2

Cryptography books say that you should expose your encryption/decryption algorithm to test it against attacks and cryptanalysis, and the non-exposed algorithm is not considered strong as it is not tested against attacks, but they say also that the security of the cryptographic algorithm depends mainly on the key length and key random distribution to protect it against brute force attack and mathematical analysis of the key.

My question is why do we need to expose our algorithm while it depends mainly on the key length, if my key was long enough and truly randomized, so what is the benefit of knowing the algorithm?

4

1 回答 1

5

The benefit of knowing the algorithm is that you don't have to trust the maker that it is really secure.

If I know that the algorithm being used has been massively tested and peer-reviewed, and the general consensus is that it is secure, then that gives me more confidence in the system.

The opposite approach is called "security to obscurity" and totally depends on no one ever finding out how things work. And if they do (as hackers are wont to), you have a problem.

In theory, it makes no difference if you share the details of your new secure algorithm with anyone else or not. But in practice, that is the only way to find out if it really is secure, and the only way to make others trust your algorithm.

The point is that a secure algorithm can only be attacked by brute forcing (which can be made infeasible with long keys). But not all algorithms are secure. They can be broken with much less effort than brute-forcing keys. If you don't get your algorithm reviewed, we won't believe you that it is secure (and neither should you, brilliant minds have failed at these things before).

于 2013-03-31T01:39:45.447 回答