Category talk:Broken block ciphers

This is the talk page for discussing improvements to the Broken block ciphers category.

Put new text under old text. Click here to start a new topic.
New to Wikipedia? Welcome! Learn to edit; get help.

Cryptography: Computer science Category‑class

	This category is within the scope of WikiProject Cryptography, a collaborative effort to improve the coverage of Cryptography on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.CryptographyWikipedia:WikiProject CryptographyTemplate:WikiProject CryptographyCryptography articles
Category	This category does not require a rating on Wikipedia's content assessment scale.
	This category is supported by WikiProject Computer science.

Criteria for the subcategories[edit]

[Moved from my talk page -- intgr [talk] 21:51, 24 August 2009 (UTC)][reply]

What criteria are you using for inclusion in Category:Broken cryptography algorithms and subcats? I think it's clear that KN-Cipher belongs in Category:Broken block ciphers, but there is no published cryptanalysis of BassOmatic, and making Category:Advanced Encryption Standard a subcat of Category:Broken block ciphers seems inappropriate. Most any cryptographic primitive that's been studied in the public community will have some certificational weakness; but the true situation is more subtle than an all-or-nothing "broken" designation would imply. Ntsimp (talk) 21:15, 24 August 2009 (UTC)[reply]

Published research is a fair one to go by. Faster than brute force attacks are how the cryptography community defines "broken" for symmetric algorithms — as far as I can tell. As for AES, given that there's a related-key attack against AES-256 in 2¹¹⁹ time, I think it fits the definition of "broken" even if it's not a practical attack.

BassOmatic is an exception; based on personal accounts from Zimmermann, I think it's fair to conclude that the cipher must have been a pretty bad one. -- intgr [talk] 21:38, 24 August 2009 (UTC)[reply]

Is your adoption of the category a sign of agreement? I'm open to discussion, I was just stating my rationale. -- intgr [talk] 03:12, 25 August 2009 (UTC)[reply]

I honestly haven't made up my mind yet. I really don't like calling AES "broken", making it seem somehow weaker than a stupid amateur cipher that's notable enough for an article but has no published attacks. Some of the ciphers like Nimbus are no-brainers, but many of these algorithms have no known practical cryptanalysis. On the other hand, any arbitrary line we could draw would be WP:OR. So for now I'm not sure; I was just populating the category since it exists. Ntsimp (talk) 03:41, 25 August 2009 (UTC)[reply]

In any case, once there is some consensus, the Category page should state the criteria. I notice that Triple DES has been added. I'm not sure that's appropriate - according to SP 800-67, NIST thinks Triple DES is good until 3030. Mitch Ames (talk) 11:59, 26 August 2009 (UTC)[reply]

I'm the one who added Triple DES, and I'm not sure it's appropriate either. But it fits intgr's criteria; there are attacks faster than brute force. Ntsimp (talk) 12:35, 26 August 2009 (UTC)[reply]