Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 3 Jun 1999 10:42:23 -0700 (PDT)
From:      Larry Berland <stuyman@confusion.net>
To:        Adam Shostack <adam@homeport.org>
Cc:        security@FreeBSD.ORG
Subject:   Re: Not freebsd related...yet
Message-ID:  <Pine.NEB.3.96.990603103843.22892B-100000@euphoria.confusion.net>
In-Reply-To: <19990603085644.A24954@weathership.homeport.org>

next in thread | previous in thread | raw e-mail | index | archive | help


On Thu, 3 Jun 1999, Adam Shostack wrote:

> On Wed, Jun 02, 1999 at 08:48:36PM -0400, Laurence Berland wrote:
> | I'm writing a new encryption algorithm for my computer science final
> | project.  Although it doesnt need to be particularly great I'm thinking
> | there's no reason it's gotta be bad.  I'm building a symmetric algorithm
> | that is designed to specifically handle large keys ie >1024 bytes.  If
> | anyone has any hints or suggestions, I'm open to them...in fact that's
> | why I'm writing this in the first place.  If it works well, maybe
> | someday people will actually use it, then again maybe not.  thanks for
> | your time.
> 
> Actually, this will be 1. broken, and 2. uninteresting.  I'd be happy
> to bet money if it wasn't a sucker bet.
> 
> 1. Building a cipher with a large key is hard.  See the first twofish
> paper, where Schneier et al, discuss the difficulty of building a key
> schedule to effectively use long keys.  Getting 1024 BYTES of
> randomness is next to impossible, so your implementors will end up
> expanding a smaller pool of randomness into a large key.  Given that
> this is unavoidable, you should anticipate it in your design, and have 
> a key expansion phase.  That you didn't know this is worrisome.
> 

I do know I need key expansion, I'm in the process of trying to decide how
to implement it.  Also, it should read 1024 bits not bytes, sorry for
that.  I've further scaled down to 512 bits anyway.

> 2. Building a system to use more resources than current systems, and
> expecting resource consumption to make it interesting is silly.
> 
> If you want an interesting project, may I suggest trying to
> cryptanalyze one of the AES candidates?  Its more interesting, will
> teach you a bunch, and may produce something useful.
> 

I would, but the project was to code something new, not analyze something.
I suppose I could've built some silly game like everyone else, but I
wanted to try something different.

> Sorry to flame, but this really isn't a good use of your time.
> 
> Adam
> 
Agreed, it's a waste of time, and don't worry about flaming,I'm
expecting it.  It's really just for the sake of seeing how far I can get.
I doubt I'll finish any time before when I graduate college (in 5 or 6
years > 
> -- 
> "It is seldom that liberty of any kind is lost all at once."
> 					               -Hume
> 
> 
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96.990603103843.22892B-100000>