense of integrity. As I'm sure many are interested in how this compares with TrueCrypt, BitLocker achieves better poor-man's authentication, assuming the security of its components, since TrueCrypt currently uses a narrow-block mode of operation. Don't be surprised if it's upgraded to use a wide-block mode later on, though.

(In this post, as the TrueCrypt forums, and throughout the parent thread, I talk more about BitLocker, narrow-block modes versus wide-block modes, and data granularity and poor-man's authentication.)

Here's a list defining the acronyms I used above:

  • IND-CPA = Indistinguishability under Chosen-Plaintext Attack
  • IND-CCA2 = Indistinguishability under Adaptive Chosen-Ciphertext Attack
  • INT-CTXT = Integrity of Ciphertexts
  • SUF-CMA = Strong Unforgeability under Chosen-Message Attack
  • MAC = Message Authentication Code
  • CMAC = Cipher-based Message Authentication Code
  • AES = Advanced Encryption Standard
  • CBC = Cipher Block Chaining

There's a ton of theory behind them; if you'd like a more elaborate version, feel free to ask!

secureaction.com wrote:
It is very fast, provides unbreakable encryption for data and it is very easy to use giving even inexperienced users the possibility to apply military grade encryption to own files.


It's best to shy away from misleading things, such as "unbreakable," and refrain from meaningless terminology, such as "military grade encryption." However, this is typical of marketing hype, and their presentation, as a whole, is indicative of just that - mere marketing. As is, I wouldn't recommend their products, as there's nothing to indicate good cryptographic engineering behind the scenes.
Back to top
View user's profile Send private message Visit poster's website
gtf004
Just Arrived
Just Arrived


Joined: 08 Apr 2008
Posts: 0


Offline

PostPosted: Mon Apr 14, 2008 6:06 am    Post subject: Reply with quote

Thanks everyone for your replies. Looks like I will need to find another program or try Truecrypt. Also, I have one last question, Is an encryption like DIAMOND2 ,which is 2048-bit, stronger than say something like Blowfish,which is 448-bit? I am really new to encryption and I don't know much about it. Also, what is the strongest possible public encryption out there? Is it AES or another that is not as widely known? I read somewhere about something called Cipherunicorn-A but I don't know if it is real or not.
Also, if there are any other programs you guys would recommend I would love to hear about them.


gtf004 Smile
Back to top
View user's profile Send private message
Elderan
Just Arrived
Just Arrived


Joined: 08 Jun 2007
Posts: 0


Offline

PostPosted: Mon Apr 14, 2008 6:47 pm    Post subject: Reply with quote

Hi,
Quote:
and it is very easy to use giving even inexperienced users the possibility to apply military grade encryption to own files.

As far as they know which of the offered algorithms are secure and which are insecure (broken)...

Quote:
Is an encryption like DIAMOND2 ,which is 2048-bit, stronger than say something like Blowfish,which is 448-bit?

DIAMOND2 is not well known (e.g. Wikipedia has no entry about it), so you shouldn't use it.

The answer which algorithm, A or B, is stronger, is not so easy, maybe DIAMOND2 is safer then Blowfish, but i didn't think so.
Blowfish ist well know and very well analysed, and up to date there are no known weaknesses (when you use Blowfish in the right way).
DIAMOND2 is realy unknown, so just few people, maybe with very poor understanding of cryptography, have analysed it. So it's possible, that DIAMOND contains devastating weaknesses.

My point of view ist, (e.g. search google for 'DIAMOND2'), that some1 with poor knowledge of cryptography has written this algorithm, maybe just for fun, i don't know.


Okay, someone can say, that 2048 bits are better than 'just' 448 bits, but this nonsense.
You can break an 8000 bit key in under 1 second when you use e.g. a polyalphabetic cipher, but maybe you need a year (without special equipment) when you wanna break a 56 bit key (e.g. as unsed in DES).

To have a key with more than 256 bits makes no sense. When the algorithm is secure (brute force is the best attack), then a 256 bit key wouldn't be broken in the next thousend years.

When an (symmetric) algorithm offers you, or advertise with extrem large keys, e.g. 2048 bit keys, it's an indication that someone with just poor knowledge of cryptography has designed the algorithm.

There are some secure algorithm with a large key size, e.g. Blowfish (448 bits), RC4 ( 2048 bits) or ISAAC (8192 bits or 16384 bit (64-bit variant)), but is just because of the design of the algorithm an key sizes >128 bits are recommended.


You see, the (in)security of an algorithm don't realy depend on the length of the key. Choose an algorithm which is well analysed, e.g. AES, and not an exotic one.


Quote:
Also, what is the strongest possible public encryption out there? Is it AES or another that is not as widely known?

AES etc. are symmetric algorithm, so you can't use it for public key encryption. RSA is e.g. algorithm which works with a public and private key.

AES and DES are realy well analysed, but the key size of DES is too short (just 56 bit), so you can use e.g. 3DES (but it's realy slow).
During the Advanced Encryption Standard (AES) process there had been some finalists, Rijndael (Winner, AES), Serpent, Twofish, RC6 and MARS.

Serpent and Twofish are more secure than Rijndael, but also slower.

Quote:
Serpent was one of the AES finalists. It was not selected as the proposed AES algorithm even though it appeared to have a higher security margin than the winning Rijndael [4]. More concretely, Serpent appeared to have a high security margin, while Rijndael appeared to have only an adequate security margin [4]. Rijndael has also received some criticism suggesting that its mathematical structure might lead to attacks in the future [4].

In [5], the Twofish team presents a table of safety factors for the AES finalists. Safety factor is defined as: number of rounds of the full cipher divided by the largest number of rounds that has been broken. Hence, a broken cipher has the lowest safety factor 1. Serpent had the highest safety factor of the AES finalists: 3.56 (for all supported key sizes). Rijndael-256 had a safety factor of 1.56. [Twofish had a factor of 2.67]

In spite of these facts, Rijndael was considered an appropriate selection for the AES for its combination of security, performance, efficiency, implementability, and flexibility [4]. At the last AES Candidate Conference, Rijndael got 86 votes, Serpent got 59 votes, Twofish 31 got votes, RC6 got 23 votes, and MARS got 13 votes [18, 19].*

Truecrypt Help


Or read more about this here: The Twofish Team's Final Comments on AES Selection


It's impossible to say which _the_ securest algorithm (expect OTP) is, because in every algorithm could be found a weakness which leads to a break of the cipher.

Quote:
the great complexity of CIPHERUNICORN-A's round function has made it difficult to analyze. Some limited analysis has been done on simplified variants...
Source: Wikipedia

complexity is the biggest enemy of security....


Quote:
Also, if there are any other programs you guys would recommend I would love to hear about them.

dm-crypt with LUKS is realy nice, but normaly you use it under Linux. Okay, there is a implementation for Windows, but, I don't know...
One disadvantage of dm-crypt with LUKS is afaik, that it doesn't support containers (virtual partitions) and the usability is not the best (compared to e.g. truecrypt).
Back to top
View user's profile Send private message
JustinT
Trusted SF Member
Trusted SF Member


Joined: 17 Apr 2003
Posts: 16777215
Location: Asheville, NC, US / Uberlândia, MG, Brazil

Offline

PostPosted: Tue Apr 15, 2008 9:24 am    Post subject: More thoughts. Reply with quote

You're probably going to come across comparisons suggesting that Serpent has the largest margin of security, followed by Twofish, and Rijndael trailing behind. The concept of a security margin, while a useful design metric, is limited when you start comparing block ciphers based on different design strategies, employing different round functions, and analyzed under different attack models. It all depends on what's going on inside the round function.

For instance, Rijndael, an SPN, achieves full diffusion after 2 rounds, while it takes Serpent, an SPN, 3 rounds, and Twofish, a Feistel, 4 rounds. Given the notion of a cycle (2 rounds), for comparison, and assuming a 128-bit key aalength and block length, Rijndael (10 rounds) achieves 5 full diffusion steps in 5 cycles, while Twofish (16 rounds) achieves 4 full diffusion steps in 8 cycles. As you can see, it's not simply about the number of rounds involved, but what is taking place during a round.

There's more than one way to talk about rounds, skin a cat, et cetera. Without going into the theory, Rijndael pays a lot of attention to diffusion. Unfortunately, this type of information isn't as accessible, conceptually, as the incorrect blanket comparison of security margins. While I believe security margins should be considered, conservatism involves a whole lot more. Rijndael's structure, and the wide trail strategy on which it is based, renders a design built on simple components with easily provable security properties; this is conservatism at its best.

(Don't be afraid of the AES; Use it. In fact, I recommend using it whenever and wherever you possibly can, so look for implementations that do.)

As for DIAMOND2, a symmetric block cipher, I see absolutely no reason to use it; as far as I can tell, it has received little, if any, cryptanalytical attention, so I would shy away from it. As for CIPHERUNICORN-A, also a symmetric block cipher, while it appears to have been looked at by Matt Robshaw, a notable cryptographer and co-designer of RC6, the situation appears to be much the same. There are almost certainly better alternatives to either of these, in any application.

As for asymmetric cryptography, it all depends on your constraints. There are algorithms based on the integer factorization problem, discrete logarithm problem, elliptic curve discrete logarithm problem, et cetera, with structural intricacies that affect both efficiency and security. RSA, based on the integer factorization problem, is an example of a popular public-key algorithm, and a household name, at that.

As for software I have confidence in, there are PGP Corporation's offerings, such as PGP Whole Disk Encryption and PGP Desktop Home. As for PGP's current parent entity, PGP Corporation, I trust them to do cryptography the right way; if their solutions suffice for you, I have no qualms about saying, "Go for it." You're going to have to place trust in an entity of some sort, and I'd say they're as good as you're going to find. The reasoning is simple: We want cryptographic solutions that are fielded by competent, seasoned developers, and analyzed by those of the same caliber.

That's all for the "as for" spree - at least for now!
Back to top
View user's profile Send private message Visit poster's website
Elderan
Just Arrived
Just Arrived


Joined: 08 Jun 2007
Posts: 0


Offline

PostPosted: Tue Apr 15, 2008 5:04 pm    Post subject: Re: More thoughts. Reply with quote

Hi,
JustinT wrote:
You're probably going to come across comparisons suggesting that Serpent has the largest margin of security, followed by Twofish, and Rijndael trailing behind.

The comparisons came from the Twofish team (Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, Niels Ferguson, Tadayoshi Kohno, Mike Stay), see here.

Quote:

Algorithm: Safety factor
MARS: 1.90
RC6: 1.18
Rijndael (128/192/256): 1.11/1.33/1.56
Serpent: 3.56
Twofish: 2.67

[...]
Keep in mind that a safety factor of 1 corresponds to a broken cipher. Thus, even moderate advances in cryptanalysis could endanger RC6 and Rijndael.

In his first-round comments Lars Knudsen recommended that AES should have a safety factor of at least 2 [Knu99]. We strongly support that notion. The worst thing that could happen to AES is a successful attack a decade from now, even an “academic attack.”



Quote:
(Don't be afraid of the AES; Use it. In fact, I recommend using it whenever and wherever you possibly can, so look for implementations that do.)


Quote:

6 Discussion: Choosing AES

We recommend increasing the number of rounds for [...] Rijndael from 10/12/14 to at least 18, to get an acceptable safety factor. [...]
Twofish team, May 2000


Sure, you can use AES/Rijndael and it is up to date secure, but there are also some worries about it, but there are mosty academical and has no meanings for normal users:

Quote:

WHAT DOES IT MEAN TO "BREAK" A CIPHER?
Breaking a cipher doesn't necessarily mean finding a practical way for an eavesdropper
to recover the plaintext from just the ciphertext. In academic cryptography,
the rules are relaxed considerably. Breaking a cipher simply means
finding a weakness in the cipher that can be exploited with a complexity less than brute-force. Never mind that brute-force might require 2^128 encryptions; an
attack requiring 2^110 encryptions would be considered a break. Breaks might also
require unrealistic amounts of known or chosen plaintext - 2^56 blocks - or unrealistic
amounts of storage: 2^80. Simply put, a break can just be a "certifcational
weakness": evidence that the cipher does not perform as advertised.
Successful cryptanalysis might mean showing a break against a reduced-round
variant of the cipher - 8-round DES versus the full 16-round DES, for example -
or a simplified variant of the cipher. Most breaks start out as cryptanalysis
against reduced-round variants, and are eventually (maybe years later) extended
to the full cipher. In fact, a break on a reduced-round version of a cipher is often
a publishable result.

Self-Study Course in Block Cipher Cryptanalysis


A good example is the 9-round attack on AES:
Quote:
The 9-round related-key attack has a complexity of 2^224, which is of course completely impractical; but it is faster than an exhaustive key search, which is the standard measure to compare against (2^256). Our results have no practical significance for anyone using the full Rijndael.

Improved Cryptanalysis of Rijndael

As you see, a 9 round Rijndeal could be declared as 'broken', but you need (today) extremly more time for breaking a 9 round Rijndeal as you need it for any secure algorithm with a key size of 128 or 192 bits.
Back to top
View user's profile Send private message
JustinT
Trusted SF Member
Trusted SF Member


Joined: 17 Apr 2003
Posts: 16777215
Location: Asheville, NC, US / Uberlândia, MG, Brazil

Offline

PostPosted: Wed Apr 16, 2008 1:04 am    Post subject: On security margins and their limitations. Reply with quote

You have to be careful what you consider a break. A break on a reduced-round variant of the AES isn't the same as a break on the full-round AES, obviously. We know that Rijndael, Twofish, and Serpent all have attacks that cover reduced-round variants. An "academic break," is what we might also refer to as "certificational," in that while an attack may extend to the full number of rounds a primitive iterates, it's "theoretical," without any imminent real-world applicability. Of course, as a cryptographer, even these attacks bother me, and rightfully so. After all, attacks tend to get better - not worse. On the other hand, comparing block ciphers isn't as easy as comparing security margins.

I've said this many times before, but it's important for the sake of understanding the limitations of the "security margin" concept. While the concept of a security margin is a useful design metric, in regards to conservatism, it has its limitations; that is, the block cipher with the largest security margin isn't inherently the most secure. Suppose we have two block ciphers, A and B. A is a Feistel, while B is an SPN. There's a truncated differential attack on A that covers 7 of its 10 rounds and a higher-order differential-linear attack on B that covers 20 of its 40 rounds.

On the surface, we can say B is stronger than A, because it still has 20 rounds left untouched, whereas A is only 3 rounds shy of a full break. On the other hand, this assumption starts to lose foundation, when you consider that we're talking about two block ciphers based on different structural designs, employing two different round functions, and analyzed under two different attack models. It could very well be the case that extending the attack on B's remaining 20 rounds is easier than extending the attack on A's remaining 3 rounds. It all depends on what's going on inside the round function.

While I support the concept of a security margin as a useful design metric, but it's difficult to define and measure. Furthermore, this isn't the only way to compare block ciphers. First, because we're comparing SPNs (i.e., Rijndael and Serpent) and Feistels (i.e., Twofish), let's look at this in terms of cycles (i.e., 2 rounds). Rijndael achieves full diffusion after 2 rounds, Serpent achieves full diffusion after 3 rounds, and Twofish achieves full diffusion after 4 rounds. In other words, for example, assuming 128-bit key and block length, 10-round (5 cycle) Rijndael, achieves 5 full diffusion steps in 5 cycles, while 16-round (8 cycle) Twofish achieves 4 full diffusion steps in 8 cycles.

With such a comparison, we can say that a Rijndael round achieves much better diffusion than either a Serpent round or Twofish round. This goes to show that we can compare rounds in different ways, such that which block cipher comes out on top will vary. After discussing this with cryptographers such as Eli Biham and Vincent Rijmen, I've taken away the fact that as a design metric, security margins are useful, but they're also limited and by no means a blanket comparison for block ciphers. However, the layman can easily grasp security margins, conceptually - more so than the structural concept of full diffusion. Unfortunately, this leads to misconception.

If you look at Rijndael's underlying wide trail strategy, you'll see that it renders efficient round transformations and allows for provable bounds on the correlation of linear trails and the weight of differential trails. Group cryptanalytical simplicity and provable bounds together with the fact that the AES is receiving more cryptanalytical attention than any other block cipher, and you've got incredibly good reason to recommend its use in any application that can afford it. I have no qualms about developers using Twofish or Serpent, and appreciate many of the properties that their respective designers captured with the design strategies they chose. There very well may be applications for which they are more suitable, given some set of environmental constraints. I'm just of the opinion that Rijndael is the best choice, in general.

If you want even more reassurance, Ross Anderson (co-designer of Serpent) and David Wagner (co-designer of Twofish) recommend using the AES over Serpent and Twofish. Read Ross's thoughts on this on page 94, in Chapter 5 of his book, Security Engineering: A Guide To Building Dependable Distributed Systems (To all the security engineers in here: Do yourselves a big favor and download the first edition of this book). Read David's thoughts on this in a sci.crypt post of his. I highly recommend reading anything that David Wagner writes; it's always thought-provoking.
Back to top
View user's profile Send private message Visit poster's website
gtf004
Just Arrived
Just Arrived


Joined: 08 Apr 2008
Posts: 0


Offline

PostPosted: Wed Apr 16, 2008 4:36 am    Post subject: Reply with quote

Thanks everyone for your help. I have learned a lot from your posts. I think I will be using Truecrypt for my program.
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Cryptographic Software and Hardware All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register