What is the strongest data encryption method?

[danrok]

Suppose you want to encrypt a data file, which method of encryption is the most difficult or time consuming to break?

[Gizmo]

Twofish or Rijndael, IMO.

Twofish is an enhancement of Blowfish, written by Bruce Schneier, and was one of the contestants for the AES encryption standard (it was one of the 5 finalists, Rijndael was another one).

Both support 128, 192, and 256 bit keys. IIRC, Rijndael supports ONLY those sets, whereas Twofish can be implemented to support any arbritrary key size that is a multiple of 32-bits between 128 and 256 bits in length.

Rijndael is slightly faster for 128-bit keys and Twofish is slightly faster for 256-bit keys. There's evidence to suggest that Twofish is also a bit harder to crack, but both encryption algorithms are PRACTICALLY impossible to crack at this time with current hardware.

I wrote an implementation of Bruce Schneier's older Blowfish algorithm some years ago. While I'm no cryptanalyst, I was impressed with how easy it was to code the algorithm, and the Twofish algorithm is very similar, although more 'beefy'. I've not looked at what it would take to implement the Rijndael algorithm.

[Áedán]

I thought that AES was Rijndael?

As far as encryption goes - how long do you want to keep whatever information secure for? Brute force attacks will succeed, it is simply a matter of how long before they succeed.

[danrok]

Quote:

Originally Posted by Áedán

I thought that AES was Rijndael?

As far as encryption goes - how long do you want to keep whatever information secure for? Brute force attacks will succeed, it is simply a matter of how long before they succeed.

Has Twofish ever been brute forced?

[Gizmo]

No, and neither has Blowfish when using the full 16-round implementation. In fact, Blowfish has only been proven to be breakable at 4-rounds, although the 14-round implementation can be shown to not be random, suggesting that with sufficient time and analysis it COULD be broken. There are no known weaknesses at 16-rounds, meaning the only effective attack method would be brute-force. Because of the size of the potential keyspace (448 bits), that isn't effective with current hardware.

[danrok]

Quote:

Originally Posted by Gizmo

Because of the size of the potential keyspace (448 bits), that isn't effective with current hardware.

Because processors don't do 448 bits so easily?

Or because you would need a cluster the size of the moon?

[Gizmo]

Both, actually. One is a function of the other.