Update block-ciphers.rst #380
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
lvh
reviewed
Oct 12, 2020
| @@ -220,51 +220,51 @@ A closer look at Rijndael | |||
| .. canned_admonition:: | |||
| :from_template: advanced | |||
|
|
|||
| AES consists of several independent steps. At a high level, AES is a | |||
| AES includes several independent steps. At a high level, AES is a | |||
There was a problem hiding this comment.
Doesn't include imply that there may be other parts too?
lvh
reviewed
Oct 12, 2020
| :term:`substitution-permutation network`. | ||
|
|
||
| Key schedule | ||
| '''''''''''' | ||
|
|
||
| AES requires separate keys for each round in the next steps. The key | ||
| schedule is the process which AES uses to derive 128-bit keys for each | ||
| The next steps show how AES requires separate keys for each round. In the key |
There was a problem hiding this comment.
This changes the meaning of the sentence. It's saying AWS consists of several steps (see before), and future steps require round keys, and this step is about generating those round keys. It does not show how AES "requires" round keys, it shows how AES produces them.
lvh
reviewed
Oct 12, 2020
| the remaining columns. | ||
|
|
||
| SubBytes | ||
| '''''''' | ||
|
|
||
| SubBytes is the step that applies the S-box (substitution box) in AES. | ||
| The S-box itself substitutes a byte with another byte, and this S-box is | ||
| The AES SubBytes step applies to the S-box (substitution box). |
There was a problem hiding this comment.
This changes the meaning of the sentence to be incorrect. SubBytes applies the S-box. It does not apply to the S-box. SubBytes is itself an application of the S-box.
lvh
reviewed
Oct 12, 2020
| In an effort to extend the life of the DES algorithm, in a way that | ||
| allowed much of the spent hardware development effort to be reused, | ||
| people came up with 3DES: a scheme where input is first encrypted, then | ||
| In efforts to extend the DES algorithm life in that |
There was a problem hiding this comment.
This does not appear to be grammatical.
lvh
reviewed
Oct 12, 2020
|
|
||
| The three keys could all be chosen independently (yielding 168 key | ||
| The three keys can be chosen independently (yielding 168 key |
lvh
reviewed
Oct 12, 2020
| the first encryption, so you really only get the effect of the last | ||
| encryption. This is intended as a backwards compatibility mode for | ||
| the first encryption. You really only get the effect of the last | ||
| encryption. It is intended as a backwards compatibility mode for |
lvh
reviewed
Oct 12, 2020
| 3DES implementations for systems that require DES compatibility. | ||
| This is particularly important for hardware implementations because | ||
| providing a secondary, regular “single DES” | ||
| interface next to the primary 3DES interface is not always possible. |
lvh
reviewed
Oct 12, 2020
|
|
||
| Some attacks on 3DES are known, reducing their effective security. While | ||
| Some attacks on 3DES are known, which reduces their effective security. While |
lvh
reviewed
Oct 12, 2020
| 3DES is a poor choice for any modern cryptosystem. The security margin | ||
| is already small, and continues to shrink as cryptographic attacks | ||
| 3DES is a poor choice for a modern cryptosystem. The security margin | ||
| is small and continues to shrink as cryptographic attacks |
lvh
reviewed
Oct 12, 2020
| more secure than 3DES, they are also generally much, much faster. On the | ||
| same hardware and in the same :term:`mode of operation` (we'll explain what that | ||
| means in the next chapter), AES-128 only takes 12.6 cycles per byte, | ||
| Far better alternatives, such as AES, are available. AES are |
lvh
reviewed
Oct 12, 2020
| :cite:`cryptopp:bench` Despite being worse from a security | ||
| point of view, it is literally an order of magnitude slower. | ||
| :cite:`cryptopp:bench` Despite being risker from a security | ||
| perspective, 3DES are literally an order of magnitude slower. |
lvh
reviewed
Oct 12, 2020
| While more iterations of DES might increase the security margin, they | ||
| aren't used in practice. First of all, the process has never been | ||
| standardized beyond three iterations. Also, the performance only becomes | ||
| While more DES iterations can increase the security margin, they |
There was a problem hiding this comment.
No, it is not known if more iterations increase the security margin.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.