Revision as of 19:55, 26 March 2024 edit Walshy231 (talk \| contribs) 139 edits m More widely acceptable spelling Tags: Visual edit Mobile edit Mobile web edit ← Previous edit		Revision as of 07:43, 27 March 2024 edit undo Dimawik (talk \| contribs) Extended confirmed users 2,450 edits →top: rewrote the paragraph on building weak systems from strong blocks using the well-known Schneier essay as a source Tag: harv or sfn error Next edit →
Line 8: The strong cryptography algorithms have high [[security strength]], for practical purposes usually defined as a number of bits in the [[Key (cryptography)\|key]]. For example, the United States government, when dealing with [[Export of cryptography from the United States\|export control of encryption]], considered {{asof\|1999\|lc=y}} any implementation of the [[symmetric encryption]] algorithm with the [[key length]] above 56 bits or its [[public key]] equivalent<ref>{{cite web \|title=Encryption and Export Administration Regulations (EAR) \|url=https://www.bis.doc.gov/index.php/policy-guidance/encryption \|website=bis.doc.gov \|publisher=[[Bureau of Industry and Security]] \|access-date=24 June 2023}}</ref> to be strong and thus potentially a subject to the [[Export control\|export licensing]].{{sfn\|Reinhold\|1999\|p=3}} To be strong, an algorithm needs to have a sufficiently long key and be free of known mathematical weaknesses, as exploitation of these effectively reduces the key size. At the beginning of the 21st century, the typical security strength of the strong symmetrical encryption algorithms is 128 bits (slightly lower values still can be strong, but usually there is little technical gain in using smaller key sizes).{{sfn\|Reinhold\|1999\|p=3}}{{update after\|2015}} Demonstrating the resistance of any cryptographic scheme to attack is a complex matter, requiring extensive testing and reviews, preferably in a public forum. Good [[algorithm]]s and protocols are required (similarly, ~~and~~good materials are required to construct a strong building), but good system design and implementation is needed as well.: ~~For~~"it ~~instance,~~is ~~the~~possible ~~operating~~to build a cryptographically weak system onusing ~~which~~strong algorithms and protocols" (just like the ~~cryptographic~~use ~~software~~of ~~runs~~good ~~should~~materials bein asconstruction ~~carefully~~does ~~secured~~not asguarantee a ~~possible~~solid structure). ~~Users~~Many ~~may~~real-life ~~handle~~systems ~~passwords~~turn ~~insecurely,~~out orto ~~trust~~be ~~'service'~~weak ~~personnel~~when ~~overly~~the ~~much,~~strong orcryptography ~~simply~~is ~~misuse~~not ~~the~~used properly, for example, random [[~~software~~Cryptographic nonce\|nonces]]. ~~(See~~are ~~[[social~~reused{{sfn\|Schneier\|1998\|p=2}} ~~engineering~~A ~~(security)~~successful attack might not even involve algorithm at all, for example, if the key is generated from a password, guessing a weak password is easy an does not depend on the strength of the encryption algorithm.{{sfn\|~~social~~Schneier\|1998\|p=3}} ~~engineering]]~~A user can become the weakest link in the overall picture, for example, by sharing passwords and hardware tokens with the colleagues.){{sfn\|Schneier\|1998\|p=4}} ==Background==

Strong cryptography: Difference between revisions