- From: Giuseppe Bianchi <
>
- To:
, Marco Spaziani Brunella <
>
- Subject: Re: [ISS] Block Chipers Slides
- Date: Thu, 17 Oct 2019 10:45:14 +0200
- Autocrypt:
; prefer-encrypt=mutual; keydata= xsFNBFU7x9cBEADmtN0e0m/o5lojFeI0ZoVbEpn1UDGa9NCDKx81gwWwHmoF8SEq2JMG6A/i gHGCprbz3kLTRLqdjFXU1Lurls7BkRr/GWf4s9GOMd57eVTz7qkEGusIpuPBUDpkiUcuEVRK is1l69KL0MlXrUce+Urr1UJ9hNjlRCmQokVZXiEPTs9yjnfj0QxL2v0NWtOvyoCVl0tB03rN FJ/sFxwUYfxT4EGUu7emh3axQa6G+h/6Aa4brx9YA8Lqk+0vuROHLwGs2FFVA8AuBoyK+Pgw ECbq54MFMkDh7G9B7FEHKN6QWQGmAIyWfkd+bXuysQ/q8UxCI1O1h9pwdc9rlAmnmByhRVYf YPHsNLArnxfcnJY3nW4qeRuY6MaSxTlr3k4yhTYFB33I6uGUVjqh4CZNB34YnEG57C7b8yw/ 7kt4EB+vsHs0RDjPbPZSKy1y2so+MoQ8ZW1AFbxY4qpbEwT0v69UlAtNJ2/Cdd38c2V7YeuX 02eDuguXVR3wRUY6Wy4qRWtoSm1bCpp365w414jtLBv+zXZldb4lsNpO1WwksxeSqj01eY3C BJoBT6qZLFrEl8Q0EZ0HAU9MJmpDekX6nQe/T4Z3Sik9QYg1j1j3u8xYGSKRT9JKe4mlK5n8 H2I60lIKmOFCYmiJ5wXzgiBFf/XMJppGrL3s52zV9eQyQceuMQARAQABzS9HaXVzZXBwZSBC aWFuY2hpIDxnaXVzZXBwZS5iaWFuY2hpQHVuaXJvbWEyLml0PsLBfwQTAQgAKQUCVTvH1wIb IwUJCWYBgAcLCQgHAwIBBhUIAgkKCwQWAgMBAh4BAheAAAoJEHD4zKH/GovbaIYQAOZxyPgq 3WoKyi7Zhpn06Eu41mwVCunR87NdOqy9AwAmZTDIcXGRkuuonxvMROByhZsudS/qVL+qvUoi /ChVZAFpIo++o+5os0ZgKW5lxEWu1/2qEG1yAVVK3wuIidVtjZ7UnE8c3EXPP3ndZbDUyayl gH33vAZhazzYQ4DUw9Rw3tkKDZapRc6YU9aHIZT6Y+/bh5Z1bHohE/kGH+cvQIFpDcwKgZUk P1RMfvHaPxIn4Q2lxJ5dN4HsLAAD2enxUQM0YDPjTJtBqZ33jF+7DBFVBiFAfXMLYi9EhAGM N78T/hQ1pzBlUAXDaDHqDNKcCzu4Qi763hblbFLzZv28HmW9pPiP8Bek2zgjphw0XJVg2qtO 9CHJO7kl5vxSIOjH0bqTLqS7kuQ2t8j4mBhNx1SP97786MZDlkk+nwyfuv2qQp+tJkJdVw9A F/ZCxrYZ7IYeJJ3ogcNl1C/zitOR/7XlgEiRkB1upH8ClVbfJRwB2L3IZDM3KU2OV8r3rjEl k2d5+AdoIt5y9Rkwi9SUKF29JOLfU4Lj+5tMtjyZfXHbFL66WgU6ZmH1vmzDZXk3G7LIyknt 8lyCrtZTSTdo5KkxWgfzqP9U8q5FPD7rX4rOR65RQBNnTAlQmRXULe5uR1PsnpbuJVvbD0yy 0z2j12yASLEKxpyQy3KNEu2C7Rj4zsFNBFU7x9cBEACt0itoXe++Xbvb+EWGp1DWqfTc20IP TB3N0zZrFgoJOSvYYzamVZKW1DGErRTeIV3VRCQw5xmsMag6S5hGIhJS+l3XwApLDUOwkJ7H oDsu0VLMbuuZXxWPKKrPDQbHQEjPMBpx2BlA14fAWThD+iy4cOOFrsAnVzEgWvxbqPZ3a09u lkf7sk3Nlbv06HMgs1g9PgNKmCJoyFD06F9cPM2AdJZqw9YnjBwR0AwzdqT8ILVQwnAGbKgL eeabBNxqrFxohifNxt88XGpbzsj+EtmvXia2/lVburmIY/iSth3KLFJXceGoxQYIU9Gz8XIh x3tw5AXX0Hgranrl9qDNJ3OQJuSSfLsLfO3ZlqEMk6lRn7MLzCcpSJyXv+PuZtDsiZSNSUyv EsHoSOjVZuClHhWhJ3VMYh/lLWutjdFJTsfAgVl12JlFUvoQm1xi2ZV1GEZKwrMgf/k/WUF1 XzJrBxcDoax7gt4BKME/cTCjWVYPOpwWFbAR3AC393OjqrZJnKxI9eDdsYIRkhGkt/xwXt0S gSjPfwpahOrOz5yfLPOLKThbLTRsIcm/x1at6XSIlNer8pkL+tzeg9qyA2Hg8KNC6n0BxuDa TOMTMub8Wl2aDKGoTfha6S7MlVhP6WuLu9ZUI0Tv2p+XmTpreQFCauomOLQI+s4PC/4lPIvq 3jEtWwARAQABwsFlBBgBCAAPBQJVO8fXAhsMBQkJZgGAAAoJEHD4zKH/Govbx5YP/i9QBUVo NWWJnKLyBU9SjmaaCGu2uKzvwiCvoZN2PQCczXxuwVpumlA1ZP3e9pn0u51QzUWVvW6BbJKV e1AlFtDwSJHH9q6y/zvQno7hVzowjFpAsdoVMAuuKgeI8pxdq7psIYdnB7j8nRvk5Z6v/54U OSIeZueM4dYEnW1nbfo8VFu4VLLlvS8nxXH05Zufym7pVi3efnDSk7BXiH5QyaN41+JBY7X/ WbLwt1HpHSPnM//pwIZMPbXqDq9hSuh2AFbbo25SQ2LXKtvG22Rq4krHmR7aX5DqBDLhkm/Y 0NdZZPDrOOVRzhI7NU5EDJgTXZXcpDcvpFsKHoyVVjIA+Su4kimcJSlgGcZNIWdwrkem99IC ZXEFgoAfCaTjh3iYo/WxSfnnSObagfmO8lW1ddWCj17/XedK6bqXXzHUC5/i2aoQp5ulxNR5 GXJrQ+eOsPuCFfQpdxGHr/9YgOCtkQO5wfR33jWGFoPF5tZuMShJujeiY0RrYI9ZWHwjlXqF XwFf1Y4NIFWxq57NpD9QEHMkHXYvjRzTkRd0d/kTaLPpLqh/Q4PLC69eyiz8JESAH6nubo9S YOpWIoWfByo0cC8qpEb1wNhZv/Lo5I9fUJgmYWsbEjhayFXVhmZFtDofhHm/J7KIqadHFDsM xbbCe9Iaj+5/vBAW/7nQ1JFW2lx4
- Openpgp: preference=signencrypt
Ahi! Marco removed the best slide of the pack (here attached again)
which basically says that all modes are (more or less) OK EXCEPT ECB!!
ECB, as Marco will tell you today, should not ve considered a mode, but
it is just a completely insecure approach which should not have been
even named in my opinion!! Indeed, I believe the crypto community made a
BIG error in calling it a "mode" and giving it an acronym, as non expert
people, when seeing the acronym EBC, may think to something meaningful
and may not realize it is just the most stupid thing you may ever do!
In fact too often we see recurring questions (and enjoy some relevant
nonsense comments/answers...) such as:
https://crypto.stackexchange.com/questions/225/should-i-use-ecb-or-cbc-encryption-mode-for-my-block-cipher/226
which suggest that "normal" persons may get badly confused!
Which brings me back to the rationale behind the attached slide (Marco
please re-include it!!): even if you do NOT understand what are such
listed modes (e.g. OFB or XTS are arguably less common than CBC or CTR,
at least in networking!), they at least are all (well, almost all - see
note!) meaningful construction whereas ECB is NOT, as it just means: no
block chaining at all! In other words, whenever you will see ECB in a
configuration, raise a super, super red flag, you have a SERIOUS
security problem!!!
Have a good lecture, and greetings from remote!
GB
technical note: XEX is also bad for the same reasons of ECB, see
wikipedia to understand why. Unfortunately I was not the creator of such
beautiful slide (I'd have in fact also removed XEX from the "good" modes).
Il 16/10/2019 19:54, Marco Spaziani Brunella ha scritto:
>
Dear Students;
>
You can find attached the slides of today (and tomorrow) lecture.
>
See you tomorrow;
>
*Marco Spaziani Brunella*
>
CNIT Researcher @ University of Rome Tor Vergata
>
E //
>
>
<mailto:
>
>
A // Via Del Politecnico 1, 00133 Rome, Netprog Lab
>
<https://maps.google.com/?q=Via%20Del%20Politecnico%201%2C%2000133%20Rome%2C%20Netprog%20Lab>
>
Attachment:
p.pdf
Description: Adobe PDF document
Archivio con motore MhonArc 2.6.16.