Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 3 Jun 1999 08:56:44 -0400
From:      Adam Shostack <adam@homeport.org>
To:        Laurence Berland <stuyman@confusion.net>
Cc:        security@FreeBSD.ORG
Subject:   Re: Not freebsd related...yet
Message-ID:  <19990603085644.A24954@weathership.homeport.org>
In-Reply-To: <3755D0E4.55677E6@confusion.net>; from Laurence Berland on Wed, Jun 02, 1999 at 08:48:36PM -0400
References:  <3755D0E4.55677E6@confusion.net>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jun 02, 1999 at 08:48:36PM -0400, Laurence Berland wrote:
| I'm writing a new encryption algorithm for my computer science final
| project.  Although it doesnt need to be particularly great I'm thinking
| there's no reason it's gotta be bad.  I'm building a symmetric algorithm
| that is designed to specifically handle large keys ie >1024 bytes.  If
| anyone has any hints or suggestions, I'm open to them...in fact that's
| why I'm writing this in the first place.  If it works well, maybe
| someday people will actually use it, then again maybe not.  thanks for
| your time.

Actually, this will be 1. broken, and 2. uninteresting.  I'd be happy
to bet money if it wasn't a sucker bet.

1. Building a cipher with a large key is hard.  See the first twofish
paper, where Schneier et al, discuss the difficulty of building a key
schedule to effectively use long keys.  Getting 1024 BYTES of
randomness is next to impossible, so your implementors will end up
expanding a smaller pool of randomness into a large key.  Given that
this is unavoidable, you should anticipate it in your design, and have 
a key expansion phase.  That you didn't know this is worrisome.

2. Building a system to use more resources than current systems, and
expecting resource consumption to make it interesting is silly.

If you want an interesting project, may I suggest trying to
cryptanalyze one of the AES candidates?  Its more interesting, will
teach you a bunch, and may produce something useful.

Sorry to flame, but this really isn't a good use of your time.

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990603085644.A24954>