-1

There are lots of security algorithms. One of the way to measure security of a cryptography algorithm is to find out its key size. There are many key size of a single algorithm.

ECC (Elliptic Curve Cryptography) has 163, 256, 384, 512 etc.

RSA has 1024, 3072, 7680, 15360. I found this from here

but how can I calculate key size of an algorithm? How a single algorithm has different key size?

I am building an simple cryptographic algorithm but I don't know how to calculate key size of my algorithm.

My algorithm is to change a letter of a plain text by a code suppose

a=2H, b=3C, c=8S ......, z=6D

if plain text is "cb" then cipher text will be "8S3C". Then what will be the key size of this algorithm? How can I calculate?

Community
  • 1
  • 1
Md. Nasir Uddin Bhuiyan
  • 1,598
  • 1
  • 14
  • 24
  • 1. This would be a question for either the crypto- or the security-site of StackExchange. 2. The keysize is a property of the algorithm itself, nothing you calculate 3. You shouldn't develop any security-related algorithms on your own, unless you know exactly what you're doing. 4. This approach would do for a toy, but nothing serious. 5. The keysize of your algorithm is a design-property and up to you. Basically the more interesting question is how you're gonna build a bijective function to map each character to it's replacement. –  Feb 10 '16 at 15:29
  • The key size is the size in bits or bytes that is necessary to represent the key. If you figure out how you can represent the key (substitution map) in a compact fashion, you can just count it up to get the key size. Since there is no standard way of representing a key for a substitution cipher, it doesn't have a standard key size. – Artjom B. Feb 10 '16 at 15:32
  • I'm voting to close this question as off-topic because it belongs on crypto.stackexchange.com – Thomas M. DuBuisson Feb 10 '16 at 21:16

2 Answers2

1

The key size corresponds to a security strength. The security strength is how much effort the attacker needs to break the algorithm, and it depends upon the best attacks know against the algorithm.

For instance, a typical security strength is 128-bits. If you read a little about elliptic curve cryptography (ECC), you will learn that the best algorithm to attack ECC in the general case has square root running time. So if we use elliptic curves having prime order subgroup of 256-bit, then the number of points on the curve is order 2^256, which implies that attacking it takes sqrt(2^256) = 2^128 running time. So 256-bit ECC (having subgroup size 256-bits and key size 256-bits) gives you 128-bit security strength.

For RSA, the mathematics is harder, because the running time to break it depends upon the number field sieve, which has running time looking like e^[(1.92 + o(1)) (log n)^(1/3) * (log log n)^(2/3)], where n is the number to be factored and logs are natural logarithms. So to compute the key size corresponding to 128-bit security, we need to solve 2^128 = e^[(1.92 + o(1)) (log n)^(1/3) * (log log n)^(2/3)]. I think you would enjoy solving that yourself :-)

Note: when I am talking about security strength, I am only talking about the amount of computing power to break it. Some people argue that we should include memory as well in our calculations.

If you want a more thorough detailed discussion, I welcome you to read Selecting Cryptographic Key Sizes.

In order to select a key size, you need to understand the effort to break the algorithm, which means you should be a cryptographer. I'm sorry to tell you this, but your algorithm cannot be saved by a large key size: substitution ciphers are trivially breakable by frequency analysis.

TheGreatContini
  • 6,429
  • 2
  • 27
  • 37
  • (good answer! mostly commenting to check my understanding) but isn't it more accurate to say the best known attack on RSA depends on the computational complexity of a sieve. i.e. the best attack relies on factoring which is still believed to be a hard problem, currently best solved with a sieve. the best implementation of which has the given complexity – Sam Mason Aug 13 '20 at 10:04
0

As you said the size of the key is one aspect. The algorithms you mentioned (and many others) usually operate on blocks, or have some internal state that is a function of the key size and it's naturally explained since it's an input parameter(you specify the size of the blocks or the internal state).

For your algorithm you can argue that the key size is the number of bits required to store the encoding (27*2 in your example). However if somebody wants to argue about security they will most likely target the fact that you are repeating the sequences in the encoded text. So if I get a sufficiently large encoded text in English(works for any language, but as an example) I can easily find the characters (look for repeating sequences) and then using statistical methods figure out the mapping (look for character frequencies). So the length of your key has nothing to do with the most likely attack method so has not weight towards how secure it is. That is if I can crack it when you use 1 byte/character I can crack it just as easy when you use 1024 bytes / character.

As an example, the best way to crack RSA seems to be trying all the keys. So by making a key longer you exponentially increase the time it takes to try all the keys so you can then argue it's more secure because there's a longer key.

Sorin
  • 11,863
  • 22
  • 26