The Notebook Review forums were hosted by TechTarget, who shut down them down on January 31, 2022. This static read-only archive was pulled by NBR forum users between January 20 and January 31, 2022, in an effort to make sure that the valuable technical information that had been posted on the forums is preserved. For current discussions, many NBR forum users moved over to NotebookTalk.net after the shutdown.
Problems? See this thread at archive.org.

    serpent vs. rijndael (related to TrueCrypt)

    Discussion in 'Windows OS and Software' started by EricaL, Nov 1, 2011.

  1. EricaL

    EricaL Notebook Consultant

    Reputations:
    750
    Messages:
    266
    Likes Received:
    2
    Trophy Points:
    31
    which is more secure? reviews say serpent is, but then why was rijndael chosen as AES? how slower is serpent than rijndael? thank you.

    p.s. - this is regarding TrueCrypt.
     
    EricaL, Nov 1, 2011
    #1
  2. EricaL

    EricaL Notebook Consultant

    Reputations:
    750
    Messages:
    266
    Likes Received:
    2
    Trophy Points:
    31
    also, should i use multiple algorithms? what are the pros and cons of this?

    thanks.
     
    EricaL, Nov 1, 2011
    #2
  3. nar0

    nar0 Notebook Guru

    Reputations:
    18
    Messages:
    65
    Likes Received:
    0
    Trophy Points:
    15
    Which is more secure? I believe serpent has some advantages over Rijndael in this area. But Rijndael was chosen for AES because security isn't the only requirement. AES has to be both secure enough and able to run on anything that requires AES, this could range from large super computers all the way down to embedded smart cards no bigger than a credit card.

    Rijandael is definitely much faster than Serpent on these small low power devices, but I don't think there's really much difference when using a modern computer.

    Using multiple algorithms would make your encryption more secure as long as everything is done properly which I assume truecrypt does. Cons are rather simple, encrypting and decrypting everything takes basically twice as long.

    Really unless your storing government secrets or something no one will have the resources to actually try and break even 128-bit AES. The only chance of anyone other than a government breaking that is if a glaring security flaw in either the algorithm (In which case multiple encryption would prevent this), or the program (In which case multiple encryption doesn't help at all), or if you simply didn't use the program in the correct secure way and left something open (I believe truecrypt's documentation lists a bunch of things to be aware of).

    P.S. Just remember that it's far easier to slip a keylogger/virus into your computer to steal your keyfile and password then it is to actually try and crack most modern encryption methods
     
    nar0, Nov 1, 2011
    #3
  4. EricaL

    EricaL Notebook Consultant

    Reputations:
    750
    Messages:
    266
    Likes Received:
    2
    Trophy Points:
    31
    do the governments have back-doors etc in the program (TrueCrypt)? how can they break it and not someone else?

    thanks.
     
    EricaL, Nov 1, 2011
    #4
  5. newsposter

    newsposter Notebook Virtuoso

    Reputations:
    801
    Messages:
    3,881
    Likes Received:
    0
    Trophy Points:
    105
    If you go ahead and register on the Truecrypt forums, there is plenty of discussion on this topic guided by people who know a great deal about both the political history of AES and the tech behind it.
     
    newsposter, Nov 1, 2011
    #5