5

I found some App in the Google Store, and there were features only for the PRO version: Threefish 1024-bit and SHACAL-2 512-bit. Meantime, AES-256 was available in the free version of app.

So I concluded that the Threefish 1024-bit and SHACAL-2 512-bit algorithms are stronger, and I did a little research and discovered that AES-256 was invented in 2001, Threefish 1024 in 2008, and SHACAL-2 512 was also invented in 2001.

SHACAL-2 512 - I have read that this algorithm was something like "partly hacked for 50%" but for now considered as solid and unhackable.

Threefish 1024-bit - in the opinion of the authors who invented this algorithm it is more effective than AES. And it has a 2.9 security index, while AES has only a 1.7 security index (bigger is better).

Patriot
  • 3,162
  • 3
  • 20
  • 66
Chosenman
  • 163
  • 1
  • 6

3 Answers3

13

Neither SHACAL-2 nor Threefish are "more" secure than AES because it's a case of "meh cannot break" with all of them.

All three ciphers are unbroken and all three use keys larger than 128-bit* meaning the bigger numbers in the key size have no value except to impress people with being bigger and with the company being able to waste computation time. Also note that in the most rares cases it is actually the crypto (and especially unlikely the block cipher) that is broken but rather the implementation and especially the data handling implementation.

Now for a bit of discussion on each cipher:

  • SHACAL-2. It is based on SHA-2's compression function and from what I can tell turning it into a block cipher was a case of "we did it because we could". It's practical deployment is absolutely negligible and cryptanalysis results are sparse, so I wouldn't trust it more than AES.
  • Threefish. Threefish was the block cipher underlying the Skein submission to the SHA-3 competition. It has some well-reputed names behind it and is a very useful tool block-cipher with a large block size that is especially hardened against related-key attacks and side-channel attacks. I would actually prefer Threefish over AES if you don't have a well-hardened implementation of AES available and you are on a 64-bit platform and you don't have hardware-accelerated AES available. This is because Threefish only uses additions, rotates and XORs (ARX) which makes it quite easy to implement securely and with solid performance. Analysis-wise it has seen quite a bit during the SHA-3 competition and a bit afterwards, but as Skein wasn't selected it hasn't seen much analysis since.
  • AES. AES is an excellent block cipher which has with-stood nearly two decades of intense cryptanalysis. Not only hasn't it been broken in this time, but we have also figured out how to implement it securely and it has wide hardware support these days, making it the performance- and security-wise best choice if available. If not, using a more modern ARX based cipher is also appropriate, but especially on a modern phone secure AES implementations should be available.

On this topic, also see the mandatory blog post by Matthew Green.

* If you believe that large-scale quantum computers will exist at some point, you need 256-bit symmetric keys to force $2^{128}$ quantum operations (thanks to Grover's Algorithm) which all three cipher support.

SEJPM
  • 46,697
  • 9
  • 103
  • 214
5

There is more to a question like this than just has the algorithm been broken. The other and equally important question is how was the encryption algorithm implemented? Who implemented it and was it reviewed to ensure the implementation was good? Getting crypto right is very difficult and making errors is very common, even for widely used and well know software, openSSL for example had some very significant problems with their crypto implementation

http://thehackernews.com/2016/05/openssl-vulnerability.html

The reason this really matters is once you encrypt something if it is made public, especially for data at rest, the encryption has to protect that data until protecting the confidentiality of the data is no longer of value. Which could be your entire life or longer if it's very personal information. If a flaw is found the data is no longer protected. Some encryption implementations can be certified as correctly implemented, AES, for example, can be reviewed against the NIST FIPS 197 standard

http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf

So another consideration is can the implementation of the encryption algorithm be verified as good. If a company goes to the trouble of doing this then for me I can have confidence that they care about their software. A good example is WinZIP, they state publicly that their implementation for their zip file encryption has been reviewed and is compliant with the FIPS 197 standard.

WinZip

For example, I was looking at some software that included file encryption. I wanted to work out how it was encrypting the files as it wasn't documented. I checked the files it installed and they were using 7Zip to zip and encrypt the files they were processing. However, the 7Zip dll file they were using was over 10 years old, what does that say about a software company that has continued to use a version of the software which is that old, 7Zip most recent update was the end of last year, however, they are still using a very old version. (NOTE: To be clear this is not an issue with 7Zip, it is another company using a very old version of 7Zip dll file)

Ievgeni
  • 2,653
  • 1
  • 13
  • 35
Mark A
  • 51
  • 2
-2

AES is enough, but the security of the encrypted data depends almost of all about how you want to use. You can use AES in CBC mode and you are ok.

Xxshark888xX
  • 5
  • 4