[cryptography] cryptographic agility (was: Re: the spell is broken)

Jeffrey Goldberg jeffrey at goldmark.org
Sat Oct 5 00:48:04 EDT 2013


On 2013-10-04, at 10:46 PM, Patrick Pelletier <code at funwithsoftware.org> wrote:

> On 10/4/13 3:19 PM, Nico Williams wrote:
> 
>> b) algorithm agility is useless if you don't have algorithms to choose
>> from, or if the ones you have are all in the same "family".
> 
> Yes, I think that's where TLS failed.  TLS supports four block ciphers with a 128-bit block size (AES, Camellia, SEED, and ARIA) without (as far as I'm aware) any clear tradeoff between them.

The AES “failure” in TLS is a CBC padding failure. Any block cipher would have “failed” in exactly the same way.

So you might be right in general, but this is not a useful example for illustrating your point about different kinds of block ciphers.

Cheers,

-j




More information about the cryptography mailing list