What is the best cryptgraphie algorythm

[DropSoil]

For one of my project I have to encrypt a large amount of data.

what i wich to know is : is it posible to have a big key of 1GB for example

how heavy the algorythm is for the CPU or one of my mirocontroleur (yes it might be coded in vhdl/ASM or something like that)

so if any of you have some information about it feel free to answer but don't misunderstand me I've already done a google search. What I want is like a specialist advice .

[Sparda]

Yes you could have a key that is 1GB, but why?! 2048 bits is vertualy uncrackable, at least, it would takes several hundrad years to brute force attack. I surgest you use Blowfish for the actual encyption. It's symetric cipher so it's nice and fast and it's vertualy uncrackable.

[l0gic]

There are various advantages and drawbacks to different algorithms. Generally the trade off is between processing intensity and resistance to cryptanalysis. The length of the key(s) used also affect throughput, and some implementations may be limited to 512, 1024, or 2048 bits. But like Sparda said these should be more than suitable.

I think using a 1GB "key" would actually be something called a one-time pad; random data that is used to encrypt messages bit-for-bit. I've read that this implementation is (in theory) mathematically uncrackable, but of course the obvious drawbacks are that you have to store a huge amount of random data on both ends of the communication.

[cooper]

Imagine if you will a 2048-bit key used in an algorithm that works with symmetrical encryption. That means that the key is the product of 2 primes. As having one of the two primes is all you need to get the other one you only need to search half that keyspace for actual keys.

But it gets better, since you only need to try all the prime numbers in that keyspace. So about 80% of the keyspace can be discarded quite easily. Let's, for the sake of argument, assume that you only need to test 1% of the keyspace.

Let's also assume that a processor technology advanced to the point where your CPU needs just 1 cycle to test a key, and they managed to clock that CPU at 100 GHz. That would mean a typical computer would be able to test 100.000.000.000 keys every second! (Yes, we're *WAY* off into fairytale land here, in case you wondered)

Let's finally assume that you've started up something like Distributed.net, and managed to get 1 BILLION users that all have this typical machine at their disposal to help you crack keys. That would mean over this massive network a stunning 100.000.000.000.000.000.000 keys get tested every second!

Sounds like a lot, no?

What people fail to appreciate is the size of a 2048-bit key, because it doesn't sound like a lot. However with the above assumptions brute-forcing a key would take this amount of seconds:

16158503035655503650357438344334975980222051334857742016065172713762

32756943394544659860070576145673184435898046094900974705977957524546

05475440761932241415603154386836504980458750988751948260533980288191

92033784138396109321309878080919047169238085235290822926018152521443

78794577053290430377619956196519276095716669483417121034248739328228

47474280880176631610290389028296655130963542301570751292964320885583

62971801859230928678799175576150822952201848806616643615613562842355

41010486257855086346566173483927129032834896752299863417649931910776

258319471866777180106771661480232265923930247607409

Divide by 31 million to get the amount of years if you think it'll make you feel better.

You could go with bigger keys of course, but as long as the algorithm is solid, what's the point?

[spektormax]

ok, well lets see what we can think up... AES is the goverment standard for encriptign sensitive data. HOwever you cant get a 1 gig key from it. I agrre that you could use it as a one time pad... say do liek an SHA-1 or other algartihum inoordedto get a gig of random nubers. THen you do bit 1 of plain xor bit 1 af random...2 xor 2..... 1 gig xor 1 gig. HTis mgiht be secure, but the problem is tha tyou ahve to carry around a gig of key, and to set up a random number generator you need a seed and you can ususaly have a max seed size of between 128 and 512, so inherently its will be cryptologicly equal to the keylenght of hte seed!

[DropSoil]

Ok you convince me, 1Gb is quite a lot and i might overpounded the key .

So something like a 2048 bit is enought.

my project is something like that no more password to access to your data. So what I expected to do is make an hardware key. The mater is that it shouldn't changed and when I see how easy it is to got a 128bit WEP key I was just wandering which size of key I have to get so... I'have search on google and found stuff saying a 1GB key is uncrackable with an asymetric key system.

So If you have better Idea let me know

[rFayjW98ciLoNQLDZmFRKD]

http://www.grc.com/securitynow.htm

[harrison]

Nooo, not the GRC links.....aaah, my eyes are bleeding!! I feared the day Gibson would make it to the Hak.5 website.

IT'S A BACKDOOR!!!!!!!

Okay, anyway, back on subject. Check out ElGamal. Great algorithm. Also, on the topic of key sizes, even 2048 bits is a fuck load. Usually there is an advancement in mathematics that breaks an algorithm before an advancement in technology that computes ciphertext encrypted with a larger keysize.

You can have the biggest lock on your door, shit you can have 10 locks on your door, and a crook will just break in the window. The implementation of the algorithm is more important than the size of the key.

[tabath]

WEP is crap not cos of the key length but because its authentication is not worth shit