LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   cryptography... what's difference between 8bits / 16 bits / 32 bits/ 64 bits/128bits? (https://www.linuxquestions.org/questions/linux-security-4/cryptography-what%27s-difference-between-8bits-16-bits-32-bits-64-bits-128bits-930009/)

ybpark81 02-18-2012 01:01 AM
cryptography... what's difference between 8bits / 16 bits / 32 bits/ 64 bits/128bits?
 
Hi,
I have some question, is there anyone who can help me please?

what's difference between 8bits / 16 bits / 32 bits/ 64 bits/128bits encryption password?
How do you define each one?
And where do you use them?

Example: when i enter my password(which contain 8 characters) to enter my hotmail.com account, the password which i entered, is that 8bits? 16bits? 32bits? 64bits? or 128bit? and why??

8 characters = 8 bytes = 64bits??? so am i using 64bits encryption password???

sorry to be so newbie...

and thanks...

Noway2 02-18-2012 07:03 AM
Generally speaking as the number of bits is increased, the strength of the phrase is increased against a cracking by brute force. In truth, it gets a lot more complex than that as passwords are not usually stored straight out, but hashed through algorithms to make them stronger and avoid having to transmit the real password. In theory the mapping is one to one, but this isn't always the case. As an example of what I mean if your password is "abc123" it may get hashed into "1234567890", which is then transmitted to the server which compares against the hashed value. This way, the server doesn't need to know your "real" password. The 'bits' comes into play in regards to the strength of the hashing and in terms of the character set used. If for example, you limit yourself to using the standard 127 ASCII characters you have a lot lower 'bit strength' in your password than if you used a full ISO character set because there are fewer combinations that can be made.

The above is a pretty crude explanation. Wikipedia has a good explanation of how this works. Here is a link: http://en.wikipedia.org/wiki/Password_strength

John VV 02-18-2012 04:04 PM
the difference from 8 bit to 128 bit
PRE-WW I to WW II
pre1914 to 1940


wasn't the enigma a 128bit cypher

kuser:) 02-19-2012 01:44 AM
The following quotes are from this book:
"Principles of Computer Security: Security+ and Beyond"
Copyright 2004
Authors:
Wm. Artur Conklin, Gregory B. White, Chuck Cothren, Dwayne Williams, Roger L. Davis.
ISBN-13: 978-0-07-225643-7
ISBN-10: 0-07-225643-5

Chapter 5: Cryptography, pg. 80:
Quote:
Key complexity is achieved by giving the key large number of possible values. The Keyspace is the size of every possible key value. When an algorithm lists a certain number of bits as a key, it is defining the key space.
[...]
Quote:
Comparing a key made of 1 bit (2 possible values) and a key made of 1 letter (26 possible values) would not yield accurate results. Fortunately, the widespread use of computers have made almost all algorithms state their keyspace values in terms of bits.
It is easy to see how key complexity affects an algorithm when you look at some of the encryption algorithms that have been broken. DES (Data Encryption Standard) used a 56-bit key, allowing 72,000,000,000,000,000 possible values, but it has been broken by modern computers.
And that's because of technological progress in computers' processing power (measured in FLoating-point Operations Per Second).
Quote:
All encryption ciphers besides a "one-time pad" cipher are susceptible to a brute force attack-attempting every possible key. With a very small key, such as 2-bit key, trying every possible value is simple, as you only have four possibilities: 00, 01, 10, or 11. The 56-bit DES has 72 quadrillion values, and while that seems like a lot, computers have advanced to the extent that they can attempt billions of keys every second. This makes brute forcing a key only a matter of time, so large keys are required to make brute force attacks against the cipher take longer than the effective value of the information that is enciphered by them.
In other words, computers are becoming faster, so there is a need for larger keyspace (in bits). Brute force is just one of many types of password-cracking.

I hope I didn't violate the "fair use" rule of copyright law in my post... :scratch:

sundialsvcs 02-19-2012 08:38 AM
The Enigma cipher was a chained-transposition cipher with (almost-)simple incrementing fixed rotors. Other contemporary ciphers such as SIGABA increased security primarily by perturbing the rotor-positioning cycle. But none of these ciphers really had a sense of "bits."

We do now know that German computers such as Konrad Zeus' seminal machines were at least considered for cryptographic purposes, but there simply aren't enough known records left after all that bombing.

The key-length of a modern cipher is a rough measure of security against brute force attack, but only to the extent of the quality by which the algorithm in question actually uses the key. The "ideal" n-bit cipher would have exactly one key which produces the correct decryption and every other one produces an incorrect result that is "uselessly dissimilar to" the one and only right answer.

But remember... the theoretical strength of a cipher's key is really a too-abstract notion of its actual, pragmatic security in practice. Most cryptosystems are broken due to attacks on the keying system. The pseudo-random number generator, for instance, might not be so random after all. The key might be known to consist of "printable" characters. The owner of the key might decide that he'd rather live a few more years, and to do so in possession both of his arms (or, more cravenly, "$10 million dollars richer than before"), than to continue refusing to divulge the secret. And so on.


All times are GMT -5. The time now is 04:33 PM.